aboutsummaryrefslogtreecommitdiff
path: root/libpam/pam_item.c
Commit message (Collapse)AuthorAgeFilesLines
* Include pam_i18n.h where i18n definitions are requiredDmitry V. Levin2024-08-211-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Do not include <libintl.h> and other i18n stuff via config.h which is included into every compilation unit, include "pam_i18n.h" explicitly where necessary. * configure.ac (AH_BOTTOM): Remove. * libpam/pam_get_authtok.c: Include "pam_i18n.h". * libpam/pam_item.c: Likewise. * libpam/pam_strerror.c: Likewise. * libpam_misc/misc_conv.c: Likewise. * modules/pam_exec/pam_exec.c: Likewise. * modules/pam_faillock/main.c: Likewise. * modules/pam_faillock/pam_faillock.c: Likewise. * modules/pam_lastlog/pam_lastlog.c: Likewise. * modules/pam_limits/pam_limits.c: Likewise. * modules/pam_mail/pam_mail.c: Likewise. * modules/pam_mkhomedir/pam_mkhomedir.c: Likewise. * modules/pam_pwhistory/pam_pwhistory.c: Likewise. * modules/pam_selinux/pam_selinux.c: Likewise. * modules/pam_selinux/pam_selinux_check.c: Likewise. * modules/pam_timestamp/pam_timestamp.c: Likewise. * modules/pam_unix/pam_unix_acct.c: Likewise. * modules/pam_unix/pam_unix_passwd.c: Likewise. * modules/pam_userdb/pam_userdb.c: Likewise.
* pam_set_item: disallow setting service to NULLEgor Ignatov2024-05-301-0/+6
| | | | | This also prevents a possible segfault when pam_set_item tries to convert an empty service_name to lower case.
* libpam: enclose function macrosChristian Göttsche2024-01-041-2/+2
| | | | | Avoid potential dangling-else issues by wrapping macros inside a while loop.
* libpam: ensure correct argument type when printing debug outputBenny Baumann2023-11-131-1/+1
| | | | | | | | While the underlying type for setting the TTY was correct, the additional output neglected to include the type cast necessary when actually printing the data. This is rectified here. Signed-off-by: Benny Baumann <BenBE@geshi.org>
* treewide: do not cast calloc/malloc/reallocTobias Stoeckmann2023-11-121-2/+1
| | | | | | | It is not required to cast the results of calloc, malloc, realloc, etc. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: simplify IF_NO_PAMHTobias Stoeckmann2023-11-121-3/+3
| | | | | | | | | | | | | The first argument of IF_NO_PAMH is supposed to be the name of the function which was called with pamh being NULL. With __FUNCTION__ the name can be inserted automatically by the compiler which is also already done with D macro. Fixes a bug in which _pam_drop_env erroneously logs with the function name _pam_make_env. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: remove function prefixes in debug messagesTobias Stoeckmann2023-11-121-1/+1
| | | | | | The D macro itself already adds the function names. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: cast to unsigned char for character handling functionChristian Göttsche2023-08-071-1/+1
| | | | | | | | Character handling functions, like isspace(3), expect a value representable as unsigned char or equal to EOF. Otherwise the behavior is undefined. See https://wiki.sei.cmu.edu/confluence/display/c/STR37-C.+Arguments+to+character-handling+functions+must+be+representable+as+an+unsigned+char
* libpam: make use of secure memory erasureChristian Göttsche2023-02-281-10/+10
| | | | | | Non trivial changes: - erase responses in pam_get_authtok_internal() on error branch
* pam_get_user: do not override valid values returned by the conversation functionDmitry V. Levin2020-05-061-22/+26
| | | | | | | | | | When the conversation function returned a value different from PAM_CONV_AGAIN and provided no response, pam_get_user used to replace the return value with PAM_CONV_ERR. Fix this and replace the return value only if it was PAM_SUCCESS. * libpam/pam_item.c (pam_get_user): Do not override valid values returned by the conversation function.
* pam_get_user: filter conversation function return valuesDmitry V. Levin2020-05-061-0/+10
| | | | | | | | | | Do not assume that the conversation function provided by the application strictly follows the return values guidelines, replace undocumented return values with PAM_CONV_ERR. * libpam/pam_item.c (pam_get_user): If the value returned by the conversation function is not one of PAM_SUCCESS, PAM_BUF_ERR, PAM_CONV_AGAIN, or PAM_CONV_ERR, replace it with PAM_CONV_ERR.
