From d7987be1aade2b11454a8b3b3d8e9c1c3df93d5f Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Wed, 15 Sep 2004 09:14:28 +0000 Subject: Relevant BUGIDs: Purpose of commit: Commit summary: --------------- bugfix: First round of Linux distributor patch merges --- CHANGELOG | 12 +++++++++++- libpam_misc/Makefile | 2 ++ libpamc/Makefile | 2 ++ modules/pam_cracklib/pam_cracklib.c | 1 + modules/pam_group/pam_group.c | 2 +- modules/pam_issue/pam_issue.c | 6 +++--- 6 files changed, 20 insertions(+), 5 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 40f7a2c9..b4ea04b9 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -90,7 +90,17 @@ BerliOS Bugs are marked with (BerliOS #XXXX). module (Bug 1010142 - toady) * pam_userdb: applied patch from Paul Walmsley it now indicates whether encrypted or plaintext passwords are stored - in the database needed for pam_userdb. (Bug XXXXXX - toady) + in the database needed for pam_userdb (BerliOS - toady) +* pam_group: The module should also ignore PAM_REINITIALIZE_CRED to + avoid spurious errors (from Linux distributors - kukuk) +* pam_cracklib: Clear the entire options structure (from Linux + distributors - kukuk) +* pam_issue: We write a NUL to prompt_tmp[tot_size] later, so make sure + that the destination is part of the allocated block, make do_prompt + static (from Linux distributors - kukuk) +* ldconfig: Only run full ldconfig, if we don't install into a FAKEROOT + environment, else let ldconfig only create the symlinks correct + (from Linux distributors - kukuk) 0.77: Mon Sep 23 10:25:42 PDT 2002 diff --git a/libpam_misc/Makefile b/libpam_misc/Makefile index 16ba07e6..88364a24 100644 --- a/libpam_misc/Makefile +++ b/libpam_misc/Makefile @@ -101,7 +101,9 @@ remove: rm -f $(FAKEROOT)$(INCLUDED)/pam_misc.h rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL) rm -f $(FAKEROOT)$(libdir)/$(LIBNAMED) +ifndef FAKEROOT $(LDCONFIG) +endif rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDSTATIC) clean: diff --git a/libpamc/Makefile b/libpamc/Makefile index 49befe4b..0a302534 100644 --- a/libpamc/Makefile +++ b/libpamc/Makefile @@ -100,7 +100,9 @@ remove: rm -f $(FAKEROOT)$(INCLUDED)/pam_client.h rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL) rm -f $(FAKEROOT)$(libdir)/$(LIBNAMED) +ifndef FAKEROOT $(LDCONFIG) +endif rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDSTATIC) clean: diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c index ff2c61f9..84eae9fb 100644 --- a/modules/pam_cracklib/pam_cracklib.c +++ b/modules/pam_cracklib/pam_cracklib.c @@ -559,6 +559,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, D(("called.")); + memset(&options, 0, sizeof(options)); options.retry_times = CO_RETRY_TIMES; options.diff_ok = CO_DIFF_OK; options.diff_ignore = CO_DIFF_IGNORE; diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c index 4f6f34fb..77c909d0 100644 --- a/modules/pam_group/pam_group.c +++ b/modules/pam_group/pam_group.c @@ -771,7 +771,7 @@ PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags /* only interested in establishing credentials */ setting = flags; - if (!(setting & PAM_ESTABLISH_CRED)) { + if (!(setting & (PAM_ESTABLISH_CRED | PAM_REINITIALIZE_CRED))) { D(("ignoring call - not for establishing credentials")); return PAM_SUCCESS; /* don't fail because of this */ } diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c index 67f40c85..985bfebc 100644 --- a/modules/pam_issue/pam_issue.c +++ b/modules/pam_issue/pam_issue.c @@ -38,7 +38,7 @@ static int _user_prompt_set = 0; -char *do_prompt (FILE *); +static char *do_prompt (FILE *); /* --- authentication management functions (only) --- */ @@ -130,7 +130,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, { char *prompt_tmp_tmp = prompt_tmp; - prompt_tmp = realloc(prompt_tmp, tot_size); + prompt_tmp = realloc(prompt_tmp, tot_size + 1); if (prompt_tmp == NULL) { prompt_tmp = prompt_tmp_tmp; retval = PAM_IGNORE; @@ -164,7 +164,7 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, return PAM_IGNORE; } -char *do_prompt(FILE *fd) +static char *do_prompt(FILE *fd) { int c, size = 1024; char *issue = (char *)malloc(size); -- cgit v1.2.3