8 files changed, 334 insertions, 209 deletions
diff --git a/Linux-PAM/libpam/include/security/_pam_compat.h b/Linux-PAM/libpam/include/security/_pam_compat.h
index 33520a6c..a5f58e42 100644
--- a/Linux-PAM/libpam/include/security/_pam_compat.h
+++ b/Linux-PAM/libpam/include/security/_pam_compat.h
@@ -2,8 +2,6 @@
 #define _PAM_COMPAT_H
 
 /*
- * $Id: _pam_compat.h,v 1.1.1.1 2000/06/20 22:11:21 agmorgan Exp $
- *
  * This file was contributed by Derrick J Brashear <shadow@dementia.org>
  * slight modification by Brad M. Garcia <bgarcia@fore.com>
  *
@@ -15,108 +13,114 @@
 /* Solaris uses different constants. We redefine to those here */
 #if defined(solaris) || (defined(__SVR4) && defined(sun))
 
-#ifndef _SECURITY__PAM_TYPES_H
-
 # ifdef _SECURITY_PAM_MODULES_H
 
 /* flags for pam_chauthtok() */
 #  undef PAM_PRELIM_CHECK
-#  define PAM_PRELIM_CHECK        0x1
+#  define PAM_PRELIM_CHECK        	0x1
 
 #  undef PAM_UPDATE_AUTHTOK
-#  define PAM_UPDATE_AUTHTOK      0x2
+#  define PAM_UPDATE_AUTHTOK      	0x2
 
 # endif /* _SECURITY_PAM_MODULES_H */
 
-#else /* _SECURITY__PAM_TYPES_H */
+# ifdef _SECURITY__PAM_TYPES_H
 
 /* generic for pam_* functions */
 # undef PAM_SILENT
-# define PAM_SILENT              0x80000000
+# define PAM_SILENT              	0x80000000
+
+# undef PAM_CHANGE_EXPIRED_AUTHTOK
+# define PAM_CHANGE_EXPIRED_AUTHTOK 	0x4
 
 /* flags for pam_setcred() */
 # undef PAM_ESTABLISH_CRED
-# define PAM_ESTABLISH_CRED      0x1
+# define PAM_ESTABLISH_CRED      	0x1
 
