| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2006-01-21 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_listfile/pam_listfile.c: Add support for session
and password management.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix infrastructure and compile errors for PAM_STATIC (static modules):
2006-01-22 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_succeed_if/pam_succeed_if.c (pam_sm_acct_mgmt):
Add support for static modules.
* modules/pam_xauth/pam_xauth.c: Likewise.
* libpam/pam_handlers.c (_pam_add_handler): Add pamh to
_pam_open_static_handler call.
* libpam/pam_static.c (_pam_open_static_handler): Add pamh
as argument.
* libpam/pam_private.h: Adjust prototype.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2006-01-15 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_echo/pam_echo.c: Define HOST_NAME_MAX if not
already defined.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2006-01-13 Thorsten Kukuk <kukuk@thkukuk.de>
* libpam_misc/misc_conv.c (misc_conv): Fix strict aliasing
error.
* modules/pam_umask/pam_umask.c (search_key): Don't ignore
EOF/error return value from fgets().
* configure.in: Check for getline and getdelim
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2006-01-12 Thorsten Kukuk <kukuk@thkukuk.de>
* configure.in: Add check for -fpie/-pie
* modules/pam_filter/upperLOWER/Makefile.am: Compile/link
upperLOWER with -fpie/-pie if supported.
* modules/pam_unix/Makefile.am: Compile/link unix_chkpwd
with -fpie/-pie if supported.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2006-01-08 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_cracklib/pam_cracklib.c: Use PAM_AUTHTOK_RECOVERY_ERR
instead of PAM_AUTHTOK_RECOVER_ERR.
* modules/pam_pwdb/support.-c: Likewise.
* modules/pam_unix/support.c: Likewise.
* modules/pam_userdb/pam_userdb.c (pam_sm_authenticate): Likewise.
* libpam/pam_strerror.c (pam_strerror): Likewise.
* libpam/include/security/_pam_compat.h: Define
PAM_AUTHTOK_RECOVER_ERR for backward compatibility.
* libpam/include/security/_pam_types.h: Rename
PAM_AUTHTOK_RECOVER_ERR to PAM_AUTHTOK_RECOVERY_ERR.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
* modules/pam_succeed_if/pam_succeed_if.c (evaluate_ingroup),
(evaluate_notingroup): Simplified.
(evaluate_innetgr), (evaluate_notinnetgr): New functions.
(evaluate): Added calls to evaluate_(not)innetgr().
* modules/pam_succeed_if/README: Documented netgroup matching.
* NEWS: Mentioned the added netgroup matching support.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2005-12-20 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_lastlog/pam_lastlog.c (last_login_read): Use
strftime instead of ctime.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2005-12-19 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_time/pam_time.c (check_account): Implement
support for netgroups.
* modules/pam_time/time.conf: Document usage of netgroups.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2005-12-16 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_group/pam_group.c (check_account): Implement
support for netgroups.
* modules/pam_group/group.conf: Add all documentation to this
example config file and don't reference to outdated configs.
* modules/pam_group/README: New.
* modules/pam_group/Makefile.am: Add README to EXTRADIST.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2005-12-15 Thorsten Kukuk <kukuk@suse.de>
* modules/pam_lastlog/pam_lastlog.c (last_login_read): Don't report an
error if user logins the first time.
* modules/pam_lastlog/README: New.
* modules/pam_lastlog/Makefile.am: Add README to EXTRADIST.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix wrong comment.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2005-12-12 Dmitry V. Levin <ldv@altlinux.org>
Cleanup pam_syslog messages.
* modules/pam_env/pam_env.c (_expand_arg): Fix compiler warning.
* modules/pam_filter/pam_filter.c (set_filter): Append %m
specifier to pam_syslog messages where appropriate.
* modules/pam_group/pam_group.c (read_field): Likewise.
* modules/pam_mkhomedir/pam_mkhomedir.c (make_remark): Remove.
(create_homedir): Do not use make_remark() wrapper, call
pam_info() directly. Call pam_syslog() right after failed
operation and append %m specifier to pam_syslog messages where
appropriate.