* pam_get_user: consistently return PAM_SYSTEM_ERR if user specified a NULL ↵Dmitry V. Levin2020-05-061-2/+2
| | | | | | | | | | | | | | | | | | | pointer pam_get_user returns PAM_SYSTEM_ERR in case of pamh == NULL. In case of user == NULL, however, it used to return PAM_PERM_DENIED, and in case of NULL conversation function it used to return PAM_SERVICE_ERR. According to the documentation, PAM_SYSTEM_ERR shall be returned if a NULL pointer was submitted. Fix this inconsistency and return PAM_SYSTEM_ERR in each of these programming error cases. * libpam/pam_item.c (pam_get_user): Return PAM_SYSTEM_ERR instead of PAM_PERM_DENIED if user == NULL. Return PAM_SYSTEM_ERR instead of PAM_SERVICE_ERR if pamh->pam_conversation == NULL.
* Fix whitespace issuesDmitry V. Levin2011-10-261-3/+3
| | | | | | Cleanup trailing whitespaces, indentation that uses spaces before tabs, and blank lines at EOF. Make the project free of warnings reported by git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD
* 2011-05-30 Thorsten Kukuk <kukuk@thkukuk.de>Thorsten Kukuk2011-05-301-3/+3
| | | | | | | | | | | * modules/pam_timestamp/pam_timestamp.c (main): Remove unsused variable pretval. * modules/pam_stress/pam_stress.c (converse): **message is const. (stress_get_password): pmsg is const. (pam_sm_chauthtok): Likewise. * libpam/pam_item.c (pam_get_user): Make pmsg const and remove casts.
* Relevant BUGIDs:Thorsten Kukuk2008-12-111-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: new feature Commit summary: --------------- 2008-12-10 Thorsten Kukuk <kukuk@thkukuk.de> * doc/man/pam_item_types_ext.inc.xml: Document PAM_AUTHTOK_TYPE. * libpam/pam_end.c (pam_end): Free authtok_type. * tests/tst-pam_get_item.c: Add PAM_AUTHTOK_TYPE as test case. * tests/tst-pam_set_item.c: Likewise. * libpam/pam_start.c (pam_start): Initialize xdisplay, xauth and authtok_type. * libpam/pam_get_authtok.c (pam_get_authtok): Rename "type" to "authtok_type". * modules/pam_cracklib/pam_cracklib.8.xml: Replace "type=" with "authtok_type=". * doc/man/pam_get_authtok.3.xml: Document authtok_type argument. * modules/pam_cracklib/pam_cracklib.c (pam_sm_chauthtok): Set type= argument as PAM_AUTHTOK_TYPE item. * libpam/pam_get_authtok.c (pam_get_authtok): If no type argument given, use PAM_AUTHTOK_TYPE item. * libpam/pam_item.c (pam_get_item): Fetch PAM_AUTHTOK_TYPE item. (pam_set_item): Store PAM_AUTHTOK_TYPE item. * libpam/pam_private.h: Add authtok_type to pam_handle. * libpam/include/security/_pam_types.h (PAM_AUTHTOK_TYPE): New.
* Relevant BUGIDs:Tomas Mraz2008-04-081-11/+19
| | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2008-04-08 Tomas Mraz <t8m@centrum.cz> * libpam/pam_item.c (TRY_SET): Do not set when destination is identical to source. (pam_set_item): Do not overwrite destination when it is identical to source.
* Relevant BUGIDs:Tomas Mraz2008-03-031-35/+31
| | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2008-03-03 Tomas Mraz <t8m@centrum.cz> * libpam/pam_item.c(RESET): Rename to TRY_SET, handle strdup failure. (pam_set_item): Use TRY_SET() also for PAM_AUTHTOK and PAM_OLDAUTHTOK. Handle allocation failure for PAM_XAUTHDATA. (pam_get_user): Return error when conversation returns NULL user. Call pam_set_item() instead of RESET().
* Relevant BUGIDs:Thorsten Kukuk2008-01-281-1/+2
| | | | | | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- 2008-01-28 Thorsten Kukuk <kukuk@thkukuk.de> * libpam/pam_audit.c: Include pam_modutil_private.h. * libpam/pam_item.c (pam_set_item): Fix compiler warning. * libpam/pam_end.c (pam_end): Cast to correct pointer type. * libpam/include/security/_pam_macros.h (_pam_overwrite_n): Use unsigned int.