 # undef PAM_DELETE_CRED
-# define PAM_DELETE_CRED         0x2
+# define PAM_DELETE_CRED         	0x2
 
 # undef PAM_REINITIALIZE_CRED
-# define PAM_REINITIALIZE_CRED   0x4
+# define PAM_REINITIALIZE_CRED   	0x4
 
 # undef PAM_REFRESH_CRED
-# define PAM_REFRESH_CRED        0x8
+# define PAM_REFRESH_CRED        	0x8
 
 /* another binary incompatibility comes from the return codes! */
 
 # undef PAM_CONV_ERR
-# define PAM_CONV_ERR            6
+# define PAM_CONV_ERR            	6
 
 # undef PAM_PERM_DENIED
-# define PAM_PERM_DENIED         7
+# define PAM_PERM_DENIED         	7
 
 # undef PAM_MAXTRIES
-# define PAM_MAXTRIES            8
+# define PAM_MAXTRIES            	8
 
 # undef PAM_AUTH_ERR
-# define PAM_AUTH_ERR            9
+# define PAM_AUTH_ERR            	9
 
 # undef PAM_NEW_AUTHTOK_REQD
-# define PAM_NEW_AUTHTOK_REQD    10
+# define PAM_NEW_AUTHTOK_REQD    	10
 
 # undef PAM_CRED_INSUFFICIENT
-# define PAM_CRED_INSUFFICIENT   11
+# define PAM_CRED_INSUFFICIENT   	11
 
 # undef PAM_AUTHINFO_UNAVAIL
-# define PAM_AUTHINFO_UNAVAIL    12
+# define PAM_AUTHINFO_UNAVAIL    	12
 
 # undef PAM_USER_UNKNOWN
-# define PAM_USER_UNKNOWN        13
+# define PAM_USER_UNKNOWN        	13
 
 # undef PAM_CRED_UNAVAIL
-# define PAM_CRED_UNAVAIL        14
+# define PAM_CRED_UNAVAIL        	14
 
 # undef PAM_CRED_EXPIRED
-# define PAM_CRED_EXPIRED        15
+# define PAM_CRED_EXPIRED        	15
 
 # undef PAM_CRED_ERR
-# define PAM_CRED_ERR            16
+# define PAM_CRED_ERR            	16
 
 # undef PAM_ACCT_EXPIRED
-# define PAM_ACCT_EXPIRED        17
+# define PAM_ACCT_EXPIRED        	17
 
 # undef PAM_AUTHTOK_EXPIRED
-# define PAM_AUTHTOK_EXPIRED     18
+# define PAM_AUTHTOK_EXPIRED     	18
 
 # undef PAM_SESSION_ERR
-# define PAM_SESSION_ERR         19
+# define PAM_SESSION_ERR         	19
 
 # undef PAM_AUTHTOK_ERR
-# define PAM_AUTHTOK_ERR           20
+# define PAM_AUTHTOK_ERR           	20
 
 # undef PAM_AUTHTOK_RECOVERY_ERR
-# define PAM_AUTHTOK_RECOVERY_ERR  21
+# define PAM_AUTHTOK_RECOVERY_ERR  	21
 
 # undef PAM_AUTHTOK_LOCK_BUSY
-# define PAM_AUTHTOK_LOCK_BUSY     22
+# define PAM_AUTHTOK_LOCK_BUSY     	22
 
 # undef PAM_AUTHTOK_DISABLE_AGING
-# define PAM_AUTHTOK_DISABLE_AGING 23
+# define PAM_AUTHTOK_DISABLE_AGING 	23
 
 # undef PAM_NO_MODULE_DATA
-# define PAM_NO_MODULE_DATA      24
+# define PAM_NO_MODULE_DATA      	24
 
 # undef PAM_IGNORE
-# define PAM_IGNORE              25
+# define PAM_IGNORE              	25
 
 # undef PAM_ABORT
-# define PAM_ABORT               26
+# define PAM_ABORT               	26
 
 # undef PAM_TRY_AGAIN
-# define PAM_TRY_AGAIN           27
+# define PAM_TRY_AGAIN           	27
 
 #endif /* _SECURITY__PAM_TYPES_H */
 
+#else
+
+/* For compatibility with old Linux-PAM implementations. */
+#define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR
+
 #endif /* defined(solaris) || (defined(__SVR4) && defined(sun)) */
 
 #endif /* _PAM_COMPAT_H */
diff --git a/Linux-PAM/libpam/include/security/_pam_macros.h b/Linux-PAM/libpam/include/security/_pam_macros.h
index 2827fabf..f7da10a7 100644
--- a/Linux-PAM/libpam/include/security/_pam_macros.h
+++ b/Linux-PAM/libpam/include/security/_pam_macros.h
@@ -9,8 +9,8 @@
 
 /* a 'safe' version of strdup */
 
-#include <string.h>
 #include <stdlib.h>
+#include <string.h>
 
 #define  x_strdup(s)  ( (s) ? strdup(s):NULL )
 
@@ -73,11 +73,11 @@ do {                                              \
  * You have been warned :-) - CG
  *
  * to get automated debugging to the log file, it must be created manually.
- * _PAM_LOGFILE must exist, mode 666
+ * _PAM_LOGFILE must exist and be writable to the programs you debug.
  */
 
 #ifndef _PAM_LOGFILE
-#define _PAM_LOGFILE "/tmp/pam-debug.log"
+#define _PAM_LOGFILE "/var/run/pam-debug.log"
 #endif
 
 static void _pam_output_debug_info(const char *file, const char *fn
diff --git a/Linux-PAM/libpam/include/security/_pam_types.h b/Linux-PAM/libpam/include/security/_pam_types.h
index b4413ee3..45bae97b 100644
--- a/Linux-PAM/libpam/include/security/_pam_types.h
+++ b/Linux-PAM/libpam/include/security/_pam_types.h
@@ -1,30 +1,15 @@
 /*
  * <security/_pam_types.h>
  *
- * $Id: _pam_types.h,v 1.6 2005/03/16 00:06:01 toady Exp $
- *
  * This file defines all of the types common to the Linux-PAM library
  * applications and modules.
  *
  * Note, the copyright+license information is at end of file.
- *
- * Created: 1996/3/5 by AGM
  */
 