* modules/pam_rhosts/pam_rhosts_auth.c (pam_iruserok): Replace
sequence of malloc(), strcpy() and strcat() calls with asprintf().
Append %m specifier to pam_syslog messages where appropriate.
* modules/pam_securetty/pam_securetty.c (securetty_perform_check):
Append %m specifier to pam_syslog messages where appropriate.
* modules/pam_shells/pam_shells.c (perform_check): Likewise.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fixed typo in string. Updated czech translation.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2005-12-12 Thorsten Kukuk <kukuk@suse.de>
* modules/pam_mail/README: Document "quiet" and "standard"
options.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2005-12-07 Thorsten Kukuk <kukuk@suse.de>
* modules/pam_mail/pam_mail.c: Modify assembling of output
for easier translation.
* po/de.po: Translate new pam_mail messages.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2005-11-24 Dmitry V. Levin <ldv@altlinux.org>
* configure.in: Do not check for strerror.
* libpam_misc/misc_conv.c (read_string): Replace strerror()
call with %m specifier.
* libpamc/pamc_converse.c (pamc_converse): Likewise.
* modules/pam_echo/pam_echo.c (pam_echo): Likewise.
* modules/pam_localuser/pam_localuser.c (pam_sm_authenticate):
Likewise.
* modules/pam_selinux/pam_selinux.c (security_label_tty):
Likewise.
(security_restorelabel_tty, security_label_tty): Append %m
specifier where appropriate.
* modules/pam_selinux/pam_selinux_check.c (main): Replace
strerror() call with %m specifier.
* modules/pam_unix/pam_unix_passwd.c (save_old_password,
_update_passwd, _update_shadow): Likewise.
* modules/pam_unix/support.c (_unix_run_helper_binary): Likewise.
* modules/pam_unix/unix_chkpwd.c (_update_shadow): Likewise.
* po/Linux-PAM.pot: Update strings from pam_selinux.
* po/cs.po: Likewise.
* po/de.po: Likewise.
* po/es.po: Likewise.
* po/fi.po: Likewise.
* po/fr.po: Likewise.
* po/hu.po: Likewise.
* po/it.po: Likewise.
* po/ja.po: Likewise.
* po/nb.po: Likewise.
* po/pa.po: Likewise.
* po/pl.po: Likewise.
* po/pt.po: Likewise.
* po/pt_BR.po: Likewise.
* po/zh_CN.po: Likewise.
* po/zh_TW.po: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2005-11-23 Thorsten Kukuk <kukuk@suse.de>
* modules/pam_xauth/pam_xauth.c (pam_sm_open_session): Introduce
new variable to fix compiler warning.
* libpam/pam_modutil_getlogin.c (pam_modutil_getlogin): PAM_TTY
don't need to start with /dev/.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
* modules/pam_access/pam_access.c (pam_sm_acct_mgmt): Parse correctly
full path tty name.
* modules/pam_time/pam_time.c (pam_sm_acct_mgmt): Parse correctly
full path tty name. Allow unset tty.
(logic_member): Allow matching ':' in tty name.
* modules/pam_group/pam_group.c (pam_sm_acct_mgmt): Parse correctly
full path tty name. Allow unset tty.
(logic_member): Allow matching ':' in tty name.
* libpam_misc/misc_conv.c (read_string): Read only up to EOL if stdin
is not terminal.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2005-11-07 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_unix/pam_unix_passwd.c (_unix_verify_shadow): Use
correct variable names.
And adjust .cvsignore files for libtool generated files.
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
don't treat a missing /etc/environment as a fatal error when attempting
to read it, and try to read this file by default; this restores the
behavior from Linux-PAM 0.76.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
* modules/pam_unix/pam_unix_passwd.c (_unix_verify_shadow): Change the
logic when comparing dates to handle corner cases better [#1245888].
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix a typo - strlen of a wrong variable.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2005-10-31 Thorsten Kukuk <kukuk@suse.de>
* modules/pam_filter/pam_filter.c: Use XCASE only if defined
[#624214]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2005-10-26 Tomas Mraz <t8m@centrum.cz>
* modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary),
modules/pam_unix/pam_unix_passwd.c (_unix_run_shadow_binary),
modules/pam_unix/support.c (_unix_run_shadow_binary_): Set real
uid to 0 before executing the helper if SELinux is enabled.
