| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
There is no point in supporting two different build systems.
|
| |
|
|
|
|
|
|
|
|
| |
On my non-representative hardware, the full build using autotools
(./autogen.sh && CFLAGS=-O2 ./configure && make -j`nproc` && make -j`nproc` install)
takes about 45 seconds.
On the same hardware, the full build using meson
(meson setup -Doptimization=2 dir && meson compile -C dir && meson install -C dir)
takes just about 7.5 seconds.
|
| |
|
|
|
|
|
|
| |
The includedir variable in pkgconfig files used to erroneously contain
"security" subsirectory, e.g. /usr/include/security, which led to Cflags
tag containing wrong -I compiler option, e.g. -I/usr/include/security.
Fixes: b4f0e2e1f7a1 ("Add pkgconfig files for provided libraries")
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Move function bodies from headers into dedicated object files stored in
libpam_internal. This library won't be installed.
Keep the debug function body in header, even though disabled when
building Linux-PAM, to stay API compatible with previous versions.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
| | |
|
| |
|
|
|
|
| |
Assign the error code instead of performing a no-op comparison.
Reported by cppcheck.
|
| |
|
|
|
|
|
| |
Close pipes opened via popen(3) with pclose(3).
Also close the pipe in error branches.
Reported by cppcheck.
|
| |
|
|
|
| |
Suggested-by: Benny Baumann <BenBE@geshi.org>
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
| |
|
|
|
|
| |
Typos found with codespell
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
| |
|
|
|
|
|
| |
Very long strings could overflow the int data type. Make sure to use
the correct data type.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
| |
|
|
|
| |
The C standard guarantees that if the argument of free() is a null
pointer, no action occurs.
|
| |
|
|
|
|
|
|
| |
Character handling functions, like isspace(3), expect a value
representable as unsigned char or equal to EOF. Otherwise the behavior
is undefined.
See https://wiki.sei.cmu.edu/confluence/display/c/STR37-C.+Arguments+to+character-handling+functions+must+be+representable+as+an+unsigned+char
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gcc-12 insists on issuing the following warning:
In file included from libpamc.h:13,
from pamc_converse.c:9:
pamc_converse.c: In function 'pamc_converse':
include/security/pam_client.h:129:27: error: array subscript 'struct <anonymous>[0]' is partly outside array bounds of 'unsigned char[6]' [-Werror=array-bounds]
129 | (*(old_p))->control = cntrl; \
| ^~
pamc_converse.c:209:5: note: in expansion of macro 'PAM_BP_RENEW'
209 | PAM_BP_RENEW(prompt_p, PAM_BPC_FAIL, 0);
| ^~~~~~~~~~~~
include/security/pam_client.h:87:29: note: object of size 6 allocated by 'calloc'
87 | # define PAM_BP_CALLOC calloc
| ^
include/security/pam_client.h:124:29: note: in expansion of macro 'PAM_BP_CALLOC'
124 | if ((*(old_p) = PAM_BP_CALLOC(1, 1+__size))) { \
| ^~~~~~~~~~~~~
pamc_converse.c:209:5: note: in expansion of macro 'PAM_BP_RENEW'
209 | PAM_BP_RENEW(prompt_p, PAM_BPC_FAIL, 0);
| ^~~~~~~~~~~~
* libpamc/include/security/pam_client.h (pamc_bp_t): Decorate the
structure pointed by pamc_bp_t pointer as packed. Despite being a part
of the API, the structure is not supposed to be used directly, and all
the interface macros were assuming from the very beginning that this
structure is packed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
files.
Fix undefined references to ${exec_prefix} in pkgconfig files on Guix.
The subsequent declarations of ${libdir} and ${includedir} in the same
files require this commit when ${prefix} is set to something other
than /usr.
When the pkgconfig files were initially provided, the two lines added
here were dropped for what seemed like a good reason. [1] In the
common case of a /usr prefix, 'configure.ac' sets ${libdir} and
possibly ${includedir} explicitly [2] so the additional lines were
then not needed.
Guix and probably Nix too, however, depart from the Filesystem
Hierarchy Standard and require the missing lines. Without those lines,
the pkgconfig files are defective on Guix. [3]
Since working systems are not affected, the lines are added for all.
