From 0fb1f5b701432b6d9f40754b69f2fe0dc6f75103 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Tue, 19 Jun 2018 00:00:00 +0000 Subject: Fix grammar of messages printed via pam_prompt Turn into proper sentences those messages that are printed without further modifications using pam_prompt in contexts where proper sentences are expected. * libpam/pam_get_authtok.c (pam_get_authtok_internal): Fix grammar of the message passed to pam_error. * modules/pam_limits/pam_limits.c (pam_sm_open_session): Likewise. * modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Fix grammar of error messages passed to pam_error. * modules/pam_mail/pam_mail.c (report_mail): Fix grammar of a message passed to pam_info. * modules/pam_timestamp/pam_timestamp.c (verbose_success): Likewise. * modules/pam_selinux/pam_selinux.c (config_context, send_text): Fix grammar of messages passed to pam_prompt. * modules/pam_tally/pam_tally.c (tally_check): Fix grammar of messages passed to pam_info. * modules/pam_tally2/pam_tally2.c (tally_check): Likewise. * modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): Fix grammar of messages passed to _make_remark. * modules/pam_unix/pam_unix_passwd.c (_pam_unix_approve_pass, pam_sm_chauthtok): Likewise. * po/Linux-PAM.pot: Regenerate. --- modules/pam_timestamp/pam_timestamp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'modules/pam_timestamp/pam_timestamp.c') diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index e29ce6e9..5da7575d 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -354,7 +354,8 @@ get_timestamp_name(pam_handle_t *pamh, int argc, const char **argv, static void verbose_success(pam_handle_t *pamh, long diff) { - pam_info(pamh, _("Access granted (last access was %ld seconds ago)."), diff); + pam_info(pamh, _("Access has been granted" + " (last access was %ld seconds ago)."), diff); } int -- cgit v1.2.3 From 8b7112d4f0ef82d02b1219374a25089848a3a8a3 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Wed, 18 Mar 2020 21:53:06 +0000 Subject: modules/pam_timestamp: fix clang compilation warning modules/pam_timestamp/pam_timestamp.c:807:17: warning: logical not is only applied to the left hand side of this comparison [-Wlogical-not-parentheses] } else if (!timestamp_good(st.st... ^ * modules/pam_timestamp/pam_timestamp.c (main): Change timestamp_good return code check to a more traditional form. --- modules/pam_timestamp/pam_timestamp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'modules/pam_timestamp/pam_timestamp.c') diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index 5da7575d..832aa629 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -799,8 +799,8 @@ main(int argc, char **argv) /* Check oldest login against timestamp */ if (check_login_time(user, st.st_mtime) != PAM_SUCCESS) { retval = 7; - } else if (!timestamp_good(st.st_mtime, time(NULL), - DEFAULT_TIMESTAMP_TIMEOUT) == PAM_SUCCESS) { + } else if (timestamp_good(st.st_mtime, time(NULL), + DEFAULT_TIMESTAMP_TIMEOUT) != PAM_SUCCESS) { retval = 7; } } else { -- cgit v1.2.3 From 69f3b27b3f1d6e8ff37923bca3d2d3559129e843 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Thu, 19 Mar 2020 18:40:16 +0000 Subject: modules/pam_timestamp: fix compilation warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix the following compilation warnings reported by gcc on ilp32 platforms: modules/pam_timestamp/hmacfile.c: In function ‘testvectors’: modules/pam_timestamp/hmacfile.c:121:44: warning: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 2 has type ‘size_t’ {aka ‘unsigned int’} [-Wformat=] 121 | printf("Incorrect result for vector %lu\n", i + 1); | ~~^ ~~~~~ | | | | | size_t {aka unsigned int} | long unsigned int | %u modules/pam_timestamp/hmacfile.c:128:30: warning: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 2 has type ‘size_t’ {aka ‘unsigned int’} [-Wformat=] 128 | printf("Error in vector %lu.\n", i + 1); | ~~^ ~~~~~ | | | | | size_t {aka unsigned int} | long unsigned int | %u In function ‘strncpy’, inlined from ‘pam_sm_open_session’ at modules/pam_timestamp/pam_timestamp.c:584:4: /usr/include/bits/string_fortified.h:106:10: warning: ‘__builtin___strncpy_chk’ output may be truncated copying between 1 and 4095 bytes from a string of length 4095 [-Wstringop-truncation] * modules/pam_timestamp/hmacfile.c (testvectors): Cast the argument of type size_t to unsigned long before passing it to printf. * modules/pam_timestamp/pam_timestamp.c (pam_sm_open_session): Use memcpy instead of strncpy as the source is not NUL-terminated, add an extra check to ensure that iterator stays inside bounds. --- modules/pam_timestamp/hmacfile.c | 6 ++++-- modules/pam_timestamp/pam_timestamp.c | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) (limited to 'modules/pam_timestamp/pam_timestamp.c') diff --git a/modules/pam_timestamp/hmacfile.c b/modules/pam_timestamp/hmacfile.c index 7c1f8bfb..69d39afa 100644 --- a/modules/pam_timestamp/hmacfile.c +++ b/modules/pam_timestamp/hmacfile.c @@ -118,14 +118,16 @@ testvectors(void) if (strncasecmp(hex, vectors[i].hmac + 2 * j, 2) != 0) { - printf("Incorrect result for vector %lu\n", i + 1); + printf("Incorrect result for vector %lu\n", + (unsigned long) i + 1); exit(1); } } free(hmac); } else { - printf("Error in vector %lu.\n", i + 1); + printf("Error in vector %lu.