* modules/pam_unix/unix_chkpwd.c (main): Disable user check only
if real uid is 0 (CVE-2005-2977). Log failed password check attempt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2005-10-20 Tomas Mraz <t8m@centrum.cz>
* configure.in: Added check for xauth binary and --with-xauth option.
* config.h.in: Added configurable PAM_PATH_XAUTH.
* modules/pam_xauth/README,
modules/pam_xauth/pam_xauth.8: Document where xauth is looked for.
* modules/pam_xauth/pam_xauth.c (pam_sm_open_session): Implement
searching xauth binary on multiple places.
(run_coprocess): Don't use execvp as it can be a security risk.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Steve Langasek <vorlon@debian.org>
Cleanup gratuitous use of strdup().
Fix "missing argument" checks.
* modules/pam_env/pam_env.c (_pam_parse): Add const qualifier
to conffile and envfile arguments. Do not use x_strdup() for
conffile and envfile initialization. Fix "missing argument"
checks.
(_parse_config_file): Take conffile argument of type "const char *"
instead of "char **". Do not free conffile.
(_parse_env_file): Take env_file argument of type "const char *"
instead of "char **". Do not free env_file.
(pam_sm_setcred): Add const qualifier to conf_file and env_file.
Pass conf_file and env_file to _parse_config_file() and
_parse_env_file() by value.
(pam_sm_open_session): Likewise.
* modules/pam_ftp/pam_ftp.c (_pam_parse): Add const qualifier to
users argument. Do not use x_strdup() for users initialization.
(lookup): Add const qualifier to list argument.
(pam_sm_authenticate): Add const qualifier to users argument.
* modules/pam_mail/pam_mail.c (_pam_parse): Add const qualifier
to maildir argument. Do not use x_strdup() for maildir
initialization. Fix "missing argument" check.
(get_folder): Take path_mail argument of type "const char *"
instead of "char **". Do not free path_mail.
(_do_mail): Add const qualifier to path_mail argument.
Pass path_mail to get_folder() by value.
* modules/pam_motd/pam_motd.c: Include <syslog.h>.
(pam_sm_open_session): Add const qualifier to motd_path.
Do not use x_strdup() for motd_path initialization. Do not
free motd_path. Fix "missing argument" check. Add "unknown
option" warning.
* modules/pam_userdb/pam_userdb.c (_pam_parse): Add const
qualifier to database and cryptmode arguments. Fix "missing
argument" checks.
(pam_sm_authenticate): Add const qualifier to database and cryptmode.
(pam_sm_acct_mgmt): Likewise.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
spelling fix in log message (s/acces/access/)
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix memory leak due to gratuitous use of strdup().
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Add more missing .cvsignore files to CVS
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
commit forgotten .cvsignore files
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Remove missed file
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2005-09-26 Tomas Mraz <t8m@centrum.cz>
* NEWS: Add a few missing entries from CHANGELOG.
* AUTHORS: Fixed entries for Toady and me
* Makefile.am (M4_FILES): Fixed out of tree build.
* doc/specs/Makefile.am (EXTRA_DIST): Removed lex.yy.c
(spec, lex.yy.c): Fixed out of tree build.
* modules/pam_userdb/README: Document try_first_pass and
use_first_pass options, remove use_authtok option.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Mark missing strings for translation
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2005-09-26 Tomas Mraz <t8m@centrum.cz>
* modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary):
_log_err() -> pam_syslog()
(pam_sm_acct_mgmt): _log_err() -> pam_syslog(), fix warning.
