| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2008-11-24 Tomas Mraz <t8m@centrum.cz>
* libpam/pam_handlers.c (_pam_parse_conf_file): '-' at
beginning of type token marks silent module.
(_pam_load_module): Add handler_type parameter. Do not log
module load error if module is silent.
(_pam_add_handler): Pass handler_type to _pam_load_module().
* libpam/pam_private.h: Add PAM_HT_SILENT_MODULE.
* doc/man/pam.conf-syntax.xml: Document the '-' at beginning
of type.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-02-18 Dmitry V. Levin <ldv@altlinux.org>
* libpam/pam_handlers.c (_pam_assemble_line): Fix potential
buffer overflow.
* xtests/tst-pam_assemble_line.pamd: New test for
_pam_assemble_line.
* xtests/tst-pam_assemble_line.sh: New script for
tst-pam_assemble_line.
* xtests/Makefile.am (NOSRCTESTS): Add tst-pam_assemble_line.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2007-10-19 Tomas Mraz <t8m@centrum.cz>
* xtests/tst-pam_access1.c: Use different name for user and group.
* xtests/tst-pam_access1.sh: Likewise.
* xtests/tst-pam_access2.c: Likewise.
* xtests/tst-pam_access2.sh: Likewise.
* xtests/tst-pam_access4.c: Likewise.
* xtests/tst-pam_access4.sh: Likewise.
* xtests/group.conf: Likewise.
* xtests/tst-pam_group1.c: Likewise.
* xtests/tst-pam_group1.sh: Likewise.
* libpam/pam_dispatch.c (_pam_dispatch_aux): Save states for substacks,
record substack level, skip over virtual substack modules, implement
evaluation of done, die, reset and jumps in substacks. Also fixes
too far jumps in substacks.
* libpam/pam_end.c (pam_end): Drop substack evaluation states.
* libpam/pam_handlers.c (_pam_parse_conf_file): Add substack level
parameter, instead of must_fail use handler_type needed for virtual
substack modules.
(_pam_load_conf_file): Add substack level parameter.
(_pam_init_handlers): Substack level parameter added to
_pam_parse_conf_file() calls.
(_pam_load_module): New function.
(_pam_add_handler): Refactor code into the _pam_load_module(). Add
support for virtual substack modules.
* libpam/pam_private.h: Rename must_fail to handler_type, add stack_level
to struct handler. Define handler type constants. Add struct
for substack evaluation states. Define constant for maximum
substack level. Add substack states pointer to former state struct.
* libpam/pam_start.c (pam_start): Initialize pointer to substack states.
* doc/man/pam.conf-syntax.xml: Document substack control.
* xtests/Makefile.am: Add new tests for substack evaluation.
* xtests/run_xtests.sh: Support multiple .pamd files in a test.
* xtests/tst-pam_authfail.pamd: New tests for substack evaluation.
* xtests/tst-pam_authsucceed.pamd: Likewise.
* xtests/tst-pam_substack1.pamd: Likewise.
* xtests/tst-pam_substack1a.pamd: Likewise.
* xtests/tst-pam_substack1.sh: Likewise.
* xtests/tst-pam_substack2.pamd: Likewise.
* xtests/tst-pam_substack2a.pamd: Likewise.
* xtests/tst-pam_substack2.sh: Likewise.
* xtests/tst-pam_substack3.pamd: Likewise.
* xtests/tst-pam_substack3a.pamd: Likewise.
* xtests/tst-pam_substack3.sh: Likewise.
* xtests/tst-pam_substack4.pamd: Likewise.
* xtests/tst-pam_substack4a.pamd: Likewise.
* xtests/tst-pam_substack4.sh: Likewise.
* xtests/tst-pam_substack5.pamd: Likewise.
* xtests/tst-pam_substack5a.pamd: Likewise.
* xtests/tst-pam_substack5.sh: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2006-06-14 Thorsten Kukuk <kukuk@thkukuk.de>
* libpam/pam_handlers.c (extract_modulename): Use _pam_strdup
instead of strdup.
* libpam/pam_private.h: Remove _pam_strCMP.
* libpam/pam_misc.c: Likewise.