\n", + (unsigned long) i + 1); exit(1); } } diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index 832aa629..d6a04a50 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -578,10 +578,10 @@ pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED, int argc, const char * /* Create the directory for the timestamp file if it doesn't already * exist. */ - for (i = 1; path[i] != '\0'; i++) { + for (i = 1; i < (int) sizeof(path) && path[i] != '\0'; i++) { if (path[i] == '/') { /* Attempt to create the directory. */ - strncpy(subdir, path, i); + memcpy(subdir, path, i); subdir[i] = '\0'; if (mkdir(subdir, 0700) == 0) { /* Attempt to set the owner to the superuser. */ -- cgit v1.2.3 From 15c568dc2fa87736d3f92b2e89d41ada04f89886 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Mon, 16 Mar 2020 21:02:18 +0000 Subject: modules/pam_timestamp: use pam_str_skip_prefix * modules/pam_timestamp/pam_timestamp.c: Include "pam_inline.h". (check_tty, get_timestamp_name, pam_sm_authenticate): Use pam_str_skip_prefix instead of ugly strncmp invocations. --- modules/pam_timestamp/pam_timestamp.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'modules/pam_timestamp/pam_timestamp.c') diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index d6a04a50..9790fde0 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -65,6 +65,7 @@ #include #include #include +#include "pam_inline.h" /* The default timeout we use is 5 minutes, which matches the sudo default * for the timestamp_timeout parameter. */ @@ -151,7 +152,7 @@ check_tty(const char *tty) } /* Pull out the meaningful part of the tty's name. */ if (strchr(tty, '/') != NULL) { - if (strncmp(tty, "/dev/", 5) != 0) { + if (pam_str_skip_prefix(tty, "/dev/") == NULL) { /* Make sure the device node is actually in /dev/, * noted by Michal Zalewski. */ return NULL; @@ -282,8 +283,10 @@ get_timestamp_name(pam_handle_t *pamh, int argc, const char **argv, } } for (i = 0; i < argc; i++) { - if (strncmp(argv[i], "timestampdir=", 13) == 0) { - tdir = argv[i] + 13; + const char *str; + + if ((str = pam_str_skip_prefix(argv[i], "timestampdir=")) != NULL) { + tdir = str; if (debug) { pam_syslog(pamh, LOG_DEBUG, "storing timestamps in `%s'", @@ -377,8 +380,10 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) } } for (i = 0; i < argc; i++) { - if (strncmp(argv[i], "timestamp_timeout=", 18) == 0) { - tmp = strtol(argv[i] + 18, &p, 0); + const char *str; + + if ((str = pam_str_skip_prefix(argv[i], "timestamp_timeout=")) != NULL) { + tmp = strtol(str, &p, 0); if ((p != NULL) && (*p == '\0')) { interval = tmp; if (debug) { -- cgit v1.2.3 From 9b62f2ed3be1731581ad8f4b7e5cefd8fd030085 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Tue, 31 Mar 2020 11:18:13 +0200 Subject: pam_timestamp: Fix // in TIMESTAMPDIR _PATH_VARRUN already provides trailing slash for building paths Fixes: $ strings /usr/lib64/security/pam_timestamp.so | grep /run/ /var/run//pam_timestamp /var/run//pam_timestamp/_pam_timestamp_key --- modules/pam_timestamp/pam_timestamp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/pam_timestamp/pam_timestamp.c') diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index 9790fde0..420ce9eb 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -71,7 +71,7 @@ * for the timestamp_timeout parameter. */ #define DEFAULT_TIMESTAMP_TIMEOUT (5 * 60) #define MODULE "pam_timestamp" -#define TIMESTAMPDIR _PATH_VARRUN "/" MODULE +#define TIMESTAMPDIR _PATH_VARRUN MODULE #define TIMESTAMPKEY TIMESTAMPDIR "/_pam_timestamp_key" /* Various buffers we use need to be at least as large as either PATH_MAX or -- cgit v1.2.3 From 37b5259298be9137f5b40eef16027152ddb803ff Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Fri, 1 May 2020 19:20:12 +0000 Subject: modules: remove PAM_SM_* macros Starting with commit a684595c0bbd88df71285f43fb27630e3829121e aka Linux-PAM-1.3.0~14 (Remove "--enable-static-modules" option and support from Linux-PAM), PAM_SM_* macros have no effect. --- modules/pam_access/pam_access.c | 16 ++-------------- modules/pam_cracklib/pam_cracklib.c | 17 ++--------------- modules/pam_debug/pam_debug.c | 26 +++++--------------------- modules/pam_deny/pam_deny.c | 18 +----------------- modules/pam_echo/pam_echo.c | 5 ----- modules/pam_env/pam_env.c | 16 ++-------------- modules/pam_exec/pam_exec.c | 6 ------ modules/pam_faildelay/pam_faildelay.c | 7 ++----- modules/pam_faillock/pam_faillock.c | 4 ---- modules/pam_filter/pam_filter.c | 7 +------ modules/pam_ftp/pam_ftp.c | 14 +------------- modules/pam_group/pam_group.c | 13 ++----------- modules/pam_issue/pam_issue.c | 5 ++--- modules/pam_keyinit/pam_keyinit.c | 3 ++- modules/pam_lastlog/pam_lastlog.c | 15 ++------------- modules/pam_limits/pam_limits.c | 2 -- modules/pam_listfile/pam_listfile.c | 14 ++------------ modules/pam_localuser/pam_localuser.c | 4 ++-- modules/pam_loginuid/pam_loginuid.c | 4 +++- modules/pam_mail/pam_mail.c | 14 ++------------ modules/pam_mkhomedir/pam_mkhomedir.c | 9 --------- modules/pam_motd/pam_motd.c | 23 +++++------------------ modules/pam_nologin/pam_nologin.c | 15 +-------------- modules/pam_permit/pam_permit.c | 22 +++------------------- modules/pam_pwhistory/pam_pwhistory.c | 4 ++-- modules/pam_rhosts/pam_rhosts.c | 4 ++-- modules/pam_rootok/pam_rootok.c | 13 +------------ modules/pam_securetty/pam_securetty.c | 14 ++------------ modules/pam_selinux/pam_selinux.c | 4 ---- modules/pam_sepermit/pam_sepermit.c | 4 ---- modules/pam_setquota/pam_setquota.c | 