New upstream version 0.76

7 files changed, 0 insertions, 504 deletions

diff --git a/examples/.cvsignore b/examples/.cvsignore
deleted file mode 100644
index 2769a41e..00000000
--- a/examples/.cvsignore
+++ /dev/null
@@ -1,3 +0,0 @@
-blank
-xsh
-check_user
diff --git a/examples/Makefile b/examples/Makefile
deleted file mode 100644
index 7cabccaa..00000000
--- a/examples/Makefile
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# $Id$
-#
-
-include ../Make.Rules
-
-PROGS = blank xsh check_user
-SRCS = blank.c xsh.c check_user.c
-PROGSUID =
-
-ifeq ($(WITH_LIBDEBUG),yes)
- LIBSUFFIX=d
-else
- LIBSUFFIX=
-endif
-
-CFLAGS += -I$(absolute_srcdir)/libpam_misc/include
-
-LOADLIBES = -L$(absolute_objdir)/libpam -L$(absolute_objdir)/libpamc \
-    -L$(absolute_objdir)/libpam_misc -lpam -lpam_misc
-
-ifeq ($(STATIC_LIBPAM),yes)
-  ifneq ($(DYNAMIC),)
-    CFLAGS += $(CC_STATIC)
-    LOADLIBES += $(LIBDL)
-  endif
-endif
-
-all: $(PROGS)
-
-check_user: check_user.o
-	$(CC) $(CFLAGS) -o $@ $< $(LOADLIBES)
-
-blank: blank.o
-	$(CC) $(CFLAGS) -o $@ $< $(LOADLIBES)
-
-xsh: xsh.o
-	$(CC) $(CFLAGS) -o $@ $< $(LOADLIBES)
-
-clean:
-	rm -f *.a *.so *.o *~ $(PROGS) $(PROGSUID)
-	rm -f *.a *.out *.o *.so
-
-# note, the programs are test programs, they should not be
-# installed on your system!
-
-install: all
-	if [ -n "$(PROGS)" ]; then cp $(PROGS) ../bin ; fi
-	if [ -n "$(PROGSUID)" ]; then \
-		$(INSTALL) -m 4555 $(PROGSUID) ../bin ; fi
-
-remove:
-	cd ../bin ; rm -f $(PROGS) $(PROGSUID)
-	for x in $(PROGS) $(PROGSUID) ; do rm -f ../bin/$$x ; done
diff --git a/examples/blank.c b/examples/blank.c
deleted file mode 100644
index 9d51756e..00000000
--- a/examples/blank.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/*
- * $Id$
- */
-
-/* Andrew Morgan (morgan@parc.power.net) -- a self contained `blank'
- * application
- *
- * I am not very proud of this code.  It makes use of a possibly ill-
- * defined pamh pointer to call pam_strerror() with.  The reason that
- * I was sloppy with this is historical (pam_strerror, prior to 0.59,
- * did not require a pamh argument) and if this program is used as a
- * model for anything, I should wish that you will take this error into
- * account.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <security/pam_appl.h>
-#include <security/pam_misc.h>
-
-/* ------ some local (static) functions ------- */
-
-static void bail_out(pam_handle_t *pamh, int really, int code, const char *fn)
-{
-     fprintf(stderr,"==> called %s()\n  got: `%s'\n", fn,
-	     pam_strerror(pamh, code));
-     if (really && code)
-	  exit (1);
-}
-
-/* ------ some static data objects ------- */
-
-static struct pam_conv conv = {
-     misc_conv,
-     NULL
-};
-
-/* ------- the application itself -------- */
-
-int main(int argc, char **argv)
-{
-     pam_handle_t *pamh=NULL;
-     char *username=NULL;
-     int retcode;
-
-     /* did the user call with a username as an argument ? */
-
-     if (argc > 2) {
-	  fprintf(stderr,"usage: %s [username]\n",argv[0]);
-     } else if (argc == 2) {
-	  username = argv[1];
-     } 
-
-     /* initialize the Linux-PAM library */
-     retcode = pam_start("blank", username, &conv, &pamh);
-     bail_out(pamh,1,retcode,"pam_start");
-
-     /* test the environment stuff */
