aboutsummaryrefslogtreecommitdiff
path: root/modules/pam_userdb/pam_userdb.c
Commit message (Collapse)AuthorAgeFilesLines
* build: check gdbm_close return typeDmitry V. Levin2024-10-151-0/+5
| | | | | | | | gdbm_close() used to return void, later it was changed to return int. We cannot assume either way and have to check whether gdbm_close() returns int. Fixes: 45c2c496dcf8 ("pam_userdb: enable GDBM support")
* pam_userdb: don't overwrite free'd memoryKeith Turner - C724732024-09-101-7/+3
| | | | | | | | As crypt_r is expected to return a pointer into a provided crypt_data struct, callers should not modify the string returned by crypt_r after freeing the corresponding crypt_data struct. Co-authored-by: Dmitry V. Levin <ldv@strace.io>
* Include pam_i18n.h where i18n definitions are requiredDmitry V. Levin2024-08-211-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Do not include <libintl.h> and other i18n stuff via config.h which is included into every compilation unit, include "pam_i18n.h" explicitly where necessary. * configure.ac (AH_BOTTOM): Remove. * libpam/pam_get_authtok.c: Include "pam_i18n.h". * libpam/pam_item.c: Likewise. * libpam/pam_strerror.c: Likewise. * libpam_misc/misc_conv.c: Likewise. * modules/pam_exec/pam_exec.c: Likewise. * modules/pam_faillock/main.c: Likewise. * modules/pam_faillock/pam_faillock.c: Likewise. * modules/pam_lastlog/pam_lastlog.c: Likewise. * modules/pam_limits/pam_limits.c: Likewise. * modules/pam_mail/pam_mail.c: Likewise. * modules/pam_mkhomedir/pam_mkhomedir.c: Likewise. * modules/pam_pwhistory/pam_pwhistory.c: Likewise. * modules/pam_selinux/pam_selinux.c: Likewise. * modules/pam_selinux/pam_selinux_check.c: Likewise. * modules/pam_timestamp/pam_timestamp.c: Likewise. * modules/pam_unix/pam_unix_acct.c: Likewise. * modules/pam_unix/pam_unix_passwd.c: Likewise. * modules/pam_userdb/pam_userdb.c: Likewise.
* pam_userdb: cleanse crypt dataChristian Göttsche2024-01-211-0/+1
| | | | Clease the crypt data to avoid any potential information leakage.
* modules: zero out crypt_r(3) data before usageChristian Göttsche2024-01-211-2/+1
| | | | The manual page of crypt_r(3) recommends to zero the entire data object.
* pam_userdb: enable GDBM supportIker Pedrosa2023-07-171-12/+78
| | | | | | | | * configure.ac: add `gdbm` option to `enable-db` * modules/pam_userdb/pam_userdb.c: conditionally provide database access depending on the database technology Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
* modules: make use of secure memory erasureChristian Göttsche2023-02-281-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | Use empty initialization of structs to minimize the memset() usage, to reduce the amount of calls which are not sensitive. Non trivial changes: - pam_env: * erase environment variables where possible - pam_exec: * erase responce on error * erase auth token - pam_pwhistory: * erase buffers containing old passwords - pam_selinux: skip overwriting data structure consisting of only pointers to insensitive data, which also gets free'd afterwards (so it currently does not protect against double-free or use-after-free on the member pointers) - pam_unix: erase cipher data in more places - pam_userdb: erase password hashes
* Remove support for legacy xcryptBjörn Esser2021-06-141-3/+1
| | | | | | | | | | | | | | | | Since many distributions are shipping a version of libxcrypt >= 4.0.0 as a replacement for glibc's libcrypt now, older versions of xcrypt, which could be installed in parallel, are not relevant anymore. * configure.ac (AC_CHECK_HEADERS): Remove xcrypt.h. (AC_SEARCH_LIBS): Remove xcrypt. (AC_CHECK_FUNCS): Remove crypt_gensalt_r. (AC_DEFINE): Remove HAVE_LIBXCRYPT. * modules/pam_pwhistory/opasswd.c [HAVE_LIBXCRYPT]: Remove. * modules/pam_unix/bigcrypt.c [HAVE_LIBXCRYPT]: Likewise. * modules/pam_userdb/pam_userdb.c [HAVE_LIBXCRYPT]: Likewise. * modules/pam_unix/passverify.c [HAVE_LIBXCRYPT]: Likewise. (create_password_hash) [HAVE_LIBXCRYPT]: Likewise.
