aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* pam_env: remove allocator sizeof operator mismatchChristian Göttsche2023-08-071-2/+2
| | | | | | | | | | | | | | | | An array of strings is allocated (into a pointer) so the single array element to be allocated is char*. Since sizeof(char**) should be always equal to sizeof(char*) this caused no issues so far. Reported by Clang analyzer: pam_env.c:391:14: warning: Result of 'malloc' is converted to a pointer of type 'char *', which is incompatible with sizeof operand type 'char **' [unix.MallocSizeof] 391 | *lines = malloc((i + 1)* sizeof(char**)); | ^~~~~~ ~~~~~~~~~~~~~~ pam_env.c:401:13: warning: Result of 'realloc' is converted to a pointer of type 'char *', which is incompatible with sizeof operand type 'char **' [unix.MallocSizeof] 401 | tmp = realloc(*lines, (++i + 1) * sizeof(char**)); | ^~~~~~~ ~~~~~~~~~~~~~~
* libpam: avoid reserved variable names in macrosChristian Göttsche2023-08-071-13/+13
| | | | | | Identifiers staring with an underscores are reserved by the C standard. Also avoid double underscore, which are reserved by C++, in header file.
* pam_timestamp: use secure memory erasureChristian Göttsche2023-08-071-2/+3
| | | | Closes: #575
* pam_timestamp: constify sha1 padding blockChristian Göttsche2023-08-071-1/+1
| | | | The padding block is only read from via memcpy(3).
* modules: cast to unsigned char for character handling functionChristian Göttsche2023-08-0715-39/+39
| | | | | | | | Character handling functions, like isspace(3), expect a value representable as unsigned char or equal to EOF. Otherwise the behavior is undefined. See https://wiki.sei.cmu.edu/confluence/display/c/STR37-C.+Arguments+to+character-handling+functions+must+be+representable+as+an+unsigned+char
* libpamc: cast to unsigned char for character handling functionChristian Göttsche2023-08-071-1/+1
| | | | | | | | Character handling functions, like isspace(3), expect a value representable as unsigned char or equal to EOF. Otherwise the behavior is undefined. See https://wiki.sei.cmu.edu/confluence/display/c/STR37-C.+Arguments+to+character-handling+functions+must+be+representable+as+an+unsigned+char
* libpam: cast to unsigned char for character handling functionChristian Göttsche2023-08-074-9/+9
| | | | | | | | Character handling functions, like isspace(3), expect a value representable as unsigned char or equal to EOF. Otherwise the behavior is undefined. See https://wiki.sei.cmu.edu/confluence/display/c/STR37-C.+Arguments+to+character-handling+functions+must+be+representable+as+an+unsigned+char
* conf: cast to unsigned char for character handling functionChristian Göttsche2023-08-071-1/+1
| | | | | | | | Character handling functions, like isspace(3), expect a value representable as unsigned char or equal to EOF. Otherwise the behavior is undefined. See https://wiki.sei.cmu.edu/confluence/display/c/STR37-C.+Arguments+to+character-handling+functions+must+be+representable+as+an+unsigned+char
* ci: add GCC 13 job with sanitzersChristian Göttsche2023-08-071-0/+18
|
* pam_faillock: free handle in testChristian Göttsche2023-08-071-0/+1
|
* pam_start: free handlers on handler init failureChristian Göttsche2023-08-071-0/+1
| | | | | If the pam handlers fail to initialize halfway, clean them up afterwards. Since we set the handle to NULL callers can't clean them.
* tests: free return value of _pam_mkargv()Christian Göttsche2023-08-071-0/+2
| | | | | _pam_mkargv() states that callers should free the returned value since otherwise the memory gets leaked.
* tests: free handles via pam_end()Christian Göttsche2023-08-074-0/+14
| | | | | | Destroy the pam handles via pam_end() to release all associated resources. This allows to run the test-suite with sanitizers and validates the resource cleanup in pam_end() and callees.
* pam_selinux: fix formatting of audit messagesSteve Grubb2023-08-041-1/+1
| | | | | | | pam_selinux uses audit_log_user_message to write to the audit system. It does not take an op argument, so you have to add one yourself. Otherwise the pam_selinux part of the message is lost because it's not in key=value format.
* pam_faillock: fix formatting of audit messagesSteve Grubb2023-08-041-2/+2
| | | | | | | | | | | pam_faillock uses audit_log_user_message to write to the audit system. It does not take an op argument, so you have to add one yourself. Otherwise the pam_faillock part of the message is lost because it's not in key=value format. Also, we can't use uid in that event because the kernel already adds that field. What we normally do is use 'suid' (meaning sender uid) as the field name.
* pam_access: make non-resolveable hostname a debug output (#590)Thorsten Kukuk2023-08-041-1/+2
| | | | | | * modules/pam_access/pam_access.c (network_netmask_match): Don't print an error if a string is not resolveable, only a debug message in debug mode. We even don't know if that entry is for remote logins or not.