 #ifndef _SECURITY__PAM_TYPES_H
 #define _SECURITY__PAM_TYPES_H
 
-#ifndef __LIBPAM_VERSION
-# define __LIBPAM_VERSION __libpam_version
-#endif
-extern unsigned int __libpam_version;
-
-/*
- * include local definition for POSIX - NULL
- */
-
-#include <locale.h>
-
 /* This is a blind structure; users aren't allowed to see inside a
  * pam_handle_t, so we don't define struct pam_handle here.  This is
  * defined in a file private to the PAM library.  (i.e., it's private
@@ -32,6 +17,13 @@ extern unsigned int __libpam_version;
 
 typedef struct pam_handle pam_handle_t;
 
+/* ---------------- The Linux-PAM Version defines ----------------- */
+
+/* Major and minor version number of the Linux-PAM package.  Use
+   these macros to test for features in specific releases.  */
+#define __LINUX_PAM__ 1
+#define __LINUX_PAM_MINOR__ 0
+
 /* ----------------- The Linux-PAM return values ------------------ */
 
 #define PAM_SUCCESS 0		/* Successful function return */
@@ -71,8 +63,8 @@ typedef struct pam_handle pam_handle_t;
 #define PAM_NO_MODULE_DATA 18	/* No module specific data is present */
 #define PAM_CONV_ERR 19		/* Conversation error */
 #define PAM_AUTHTOK_ERR 20	/* Authentication token manipulation error */
-#define PAM_AUTHTOK_RECOVER_ERR 21 /* Authentication information */
-				   /* cannot be recovered */
+#define PAM_AUTHTOK_RECOVERY_ERR 21 /* Authentication information */
+				    /* cannot be recovered */
 #define PAM_AUTHTOK_LOCK_BUSY 22   /* Authentication token lock busy */
 #define PAM_AUTHTOK_DISABLE_AGING 23 /* Authentication token aging disabled */
 #define PAM_TRY_AGAIN 24	/* Preliminary check by password service */
@@ -133,31 +125,62 @@ typedef struct pam_handle pam_handle_t;
 
 /* ------------------ The Linux-PAM item types ------------------- */
 
-/* these defines are used by pam_set_item() and pam_get_item() */
+/* These defines are used by pam_set_item() and pam_get_item().
+   Please check the spec which are allowed for use by applications
+   and which are only allowed for use by modules. */
 
 #define PAM_SERVICE	   1	/* The service name */
 #define PAM_USER           2	/* The user name */
 #define PAM_TTY            3	/* The tty name */
 #define PAM_RHOST          4	/* The remote host name */
 #define PAM_CONV           5	/* The pam_conv structure */
-
-/* missing entries found in <security/pam_modules.h> for modules only! */
-
+#define PAM_AUTHTOK        6	/* The authentication token (password) */
+#define PAM_OLDAUTHTOK     7	/* The old authentication token */
 #define PAM_RUSER          8	/* The remote user name */
 #define PAM_USER_PROMPT    9    /* the prompt for getting a username */
 #define PAM_FAIL_DELAY     10   /* app supplied function to override failure
 				   delays */
 
+/* -------------- Special defines used by Linux-PAM -------------- */
+
+#if defined(__GNUC__) && defined(__GNUC_MINOR__)
+# define PAM_GNUC_PREREQ(maj, min) \
+        ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min))
+#else
+# define PAM_GNUC_PREREQ(maj, min) 0
+#endif
+
+#if PAM_GNUC_PREREQ(2,5)
+# define PAM_FORMAT(params) __attribute__((__format__ params))
+#else
+# define PAM_FORMAT(params)
+#endif
+
+#if PAM_GNUC_PREREQ(3,3) && !defined(LIBPAM_COMPILE)
+# define PAM_NONNULL(params) __attribute__((__nonnull__ params))
+#else
+# define PAM_NONNULL(params)
+#endif
+
 /* ---------- Common Linux-PAM application/module PI ----------- */
 