-     {
-#define MAXENV 15
-	 const char *greek[MAXENV] = {
-	     "a=alpha", "b=beta", "c=gamma", "d=delta", "e=epsilon",
-	     "f=phi", "g=psi", "h=eta", "i=iota", "j=mu", "k=nu",
-	     "l=zeta", "h=", "d", "k=xi"
-	 };
-	 char **env;
-	 int i;
-
-	 for (i=0; i<MAXENV; ++i) {
-	     retcode = pam_putenv(pamh,greek[i]);
-	     bail_out(pamh,0,retcode,"pam_putenv");
-	 }
-	 env = pam_getenvlist(pamh);
-	 if (env)
-	     env = pam_misc_drop_env(env);
-	 else
-	     fprintf(stderr,"???\n");
-	 fprintf(stderr,"a test: c=[%s], j=[%s]\n"
-		 , pam_getenv(pamh, "c"), pam_getenv(pamh, "j"));
-     }
-
-     /* to avoid using goto we abuse a loop here */
-     for (;;) {
-	  /* authenticate the user --- `0' here, could have been PAM_SILENT
-	   *	| PAM_DISALLOW_NULL_AUTHTOK */
-
-	  retcode = pam_authenticate(pamh, 0);
-	  bail_out(pamh,0,retcode,"pam_authenticate");
-
-	  /* has the user proved themself valid? */
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: invalid request\n",argv[0]);
-	       break;
-	  }
-
-	  /* the user is valid, but should they have access at this
-	     time? */
-
-	  retcode = pam_acct_mgmt(pamh, 0); /* `0' could be as above */
-	  bail_out(pamh,0,retcode,"pam_acct_mgmt");
-
-	  if (retcode == PAM_NEW_AUTHTOK_REQD) {
-	       fprintf(stderr,"Application must request new password...\n");
-	       retcode = pam_chauthtok(pamh,PAM_CHANGE_EXPIRED_AUTHTOK);
-	       bail_out(pamh,0,retcode,"pam_chauthtok");
-	  }
-
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: invalid request\n",argv[0]);
-	       break;
-	  }
-
-	  /* `0' could be as above */
-	  retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED);
-	  bail_out(pamh,0,retcode,"pam_setcred1");
-
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: problem setting user credentials\n"
-		       ,argv[0]);
-	       break;
-	  }
-
-	  /* open a session for the user --- `0' could be PAM_SILENT */
-	  retcode = pam_open_session(pamh,0);
-	  bail_out(pamh,0,retcode,"pam_open_session");
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: problem opening a session\n",argv[0]);
-	       break;
-	  }
-
-	  fprintf(stderr,"The user has been authenticated and `logged in'\n");
-
-	  /* close a session for the user --- `0' could be PAM_SILENT
-	   * it is possible that this pam_close_call is in another program..
-	   */
-
-	  retcode = pam_close_session(pamh,0);
-	  bail_out(pamh,0,retcode,"pam_close_session");
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: problem closing a session\n",argv[0]);
-	       break;
-	  }
-	  
-	  retcode = pam_setcred(pamh, PAM_DELETE_CRED);
-	  bail_out(pamh,0,retcode,"pam_setcred2");
-
-	  break;                      /* don't go on for ever! */
-     }
-
-     /* close the Linux-PAM library */
-     retcode = pam_end(pamh, PAM_SUCCESS);
-     pamh = NULL;
-
-     bail_out(pamh,1,retcode,"pam_end");
-
-     exit(0);
-}
diff --git a/examples/check_user.c b/examples/check_user.c
deleted file mode 100644
index 4a33f2a8..00000000
--- a/examples/check_user.c
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
-  $Id$
-  
-  This program was contributed by Shane Watts <shane@icarus.bofh.asn.au>
-  slight modifications by AGM.
-
-  You need to add the following (or equivalent) to the /etc/pam.conf file.