* pam_access: document IPv6 link-local addresses (#582)Thorsten Kukuk2023-08-032-1/+14
| | | | | | | * modules/pam_access/access.conf.5.xml: Add example and note for IPv6 link-local addresses * modules/pam_access/access.conf: Add example for IPv6 link-local addresses
* pam_unix: improve fallback values for "rounds" for yescrypt and blowfishJulian Kranz2023-07-171-4/+8
| | | | | | | | This change improves the fallback values for the "rounds" parameter for yescrypt and blowfish by using the smallest reasonable value if the user sets a too low value and by using the highest reasonable value if the user sets a too high value. This better realizes user intent and is consistent with the approach taken for SHA256.
* pam_userdb: enable GDBM supportIker Pedrosa2023-07-172-14/+86
| | | | | | | | * configure.ac: add `gdbm` option to `enable-db` * modules/pam_userdb/pam_userdb.c: conditionally provide database access depending on the database technology Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
* .github: add gcc-13 and clang-15 jobsDmitry V. Levin2023-06-071-10/+38
| | | | | | | | | | | | * .github/workflows/ci.yml (gcc13-x86_64, clang15-x86_64): New jobs. (gcc12-x86_64-vendordir): Rename to gcc13-x86_64-vendordir, replace gcc-12 with gcc-13. (gcc12-x86_64-openssl): Rename to gcc13-x86_64-openssl, replace gcc-12 with gcc-13. (clang14-x86_64-vendordir): Rename to clang15-x86_64-vendordir, replace clang-14 with clang-15. (clang14-x86_64-openssl): Rename to clang15-x86_64-openssl, replace clang-14 with clang-15.
* Fix build if crypt_r isn't availableBernhard Rosenkränzer2023-06-071-1/+1
| | | | | | | | retval was being defined only in #ifdef HAVE_CRYPT_R, but used unconditionally. Signed-off-by: Bernhard Rosenkränzer <bero@lindev.ch> Fixes: bcba17939e1b ("modules: make use of secure memory erasure")
* po: update translations using Weblate (Slovak)Ondrej Sulek2023-06-061-12/+11
| | | | | | Currently translated at 100.0% (101 of 101 strings). Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/sk/
* pam_shells: Plug econf memory leakTobias Stoeckmann2023-05-181-0/+1
| | | | Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* pam_shells: return PAM_USER_UNKNOWN if getpwnam failsJonathan Krebs2023-05-172-2/+18
| | | | | | Until before, in this case PAM_AUTH_ERR was returned. This leads to unknown users being logged with the unknown username. Now it resembles the behaviour of other modules like pam_unix in this case.
* pam_xauth: switch away from PATH_MAXPino Toscano2023-05-171-10/+18
| | | | | | | | Allocate the path buffer in check_acl() dynamically using asprintf(), so there is no need to use a PATH_MAX-fixed size buffer. The fallback PATH_MAX definition is no more needed, thus is dropped. Make sure that paths too long still result in PAM_SESSION_ERR.
* pam_mkhomedir: simplify handling of newsource/newdestPino Toscano2023-05-121-85/+32
| | | | | | | | | | | | | | | | | To support OSes without PATH_MAX (which is optional in POSIX), there are two code paths for the 'newsource' and 'newdest' variables: one using a PATH_MAX-sized stack buffer, and one using heap allocation. The second is even more complicated than needed, doing manual calculations and allocations. To simplify the code a bit more, easing its maintenance, unify the two using asprintf() to allocate 'newsource' and 'newdest': the extra allocation needed should not be an issue, since this code runs in a separate helper executable. As additional change for this simplification, remove the reset to the two variables to NULL right after their free(), which is not needed since their scopes end.
* pam_limits: build again on non-Linux OSesPino Toscano2023-05-121-0/+8
| | | | | | | | | | Even if this module is supported officially on Linux, make sure it can still build fine on non-Linux OSes, to ease its testing/fixing a bit: - build parse_kernel_limits() and stuff needed for it only on Linux, as it is called already only on Linux - limit the code needed to apply the 'nonewprivs' options to Linux only, as it uses a Linux-specific way to set it; add a syslog message for other OSes
* examples/tty_conv: fix build on muslViolet Purcell2023-05-121-2/+3
| | | | | | termio.h is the old System V version of the interface header, and is only provided in glibc and dietlibc as far as I can tell. This fixes it to use the POSIX termios.h instead.