* pam_userdb: Prevent garbage characters from dbStanislav Zidek2021-04-211-22/+34
| | | | Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1791965
* Fix grammar: replace "an user" with "a user" everywhereDmitry V. Levin2020-11-241-1/+1
| | | | | | | | | | * NEWS: Replace "an user" with "a user". * modules/pam_faillock/pam_faillock.8.xml: Likewise. * modules/pam_lastlog/pam_lastlog.8.xml: Likewise. * modules/pam_limits/pam_limits.c: Likewise. * modules/pam_sepermit/sepermit.conf: Likewise. * modules/pam_tty_audit/pam_tty_audit.8.xml: Likewise. * modules/pam_userdb/pam_userdb.c: Likewise.
* modules: downgrade syslog level for pam_get_user errorsDmitry V. Levin2020-05-221-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * modules/pam_access/pam_access.c (pam_sm_authenticate): Downgrade the syslog level for pam_get_user errors from LOG_ERR to LOG_NOTICE. * modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Likewise. * modules/pam_ftp/pam_ftp.c (pam_sm_authenticate): Likewise. * modules/pam_group/pam_group.c (pam_sm_setcred): Likewise. * modules/pam_lastlog/pam_lastlog.c (pam_sm_authenticate): Likewise. * modules/pam_loginuid/pam_loginuid.c (_pam_loginuid): Likewise. * modules/pam_mail/pam_mail.c (_do_mail): Likewise. * modules/pam_nologin/pam_nologin.c (perform_check): Likewise. * modules/pam_rhosts/pam_rhosts.c (pam_sm_authenticate): Likewise. * modules/pam_sepermit/pam_sepermit.c (pam_sm_authenticate): Likewise. * modules/pam_succeed_if/pam_succeed_if.c (pam_sm_authenticate): Likewise. * modules/pam_tally/pam_tally.c (pam_get_uid): Likewise. * modules/pam_tally2/pam_tally2.c (pam_get_uid): Likewise. * modules/pam_time/pam_time.c (pam_sm_acct_mgmt): Likewise. * modules/pam_tty_audit/pam_tty_audit.c (pam_sm_open_session): Likewise. * modules/pam_umask/pam_umask.c (pam_sm_open_session): Likewise. * modules/pam_userdb/pam_userdb.c (pam_sm_authenticate, pam_sm_acct_mgmt): Likewise. * modules/pam_usertype/pam_usertype.c (pam_usertype_get_uid): Likewise. * modules/pam_xauth/pam_xauth.c (pam_sm_open_session, pam_sm_close_session): Likewise. * modules/pam_securetty/pam_securetty.c (securetty_perform_check): Downgrade the syslog level for pam_get_user errors from LOG_WARNING to LOG_NOTICE. * modules/pam_stress/pam_stress.c (pam_sm_authenticate): Likewise. Suggested-by: Tomáš Mráz <tmraz@fedoraproject.org>
* modules: do not check user name for NULL if pam_get_user returned PAM_SUCCESSDmitry V. Levin2020-05-151-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If pam_get_user returned PAM_SUCCESS, the user name is guaranteed to be a valid C string, no need to double check that. * modules/pam_access/pam_access.c (pam_sm_authenticate): Do not check for NULL the user name returned by pam_get_user when the latter returned PAM_SUCCESS. * modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Likewise. * modules/pam_debug/pam_debug.c (pam_sm_authenticate): Likewise. * modules/pam_filter/pam_filter.c (process_args): Likewise. * modules/pam_ftp/pam_ftp.c (pam_sm_authenticate): Likewise. * modules/pam_group/pam_group.c (pam_sm_setcred): Likewise. * modules/pam_lastlog/pam_lastlog.c (pam_sm_authenticate): Likewise. * modules/pam_listfile/pam_listfile.c (pam_sm_authenticate): Likewise. * modules/pam_localuser/pam_localuser.c (pam_sm_authenticate): Likewise. * modules/pam_mail/pam_mail.c (_do_mail): Likewise. * modules/pam_nologin/pam_nologin.c (perform_check): Likewise. * modules/pam_permit/pam_permit.c (pam_sm_authenticate): Likewise. * modules/pam_pwhistory/pam_pwhistory.c (pam_sm_chauthtok): Likewise. * modules/pam_rhosts/pam_rhosts.c (pam_sm_authenticate): Likewise. * modules/pam_securetty/pam_securetty.c (pam_sm_authenticate): Likewise. * modules/pam_sepermit/pam_sepermit.c (pam_sm_authenticate): Likewise. * modules/pam_shells/pam_shells.c (perform_check): Likewise. * modules/pam_stress/pam_stress.c (pam_sm_authenticate): Likewise. * modules/pam_succeed_if/pam_succeed_if.c (pam_sm_authenticate): Likewise. * modules/pam_time/pam_time.c (pam_sm_acct_mgmt): Likewise. * modules/pam_timestamp/pam_timestamp.c (get_timestamp_name): Likewise. * modules/pam_umask/pam_umask.c (pam_sm_open_session): Likewise. * modules/pam_unix/pam_unix_auth.c (pam_sm_authenticate): Likewise. * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Likewise. * modules/pam_usertype/pam_usertype.c (pam_usertype_get_uid): Likewise. * modules/pam_wheel/pam_wheel.c (perform_check): Likewise. * modules/pam_userdb/pam_userdb.c (pam_sm_authenticate, pam_sm_acct_mgmt): Likewise.
* modules: remove PAM_SM_* macrosDmitry V. Levin2020-05-031-12/+2
| | | | | | Starting with commit a684595c0bbd88df71285f43fb27630e3829121e aka Linux-PAM-1.3.0~14 (Remove "--enable-static-modules" option and support from Linux-PAM), PAM_SM_* macros have no effect.
* modules/pam_userdb: use pam_str_skip_icase_prefixDmitry V. Levin2020-03-191-6/+9
| | | | | | * modules/pam_userdb/pam_userdb.c: Include "pam_inline.h". (_pam_parse, user_lookup): Use pam_str_skip_icase_prefix instead of ugly strncasecmp invocations.
* Unification and cleanup of syslog log levels.Tomas Mraz2016-06-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * libpam/pam_handlers.c: Make memory allocation failures LOG_CRIT. * libpam/pam_modutil_priv.c: Make memory allocation failures LOG_CRIT. * modules/pam_echo/pam_echo.c: Make memory allocation failures LOG_CRIT. * modules/pam_env/pam_env.c: Make memory allocation failures LOG_CRIT. * modules/pam_exec/pam_exec.c: Make memory allocation failures LOG_CRIT. * modules/pam_filter/pam_filter.c: Make all non-memory call errors LOG_ERR. * modules/pam_group/pam_group.c: Make memory allocation failures LOG_CRIT. * modules/pam_issue/pam_issue.c: Make memory allocation failures LOG_CRIT. * modules/pam_lastlog/pam_lastlog.c: The lastlog file creation is syslogged with LOG_NOTICE, memory allocation errors with LOG_CRIT, other errors with LOG_ERR. * modules/pam_limits/pam_limits.c: User login limit messages are syslogged with LOG_NOTICE, stale utmp entry with LOG_INFO, non-memory errors with LOG_ERR. * modules/pam_listfile/pam_listfile.c: Rejection of user is syslogged with LOG_NOTICE. * modules/pam_namespace/pam_namespace.c: Make memory allocation failures LOG_CRIT. * modules/pam_nologin/pam_nologin.c: Make memory allocation failures LOG_CRIT, other errors LOG_ERR. * modules/pam_securetty/pam_securetty.c: Rejection of access is syslogged with LOG_NOTICE, non-memory errors with LOG_ERR. * modules/pam_selinux/pam_selinux.c: Make memory allocation failures LOG_CRIT. * modules/pam_succeed_if/pam_succeed_if.c: Make all non-memory call errors LOG_ERR. * modules/pam_time/pam_time.c: Make memory allocation failures LOG_CRIT. * modules/pam_timestamp/pam_timestamp.c: Make memory