3 --- modules/pam_shells/pam_shells.c | 22 ++++++---------------- modules/pam_stress/pam_stress.c | 12 ------------ modules/pam_succeed_if/pam_succeed_if.c | 6 ------ modules/pam_tally/pam_tally.c | 27 ++------------------------- modules/pam_tally2/pam_tally2.c | 19 ++----------------- modules/pam_time/pam_time.c | 25 ++++++++----------------- modules/pam_timestamp/pam_timestamp.c | 3 --- modules/pam_tty_audit/pam_tty_audit.c | 2 -- modules/pam_umask/pam_umask.c | 4 ++-- modules/pam_unix/pam_unix_acct.c | 6 ++---- modules/pam_unix/pam_unix_auth.c | 7 ++----- modules/pam_unix/pam_unix_passwd.c | 7 ++----- modules/pam_unix/pam_unix_sess.c | 6 +----- modules/pam_userdb/pam_userdb.c | 14 ++------------ modules/pam_usertype/pam_usertype.c | 5 ----- modules/pam_warn/pam_warn.c | 14 +------------- modules/pam_wheel/pam_wheel.c | 7 ++----- modules/pam_xauth/pam_xauth.c | 4 ++-- 49 files changed, 83 insertions(+), 432 deletions(-) (limited to 'modules/pam_timestamp/pam_timestamp.c') diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c index 4c11418d..be726180 100644 --- a/modules/pam_access/pam_access.c +++ b/modules/pam_access/pam_access.c @@ -1,6 +1,6 @@ -/* pam_access module */ - /* + * pam_access module + * * Written by Alexei Nogin 1997/06/15 * (I took login_access from logdaemon-5.6 and converted it to PAM * using parts of pam_time code.) @@ -49,18 +49,6 @@ #include #endif -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c index f89f33da..a6ce9395 100644 --- a/modules/pam_cracklib/pam_cracklib.c +++ b/modules/pam_cracklib/pam_cracklib.c @@ -1,8 +1,6 @@ /* * pam_cracklib module - */ - -/* + * * 0.9. switch to using a distance algorithm in similar() * 0.86. added support for setting minimum numbers of digits, uppers, * lowers, and others @@ -15,9 +13,7 @@ * 0.3. Added argument 'debug' * 0.2. new password is fed to cracklib for verify after typed once * 0.1. First release - */ - -/* + * * Written by Cristian Gafton 1996/09/10 * Long password support by Philip W. Dalrymple 1997/07/18 * See the end of the file for Copyright Information @@ -69,15 +65,6 @@ extern char *FascistCheck(char *pw, const char *dictpath); #endif #define MIN(_a, _b) (((_a) < (_b)) ? (_a) : (_b)) -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_debug/pam_debug.c b/modules/pam_debug/pam_debug.c index 9b68d382..75d475f0 100644 --- a/modules/pam_debug/pam_debug.c +++ b/modules/pam_debug/pam_debug.c @@ -1,32 +1,14 @@ -/* pam_permit module */ - /* - * $Id$ + * pam_debug module * * Written by Andrew Morgan 2001/02/04 * - */ - -#define DEFAULT_USER "nobody" - -#include "config.h" - -#include - -/* * This module is intended as a debugging aide for determining how * the PAM stack is operating. - * - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. */ -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD +#include "config.h" +#include #include #include @@ -35,6 +17,8 @@ #define _PAM_ACTION_UNDEF (-10) #include "../../libpam/pam_tokens.h" +#define DEFAULT_USER "nobody" + /* --- authentication management functions --- */ static int state(pam_handle_t *pamh, const char *text) diff --git a/modules/pam_deny/pam_deny.c b/modules/pam_deny/pam_deny.c index 155a1f5d..a2fe0c23 100644 --- a/modules/pam_deny/pam_deny.c +++ b/modules/pam_deny/pam_deny.c @@ -1,26 +1,10 @@ -/* pam_deny module */ - /* - * $Id$ + * pam_deny module * * Written by Andrew Morgan 1996/3/11 - * - */ - -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. */ #include "config.h" - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include /* --- authentication management functions --- */ diff --git a/modules/pam_echo/pam_echo.c b/modules/pam_echo/pam_echo.c index bd5910b9..181aeb4c 100644 --- a/modules/pam_echo/pam_echo.c +++ b/modules/pam_echo/pam_echo.c @@ -52,11 +52,6 @@ #define HOST_NAME_MAX 255 #endif -#define PAM_SM_ACCOUNT -#define PAM_SM_AUTH -#define PAM_SM_PASSWORD -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c index 1bdc119d..79d43722 100644 --- a/modules/pam_env/pam_env.c +++ b/modules/pam_env/pam_env.c @@ -1,6 +1,6 @@ -/* pam_env module */ - /* + * pam_env module + * * Written by Dave Kinchlea 1997/01/31 * Inspired by Andrew Morgan , who also supplied the * template for this file (via pam_mail) @@ -26,18 +26,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH /* This is primarily a AUTH_SETCRED module */ -#define PAM_SM_SESSION /* But I like to be friendly */ -#define PAM_SM_PASSWORD /* "" */ -#define PAM_SM_ACCOUNT /* "" */ - #include #include #include diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c index 918422cf..5ca85ab3 100644 --- a/modules/pam_exec/pam_exec.c +++ b/modules/pam_exec/pam_exec.c @@ -49,12 +49,6 @@ #include #include - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_faildelay/pam_faildelay.c b/modules/pam_faildelay/pam_faildelay.c index 215074b2..02c5fafd 100644 --- a/modules/pam_faildelay/pam_faildelay.c +++ b/modules/pam_faildelay/pam_faildelay.c @@ -1,6 +1,6 @@ -/* pam_faildelay module */ - /* + * pam_faildelay module + * * Allows an admin to set the delay on failure per-application. * Provides "auth" interface only. * @@ -70,9 +70,6 @@ #include #include - -#define PAM_SM_AUTH - #include #include #include diff --git a/modules/pam_faillock/pam_faillock.c b/modules/pam_faillock/pam_faillock.c index 94c175b4..e340a83c 100644 --- a/modules/pam_faillock/pam_faillock.c +++ b/modules/pam_faillock/pam_faillock.c @@ -55,12 +55,8 @@ #include #include "pam_inline.h" - #include "faillock.h" -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #define FAILLOCK_ACTION_PREAUTH 0 #define FAILLOCK_ACTION_AUTHSUCC 1 #define FAILLOCK_ACTION_AUTHFAIL 2 diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c index 4f75486d..9b523da2 100644 --- a/modules/pam_filter/pam_filter.c +++ b/modules/pam_filter/pam_filter.c @@ -1,5 +1,5 @@ /* - * $Id$ + * pam_filter module * * written by Andrew Morgan with much help from * Richard Stevens' UNIX Network Programming book. @@ -25,11 +25,6 @@ #include -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include "pam_filter.h" diff --git a/modules/pam_ftp/pam_ftp.c b/modules/pam_ftp/pam_ftp.c index ce6ead9a..0d53e5a5 100644 --- a/modules/pam_ftp/pam_ftp.c +++ b/modules/pam_ftp/pam_ftp.c @@ -1,10 +1,7 @@ -/* pam_ftp module */ - /* - * $Id$ + * pam_ftp module * * Written by Andrew Morgan 1996/3/11 - * */ #define PLEASE_ENTER_PASSWORD "Password required for %s." @@ -23,15 +20,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH - #include #include #include diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c index 2172a0b5..b5532b81 100644 --- a/modules/pam_group/pam_group.c +++ b/modules/pam_group/pam_group.c @@ -1,6 +1,6 @@ -/* pam_group module */ - /* + * pam_group module + * * Written by Andrew Morgan 1996/7/6 * Field parsing rewritten by Tomas Mraz */ @@ -35,15 +35,6 @@ typedef enum { AND, OR } operator; -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_AUTH - #include #include #include diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c index 8a74ce03..5b6a4669 100644 --- a/modules/pam_issue/pam_issue.c +++ b/modules/pam_issue/pam_issue.c @@ -1,4 +1,5 @@ -/* pam_issue module - a simple /etc/issue parser to set PAM_USER_PROMPT +/* + * pam_issue module - a simple /etc/issue parser to set PAM_USER_PROMPT * * Copyright 1999 by Ben Collins * @@ -28,8 +29,6 @@ #include #include -#define PAM_SM_AUTH - #include #include #include diff --git a/modules/pam_keyinit/pam_keyinit.c b/modules/pam_keyinit/pam_keyinit.c index d58744d7..b3aec483 100644 --- a/modules/pam_keyinit/pam_keyinit.c +++ b/modules/pam_keyinit/pam_keyinit.c @@ -1,4 +1,5 @@ -/* pam_keyinit.c: Initialise the session keyring on login through a PAM module +/* + * pam_keyinit: Initialise the session keyring on login through a PAM module * * Copyright (C) 2006 Red Hat, Inc. All Rights Reserved. * Written by David Howells (dhowells@redhat.com) diff --git a/modules/pam_lastlog/pam_lastlog.c b/modules/pam_lastlog/pam_lastlog.c index 1f707d93..1c46d03a 100644 --- a/modules/pam_lastlog/pam_lastlog.c +++ b/modules/pam_lastlog/pam_lastlog.c @@ -1,6 +1,6 @@ -/* pam_lastlog module */ - /* + * pam_lastlog module + * * Written by Andrew Morgan 1996/3/11 * * This module does the necessary work to display the last login @@ -66,17 +66,6 @@ struct lastlog { #define DEFAULT_INACTIVE_DAYS 90 #define MAX_INACTIVE_DAYS 100000 -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_SESSION -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index c8a03ae4..b791cdce 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -102,8 +102,6 @@ struct pam_limit_s { #define LIMIT_SOFT 1 #define LIMIT_HARD 2 -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_listfile/pam_listfile.c b/modules/pam_listfile/pam_listfile.c index 44e0655c..74ebae1a 100644 --- a/modules/pam_listfile/pam_listfile.c +++ b/modules/pam_listfile/pam_listfile.c @@ -1,4 +1,6 @@ /* + * pam_listfile module + * * by Elliot Lee , Red Hat Software. July 25, 1996. * log refused access error christopher mccrory 1998/7/11 * @@ -22,18 +24,6 @@ #include #endif -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_PASSWORD -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_localuser/pam_localuser.c b/modules/pam_localuser/pam_localuser.c index ac51e4ef..3633b535 100644 --- a/modules/pam_localuser/pam_localuser.c +++ b/modules/pam_localuser/pam_localuser.c @@ -1,4 +1,6 @@ /* + * pam_localuser module + * * Copyright 2001, 2004 Red Hat, Inc. * * Redistribution and use in source and binary forms, with or without @@ -47,8 +49,6 @@ #include #include -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT #include #include #include diff --git a/modules/pam_loginuid/pam_loginuid.c b/modules/pam_loginuid/pam_loginuid.c index 03c0e3a3..31181789 100644 --- a/modules/pam_loginuid/pam_loginuid.c +++ b/modules/pam_loginuid/pam_loginuid.c @@ -1,4 +1,6 @@ -/* pam_loginuid.c -- +/* + * pam_loginuid module + * * Copyright 2005 Red Hat Inc., Durham, North Carolina. * All Rights Reserved. * diff --git a/modules/pam_mail/pam_mail.c b/modules/pam_mail/pam_mail.c index 2439ae75..c923817d 100644 --- a/modules/pam_mail/pam_mail.c +++ b/modules/pam_mail/pam_mail.c @@ -1,6 +1,6 @@ -/* pam_mail module */ - /* + * pam_mail module + * * Written by Andrew Morgan 1996/3/11 * $HOME additions by David Kinchlea 1997/1/7 * mailhash additions by Chris Adams 1998/7/11 @@ -30,16 +30,6 @@ #define MAIL_ENV_NAME "MAIL" #define MAIL_ENV_FORMAT MAIL_ENV_NAME "=%s" -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_SESSION -#define PAM_SM_AUTH - #include #include #include diff --git a/modules/pam_mkhomedir/pam_mkhomedir.c b/modules/pam_mkhomedir/pam_mkhomedir.c index 6e035f70..5f9b1661 100644 --- a/modules/pam_mkhomedir/pam_mkhomedir.c +++ b/modules/pam_mkhomedir/pam_mkhomedir.c @@ -44,15 +44,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_motd/pam_motd.c b/modules/pam_motd/pam_motd.c index 8147c6fd..46f4fe61 100644 --- a/modules/pam_motd/pam_motd.c +++ b/modules/pam_motd/pam_motd.c @@ -1,13 +1,8 @@ -/* pam_motd module */ - /* - * Modified for pam_motd by Ben Collins - * - * Based off of: - * $Id$ + * pam_motd module * + * Modified for pam_motd by Ben Collins * Written by Michael K. Johnson 1996/10/24 - * */ #include "config.h" @@ -26,21 +21,13 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_SESSION -#define DEFAULT_MOTD "/etc/motd:/run/motd:/usr/lib/motd" -#define DEFAULT_MOTD_D "/etc/motd.d:/run/motd.d:/usr/lib/motd.d" - #include #include #include "pam_inline.h" +#define DEFAULT_MOTD "/etc/motd:/run/motd:/usr/lib/motd" +#define DEFAULT_MOTD_D "/etc/motd.d:/run/motd.d:/usr/lib/motd.d" + /* --- session management functions (only) --- */ int diff --git a/modules/pam_nologin/pam_nologin.c b/modules/pam_nologin/pam_nologin.c index 775dda87..8666251a 100644 --- a/modules/pam_nologin/pam_nologin.c +++ b/modules/pam_nologin/pam_nologin.c @@ -1,10 +1,7 @@ -/* pam_nologin module */ - /* - * $Id$ + * pam_nologin module * * Written by Michael K. Johnson 1996/10/24 - * */ #include "config.h" @@ -19,16 +16,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_permit/pam_permit.c b/modules/pam_permit/pam_permit.c index c773087a..9e2aedf4 100644 --- a/modules/pam_permit/pam_permit.c +++ b/modules/pam_permit/pam_permit.c @@ -1,33 +1,17 @@ -/* pam_permit module */ - /* - * $Id$ + * pam_permit module * * Written by Andrew Morgan 1996/3/11 - * */ #include "config.h" - -#define DEFAULT_USER "nobody" - #include -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include +#define DEFAULT_USER "nobody" + /* --- authentication management functions --- */ int diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c index 2d4507d5..c77eb3ea 100644 --- a/modules/pam_pwhistory/pam_pwhistory.c +++ b/modules/pam_pwhistory/pam_pwhistory.c @@ -1,4 +1,6 @@ /* + * pam_pwhistory module + * * Copyright (c) 2008, 2012 Thorsten Kukuk * Author: Thorsten Kukuk * @@ -38,8 +40,6 @@ #include #endif -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_rhosts/pam_rhosts.c b/modules/pam_rhosts/pam_rhosts.c index 258a7299..ab2fbd09 100644 --- a/modules/pam_rhosts/pam_rhosts.c +++ b/modules/pam_rhosts/pam_rhosts.c @@ -1,4 +1,6 @@ /* + * pam_rhosts module + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -38,8 +40,6 @@ #include #include -#define PAM_SM_AUTH /* only defines this management group */ - #include #include #include diff --git a/modules/pam_rootok/pam_rootok.c b/modules/pam_rootok/pam_rootok.c index accba21a..3a00d545 100644 --- a/modules/pam_rootok/pam_rootok.c +++ b/modules/pam_rootok/pam_rootok.c @@ -1,7 +1,5 @@ -/* pam_rootok module */ - /* - * $Id$ + * pam_rootok module * * Written by Andrew Morgan 1996/3/11 */ @@ -14,15 +12,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH - #include #include diff --git a/modules/pam_securetty/pam_securetty.c b/modules/pam_securetty/pam_securetty.c index e594fb6a..9a2835ef 100644 --- a/modules/pam_securetty/pam_securetty.c +++ b/modules/pam_securetty/pam_securetty.c @@ -1,6 +1,6 @@ -/* pam_securetty module */ - /* + * pam_securetty module + * * by Elliot Lee , Red Hat Software. * July 25, 1996. * This code shamelessly ripped from the pam_rootok module. @@ -22,16 +22,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c index deae3ef1..06c3ce65 100644 --- a/modules/pam_selinux/pam_selinux.c +++ b/modules/pam_selinux/pam_selinux.c @@ -36,7 +36,6 @@ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. - * */ #include "config.h" @@ -53,9 +52,6 @@ #include #include -#define PAM_SM_AUTH -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c index 442703d3..b6fde6c5 100644 --- a/modules/pam_sepermit/pam_sepermit.c +++ b/modules/pam_sepermit/pam_sepermit.c @@ -35,7 +35,6 @@ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. - * */ #include "config.h" @@ -55,9 +54,6 @@ #include #include -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_setquota/pam_setquota.c b/modules/pam_setquota/pam_setquota.c index 3e2b9508..43c76d66 100644 --- a/modules/pam_setquota/pam_setquota.c +++ b/modules/pam_setquota/pam_setquota.c @@ -6,7 +6,6 @@ Copyright © 2010 Shane Tzen Copyright © 2012-2020 Sven Hartge Copyright © 2016 Keller Fuchs - */ #include @@ -19,8 +18,6 @@ #include #include -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_shells/pam_shells.c b/modules/pam_shells/pam_shells.c index ae67a423..eec86dc4 100644 --- a/modules/pam_shells/pam_shells.c +++ b/modules/pam_shells/pam_shells.c @@ -1,10 +1,6 @@ -/* pam_shells module */ - -#define SHELL_FILE "/etc/shells" - -#define DEFAULT_SHELL "/bin/sh" - /* + * pam_shells module + * * by Erik Troan , Red Hat Software. * August 5, 1996. * This code shamelessly ripped from the pam_securetty module. @@ -21,20 +17,14 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include +#define SHELL_FILE "/etc/shells" + +#define DEFAULT_SHELL "/bin/sh" + static int perform_check(pam_handle_t *pamh) { int retval = PAM_AUTH_ERR; diff --git a/modules/pam_stress/pam_stress.c b/modules/pam_stress/pam_stress.c index 024455e5..62348fab 100644 --- a/modules/pam_stress/pam_stress.c +++ b/modules/pam_stress/pam_stress.c @@ -15,18 +15,6 @@ #include #include -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_succeed_if/pam_succeed_if.c