-  # check authorization
-  check   auth       required     pam_unix_auth.so
-  check   account    required     pam_unix_acct.so
-*/
-
-#include <security/pam_appl.h>
-#include <security/pam_misc.h>
-#include <stdio.h>
-
-static struct pam_conv conv = {
-    misc_conv,
-    NULL
-};
-
-int main(int argc, char *argv[])
-{
-    pam_handle_t *pamh=NULL;
-    int retval;
-    const char *user="nobody";
-
-    if(argc == 2) {
-	user = argv[1];
-    }
-
-    if(argc > 2) {
-	fprintf(stderr, "Usage: check_user [username]\n");
-	exit(1);
-    }
-
-    retval = pam_start("check", user, &conv, &pamh);
-	
-    if (retval == PAM_SUCCESS)
-        retval = pam_authenticate(pamh, 0);    /* is user really user? */
-
-    if (retval == PAM_SUCCESS)
-        retval = pam_acct_mgmt(pamh, 0);       /* permitted access? */
-
-    /* This is where we have been authorized or not. */
-
-    if (retval == PAM_SUCCESS) {
-	fprintf(stdout, "Authenticated\n");
-    } else {
-	fprintf(stdout, "Not Authenticated\n");
-    }
-
-    if (pam_end(pamh,retval) != PAM_SUCCESS) {     /* close Linux-PAM */
-	pamh = NULL;
-	fprintf(stderr, "check_user: failed to release authenticator\n");
-	exit(1);
-    }
-
-    return ( retval == PAM_SUCCESS ? 0:1 );       /* indicate success */
-}
diff --git a/examples/vpass.c b/examples/vpass.c
deleted file mode 100644
index 9a07ee38..00000000
--- a/examples/vpass.c
+++ /dev/null
@@ -1,47 +0,0 @@
-#include <stdlib.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <pwd.h>
-#include <sys/types.h>
-#include <security/pam_appl.h>
-
-static int test_conv(int num_msg, const struct pam_message **msgm,
-		     struct pam_response **response, void *appdata_ptr)
-{
-    return 0;
-}
-
-static struct pam_conv conv = {
-    test_conv,
-    NULL
-};
-
-int main(void)
-{
-    char *user;
-    pam_handle_t *pamh;
-    struct passwd *pw;
-    uid_t uid;
-    int res;
-
-    uid = geteuid();
-    pw = getpwuid(uid);
-    if (pw) {
-	user = pw->pw_name;
-    } else {
-	fprintf(stderr, "Invalid userid: %d\n", uid);
-	exit(1);
-    }
-
-    pam_start("vpass", user, &conv, &pamh);
-    pam_set_item(pamh, PAM_TTY, "/dev/tty");
-    if ((res = pam_authenticate(pamh, 0)) != PAM_SUCCESS) {
-	fprintf(stderr, "Oops: %s\n", pam_strerror(pamh, res));
-	exit(1);
-    }
-
-    pam_end(pamh, res);
-    exit(0);
-}
-
-
diff --git a/examples/wrap_xsh.sh b/examples/wrap_xsh.sh
deleted file mode 100755
index af01697e..00000000
--- a/examples/wrap_xsh.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-export LD_PRELOAD=../libpam/libpam.so:../libpam_misc/libpam_misc.so
-ldd ./xsh
-./xsh "$@"
-
diff --git a/examples/xsh.c b/examples/xsh.c
deleted file mode 100644
index fdbbbfd0..00000000
--- a/examples/xsh.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * $Id$
- */
-
-/* Andrew Morgan (morgan@kernel.org) -- an example application
- * that invokes a shell, based on blank.c */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <security/pam_appl.h>
-#include <security/pam_misc.h>
-
-#include <security/_pam_aconf.h>
-
-#include <pwd.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-/* ------ some local (static) functions ------- */
-
-static void bail_out(pam_handle_t *pamh,int really, int code, const char *fn)
-{
-     fprintf(stderr,"==> called %s()\n  got: `%s'\n", fn,
-	     pam_strerror(pamh,code));
-     if (really && code)
-	  exit (1);
-}
-
-/* ------ some static data objects ------- */
-
-static struct pam_conv conv = {
-     misc_conv,
-     NULL
-};
-
-/* ------- the application itself -------- */
-
-int main(int argc, char **argv)
-{
-     pam_handle_t *pamh=NULL;
-     const char *username=NULL;
-     const char *service="xsh";
-     int retcode;
-
-     /* did the user call with a username as an argument ?