allocation failures LOG_CRIT. * modules/pam_unix/pam_unix_acct.c: Make all non-memory call errors LOG_ERR. * modules/pam_unix/pam_unix_passwd.c: Make memory allocation failures LOG_CRIT, other errors LOG_ERR. * modules/pam_unix/pam_unix_sess.c: Make all non-memory call errors LOG_ERR. * modules/pam_unix/passverify.c: Unknown user is syslogged with LOG_NOTICE. * modules/pam_unix/support.c: Unknown user is syslogged with LOG_NOTICE and max retries ignorance by application likewise. * modules/pam_unix/unix_chkpwd.c: Make all non-memory call errors LOG_ERR. * modules/pam_userdb/pam_userdb.c: Password authentication error is syslogged with LOG_NOTICE. * modules/pam_xauth/pam_xauth.c: Make memory allocation failures LOG_CRIT.
* Remove "--enable-static-modules" option and support fromThorsten Kukuk2016-03-291-20/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Linux-PAM. It was never official supported and was broken since years. * configure.ac: Remove --enable-static-modules option. * doc/man/pam_sm_acct_mgmt.3.xml: Remove PAM_EXTERN. * doc/man/pam_sm_authenticate.3.xml: Likewise. * doc/man/pam_sm_chauthtok.3.xml: Likewise. * doc/man/pam_sm_close_session.3.xml: Likewise. * doc/man/pam_sm_open_session.3.xml: Likewise. * doc/man/pam_sm_setcred.3.xml: Likewise. * libpam/Makefile.am: Remove STATIC_MODULES cases. * libpam/include/security/pam_modules.h: Remove PAM_STATIC parts. * libpam/pam_dynamic.c: Likewise. * libpam/pam_handlers.c: Likewise. * libpam/pam_private.h: Likewise. * libpam/pam_static.c: Remove file. * libpam/pam_static_modules.h: Remove header file. * modules/pam_access/pam_access.c: Remove PAM_EXTERN and PAM_STATIC parts. * modules/pam_cracklib/pam_cracklib.c: Likewise. * modules/pam_debug/pam_debug.c: Likewise. * modules/pam_deny/pam_deny.c: Likewise. * modules/pam_echo/pam_echo.c: Likewise. * modules/pam_env/pam_env.c: Likewise. * modules/pam_exec/pam_exec.c: Likewise. * modules/pam_faildelay/pam_faildelay.c: Likewise. * modules/pam_filter/pam_filter.c: Likewise. * modules/pam_ftp/pam_ftp.c: Likewise. * modules/pam_group/pam_group.c: Likewise. * modules/pam_issue/pam_issue.c: Likewise. * modules/pam_keyinit/pam_keyinit.c: Likewise. * modules/pam_lastlog/pam_lastlog.c: Likewise. * modules/pam_limits/pam_limits.c: Likewise. * modules/pam_listfile/pam_listfile.c: Likewise. * modules/pam_localuser/pam_localuser.c: Likewise. * modules/pam_loginuid/pam_loginuid.c: Likewise. * modules/pam_mail/pam_mail.c: Likewise. * modules/pam_mkhomedir/pam_mkhomedir.c: Likewise. * modules/pam_motd/pam_motd.c: Likewise. * modules/pam_namespace/pam_namespace.c: Likewise. * modules/pam_nologin/pam_nologin.c: Likewise. * modules/pam_permit/pam_permit.c: Likewise. * modules/pam_pwhistory/pam_pwhistory.c: Likewise. * modules/pam_rhosts/pam_rhosts.c: Likewise. * modules/pam_rootok/pam_rootok.c: Likewise. * modules/pam_securetty/pam_securetty.c: Likewise. * modules/pam_selinux/pam_selinux.c: Likewise. * modules/pam_sepermit/pam_sepermit.c: Likewise. * modules/pam_shells/pam_shells.c: Likewise. * modules/pam_stress/pam_stress.c: Likewise. * modules/pam_succeed_if/pam_succeed_if.c: Likewise. * modules/pam_tally/pam_tally.c: Likewise. * modules/pam_tally2/pam_tally2.c: Likewise. * modules/pam_time/pam_time.c: Likewise. * modules/pam_timestamp/pam_timestamp.c: Likewise. * modules/pam_tty_audit/pam_tty_audit.c: Likewise. * modules/pam_umask/pam_umask.c: Likewise. * modules/pam_userdb/pam_userdb.c: Likewise. * modules/pam_warn/pam_warn.c: Likewise. * modules/pam_wheel/pam_wheel.c: Likewise. * modules/pam_xauth/pam_xauth.c: Likewise. * modules/pam_unix/Makefile.am: Remove STATIC_MODULES part. * modules/pam_unix/pam_unix_acct.c: Remove PAM_STATIC part. * modules/pam_unix/pam_unix_auth.c: Likewise. * modules/pam_unix/pam_unix_passwd.c: Likewise. * modules/pam_unix/pam_unix_sess.c: Likewise. * modules/pam_unix/pam_unix_static.c: Removed. * modules/pam_unix/pam_unix_static.h: Removed. * po/POTFILES.in: Remove removed files. * tests/tst-dlopen.c: Remove PAM_STATIC part.
* Use crypt_r if available in pam_userdb and in pam_unix.Tomas Mraz2015-04-071-5/+15
| | | | | | | * modules/pam_unix/passverify.c (create_password_hash): Call crypt_r() instead of crypt() if available. * modules/pam_userdb/pam_userdb.c (user_lookup): Call crypt_r() instead of crypt() if available.
* Fix gratuitous use of strdup and x_strdupDmitry V. Levin2014-01-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | There is no need to copy strings passed as arguments to execve, the only potentially noticeable effect of using strdup/x_strdup would be a malformed argument list in case of memory allocation error. Also, x_strdup, being a thin wrapper around strdup, is of no benefit when its argument is known to be non-NULL, and should not be used in such cases. * modules/pam_cracklib/pam_cracklib.c (password_check): Use strdup instead of x_strdup, the latter is of no benefit in this case. * modules/pam_ftp/pam_ftp.c (lookup): Likewise. * modules/pam_userdb/pam_userdb.c (user_lookup): Likewise. * modules/pam_userdb/pam_userdb.h (x_strdup): Remove. * modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Do not use x_strdup for strings passed as arguments to execve. * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary): Likewise. * modules/pam_unix/pam_unix_passwd.c (_unix_run_update_binary): Likewise. * modules/pam_unix/support.c (_unix_run_helper_binary): Likewise. (_unix_verify_password): Use strdup instead of x_strdup, the latter is of no benefit in this case. * modules/pam_xauth/pam_xauth.c (run_coprocess): Do not use strdup for strings passed as arguments to execv.
* pam_userdb: fix password hash comparisonDmitry V. Levin2014-01-271-3/+6
| | | | | | | | | | | | | | | | | | | | Starting with commit Linux-PAM-0-77-28-g0b3e583 that introduced hashed passwords support in pam_userdb, hashes are compared case-insensitively. This bug leads to accepting hashes for completely different passwords in addition to those that should be accepted. Additionally, commit Linux-PAM-1_1_6-13-ge2a8187 that added support for modern password hashes with different lengths and settings, did not update the hash comparison accordingly, which leads to accepting computed hashes longer than stored hashes when the latter is a prefix of the former. * modules/pam_userdb/pam_userdb.c (user_lookup): Reject the computed hash whose length differs from the stored hash length. Compare computed and stored hashes case-sensitively. Fixes CVE-2013-7041. Bug-Debian: http://bugs.debian.org/731368
* pam_userdb: Allow also modern password hashes supported by crypt().Tomas Mraz2013-02-071-6/+2
| | | | | modules/pam_userdb/pam_userdb.c (user_lookup): Allow password hashes longer than 13 characters and long salt.