-extern int pam_set_item(pam_handle_t *pamh, int item_type, const void *item);
-extern int pam_get_item(const pam_handle_t *pamh, int item_type,
-			const void **item);
-extern const char *pam_strerror(pam_handle_t *pamh, int errnum);
+extern int PAM_NONNULL((1))
+pam_set_item(pam_handle_t *pamh, int item_type, const void *item);
+
+extern int PAM_NONNULL((1))
+pam_get_item(const pam_handle_t *pamh, int item_type, const void **item);
+
+extern const char *
+pam_strerror(pam_handle_t *pamh, int errnum);
+
+extern int PAM_NONNULL((1,2))
+pam_putenv(pam_handle_t *pamh, const char *name_value);
+
+extern const char * PAM_NONNULL((1,2))
+pam_getenv(pam_handle_t *pamh, const char *name);
 
-extern int pam_putenv(pam_handle_t *pamh, const char *name_value);
-extern const char *pam_getenv(pam_handle_t *pamh, const char *name);
-extern char **pam_getenvlist(pam_handle_t *pamh);
+extern char ** PAM_NONNULL((1))
+pam_getenvlist(pam_handle_t *pamh);
 
 /* ---------- Common Linux-PAM application/module PI ----------- */
 
@@ -189,22 +212,6 @@ extern char **pam_getenvlist(pam_handle_t *pamh);
 #define HAVE_PAM_FAIL_DELAY
 extern int pam_fail_delay(pam_handle_t *pamh, unsigned int musec_delay);
 
-#include <syslog.h>
-#ifndef LOG_AUTHPRIV
-# ifdef LOG_PRIV
-#  define LOG_AUTHPRIV LOG_PRIV
-# endif /* LOG_PRIV */
-#endif /* !LOG_AUTHPRIV */
-
-#ifdef MEMORY_DEBUG
-/*
- * this defines some macros that keep track of what memory has been
- * allocated and indicates leakage etc... It should not be included in
- * production application/modules.
- */
-#include <security/pam_malloc.h>
-#endif
-
 /* ------------ The Linux-PAM conversation structures ------------ */
 
 /* Message styles */
@@ -272,18 +279,6 @@ struct pam_conv {
     void *appdata_ptr;
 };
 
-#ifndef LINUX_PAM
-/*
- * the following few lines represent a hack.  They are there to make
- * the Linux-PAM headers more compatible with the Sun ones, which have a
- * less strictly separated notion of module specific and application
- * specific definitions.
- */
-#include <security/pam_appl.h>
-#include <security/pam_modules.h>
-#endif
-
-
 /* ... adapted from the pam_appl.h file created by Theodore Ts'o and
  *
  * Copyright Theodore Ts'o, 1996.  All rights reserved.
@@ -301,13 +296,13 @@ struct pam_conv {
  * 3. The name of the author may not be used to endorse or promote
  *    products derived from this software without specific prior
  *    written permission.
- * 
+ *
  * ALTERNATIVELY, this product may be distributed under the terms of
  * the GNU Public License, in which case the provisions of the GPL are
  * required INSTEAD OF the above restrictions.  (This clause is
  * necessary due to a potential bad interaction between the GPL and
  * the restrictions contained in a BSD-style copyright.)
- * 
+ *
  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
@@ -321,4 +316,3 @@ struct pam_conv {
  * OF THE POSSIBILITY OF SUCH DAMAGE.  */
 