The fix was confirmed for Guix. One of the files looked like this:
prefix=/gnu/store/3mcmjilqrivrpb3hvps32lnbnyrxrzr8-linux-pam-1.5.2-1.dc2f566
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=/gnu/store/3mcmjilqrivrpb3hvps32lnbnyrxrzr8-linux-pam-1.5.2-1.dc2f566/include/security
Name: PAM
Description: The primary Linux-PAM library. It is used by PAM modules and PAM-aware applications.
URL: http://www.linux-pam.org/
Version: 1.5.2
Cflags: -I${includedir}
Libs: -L${libdir} -lpam
* libpam/pam.pc.in, libpamc/pamc.pc.in, libpam_misc/pam_misc.pc.in:
Add @prefix@ and @exec_prefix@.
Resolves: https://github.com/linux-pam/linux-pam/issues/466
[1] https://github.com/linux-pam/linux-pam/pull/369#discussion_r650557756
[2] https://github.com/linux-pam/linux-pam/blob/40c271164dbcebfc5304d0537a42fb42e6b6803c/configure.ac#L28-L36
[3] https://github.com/linux-pam/linux-pam/issues/466
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* .gitignore: Add .pc files as they are generated by autoconf.
* configure.ac: Generate .pc files for libpam, libpam_misc and libpamc.
* libpam/Makefile.am: Install pam.pc.
* libpam/pam.pc.in: New file.
* libpam_misc/Makefile.am: Install pam_misc.pc
* libpam_misc/pam_misc.pc.in: New file.
* libpamc/Makefile.am: Install pamc.pc
This allow applications and PAM modules to automatically find libpam,
libpam_misc and libpamc if they are installed instead of having to
manually search for them.
|
| |
|
|
|
|
|
|
|
| |
This ensures "config.h" is included before any system header included by
libpamc.h, which fixes the following bug reported by ALT diagnostics:
verify-elf: ERROR: ./lib/libpamc.so.0.82.1: uses non-LFS functions: __xstat readdir
* libpamc/libpamc.h: Include "config.h".
|
| | |
|
| |
|
|
| |
u_intX_t is a glibcism this fixes the issue of compiling against musl libc.
|
| |
|
|
|
|
|
|
| |
To be able to set CFLAGS from make command-line but not to lose the
warning flags.
* configure.ac: Put warning flags to WARN_CFLAGS instead of CFLAGS.
* */Makefile.am: Apply WARN_CFLAGS to AM_CFLAGS.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* conf/pam_conv1/Makefile.am: Add -Wno-unused-function -Wno-sign-compare to CFLAGS.
* doc/specs/Makefile.am: Likewise.
* libpamc/include/security/pam_client.h: Explicitly compare old_p with NULL.
* modules/pam_access/pam_access.c: Avoid double const.
* modules/pam_filter/pam_filter.c: Avoid arbitrary constants. Avoid strncpy()
without copying the NUL byte.
* modules/pam_group/pam_group.c: Mark switch fallthrough with comment.
* modules/pam_time/pam_time.c: Likewise.
* modules/pam_limits/pam_limits.c: Remove unused units variable.
* modules/pam_listfile/pam_listfile.c: Avoid unnecessary strncpy, use pointers.
* modules/pam_rootok/pam_rootok.c (log_callback): Mark unused parameter.
* modules/pam_selinux/pam_selinux.c: Use string_to_security_class() instead
of hardcoded value.
* modules/pam_sepermit/pam_sepermit.c: Properly cast when comparing.
* modules/pam_succeed_if/pam_succeed_if.c: Mark unused parameters.
* modules/pam_unix/pam_unix_passwd.c: Remove unused variables and properly
cast for comparison.
* modules/pam_unix/support.c: Remove unused function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* .gitignore: Add common ignore patterns.
* m4/.gitignore: Unignore local m4 files.
* dynamic/.gitignore: Unignore Makefile.
* libpamc/test/modules/.gitignore: Likewise.
* libpamc/test/regress/.gitignore: Likewise.
* po/.gitignore: Add Makevars.template.
* conf/.gitignore: Remove common ignore patterns.
* conf/pam_conv1/.gitignore: Likewise.
* doc/.gitignore: Likewise.
* doc/specs/.gitignore: Likewise.
* doc/specs/formatter/.gitignore: Likewise.
* examples/.gitignore: Likewise.
* modules/pam_filter/upperLOWER/.gitignore: Likewise.
* modules/pam_mkhomedir/.gitignore: Likewise.
* modules/pam_selinux/.gitignore: Likewise.
* modules/pam_stress/.gitignore: Likewise.