-      * did they also */
-
-     if (argc > 3) {
-	  fprintf(stderr,"usage: %s [username [service-name]]\n",argv[0]);
-     }
-     if ((argc >= 2) && (argv[1][0] != '-')) {
-	  username = argv[1];
-     }
-     if (argc == 3) {
-	 service = argv[2];
-     }
-
-     /* initialize the Linux-PAM library */
-     retcode = pam_start(service, username, &conv, &pamh);
-     bail_out(pamh,1,retcode,"pam_start");
-
-     /* fill in the RUSER and RHOST etc. fields */
-     {
-	 char buffer[100];
-	 struct passwd *pw;
-	 const char *tty;
-
-	 pw = getpwuid(getuid());
-	 if (pw != NULL) {
-	     retcode = pam_set_item(pamh, PAM_RUSER, pw->pw_name);
-	     bail_out(pamh,1,retcode,"pam_set_item(PAM_RUSER)");
-	 }
-
-	 retcode = gethostname(buffer, sizeof(buffer)-1);
-	 if (retcode) {
-	     perror("failed to look up hostname");
-	     retcode = pam_end(pamh, PAM_ABORT);
-	     bail_out(pamh,1,retcode,"pam_end");
-	 }
-	 retcode = pam_set_item(pamh, PAM_RHOST, buffer);
-	 bail_out(pamh,1,retcode,"pam_set_item(PAM_RHOST)");
-
-	 tty = ttyname(fileno(stdin));
-	 if (tty) {
-	     retcode = pam_set_item(pamh, PAM_TTY, tty);
-	     bail_out(pamh,1,retcode,"pam_set_item(PAM_RHOST)");
-	 }
-     }
-
-     /* to avoid using goto we abuse a loop here */
-     for (;;) {
-	  /* authenticate the user --- `0' here, could have been PAM_SILENT
-	   *	| PAM_DISALLOW_NULL_AUTHTOK */
-
-	  retcode = pam_authenticate(pamh, 0);
-	  bail_out(pamh,0,retcode,"pam_authenticate");
-
-	  /* has the user proved themself valid? */
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: invalid request\n",argv[0]);
-	       break;
-	  }
-
-	  /* the user is valid, but should they have access at this
-	     time? */
-
-	  retcode = pam_acct_mgmt(pamh, 0); /* `0' could be as above */
-	  bail_out(pamh,0,retcode,"pam_acct_mgmt");
-
-	  if (retcode == PAM_NEW_AUTHTOK_REQD) {
-	       fprintf(stderr,"Application must request new password...\n");
-	       retcode = pam_chauthtok(pamh,PAM_CHANGE_EXPIRED_AUTHTOK);
-	       bail_out(pamh,0,retcode,"pam_chauthtok");
-	  }
-
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: invalid request\n",argv[0]);
-	       break;
-	  }
-
-	  /* `0' could be as above */
-	  retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED);
-	  bail_out(pamh,0,retcode,"pam_setcred");
-
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: problem setting user credentials\n"
-		       ,argv[0]);
-	       break;
-	  }
-
-	  /* open a session for the user --- `0' could be PAM_SILENT */
-	  retcode = pam_open_session(pamh,0);
-	  bail_out(pamh,0,retcode,"pam_open_session");
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: problem opening a session\n",argv[0]);
-	       break;
-	  }
-
-	  pam_get_item(pamh, PAM_USER, (const void **) &username);
-	  fprintf(stderr,
-		  "The user [%s] has been authenticated and `logged in'\n",
-		  username);
-
-	  /* this is always a really bad thing for security! */
-	  system("/bin/sh");
-
-	  /* close a session for the user --- `0' could be PAM_SILENT
-	   * it is possible that this pam_close_call is in another program..
-	   */
-
-	  retcode = pam_close_session(pamh,0);
-	  bail_out(pamh,0,retcode,"pam_close_session");
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: problem closing a session\n",argv[0]);
-	       break;
-	  }
-	  
-	  /* `0' could be as above */
-	  retcode = pam_setcred(pamh, PAM_DELETE_CRED);
-	  bail_out(pamh,0,retcode,"pam_setcred");
-	  if (retcode != PAM_SUCCESS) {
-	       fprintf(stderr,"%s: problem deleting user credentials\n"
-		       ,argv[0]);
-	       break;
-	  }
-
-	  break;                      /* don't go on for ever! */
-     }
-
-     /* close the Linux-PAM library */
-     retcode = pam_end(pamh, PAM_SUCCESS);
-     pamh = NULL;
-     bail_out(pamh,1,retcode,"pam_end");
-
-     exit(0);
-}