 #endif /* _SECURITY__PAM_TYPES_H */
-
diff --git a/Linux-PAM/libpam/include/security/pam_appl.h b/Linux-PAM/libpam/include/security/pam_appl.h
index 69ee544d..d4172c69 100644
--- a/Linux-PAM/libpam/include/security/pam_appl.h
+++ b/Linux-PAM/libpam/include/security/pam_appl.h
@@ -1,16 +1,11 @@
 /*
  * <security/pam_appl.h>
- * 
+ *
  * This header file collects definitions for the PAM API --- that is,
  * public interface between the PAM library and an application program
  * that wishes to use it.
  *
  * Note, the copyright information is at end of file.
- *
- * Created: 15-Jan-96 by TYT
- * Last modified: 1996/3/5 by AGM
- *
- * $Id: pam_appl.h,v 1.3 2000/11/19 23:54:02 agmorgan Exp $
  */
 
 #ifndef _SECURITY_PAM_APPL_H
@@ -19,41 +14,53 @@
 #ifdef __cplusplus
 extern "C" {
 #endif
- 
+
 #include <security/_pam_types.h>      /* Linux-PAM common defined types */
 
 /* -------------- The Linux-PAM Framework layer API ------------- */
 
-extern int pam_start(const char *service_name, const char *user,
-		     const struct pam_conv *pam_conversation,
-		     pam_handle_t **pamh);
-extern int pam_end(pam_handle_t *pamh, int pam_status);
+extern int PAM_NONNULL((1,3,4))
+pam_start(const char *service_name, const char *user,
+	  const struct pam_conv *pam_conversation,
+	  pam_handle_t **pamh);
+
+extern int PAM_NONNULL((1))
+pam_end(pam_handle_t *pamh, int pam_status);
 
 /* Authentication API's */
 
-extern int pam_authenticate(pam_handle_t *pamh, int flags);
-extern int pam_setcred(pam_handle_t *pamh, int flags);
+extern int PAM_NONNULL((1))
+pam_authenticate(pam_handle_t *pamh, int flags);
+
+extern int PAM_NONNULL((1))
+pam_setcred(pam_handle_t *pamh, int flags);
 
 /* Account Management API's */
 
-extern int pam_acct_mgmt(pam_handle_t *pamh, int flags);
+extern int PAM_NONNULL((1))
+pam_acct_mgmt(pam_handle_t *pamh, int flags);
 
 /* Session Management API's */
 
-extern int pam_open_session(pam_handle_t *pamh, int flags);
-extern int pam_close_session(pam_handle_t *pamh, int flags);
+extern int PAM_NONNULL((1))
+pam_open_session(pam_handle_t *pamh, int flags);
+
+extern int PAM_NONNULL((1))
+pam_close_session(pam_handle_t *pamh, int flags);
 
 /* Password Management API's */
 
-extern int pam_chauthtok(pam_handle_t *pamh, int flags);
+extern int PAM_NONNULL((1))
+pam_chauthtok(pam_handle_t *pamh, int flags);
 