* modules/pam_tally/.gitignore: Likewise.
* modules/pam_tally2/.gitignore: Likewise.
* modules/pam_timestamp/.gitignore: Likewise.
* modules/pam_unix/.gitignore: Likewise.
* tests/.gitignore: Likewise.
* xtests/.gitignore: Likewise.
* doc/adg/.gitignore: Remove.
* doc/man/.gitignore: Remove.
* doc/mwg/.gitignore: Remove.
* doc/sag/.gitignore: Remove.
* libpamc/.gitignore: Remove.
* libpamc/test/.gitignore: Remove.
* libpam/.gitignore: Remove.
* libpam_misc/.gitignore: Remove.
* modules/.gitignore: Remove.
* modules/pam_access/.gitignore: Remove.
* modules/pam_cracklib/.gitignore: Remove.
* modules/pam_debug/.gitignore: Remove.
* modules/pam_deny/.gitignore: Remove.
* modules/pam_echo/.gitignore: Remove.
* modules/pam_env/.gitignore: Remove.
* modules/pam_exec/.gitignore: Remove.
* modules/pam_faildelay/.gitignore: Remove.
* modules/pam_filter/.gitignore: Remove.
* modules/pam_ftp/.gitignore: Remove.
* modules/pam_group/.gitignore: Remove.
* modules/pam_issue/.gitignore: Remove.
* modules/pam_keyinit/.gitignore: Remove.
* modules/pam_lastlog/.gitignore: Remove.
* modules/pam_limits/.gitignore: Remove.
* modules/pam_listfile/.gitignore: Remove.
* modules/pam_localuser/.gitignore: Remove.
* modules/pam_loginuid/.gitignore: Remove.
* modules/pam_mail/.gitignore: Remove.
* modules/pam_motd/.gitignore: Remove.
* modules/pam_namespace/.gitignore: Remove.
* modules/pam_nologin/.gitignore: Remove.
* modules/pam_permit/.gitignore: Remove.
* modules/pam_pwhistory/.gitignore: Remove.
* modules/pam_rhosts/.gitignore: Remove.
* modules/pam_rootok/.gitignore: Remove.
* modules/pam_securetty/.gitignore: Remove.
* modules/pam_sepermit/.gitignore: Remove.
* modules/pam_shells/.gitignore: Remove.
* modules/pam_succeed_if/.gitignore: Remove.
* modules/pam_time/.gitignore: Remove.
* modules/pam_tty_audit/.gitignore: Remove.
* modules/pam_umask/.gitignore: Remove.
* modules/pam_userdb/.gitignore: Remove.
* modules/pam_warn/.gitignore: Remove.
* modules/pam_wheel/.gitignore: Remove.
* modules/pam_xauth/.gitignore: Remove.
|
| | |
|
| |
|
|
|
|
| |
Cleanup trailing whitespaces, indentation that uses spaces before tabs,
and blank lines at EOF. Make the project free of warnings reported by
git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2009-12-08 Thorsten Kukuk <kukuk@thkukuk.de>
* configure.in: Rename DEBUG to PAM_DEBUG.
* libpam/pam_env.c: Likewise
* libpam/pam_handlers.c: Likewise
* libpam/pam_miscc.c: Likewise
* libpam/pam_password.c: Likewise
* libpam/include/security/_pam_macros.h: Likewise
* libpamc/test/modules/pam_secret.c: Likewise
* modules/pam_group/pam_group.c: Likewise
* modules/pam_listfile/pam_listfile.c: Likewise
* modules/pam_unix/pam_unix_auth.c: Likewise
* modules/pam_unix/pam_unix_passwd.c: Likewise
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: beta release
Commit summary:
---------------
2009-05-05 Thorsten Kukuk <kukuk@thkukuk.de>
* release 1.0.92
* libpamc/Makefile.am (libpamc_la_LDFLAGS): Increase revesion.
* configure.in: Increase version to 1.0.92.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2009-04-03 Dmitry V. Levin <ldv@altlinux.org>
* libpamc/pamc_load.c (__pamc_exec_agent): Replace call to exit(3)
in child process with call to _exit(2).
* modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Likewise.
* modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary):
Likewise.
* modules/pam_unix/pam_unix_passwd.c (_unix_run_update_binary):
Likewise.
* modules/pam_unix/support.c (_unix_run_helper_binary): Likewise.