* Relevant BUGIDs:Tomas Mraz2007-12-061-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: new feature Commit summary: --------------- 2007-12-06 Eamon Walsh <ewalsh@tycho.nsa.gov> * libpam/include/security/_pam_macros.h: Add _pam_overwrite_n() macro. * libpam/include/security/_pam_types.h: Add PAM_XDISPLAY, PAM_XAUTHDATA items, pam_xauth_data struct. * libpam/pam_item.c (pam_set_item, pam_get_item): Handle PAM_XDISPLAY and PAM_XAUTHDATA items. * libpam/pam_end.c (pam_end): Destroy the new items. * libpam/pam_private.h (pam_handle): Add data members for new items. Add prototype for _pam_memdup. * libpam/pam_misc.c: Add _pam_memdup. * doc/man/Makefile.am: Add pam_xauth_data.3. Replace pam_item_types.inc.xml with pam_item_types_std.inc.xml and pam_item_types_ext.inc.xml. * doc/man/pam_get_item.3.xml: Replace pam_item_types.inc.xml with pam_item_types_std.inc.xml and pam_item_types_ext.inc.xml. * doc/man/pam_set_item.3.xml: Likewise. * doc/man/pam_item_types.inc.xml: Removed file. * doc/man/pam_item_types_ext.inc.xml: New file. * doc/man/pam_item_types_std.inc.xml: New file.
* Relevant BUGIDs:Thorsten Kukuk2006-03-121-13/+14
| | | | | | | | | | | | | Purpose of commit: bugfix/new feature Commit summary: --------------- 2006-03-12 Thorsten Kukuk <kukuk@thkukuk.de> * libpam/pam_item.c (pam_get_user): Check for valid pamh before using it. * tests/tst-pam_get_user.c: New.
* Relevant BUGIDs:Tomas Mraz2005-09-201-1/+1
| | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Revert de-constification of pam_get_data and pam_get_item prototypes
* Relevant BUGIDs:Tomas Mraz2005-09-191-1/+1
| | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Added PAM_NONNULL attributes to some public API (by ldv) Removed const qualifiers from pam_get_item, pam_get_data to comply with spec
* Relevant BUGIDs:Tomas Mraz2005-09-171-0/+3
| | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Log nonconforming conversation function behavior (by ldv)
* Relevant BUGIDs: noneThorsten Kukuk2005-09-041-8/+8
| | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Replace _pam_system_log with pam_syslog.
* Relevant BUGIDs: noneThorsten Kukuk2005-08-261-1/+1
| | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- Mark missing strings for translations (login and password) Fix \a problem with pot/po files
* Relevant BUGIDs: noneThorsten Kukuk2005-08-231-1/+9
| | | | | | | | | | Purpose of commit: new feature Commit summary: --------------- Change major version number back to "0". Add more patches from ALT-Linux/OWL:
* Relevant BUGIDs: noneThorsten Kukuk2005-08-161-4/+0
| | | | | | | | | Purpose of commit: new feature Commit summary: --------------- Big "automake/autoconf/libtool" commit
* Relevant BUGIDs:Thorsten Kukuk2004-09-221-6/+8
| | | | | | | | | Purpose of commit: Commit summary: --------------- bugfix: Add rest of Steve Grubb's resource leak and other fixes
* Relevant BUGIDs: 770645Steve Langasek2003-07-131-2/+2
| | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Fix the many compile-time warnings caused by features.h being included before our _pam_aconf.h. This should make it much easier to find other bugs. Also, call config.status instead of configure, to allow rebuilding generated files with the same options.
* Relevant BUGIDs: 129027, 128576Andrew G. Morgan2001-01-221-41/+86
| | | | | | | | | | Purpose of commit: new feature + documentation Commit summary: --------------- Cleaned up the handling of AUTHTOK items and pam_[gs]et_data() functions. Added more clear documentation about the pam_[gs]et_item() functions to the pam_appl and pam_modules programmer guides.
* Relevant BUGIDs: 124391Jan Rekorajski2000-12-041-16/+0
| | | | | | | | Purpose of commit: cleanup Commit summary: --------------- * removed unnecessary CVS Log tags from all over the source
* Initial revisionAndrew G. Morgan2000-06-201-0/+304
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-08 18:13:13 +0000