-#ifdef __cplusplus
-}
-#endif
 
 /* take care of any compatibility issues */
 #include <security/_pam_compat.h>
 
+#ifdef __cplusplus
+}
+#endif
+
 /*
  * Copyright Theodore Ts'o, 1996.  All rights reserved.
  *
@@ -69,13 +76,13 @@ extern int pam_chauthtok(pam_handle_t *pamh, int flags);
  * 3. The name of the author may not be used to endorse or promote
  *    products derived from this software without specific prior
  *    written permission.
- * 
+ *
  * ALTERNATIVELY, this product may be distributed under the terms of
  * the GNU Public License, in which case the provisions of the GPL are
  * required INSTEAD OF the above restrictions.  (This clause is
  * necessary due to a potential bad interaction between the GPL and
  * the restrictions contained in a BSD-style copyright.)
- * 
+ *
  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
diff --git a/Linux-PAM/libpam/include/security/pam_ext.h b/Linux-PAM/libpam/include/security/pam_ext.h
new file mode 100644
index 00000000..111dd633
--- /dev/null
+++ b/Linux-PAM/libpam/include/security/pam_ext.h
@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2005, 2006 Thorsten Kukuk.
+ *
+ * <security/pam_ext.h>
+ *
+ * This header file collects definitions for the extended PAM API.
+ * This is a public interface of the PAM library for PAM modules,
+ * which makes the life of PAM developers easier, but are not documented
+ * in any standard and are not portable between different PAM
+ * implementations.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, and the entire permission notice in its entirety,
+ *    including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ *    products derived from this software without specific prior
+ *    written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions.  (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _SECURITY__PAM_EXT_H_
+#define _SECURITY__PAM_EXT_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <security/_pam_types.h>
+#include <stdarg.h>
+
+extern void PAM_FORMAT((printf, 3, 0)) PAM_NONNULL((3))
+pam_vsyslog (const pam_handle_t *pamh, int priority,
+             const char *fmt, va_list args);
+
+extern void PAM_FORMAT((printf, 3, 4)) PAM_NONNULL((3))
+pam_syslog (const pam_handle_t *pamh, int priority, const char *fmt, ...);
+
+extern int PAM_FORMAT((printf, 4, 0)) PAM_NONNULL((1,4))
+pam_vprompt (pam_handle_t *pamh, int style, char **response,
+	     const char *fmt, va_list args);
+
+extern int PAM_FORMAT((printf, 4, 5)) PAM_NONNULL((1,4))
+pam_prompt (pam_handle_t *pamh, int style, char **response,
+	    const char *fmt, ...);
+
+#define pam_error(pamh, fmt...) \
+	pam_prompt(pamh, PAM_ERROR_MSG, NULL, fmt)
+#define pam_verror(pamh, fmt, args) \
+	pam_vprompt(pamh, PAM_ERROR_MSG, NULL, fmt, args)
+
+#define pam_info(pamh, fmt...) pam_prompt(pamh, PAM_TEXT_INFO, NULL, fmt)
+#define pam_vinfo(pamh, fmt, args) pam_vprompt(pamh, PAM_TEXT_INFO, NULL, fmt, args)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/Linux-PAM/libpam/include/security/pam_malloc.h b/Linux-PAM/libpam/include/security/pam_malloc.h
deleted file mode 100644
index bbf31338..00000000
--- a/Linux-PAM/libpam/include/security/pam_malloc.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * $Id: pam_malloc.h,v 1.3 2001/11/26 03:04:47 agmorgan Exp $
- */
-
-/*
- * This file (via the use of macros) defines a wrapper for the malloc
- * family of calls. It logs where the memory was requested and also
- * where it was free()'d and keeps a list of currently requested memory.
- *
- * It is hoped that it will provide some help in locating memory leaks.
- */
-
-#ifndef PAM_MALLOC_H
-#define PAM_MALLOC_H
-
-/* these are the macro definitions for the stdlib.h memory functions */
-
-#define malloc(s)      pam_malloc(s,__FILE__,__FUNCTION__,__LINE__)
-#define calloc(n,s)    pam_calloc(n,s,__FILE__,__FUNCTION__,__LINE__)
-#define free(x)        pam_free(x,__FILE__,__FUNCTION__,__LINE__)
-/* #define memalign(a,s)  pam_memalign(a,s,__FILE__,__FUNCTION__,__LINE__) */
-#define realloc(x,s)   pam_realloc(x,s,__FILE__,__FUNCTION__,__LINE__)
-/* #define valloc(s)      pam_valloc(s,__FILE__,__FUNCTION__,__LINE__) */
-/* #define alloca(s)      pam_alloca(s,__FILE__,__FUNCTION__,__LINE__) */
-#define exit(i)        pam_exit(i,__FILE__,__FUNCTION__,__LINE__)
-#define strdup(s)      pam_strdup(s,__FILE__,__FUNCTION__,__LINE__)
-
-/* these are the prototypes for the wrapper functions */
-
-#include <sys/types.h>
-
-extern void *pam_malloc(size_t s,const char *,const char *, int);
-extern void *pam_calloc(size_t n,size_t s,const char *,const char *, int);
-extern void  pam_free(void *x,const char *,const char *, int);
-extern void *pam_memalign(size_t a,size_t s
-			 ,const char *,const char *, int);
-extern void *pam_realloc(void *x,size_t s,const char *,const char *, int);
-extern void *pam_valloc(size_t s,const char *,const char *, int);
-extern void *pam_alloca(size_t s,const char *,const char *, int);
-extern void  pam_exit(int i,const char *,const char *, int);
-extern char *pam_strdup(const char *,const char *,const char *, int);
-
-/* these are the flags used to turn on and off diagnostics */
-
-#define PAM_MALLOC_LEAKED             01
-#define PAM_MALLOC_REQUEST            02
-#define PAM_MALLOC_FREE               04
-#define PAM_MALLOC_EXCH               (PAM_MALLOC_FREED|PAM_MALLOC_EXCH)
-#define PAM_MALLOC_RESIZE            010
-#define PAM_MALLOC_FAIL              020
-#define PAM_MALLOC_NULL              040
-#define PAM_MALLOC_VERIFY           0100
-#define PAM_MALLOC_FUNC             0200
-#define PAM_MALLOC_PAUSE            0400
-#define PAM_MALLOC_STOP            01000
-
-#define PAM_MALLOC_ALL              0777
-
-#define PAM_MALLOC_DEFAULT     \
-  (PAM_MALLOC_LEAKED|PAM_MALLOC_PAUSE|PAM_MALLOC_FAIL)
-
-#include <stdio.h>
-
-extern FILE *pam_malloc_outfile;      /* defaults to stdout */
-
-/* how much output do you want? */
-
-extern int pam_malloc_flags;
-extern int pam_malloc_delay_length;      /* how long to pause on errors */
-
-#endif /* PAM_MALLOC_H */
diff --git a/Linux-PAM/libpam/include/security/pam_modules.h b/Linux-PAM/libpam/include/security/pam_modules.h
index 1f20993f..5c516c4e 100644
--- a/Linux-PAM/libpam/include/security/pam_modules.h
+++ b/Linux-PAM/libpam/include/security/pam_modules.h
@@ -1,32 +1,34 @@
 /*
  * <security/pam_modules.h>
- * 
- * $Id: pam_modules.h,v 1.3 2001/02/05 06:50:41 agmorgan Exp $
  *
+ * This header file collects definitions for the PAM API --- that is,
+ * public interface between the PAM library and PAM modules.
+ *
+ * Note, the copyright information is at end of file.
  */
 