* modules/pam_xauth/pam_xauth.c (run_coprocess): Likewise.
* modules/pam_exec/pam_exec.c (call_exec): Replace all calls to
exit(3) in child process with calls to _exit(2).
* modules/pam_filter/pam_filter.c (set_filter): Likewise.
* modules/pam_namespace/pam_namespace.c (inst_init,
cleanup_tmpdirs): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2009-03-27 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_unix/support.c (_unix_run_helper_binary): Don't
ignore return value of write().
* libpamc/include/security/pam_client.h (PAM_BP_ASSERT): Honour
NDEBUG.
* modules/pam_timestamp/pam_timestamp.c: don't ignore return
values of lchown and fchown.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: release
Commit summary:
---------------
2008-12-12 Thorsten Kukuk <kukuk@thkukuk.de>
* release version 1.0.90
* libpam_misc/Makefile.am: Increase version number of shared library.
* libpamc/Makefile.am: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2008-07-28 Steve Langasek <vorlon@debian.org>
* libpamc/test/regress/test.libpamc.c: use standard u_int8_t
type instead of __u8, as elsewhere.
Patch from Roger Leigh <rleigh@debian.org>.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2005-11-24 Dmitry V. Levin <ldv@altlinux.org>
* configure.in: Do not check for strerror.
* libpam_misc/misc_conv.c (read_string): Replace strerror()
call with %m specifier.
* libpamc/pamc_converse.c (pamc_converse): Likewise.
* modules/pam_echo/pam_echo.c (pam_echo): Likewise.
* modules/pam_localuser/pam_localuser.c (pam_sm_authenticate):
Likewise.
* modules/pam_selinux/pam_selinux.c (security_label_tty):
Likewise.
(security_restorelabel_tty, security_label_tty): Append %m
specifier where appropriate.
* modules/pam_selinux/pam_selinux_check.c (main): Replace
strerror() call with %m specifier.
* modules/pam_unix/pam_unix_passwd.c (save_old_password,
_update_passwd, _update_shadow): Likewise.
* modules/pam_unix/support.c (_unix_run_helper_binary): Likewise.
* modules/pam_unix/unix_chkpwd.c (_update_shadow): Likewise.
* po/Linux-PAM.pot: Update strings from pam_selinux.
* po/cs.po: Likewise.
* po/de.po: Likewise.
* po/es.po: Likewise.
* po/fi.po: Likewise.
* po/fr.po: Likewise.
* po/hu.po: Likewise.
* po/it.po: Likewise.
* po/ja.po: Likewise.
* po/nb.po: Likewise.
* po/pa.po: Likewise.
* po/pl.po: Likewise.
* po/pt.po: Likewise.
* po/pt_BR.po: Likewise.
* po/zh_CN.po: Likewise.
* po/zh_TW.po: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2005-11-07 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_unix/pam_unix_passwd.c (_unix_verify_shadow): Use
correct variable names.
And adjust .cvsignore files for libtool generated files.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
More .cvsignore fixes
|
| |
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Allow out of tree builds
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Add missing License file to EXTRA_DIST
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Change major version number back to "0".
Add more patches from ALT-Linux/OWL:
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2. round of automake/autoconf/libtool changes
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Big "automake/autoconf/libtool" commit
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Redefining __u8 and __u32 is a bad idea (breaks PPC64), use u_int8_t
and u_int32_t instead.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix make clean (remove symlinks)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix:
* Merge patches from Red Hat (Bug 477000 and other - kukuk)
* Fix pam_rhosts option parsing (Bug 922648 - kukuk)
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: Fix lot of compiler warnings
new feature: add broken_shadow option to pam_unix (patch from Linux
distributions)
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: First round of Linux distributor patch merges
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: merge with BerliOS
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Using the fakeroot option as normal user does not work, since
we call ldconfig, which aborts with an error message if not
called as root due missing permissions.
Fixed by calling ldconfig with -n library path option if FAKEROOT
is set.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new support
Commit summary:
---------------
Include some BSD changes (to the conversation function) and fix a few
gcc warnings.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
A little closer to supporting AIX. These changes are not all of the
suggested changes in the bug report that I will close as a result
of this checkin, but they are all the changes that I feel happy making
right now. I've avoided some of the more gratutitous changes, hoping
that the submitter will reevaluate what they need in the light of what
I have committed here.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Allow C++ compilation when using pam_misc.h and pam_client.h.
|
