Remove deprecated pam_cracklib module

* ci/install-dependencies.sh: Remove libcrack2-dev.
* ci/run-build-and-tests.sh (DISTCHECK_CONFIGURE_FLAGS): Remove
--enable-cracklib=check.
* conf/pam.conf: Remove references to pam_cracklib.so.
* configure.ac: Remove --enable-cracklib option.
(AC_SUBST): Remove LIBCRACK.
(AM_CONDITIONAL): Remove COND_BUILD_PAM_CRACKLIB.
(AC_CONFIG_FILES): Remove modules/pam_cracklib/Makefile.
* doc/sag/pam_cracklib.xml: Remove.
* doc/sag/Linux-PAM_SAG.xml: Do not include pam_cracklib.xml.
* modules/Makefile.am (MAYBE_PAM_CRACKLIB): Remove.
(SUBDIRS): Remove MAYBE_PAM_CRACKLIB.
* modules/pam_cracklib/Makefile.am: Remove.
* modules/pam_cracklib/README.xml: Likewise.
* modules/pam_cracklib/pam_cracklib.8.xml: Likewise.
* modules/pam_cracklib/pam_cracklib.c: Likewise.
* modules/pam_cracklib/tst-pam_cracklib: Likewise.
* xtests/tst-pam_cracklib1.c: Likewise.
* xtests/tst-pam_cracklib1.pamd: Likewise.
* xtests/tst-pam_cracklib2.c: Likewise.
* xtests/tst-pam_cracklib2.pamd: Likewise.
* modules/pam_pwhistory/pam_pwhistory.8.xml: Replace pam_cracklib
in examples with pam_passwdqc.
* modules/pam_unix/pam_unix.8.xml: Likewise.
* po/POTFILES.in: Remove ./modules/pam_cracklib/pam_cracklib.c.
* xtests/.gitignore: Remove tst-pam_cracklib1 and tst-pam_cracklib2.
* xtests/Makefile.am (EXTRA_DIST): Remove tst-pam_cracklib1.pamd
and tst-pam_cracklib2.pamd.
(XTESTS): Remove tst-pam_cracklib1 and tst-pam_cracklib2.
* NEWS: Document this change.

6 files changed, 0 insertions, 286 deletions

diff --git a/xtests/.gitignore b/xtests/.gitignore
index cd311127..41d2056b 100644
--- a/xtests/.gitignore
+++ b/xtests/.gitignore
@@ -7,8 +7,6 @@ tst-pam_dispatch2
 tst-pam_dispatch3
 tst-pam_dispatch4
 tst-pam_dispatch5
-tst-pam_cracklib1
-tst-pam_cracklib2
 tst-pam_limits1
 tst-pam_unix1
 tst-pam_unix2
diff --git a/xtests/Makefile.am b/xtests/Makefile.am
index 2e942e8d..70f8441e 100644
--- a/xtests/Makefile.am
+++ b/xtests/Makefile.am
@@ -13,7 +13,6 @@ CLEANFILES = *~ $(XTESTS)
 EXTRA_DIST = run-xtests.sh tst-pam_dispatch1.pamd tst-pam_dispatch2.pamd \
 	tst-pam_dispatch3.pamd tst-pam_dispatch4.pamd \
 	tst-pam_dispatch5.pamd \
-	tst-pam_cracklib1.pamd tst-pam_cracklib2.pamd \
 	tst-pam_unix1.pamd tst-pam_unix2.pamd tst-pam_unix3.pamd \
 	tst-pam_unix4.pamd \
 	tst-pam_unix1.sh tst-pam_unix2.sh tst-pam_unix3.sh \
@@ -40,7 +39,6 @@ EXTRA_DIST = run-xtests.sh tst-pam_dispatch1.pamd tst-pam_dispatch2.pamd \
 
 XTESTS = tst-pam_dispatch1 tst-pam_dispatch2 tst-pam_dispatch3 \
 	tst-pam_dispatch4 tst-pam_dispatch5 \
-	tst-pam_cracklib1 tst-pam_cracklib2 \
 	tst-pam_unix1 tst-pam_unix2 tst-pam_unix3 tst-pam_unix4 \
 	tst-pam_access1 tst-pam_access2 tst-pam_access3 \
 	tst-pam_access4 tst-pam_limits1 tst-pam_succeed_if1 \
diff --git a/xtests/tst-pam_cracklib1.c b/xtests/tst-pam_cracklib1.c
deleted file mode 100644
index 1a219c83..00000000
--- a/xtests/tst-pam_cracklib1.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, and the entire permission notice in its entirety,
- *    including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- *    products derived from this software without specific prior