 #ifndef _SECURITY_PAM_MODULES_H
 #define _SECURITY_PAM_MODULES_H
 
-#include <security/_pam_types.h>      /* Linux-PAM common defined types */
-
-/* these defines are used by pam_set_item() and pam_get_item() and are
- * in addition to those found in <security/_pam_types.h> */
+#ifdef __cplusplus
+extern "C" {
+#endif
 
-#define PAM_AUTHTOK     6	/* The authentication token (password) */
-#define PAM_OLDAUTHTOK  7	/* The old authentication token */
+#include <security/_pam_types.h>      /* Linux-PAM common defined types */
 
 /* -------------- The Linux-PAM Module PI ------------- */
 
-extern int pam_set_data(pam_handle_t *pamh, const char *module_data_name,
-			void *data,
-			void (*cleanup)(pam_handle_t *pamh, void *data,
-				       int error_status));
-extern int pam_get_data(const pam_handle_t *pamh,
-			const char *module_data_name, const void **data);
+extern int PAM_NONNULL((1,2))
+pam_set_data(pam_handle_t *pamh, const char *module_data_name, void *data,
+	     void (*cleanup)(pam_handle_t *pamh, void *data,
+			     int error_status));
+
+extern int PAM_NONNULL((1,2,3))
+pam_get_data(const pam_handle_t *pamh, const char *module_data_name,
+	     const void **data);
 
-extern int pam_get_user(pam_handle_t *pamh, const char **user
-			, const char *prompt);
+extern int PAM_NONNULL((1,2))
+pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt);
 