* Fix whitespace issuesDmitry V. Levin2011-10-261-5/+5
| | | | | | Cleanup trailing whitespaces, indentation that uses spaces before tabs, and blank lines at EOF. Make the project free of warnings reported by git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD
* Relevant BUGIDs:Thorsten Kukuk2010-05-271-0/+1
| | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-05-27 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_userdb/pam_userdb.c: Define HAVE_DBM for BerkDB 5.0 support. Patch by Diego Elio Pettenò.
* Relevant BUGIDs:Thorsten Kukuk2008-11-301-1/+3
| | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2008-11-29 Thorsten Kukuk <kukuk@thkukuk.de> * configure.in: Check for xcrypt.h, fix typo in libaudit check. * modules/pam_cracklib/pam_cracklib.c: Include xcrypt.h if available. * modules/pam_unix/bigcrypt.c: Likewise. * modules/pam_unix/passverify.c: Likewise. * modules/pam_userdb/pam_userdb.c: Likewise. Patch from Diego Flameeyes Pettenò <flameeyes@gmail.com>
* Relevant BUGIDs:Thorsten Kukuk2006-06-171-1/+1
| | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2006-06-17 Thorsten Kukuk <kukuk@thkukuk.de> * examples/vpass.c: UID is unsigned on Linux. * modules/pam_exec/pam_exec.c: Likewise. * modules/pam_unix/pam_unix_acct.c: Likewise. * modules/pam_unix/pam_unix_sess.c: Likewise. * modules/pam_succeed_if/pam_succeed_if.8.xml: Fix syntax error. * modules/pam_succeed_if/pam_succeed_if.8: Regenerated. * modules/pam_succeed_if/README: Regenerated.
* Relevant BUGIDs:Thorsten Kukuk2006-01-081-6/+5
| | | | | | | | | | | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- 2006-01-08 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_cracklib/pam_cracklib.c: Use PAM_AUTHTOK_RECOVERY_ERR instead of PAM_AUTHTOK_RECOVER_ERR. * modules/pam_pwdb/support.-c: Likewise. * modules/pam_unix/support.c: Likewise. * modules/pam_userdb/pam_userdb.c (pam_sm_authenticate): Likewise. * libpam/pam_strerror.c (pam_strerror): Likewise. * libpam/include/security/_pam_compat.h: Define PAM_AUTHTOK_RECOVER_ERR for backward compatibility. * libpam/include/security/_pam_types.h: Rename PAM_AUTHTOK_RECOVER_ERR to PAM_AUTHTOK_RECOVERY_ERR.
* 2005-10-02 Dmitry V. Levin <ldv@altlinux.org>Dmitry V. Levin2005-10-041-10/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Steve Langasek <vorlon@debian.org> Cleanup gratuitous use of strdup(). Fix "missing argument" checks. * modules/pam_env/pam_env.c (_pam_parse): Add const qualifier to conffile and envfile arguments. Do not use x_strdup() for conffile and envfile initialization. Fix "missing argument" checks. (_parse_config_file): Take conffile argument of type "const char *" instead of "char **". Do not free conffile. (_parse_env_file): Take env_file argument of type "const char *" instead of "char **". Do not free env_file. (pam_sm_setcred): Add const qualifier to conf_file and env_file. Pass conf_file and env_file to _parse_config_file() and _parse_env_file() by value. (pam_sm_open_session): Likewise. * modules/pam_ftp/pam_ftp.c (_pam_parse): Add const qualifier to users argument. Do not use x_strdup() for users initialization. (lookup): Add const qualifier to list argument. (pam_sm_authenticate): Add const qualifier to users argument. * modules/pam_mail/pam_mail.c (_pam_parse): Add const qualifier to maildir argument. Do not use x_strdup() for maildir initialization. Fix "missing argument" check. (get_folder): Take path_mail argument of type "const char *" instead of "char **". Do not free path_mail. (_do_mail): Add const qualifier to path_mail argument. Pass path_mail to get_folder() by value. * modules/pam_motd/pam_motd.c: Include <syslog.h>. (pam_sm_open_session): Add const qualifier to motd_path. Do not use x_strdup() for motd_path initialization. Do not free motd_path. Fix "missing argument" check. Add "unknown option" warning. * modules/pam_userdb/pam_userdb.c (_pam_parse): Add const qualifier to database and cryptmode arguments. Fix "missing argument" checks. (pam_sm_authenticate): Add const qualifier to database and cryptmode. (pam_sm_acct_mgmt): Likewise.