* modules/pam_unix/pam_unix_auth.c (pam_sm_authenticate):
_log_err() -> pam_syslog()
* modules/pam_unix/pam_unix_passwd.c: removed obsolete ifdef
(getNISserver, _unix_run_shadow_binary, _update_passwd,
_update_shadow, _do_setpass, _pam_unix_approve_pass,
pam_sm_chauthtok): _log_err() -> pam_syslog()
* modules/pam_unix/pam_unix_sess.c: removed obsolete ifdef
(pam_sm_open_session, pam_sm_close_session):
_log_err() -> pam_syslog()
* modules/pam_unix/support.c (_log_err, converse): removed
(_make_remark): use pam_prompt() instead of converse()
(_set_ctrl, _cleanup_failures, _unix_run_helper_binary,
_unix_verify_password, _unix_read_password):
_log_err() -> pam_syslog()
_cleanup(), _unix_cleanup(): Silence unused param warnings.
(_cleanup_failures, _unix_verify_password, _unix_getpwnam,
_unix_run_helper_binary): Silence incorrect type warnings.
(_unix_read_password): Use multiple pam_prompt() and pam_info() calls
instead of converse().
* modules/pam_unix/support.h (_log_err): removed
* modules/pam_unix/unix_chkpwd.c (_log_err): LOG_AUTH -> LOG_AUTHPRIV
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Support for NULL tty for pam_access.
2005-09-23 Tomas Mraz <t8m@centrum.cz>
* modules/pam_access/pam_access.c (from_match): Support NULL from.
(string_match): Support NULL string, add NONE keyword matching it.
(pam_sm_acct_mgmt): Don't fail when ttyname returns NULL.
* modules/pam_access/access.conf: NONE keyword description
* modules/pam_access/README: NONE keyword description
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2005-09-22 Dmitry V. Levin <ldv@altlinux.org>
* modules/pam_xauth/pam_xauth.c: (check_acl, pam_sm_open_session,
pam_sm_close_session): Strip redundant "pam_xauth: " prefix from
text of log messages.
(pam_sm_open_session): Replace sequence of malloc(), strcpy()
and strcat() calls with asprintf(). Replace syslog() calls
with pam_syslog().
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2005-09-22 Dmitry V. Levin <ldv@altlinux.org>
* modules/pam_nologin/pam_nologin.c (parse_args): Use strncmp()
instead of memcmp() for string comparison.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix, cleanup
Commit summary:
---------------
2005-09-21 Dmitry V. Levin <ldv@altlinux.org>
* modules/pam_mail/pam_mail.c: Include <errno.h>.
Remove YOUR_MAIL_VERBOSE_FORMAT, YOUR_MAIL_STANDARD_FORMAT and
NO_MAIL_STANDARD_FORMAT macros.
(parse_args, get_folder): Cleanup error messages.
(get_folder): Fix leak of the path_mail variable in case of
pam_get_user() failure. Cleanup memory management.
(get_mail_status): Add pam_handle_t* argument. Fix leaks of
namelist variable. Cleanup memory management. Log memory
allocation failures. Remove 250-byte limit on Maildir pathname.
(report_mail): Mark text messages for translation.
(_do_mail): Cleanup memory management. Pass pam_handle_t*
to get_mail_status().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2005-09-21 Dmitry V. Levin <ldv@altlinux.org>
* modules/pam_nologin/pam_nologin.c: Include <syslog.h>.
(parse_args): Add pam_handle_t* argument. Log unrecognized
options.
(perform_check): Log pam_get_user() and malloc() failures.
(pam_sm_authenticate, pam_sm_setcred, pam_sm_acct_mgmt):
Pass pam_handle_t* to parse_args().
|
| |
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Allow out of tree builds
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
oops, forgot to remove backslash
|
| |
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Remove pammodutil from include directories
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix, new feature
Commit summary:
---------------
pam_lastlog: Cleanup, fix broken logic in pam_parse,
modify wtmp by default, nowtmp option switches that off (patch by ldv)
|
| |
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Moved functions from pammodutil to libpam.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Remove no longer used file
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
pam_unix: Always honor nis flag on password change (by Aaron Hope)
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
cleanup from ldv (forgot to commit...)
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
pam_limits: Fix regression from RLIMIT_NICE support (wrong limit
values for other limits are applied) patch by Anton Guda
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Add pam_echo module
|