 #ifdef PAM_STATIC
 
@@ -56,7 +58,7 @@ struct pam_module {
 #define PAM_EXTERN extern
 
 #endif /* PAM_STATIC */
-	
+
 /* Lots of files include pam_modules.h that don't need these
  * declared.  However, when they are declared static, they
  * need to be defined later.  So we have to protect C files
@@ -127,9 +129,14 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
 
 #define PAM_DATA_REPLACE   0x20000000     /* used when replacing a data item */
 
+
 /* take care of any compatibility issues */
 #include <security/_pam_compat.h>
 
+#ifdef __cplusplus
+}
+#endif
+
 /* Copyright (C) Theodore Ts'o, 1996.
  * Copyright (C) Andrew Morgan, 1996-8.
  *                                                All rights reserved.
@@ -146,13 +153,13 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
  * 3. The name of the author may not be used to endorse or promote
  *    products derived from this software without specific prior
  *    written permission.
- * 
+ *
  * ALTERNATIVELY, this product may be distributed under the terms of
  * the GNU General Public License, in which case the provisions of the
  * GNU GPL are required INSTEAD OF the above restrictions.  (This
  * clause is necessary due to a potential bad interaction between the
  * GNU GPL and the restrictions contained in a BSD-style copyright.)
- * 
+ *
  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
@@ -166,4 +173,3 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
  * OF THE POSSIBILITY OF SUCH DAMAGE.  */
 
 #endif /* _SECURITY_PAM_MODULES_H */
-
diff --git a/Linux-PAM/libpam/include/security/pam_modutil.h b/Linux-PAM/libpam/include/security/pam_modutil.h
new file mode 100644
index 00000000..efb72436
--- /dev/null
+++ b/Linux-PAM/libpam/include/security/pam_modutil.h
@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 2001-2002 Andrew Morgan <morgan@kernel.org>
+ *
+ * <security/pam_modutil.h>
+ *
+ * This file is a list of handy libc wrappers that attempt to provide some
+ * thread-safe and other convenient functionality to modules in a common form.
+ *
+ * A number of these functions reserve space in a pam_[sg]et_data item.
+ * In all cases, the name of the item is prefixed with "pam_modutil_*".
+ *
+ * On systems that simply can't support thread safe programming, these
+ * functions don't support it either - sorry.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, and the entire permission notice in its entirety,
+ *    including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ *    products derived from this software without specific prior
+ *    written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions.  (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _SECURITY__PAM_MODUTIL_H
+#define _SECURITY__PAM_MODUTIL_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <security/_pam_types.h>
+
+extern struct passwd * PAM_NONNULL((1,2))
+pam_modutil_getpwnam(pam_handle_t *pamh, const char *user);
+
+extern struct passwd * PAM_NONNULL((1))
+pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid);
+
+extern struct group  * PAM_NONNULL((1,2))
+pam_modutil_getgrnam(pam_handle_t *pamh, const char *group);
+
+extern struct group  * PAM_NONNULL((1))
+pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid);
+
+extern struct spwd   * PAM_NONNULL((1,2))
+pam_modutil_getspnam(pam_handle_t *pamh, const char *user);
+
+extern int PAM_NONNULL((1,2,3))
+pam_modutil_user_in_group_nam_nam(pam_handle_t *pamh,
+                                  const char *user,
+                                  const char *group);
+
+extern int PAM_NONNULL((1,2))
+pam_modutil_user_in_group_nam_gid(pam_handle_t *pamh,
+                                  const char *user,
+                                  gid_t group);
+
+extern int PAM_NONNULL((1,3))
+pam_modutil_user_in_group_uid_nam(pam_handle_t *pamh,
+                                  uid_t user,
+                                  const char *group);
+
+extern int PAM_NONNULL((1))
+pam_modutil_user_in_group_uid_gid(pam_handle_t *pamh,
+                                  uid_t user,
+                                  gid_t group);
+
+extern const char * PAM_NONNULL((1))
+pam_modutil_getlogin(pam_handle_t *pamh);
+
+extern int
+pam_modutil_read(int fd, char *buffer, int count);
+
+extern int
+pam_modutil_write(int fd, const char *buffer, int count);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _SECURITY__PAM_MODUTIL_H */