* libpam/pam_handlers.c: Replaced _pam_strCMP with strcasecmp.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix infrastructure and compile errors for PAM_STATIC (static modules):
2006-01-22 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_succeed_if/pam_succeed_if.c (pam_sm_acct_mgmt):
Add support for static modules.
* modules/pam_xauth/pam_xauth.c: Likewise.
* libpam/pam_handlers.c (_pam_add_handler): Add pamh to
_pam_open_static_handler call.
* libpam/pam_static.c (_pam_open_static_handler): Add pamh
as argument.
* libpam/pam_private.h: Adjust prototype.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix compiling of static version of shared libpam, libpamc and libpam_misc
libraries without assuming "--enable-static-modules do not make the modules
dynamically loadable".
2006-01-22 Thorsten Kukuk <kukuk@thkukuk.de>
* configure.in: Don't define PAM_DYNAMIC.
* libpam/pam_handlers.c: Get ride of PAM_DYNAMIC, don't
include pam_dynamic.h
* libpam/pam_dynamic.c: Don't include pam_dynamic.h,
exclude functions if we compile with PAM_STATIC.
* libpam/pam_dynamic.h: Remove.
* libpam/pam_private.h: Add function prototypes from pam_dynamic.h.
* libpam/Makefile.am: Bump version number of libpam, remove
pam_dynamic.h.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2005-11-16 Thorsten Kukuk <kukuk@thkukuk.de>
* libpam/pam_handlers.c: Replace code for all dlopen variants with
a generic wrapper.
* libpam/pam_dynamic.c: Implement generic wrapper for dlopen.
* libpam/pam_dynamic.h: Provide prototypes.
For Mac OS X support [#534205]
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix missing NULL pointer check and us asprintf instead of malloc/snprintf
(from Dmitry V. Levin).
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix code for which gcc4.1 prints warnings
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Remove duplicate check for NULL variable (Dmitry V. Levin)
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Replace _pam_system_log with pam_syslog.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Add pam_syslog to unify log messages from PAM modules.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
configure should set _GNU_SOURCE/_BSD_SOURCE
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Big "automake/autoconf/libtool" commit
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
kill features.h inclusion in _pam_aconf.h
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix wrong variable name in debug code
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix seg.fault in case the PAM configuration file is corrupt
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: Last part of fixes from Red Hat
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: Add parts of Steve Grubb's resource leak and other fixes
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Implementation of "include" directive for pam config file syntax.
- added module type PAM_T_ANY needed to know if we are loading included file or main one
- let _pam_parse_conf_file() know of new directive
- new function _pam_load_conf_file() used to load "included" configs
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Fix the many compile-time warnings caused by features.h being included
before our _pam_aconf.h. This should make it much easier to find other
bugs.
Also, call config.status instead of configure, to allow rebuilding
generated files with the same options.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: compatibility
Commit summary:
---------------
A BSD fix from Dag-Erling Smørgrav and Anton Berezin. What was there
before did not correctly deal with BSD dynamic linking.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Legacy behavior for pam_close_session and pam_setcred was not sufficient.
Basically, it appears to be common practice for some applications to call
these functions without first calling pam_authenticate and pam_open_session
which would have frozen the auth and session module stacks.
The new behavior is to treat the returns of these secondary functions as
authoritative when navigating the stack in the absence of a chain-freezing
first set of calls.
pam_chauthtok should not benefit from this behavior, and there does not
appear to be a justification for using an event like this to freeze the
stack outright - legacy behavior did not do that.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new support
Commit summary:
---------------
Include some BSD changes (to the conversation function) and fix a few
gcc warnings.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
This bugfix leads to backwardly incompatable behavior with earlier
releases of Linux-PAM.
Note, this cleans up the setcred/session and chauthtok stacks in
such a way that it is no longer preferred that the setcred module
always return the same error code as the auth components of said
modules did.
This means behavior should be a great deal more sane. It also gives
meaning to the unique return codes that are available to pam_sm_setcred.
[I'm sure that when we add support for credential relevant events,
this change will be critical.]
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature + documentation
Commit summary:
---------------
Cleaned up the handling of AUTHTOK items and pam_[gs]et_data() functions.
Added more clear documentation about the pam_[gs]et_item() functions to
the pam_appl and pam_modules programmer guides.
|
| |
|