- *    written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions.  (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <security/pam_appl.h>
-
-/* A conversation function which uses an internally-stored value for
-   the responses. */
-static int
-fake_conv (int num_msg, const struct pam_message **msgm UNUSED,
-	   struct pam_response **response, void *appdata_ptr UNUSED)
-{
-  static int calls = 0;
-  struct pam_response *reply;
-  int count;
-
-  /* Sanity test. */
-  if (num_msg <= 0)
-    return PAM_CONV_ERR;
-
-  /* Allocate memory for the responses. */
-  reply = calloc (num_msg, sizeof (struct pam_response));
-  if (reply == NULL)
-    return PAM_CONV_ERR;
-
-  /* Each prompt elicits the same response. */
-  for (count = 0; count < num_msg; ++count)
-    {
-      reply[count].resp_retcode = 0;
-      /* first call get a password, second one NULL */
-      if (calls)
-	reply[count].resp = NULL;
-      else
-	{
-	  ++calls;
-	  reply[count].resp = strdup ("Kindergarten");
-	}
-    }
-
-  /* Set the pointers in the response structure and return. */
-  *response = reply;
-  return PAM_SUCCESS;
-}
-
-static struct pam_conv conv = {
-    fake_conv,
-    NULL
-};
-
-
-/* Check that pam_cracklib does not seg.fault on empty passwords. */
-
-int
-main(int argc, char *argv[])
-{
-  pam_handle_t *pamh=NULL;
-  const char *user="root";
-  int retval;
-  int debug = 0;
-
-  if (argc > 1 && strcmp (argv[1], "-d") == 0)
-    debug = 1;
-
-  retval = pam_start("tst-pam_cracklib1", user, &conv, &pamh);
-  if (retval != PAM_SUCCESS)
-    {
-      if (debug)
-	fprintf (stderr, "cracklib1: pam_start returned %d\n", retval);
-      return 1;
-    }
-
-  /* Try one, first input is correct, second is NULL */
-  retval = pam_chauthtok (pamh, 0);
-  if (retval != PAM_AUTHTOK_ERR)
-    {
-      if (debug)
-	fprintf (stderr, "cracklib1-1: pam_chauthtok returned %d\n", retval);
-      return 1;
-    }
-
-  /* Try two, second input is NULL */
-  retval = pam_chauthtok (pamh, 0);
-  if (retval != PAM_AUTHTOK_ERR)
-    {
-      if (debug)
-        fprintf (stderr, "cracklib1-2: pam_chauthtok returned %d\n", retval);
-      return 1;
-    }
-
-
-  retval = pam_end (pamh,retval);
-  if (retval != PAM_SUCCESS)
-    {
-      if (debug)
-	fprintf (stderr, "cracklib1: pam_end returned %d\n", retval);
-      return 1;
-    }
-  return 0;
-}
diff --git a/xtests/tst-pam_cracklib1.pamd b/xtests/tst-pam_cracklib1.pamd
deleted file mode 100644
index 41a9188d..00000000
--- a/xtests/tst-pam_cracklib1.pamd
+++ /dev/null
@@ -1,2 +0,0 @@
-#%PAM-1.0
-password	required	pam_cracklib.so
diff --git a/xtests/tst-pam_cracklib2.c b/xtests/tst-pam_cracklib2.c
deleted file mode 100644
index 84b4ef64..00000000
--- a/xtests/tst-pam_cracklib2.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, and the entire permission notice in its entirety,
- *    including the disclaimer of warranties.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- *    products derived from this software without specific prior
- *    written permission.