* po: update translations using Weblate (Korean)김인수2023-05-111-1/+1
| | | | | | Currently translated at 100.0% (101 of 101 strings). Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/ko/
* po: update translations using Weblate (Hungarian)Dankaházi (ifj.) István2023-05-111-1/+1
| | | | | | Currently translated at 76.2% (77 of 101 strings). Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/hu/
* configure.ac: add --enable-examples optionPino Toscano2023-05-112-1/+9
| | | | | | | | Allow the user to not build the examples through --disable-examples (enabled by default); this can be useful: - when cross-compiling, as the examples are not useful - in distribution builds, not building stuff that is not used in any way
* pam_nologin: explicitly fail when nologin path is a directoryPino Toscano2023-05-111-0/+10
| | | | | | | On some systems (e.g. GNU/Hurd), read() succeeds on the fd of a directory; since the module assumes that read() fails (and thus pam_modutil_read() as well), manually fail in case the open fd refers to a directory.
* pam_timestamp: do not assume PATH_MAX is definedPino Toscano2023-05-111-1/+3
| | | | | PATH_MAX is optional in POSIX, and not defined on GNU/Hurd; hence, in case it is not defined, define BUFLEN directly to LINE_MAX.
* pam_pwhistory: switch away from PATH_MAXPino Toscano2023-05-111-11/+29
| | | | | Allocate the buffers dynamically using asprintf(), so there is no need to use PATH_MAX-fixed size buffers.
* tests: define PATH_MAX if not availablePino Toscano2023-05-112-0/+9
| | | | | | PATH_MAX is optional in POSIX, and not defined on GNU/Hurd; since these sources are tests, it is fine to hardcoded a fallback value that allows the tests to build and run.
* modules: update Linux detectionChristian Göttsche2023-05-072-2/+2
| | | | | | | | GCC and Clang only define the macro `linux` when using the GNU dialect of C (e.g. -std=gnu11 instead of -std=c11). Since `linux` is also not in a reserved namespace it might be target of collisions. Use the canonical macro `__linux__` instead (already used in pam_limits.c).
* po: update .pot and .po filesDmitry V. Levin2023-04-2983-2458/+2458
| | | | | | Regenerate po/Linux-PAM.pot and po/*.po using "make -C po update-po" command. This essentially updates the project version, line numbers, and timestamps.
* Prepare for 1.5.3 releaseDmitry V. Levin2023-04-292-1/+25
| | | | | * configure.ac (AC_INIT): Raise version to 1.5.3. * NEWS: Update.
* po: update translations using Weblate (Romanian)Remus-Gabriel Chelu2023-04-231-55/+57
| | | | | | Currently translated at 100.0% (101 of 101 strings). Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/ro/
* po: update translations using Weblate (Korean)김인수2023-04-231-27/+27
| | | | | | Currently translated at 100.0% (101 of 101 strings). Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/ko/
* pam_succeed_if: do not use the result of keyword substitution for keyword matchDmitry V. Levin2023-04-201-22/+14
| | | | | | | * modules/pam_succeed_if/pam_succeed_if.c (evaluate): Do not use the result of keyword substitution for keyword match. Resolves: https://github.com/linux-pam/linux-pam/issues/560
* ci: add --enable-openssl jobs to the ci matrixDmitry V. Levin2023-04-202-0/+36
| | | | Link: https://github.com/linux-pam/linux-pam/pull/550#issuecomment-1490362439
* build: fix --enable-opensslStefan Schubert2023-04-202-11/+15
| | | | | | | * Make.xml.rules.in: Avoid conflicting profile.condition settings. * configure.ac: Likewise. Resolves: https://github.com/linux-pam/linux-pam/issues/553
* pam_timestamp: Only build hmacfile when no opensslIker Pedrosa2023-04-201-5/+2
| | | | | | | * modules/pam_timestamp/Makefile.am: Only build hmacfile target when openssl isn't enabled. Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
* man: clarify PAM_DATA_SILENT in pam_set_data.3Luca Boccassi2023-04-201-1/+7
| | | | | | pam_end.3 has additional and important information about PAM_DATA_SILENT, copy it to pam_set_data.3 since that describes the cleanup callback where it will be set.
* fix a grammar mistakeMark Huang2023-04-201-1/+1
|
* configure: Disable NIS if header files are missingThorsten Kukuk2023-04-063-11/+11
| | | | | | configure.ac: Disable NIS if RPC or YP header files are missing modules/pam_unix/support.c: Use HAVE_NIS to check for header file presence modules/pam_unix/pam_unix_passwd.c: Use HAVE_NIS, too
* doc: Include custom-html.xsl.in and custom-man.xsl.inThorsten Kukuk2023-04-041-1/+1
| | | | | doc/Makefile.am: Replace custom-html.xsl and custom-man.xsl with custom-html.xsl.in and custom-man.xsl.in EXTRA_DIST
* treewide: fix unnecessary $ on arithmetic variablesDmitry V. Levin2023-03-312-2/+2
| | | | This should fix shellcheck warning SC2004.
* pgp.keys.asc: updateDmitry V. Levin2023-03-301-150/+134
| | | | | | * pgp.keys.asc: Replace with the key used to sign v1.5.2. Resolves: https://github.com/linux-pam/linux-pam/issues/544
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-03 05:04:04 +0000