* Relevant BUGIDs:Steve Langasek2005-10-021-1/+1
| | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- spelling fix in log message (s/acces/access/)
* Relevant BUGIDs: noneSteve Langasek2005-09-301-7/+7
| | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- Fix memory leak due to gratuitous use of strdup().
* Relevant BUGIDs: noneThorsten Kukuk2005-09-201-3/+4
| | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- Fix missing NULL pointer check and us asprintf instead of malloc/snprintf (from Dmitry V. Levin).
* Relevant BUGIDs: noneThorsten Kukuk2005-09-181-30/+31
| | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- Code cleanup (pam_syslog, compiler warnings)
* Relevant BUGIDs:Tomas Mraz2005-09-151-68/+88
| | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Use the new pam_syslog and pam_prompt helper functions. Patches by ldv.
* Relevant BUGIDs: Red Hat bz #164418Tomas Mraz2005-07-281-4/+5
| | | | | | | | Purpose of commit: bugfix Commit summary: --------------- pam_userdb: Fix regression - crash when crypt param not specified
* Relevant BUGIDs: noneThorsten Kukuk2005-07-201-1/+1
| | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Rename _pam_aconf.h to config.h.
* Relevant BUGIDs: noneThorsten Kukuk2005-07-151-0/+3
| | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Fix inclusion of crypt.h
* Relevant BUGIDs: noneThorsten Kukuk2005-06-091-3/+3
| | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Fix all occurrence of dereferencing type-punned pointer will break strict-aliasing rules warnings
* Relevant BUGIDs:Thorsten Kukuk2004-09-281-62/+196
| | | | | | | | | | | | Purpose of commit: Commit summary: --------------- bugfix: * Merge patches from Red Hat (Bug 477000 and other - kukuk) * Fix pam_rhosts option parsing (Bug 922648 - kukuk)
* Relevant BUGIDs:Thorsten Kukuk2004-09-141-0/+49
| | | | | | | | | Purpose of commit: Commit summary: --------------- bugfix: merge with BerliOS
* Relevant BUGIDs: 484252Andrew G. Morgan2001-11-261-5/+8
| | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- pam_userdb was not paying close enough attention to password comparisons. Bug report and fix from Vladimir Pastukhov.
* Relevant BUGIDs: 124386Jan Rekorajski2000-12-041-2/+2
| | | | | | | | Purpose of commit: bugfix Commit summary: --------------- - fixed wrong definition of struct pam_module (was pam_wheel)
* Relevant BUGIDs: 124136Andrew G. Morgan2000-12-031-5/+5
| | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- Makefile dependencies pam_userdb did not compile on a Red Hat 5.2 system. It does now.
* Relevant BUGIDs: task 15788, bugs 108297, 117476, 117474Andrew G. Morgan2000-11-191-7/+9
| | | | | | | | | | | | | | Purpose of commit: autoconf support for Linux-PAM Commit summary: --------------- This is a merge of the autoconf support that was developed against a 0-72 branch. [Note, because CVS has some issues, this is actually only 95% of the actual commit. The other files were actually committed when the preparation branch Linux-PAM-0-73pre-autoconf was updated. Hopefully, this will complete the merge.]
* Initial revisionAndrew G. Morgan2000-06-201-0/+302
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-08 06:39:42 +0000