- *
- * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions.  (This clause is
- * necessary due to a potential bad interaction between the GPL and
- * the restrictions contained in a BSD-style copyright.)
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* This test case checks
-   Patch 1688777: pam_cracklib support for minimum character classes */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <string.h>
-#include <security/pam_appl.h>
-
-int debug = 0;
-
-/* A conversation function which uses an internally-stored value for
-   the responses. */
-static int
-fake_conv (int num_msg, const struct pam_message **msgm,
-	   struct pam_response **response, void *appdata_ptr UNUSED)
-{
-  static int calls = 0;
-  struct pam_response *reply;
-  int count;
-
-  /* Sanity test. */
-  if (num_msg <= 0)
-    return PAM_CONV_ERR;
-
-  /* Allocate memory for the responses. */
-  reply = calloc (num_msg, sizeof (struct pam_response));
-  if (reply == NULL)
-    return PAM_CONV_ERR;
-
-  /* Each prompt elicits the same response. */
-  for (count = 0; count < num_msg; ++count)
-    {
-      if (debug)
-        fprintf(stderr,"Query: %s\n", (*msgm)[count].msg);
-      reply[count].resp_retcode = 0;
-      /* first tow calls get a correct password, second a too
-	 easy one. */
-      if (calls > 1)
-	reply[count].resp = strdup ("too easy");
-      else
-	{
-	  ++calls;
-	  reply[count].resp = strdup ("1a9C*8dK");
-	}
-	if (debug)
-          fprintf(stderr,"Response: %s\n", reply[count].resp);
-    }
-
-  /* Set the pointers in the response structure and return. */
-  *response = reply;
-  return PAM_SUCCESS;
-}
-
-static struct pam_conv conv = {
-    fake_conv,
-    NULL
-};
-
-
-int
-main(int argc, char *argv[])
-{
-  pam_handle_t *pamh=NULL;
-  const char *user="root";
-  int retval;
-
-  if (argc > 1 && strcmp (argv[1], "-d") == 0)
-    debug = 1;
-
-  retval = pam_start("tst-pam_cracklib2", user, &conv, &pamh);
-  if (retval != PAM_SUCCESS)
-    {
-      if (debug)
-	fprintf (stderr, "cracklib2: pam_start returned %d\n", retval);
-      return 1;
-    }
-
-  /* Try one, first input is correct */
-  retval = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
-  if (retval != PAM_SUCCESS)
-    {
-      if (debug)
-	fprintf (stderr, "cracklib2-1: pam_chauthtok returned %d\n", retval);
-      return 1;
-    }
-
-  /* Try two, second input is wrong */
-  retval = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
-  if (retval != PAM_AUTHTOK_ERR)
-    {
-      if (debug)
-        fprintf (stderr, "cracklib2-2: pam_chauthtok returned %d\n", retval);
-      return 1;
-    }
-
-
-  retval = pam_end (pamh,retval);
-  if (retval != PAM_SUCCESS)
-    {
-      if (debug)
-	fprintf (stderr, "cracklib2: pam_end returned %d\n", retval);
-      return 1;
-    }
-  return 0;
-}
diff --git a/xtests/tst-pam_cracklib2.pamd b/xtests/tst-pam_cracklib2.pamd
deleted file mode 100644
index 5915aecd..00000000
--- a/xtests/tst-pam_cracklib2.pamd
+++ /dev/null
@@ -1,2 +0,0 @@
-#%PAM-1.0
-password	required	pam_cracklib.so minclass=4