diff options
Diffstat (limited to 'libpam/include/security')
| -rw-r--r-- | libpam/include/security/_pam_macros.h | 28 | ||||
| -rw-r--r-- | libpam/include/security/_pam_types.h | 6 | ||||
| -rw-r--r-- | libpam/include/security/pam_modutil.h | 11 |
3 files changed, 34 insertions, 11 deletions
diff --git a/libpam/include/security/_pam_macros.h b/libpam/include/security/_pam_macros.h index e891e226..b5129d2a 100644 --- a/libpam/include/security/_pam_macros.h +++ b/libpam/include/security/_pam_macros.h @@ -7,6 +7,8 @@ * Organized by Cristian Gafton <gafton@redhat.com> */ +#include "_pam_types.h" + /* a 'safe' version of strdup */ #include <stdlib.h> @@ -14,20 +16,22 @@ #define x_strdup(s) ( (s) ? strdup(s):NULL ) -/* Good policy to strike out passwords with some characters not just - free the memory */ +/* + * WARNING: Do NOT use these overwrite macros, as they do not reliable + * override the memory. + */ -#define _pam_overwrite(x) \ -do { \ - register char *__xx__; \ - if ((__xx__=(x))) \ - while (*__xx__) \ - *__xx__++ = '\0'; \ +#define _pam_overwrite(x) \ +do { \ + PAM_DEPRECATED register char *__xx__; \ + if ((__xx__=(x))) \ + while (*__xx__) \ + *__xx__++ = '\0'; \ } while (0) #define _pam_overwrite_n(x,n) \ do { \ - register char *__xx__; \ + PAM_DEPRECATED register char *__xx__; \ register unsigned int __i__ = 0; \ if ((__xx__=(x))) \ for (;__i__<n; __i__++) \ @@ -46,9 +50,13 @@ do { \ } \ } while (0) +/* + * WARNING: Do NOT use this macro, as it does not reliable override the memory. + */ + #define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \ do { \ - int reply_i; \ + PAM_DEPRECATED int reply_i; \ \ for (reply_i=0; reply_i<replies; ++reply_i) { \ if (reply[reply_i].resp) { \ diff --git a/libpam/include/security/_pam_types.h b/libpam/include/security/_pam_types.h index 2abb7ee5..4d6909e8 100644 --- a/libpam/include/security/_pam_types.h +++ b/libpam/include/security/_pam_types.h @@ -160,6 +160,12 @@ typedef struct pam_handle pam_handle_t; # define PAM_FORMAT(params) #endif +#if PAM_GNUC_PREREQ(3,1) +# define PAM_DEPRECATED __attribute__((__deprecated__)) +#else +# define PAM_DEPRECATED +#endif + #if PAM_GNUC_PREREQ(3,3) && !defined(LIBPAM_COMPILE) # define PAM_NONNULL(params) __attribute__((__nonnull__ params)) #else diff --git a/libpam/include/security/pam_modutil.h b/libpam/include/security/pam_modutil.h index 33f87b90..c2578323 100644 --- a/libpam/include/security/pam_modutil.h +++ b/libpam/include/security/pam_modutil.h @@ -147,7 +147,16 @@ pam_modutil_sanitize_helper_fds(pam_handle_t *pamh, enum pam_modutil_redirect_fd redirect_stdout, enum pam_modutil_redirect_fd redirect_stderr); -/* lookup a value for key in login.defs file or similar key value format */ +/************************************************** + * @brief Lookup a value for the key in the file (i.e. login.defs or a similar + * key-value format file). + * + * @param[in] pamh The pam handle structure + * @param[in] file_name Configuration file name + * @param[in] key Lookup key + * + * @return value, or NULL if key was not found. + **************************************************/ extern char * PAM_NONNULL((1,2,3)) pam_modutil_search_key(pam_handle_t *pamh, const char *file_name, |