b/modules/pam_succeed_if/pam_succeed_if.c index 82de4f33..76bc9825 100644 --- a/modules/pam_succeed_if/pam_succeed_if.c +++ b/modules/pam_succeed_if/pam_succeed_if.c @@ -34,7 +34,6 @@ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. - * */ #include "config.h" @@ -54,11 +53,6 @@ #include #include -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c index 6f578988..08b5ace2 100644 --- a/modules/pam_tally/pam_tally.c +++ b/modules/pam_tally/pam_tally.c @@ -1,10 +1,7 @@ /* - * pam_tally.c + * pam_tally module * - */ - - -/* By Tim Baverstock , Multi Media Machine Ltd. + * By Tim Baverstock , Multi Media Machine Ltd. * 5 March 1997 * * Stuff stolen from pam_rootok and pam_listfile @@ -30,19 +27,7 @@ #include #include "faillog.h" -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - #ifndef MAIN -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -/* #define PAM_SM_SESSION */ -/* #define PAM_SM_PASSWORD */ - #include #include #endif @@ -615,8 +600,6 @@ tally_reset (pam_handle_t *pamh, uid_t uid, struct tally_options *opts) /* --- authentication management functions (only) --- */ -#ifdef PAM_SM_AUTH - int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) @@ -686,14 +669,10 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, return tally_reset(pamh, uid, opts); } -#endif - /*---------------------------------------------------------------------*/ /* --- authentication management functions (only) --- */ -#ifdef PAM_SM_ACCOUNT - /* To reset failcount of user on successful login */ int @@ -731,8 +710,6 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, return tally_reset(pamh, uid, opts); } -#endif /* #ifdef PAM_SM_ACCOUNT */ - /*-----------------------------------------------------------------------*/ #else /* #ifndef MAIN */ diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c index e8c74eb9..8c171b68 100644 --- a/modules/pam_tally2/pam_tally2.c +++ b/modules/pam_tally2/pam_tally2.c @@ -1,10 +1,7 @@ /* - * pam_tally2.c + * pam_tally2 module * - */ - - -/* By Tim Baverstock , Multi Media Machine Ltd. + * By Tim Baverstock , Multi Media Machine Ltd. * 5 March 1997 * * Stuff stolen from pam_rootok and pam_listfile @@ -76,19 +73,7 @@ #define fseeko fseek #endif -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - #ifndef MAIN -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -/* #define PAM_SM_SESSION */ -/* #define PAM_SM_PASSWORD */ - #include #endif #include diff --git a/modules/pam_time/pam_time.c b/modules/pam_time/pam_time.c index 0643523a..e786d0f9 100644 --- a/modules/pam_time/pam_time.c +++ b/modules/pam_time/pam_time.c @@ -1,6 +1,6 @@ -/* pam_time module */ - /* + * pam_time module + * * Written by Andrew Morgan 1996/6/22 * (File syntax and much other inspiration from the shadow package * shadow-960129) @@ -23,6 +23,12 @@ #include #include +#include +#include +#include +#include +#include "pam_inline.h" + #ifdef HAVE_LIBAUDIT #include #endif @@ -42,21 +48,6 @@ typedef enum { AND, OR } operator; -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_ACCOUNT - -#include -#include -#include -#include -#include "pam_inline.h" - static int _pam_parse (const pam_handle_t *pamh, int argc, const char **argv, const char **conffile) { diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index 420ce9eb..249a9692 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -38,9 +38,6 @@ * */ -#define PAM_SM_AUTH -#define PAM_SM_SESSION - #include "config.h" #include diff --git a/modules/pam_tty_audit/pam_tty_audit.c b/modules/pam_tty_audit/pam_tty_audit.c index 1d9256c3..2f04a05c 100644 --- a/modules/pam_tty_audit/pam_tty_audit.c +++ b/modules/pam_tty_audit/pam_tty_audit.c @@ -48,8 +48,6 @@ #include #include -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_umask/pam_umask.c b/modules/pam_umask/pam_umask.c index 45b048e3..1b5df4b6 100644 --- a/modules/pam_umask/pam_umask.c +++ b/modules/pam_umask/pam_umask.c @@ -1,4 +1,6 @@ /* + * pam_umask module + * * Copyright (c) 2005, 2006, 2007, 2010, 2013 Thorsten Kukuk * * Redistribution and use in source and binary forms, with or without @@ -50,8 +52,6 @@ #include #include -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c index 0c5dff96..de8d65c1 100644 --- a/modules/pam_unix/pam_unix_acct.c +++ b/modules/pam_unix/pam_unix_acct.c @@ -1,4 +1,6 @@ /* + * pam_unix account management + * * Copyright Elliot Lee, 1996. All rights reserved. * Copyright Jan Rękorajski, 1999. All rights reserved. * @@ -51,10 +53,6 @@ #include -/* indicate that the following groups are defined */ - -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_unix/pam_unix_auth.c b/modules/pam_unix/pam_unix_auth.c index 40ff7c65..9a0cd372 100644 --- a/modules/pam_unix/pam_unix_auth.c +++ b/modules/pam_unix/pam_unix_auth.c @@ -1,4 +1,6 @@ /* + * pam_unix authentication management + * * Copyright Alexander O. Yuriev, 1996. All rights reserved. * NIS+ support by Thorsten Kukuk * Copyright Jan Rękorajski, 1999. All rights reserved. @@ -48,11 +50,6 @@ #include #include -/* indicate the following groups are defined */ - -#define PAM_SM_AUTH - -#define _PAM_EXTERN_FUNCTIONS #include #include #include diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index 7985ad1b..e9c960a2 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -1,4 +1,6 @@ /* + * pam_unix password management + * * Main coding by Elliot Lee , Red Hat Software. * Copyright (C) 1996. * Copyright (c) Jan Rękorajski, 1999. @@ -60,11 +62,6 @@ #include #include - -/* indicate the following groups are defined */ - -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_unix/pam_unix_sess.c b/modules/pam_unix/pam_unix_sess.c index 437d1242..3f6a8fb3 100644 --- a/modules/pam_unix/pam_unix_sess.c +++ b/modules/pam_unix/pam_unix_sess.c @@ -1,5 +1,5 @@ /* - * $Id$ + * pam_unix session management * * Copyright Alexander O. Yuriev, 1996. All rights reserved. * Copyright Jan Rękorajski, 1999. All rights reserved. @@ -47,10 +47,6 @@ #include #include -/* indicate the following groups are defined */ - -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c index 32e759e3..d7d41233 100644 --- a/modules/pam_userdb/pam_userdb.c +++ b/modules/pam_userdb/pam_userdb.c @@ -1,6 +1,6 @@ -/* pam_userdb module */ - /* + * pam_userdb module + * * Written by Cristian Gafton 1996/09/10 * See the end of the file for Copyright Information */ @@ -37,16 +37,6 @@ # endif #endif -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_usertype/pam_usertype.c b/modules/pam_usertype/pam_usertype.c index 820cf693..76325063 100644 --- a/modules/pam_usertype/pam_usertype.c +++ b/modules/pam_usertype/pam_usertype.c @@ -48,11 +48,6 @@ #include #include -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_warn/pam_warn.c b/modules/pam_warn/pam_warn.c index 1d196ad3..d91c3e9f 100644 --- a/modules/pam_warn/pam_warn.c +++ b/modules/pam_warn/pam_warn.c @@ -1,7 +1,5 @@ -/* pam_warn module */ - /* - * $Id$ + * pam_warn module * * Written by Andrew Morgan 1996/3/11 */ @@ -13,16 +11,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_PASSWORD - #include #include diff --git a/modules/pam_wheel/pam_wheel.c b/modules/pam_wheel/pam_wheel.c index 32b6cdb0..94f8887a 100644 --- a/modules/pam_wheel/pam_wheel.c +++ b/modules/pam_wheel/pam_wheel.c @@ -1,6 +1,6 @@ -/* pam_wheel module */ - /* + * pam_wheel module + * * Written by Cristian Gafton 1996/09/10 * See the end of the file for Copyright Information * @@ -39,9 +39,6 @@ * modules include file to define the function prototypes. */ -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c index 7d661a45..7a9f202b 100644 --- a/modules/pam_xauth/pam_xauth.c +++ b/modules/pam_xauth/pam_xauth.c @@ -1,4 +1,6 @@ /* + * pam_xauth module + * * Copyright 2001-2003 Red Hat, Inc. * * Redistribution and use in source and binary forms, with or without @@ -51,8 +53,6 @@ #include #include -#define PAM_SM_SESSION - #include #include #include -- cgit v1.2.3 From 5aca62a102b7309f1d96ded01ad1e7f94310fade Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Fri, 15 May 2020 08:00:00 +0000 Subject: modules: do not check user name for NULL if pam_get_user returned PAM_SUCCESS If pam_get_user returned PAM_SUCCESS, the user name is guaranteed to be a valid C string, no need to double check that. * modules/pam_access/pam_access.c (pam_sm_authenticate): Do not check for NULL the user name returned by pam_get_user when the latter returned PAM_SUCCESS. * modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Likewise. * modules/pam_debug/pam_debug.c (pam_sm_authenticate): Likewise. * modules/pam_filter/pam_filter.c (process_args): Likewise. * modules/pam_ftp/pam_ftp.c (pam_sm_authenticate): Likewise. * modules/pam_group/pam_group.c (pam_sm_setcred): Likewise. * modules/pam_lastlog/pam_lastlog.c (pam_sm_authenticate): Likewise. * modules/pam_listfile/pam_listfile.c (pam_sm_authenticate): Likewise. * modules/pam_localuser/pam_localuser.c (pam_sm_authenticate): Likewise. * modules/pam_mail/pam_mail.c (_do_mail): Likewise. * modules/pam_nologin/pam_nologin.c (perform_check): Likewise. * modules/pam_permit/pam_permit.c (pam_sm_authenticate): Likewise. * modules/pam_pwhistory/pam_pwhistory.c (pam_sm_chauthtok): Likewise. * modules/pam_rhosts/pam_rhosts.c (pam_sm_authenticate): Likewise. * modules/pam_securetty/pam_securetty.c (pam_sm_authenticate): Likewise. * modules/pam_sepermit/pam_sepermit.c (pam_sm_authenticate): Likewise. * modules/pam_shells/pam_shells.c (perform_check): Likewise. * modules/pam_stress/pam_stress.c (pam_sm_authenticate): Likewise. * modules/pam_succeed_if/pam_succeed_if.c (pam_sm_authenticate): Likewise. * modules/pam_time/pam_time.c (pam_sm_acct_mgmt): Likewise. * modules/pam_timestamp/pam_timestamp.c (get_timestamp_name): Likewise. * modules/pam_umask/pam_umask.c (pam_sm_open_session): Likewise. * modules/pam_unix/pam_unix_auth.c (pam_sm_authenticate): Likewise. * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Likewise. * modules/pam_usertype/pam_usertype.c (pam_usertype_get_uid): Likewise. * modules/pam_wheel/pam_wheel.c (perform_check): Likewise. * modules/pam_userdb/pam_userdb.c (pam_sm_authenticate, pam_sm_acct_mgmt): Likewise. --- modules/pam_access/pam_access.c | 2 +- modules/pam_cracklib/pam_cracklib.c | 2 +- modules/pam_debug/pam_debug.c | 2 +- modules/pam_filter/pam_filter.c | 3 +-- modules/pam_ftp/pam_ftp.c | 2 +- modules/pam_group/pam_group.c | 3 +-- modules/pam_lastlog/pam_lastlog.c | 3 +-- modules/pam_listfile/pam_listfile.c | 4 ++-- modules/pam_localuser/pam_localuser.c | 2 +- modules/pam_mail/pam_mail.c | 2 +- modules/pam_nologin/pam_nologin.c | 2 +- modules/pam_permit/pam_permit.c | 2 +- modules/pam_pwhistory/pam_pwhistory.c | 2 +- modules/pam_rhosts/pam_rhosts.c | 2 +- modules/pam_securetty/pam_securetty.c | 2 +- modules/pam_sepermit/pam_sepermit.c | 3 +-- modules/pam_shells/pam_shells.c | 4 ++-- modules/pam_stress/pam_stress.c | 4 +--- modules/pam_succeed_if/pam_succeed_if.c | 2 +- modules/pam_time/pam_time.c | 3 +-- modules/pam_timestamp/pam_timestamp.c | 5 +---- modules/pam_umask/pam_umask.c | 10 +++------- modules/pam_unix/pam_unix_auth.c | 2 +- modules/pam_unix/pam_unix_passwd.c | 2 +- modules/pam_userdb/pam_userdb.c | 4 ++-- modules/pam_usertype/pam_usertype.c | 2 +- modules/pam_wheel/pam_wheel.c | 2 +- 27 files changed, 32 insertions(+), 46 deletions(-) (limited to 'modules/pam_timestamp/pam_timestamp.c') diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c index be726180..b0289a3a 100644 --- a/modules/pam_access/pam_access.c +++ b/modules/pam_access/pam_access.c @@ -819,7 +819,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, /* set username */ - if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL + if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || *user == '\0') { pam_syslog(pamh, LOG_ERR, "cannot determine the user's name"); return PAM_USER_UNKNOWN; diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c index a6ce9395..f6fb0130 100644 --- a/modules/pam_cracklib/pam_cracklib.c +++ b/modules/pam_cracklib/pam_cracklib.c @@ -687,7 +687,7 @@ static int _pam_unix_approve_pass(pam_handle_t *pamh, } retval = pam_get_user(pamh, &user, NULL); - if (retval != PAM_SUCCESS || user == NULL) { + if (retval != PAM_SUCCESS) { if (ctrl & PAM_DEBUG_ARG) pam_syslog(pamh,LOG_ERR,"Can not get username"); return PAM_AUTHTOK_ERR; diff --git a/modules/pam_debug/pam_debug.c b/modules/pam_debug/pam_debug.c index 75d475f0..61b39d75 100644 --- a/modules/pam_debug/pam_debug.c +++ b/modules/pam_debug/pam_debug.c @@ -73,7 +73,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED, D(("get user returned error: %s", pam_strerror(pamh,retval))); return retval; } - if (user == NULL || *user == '\0') { + if (*user == '\0') { D(("username not known")); retval = pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER); if (retval != PAM_SUCCESS) diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c index 9b523da2..2f0af4fb 100644 --- a/modules/pam_filter/pam_filter.c +++ b/modules/pam_filter/pam_filter.c @@ -171,8 +171,7 @@ static int process_args(pam_handle_t *pamh #define USER_NAME "USER=" #define USER_OFFSET (sizeof(USER_NAME) - 1) - if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || - user == NULL) { + if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS) { user = ""; } size = USER_OFFSET+strlen(user); diff --git a/modules/pam_ftp/pam_ftp.c b/modules/pam_ftp/pam_ftp.c index 0d53e5a5..36979d57 100644 --- a/modules/pam_ftp/pam_ftp.c +++ b/modules/pam_ftp/pam_ftp.c @@ -119,7 +119,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, ctrl = _pam_parse(pamh, argc, argv, &users); retval = pam_get_user(pamh, &user, NULL); - if (retval != PAM_SUCCESS || user == NULL) { + if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "no user specified"); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c index b5532b81..8fd8584e 100644 --- a/modules/pam_group/pam_group.c +++ b/modules/pam_group/pam_group.c @@ -771,8 +771,7 @@ pam_sm_setcred (pam_handle_t *pamh, int flags, /* set username */ - if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL - || *user == '\0') { + if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || *user == '\0') { pam_syslog(pamh, LOG_ERR, "cannot determine the user's name"); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_lastlog/pam_lastlog.c b/modules/pam_lastlog/pam_lastlog.c index 1c46d03a..3e27b3ed 100644 --- a/modules/pam_lastlog/pam_lastlog.c +++ b/modules/pam_lastlog/pam_lastlog.c @@ -669,8 +669,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, /* which user? */ - if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL - || *user == '\0') { + if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || *user == '\0') { pam_syslog(pamh, LOG_ERR, "cannot determine the user's name"); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_listfile/pam_listfile.c b/modules/pam_listfile/pam_listfile.c index 74ebae1a..4d30d017 100644 --- a/modules/pam_listfile/pam_listfile.c +++ b/modules/pam_listfile/pam_listfile.c @@ -188,7 +188,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, int rval; rval=pam_get_user(pamh,&user_name,NULL); - if((rval==PAM_SUCCESS) && user_name && user_name[0]) { + if(rval==PAM_SUCCESS && user_name[0]) { /* Got it ? Valid ? */ if(apply_type==APPLY_TYPE_USER) { if(strcmp(user_name, apply_val)) { @@ -225,7 +225,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, } if((citem == PAM_USER) && !citemp) { retval = pam_get_user(pamh,&citemp,NULL); - if (retval != PAM_SUCCESS || !citemp) { + if (retval != PAM_SUCCESS) { free(ifname); return PAM_SERVICE_ERR; } diff --git a/modules/pam_localuser/pam_localuser.c b/modules/pam_localuser/pam_localuser.c index 3633b535..6f4f8aea 100644 --- a/modules/pam_localuser/pam_localuser.c +++ b/modules/pam_localuser/pam_localuser.c @@ -100,7 +100,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, return PAM_SYSTEM_ERR; } - if ((user == NULL) || (strlen(user) == 0)) { + if (strlen(user) == 0) { pam_syslog (pamh, LOG_ERR, "user name not valid"); fclose(fp); return PAM_SYSTEM_ERR; diff --git a/modules/pam_mail/pam_mail.c b/modules/pam_mail/pam_mail.c index c923817d..0dc12e1e 100644 --- a/modules/pam_mail/pam_mail.c +++ b/modules/pam_mail/pam_mail.c @@ -382,7 +382,7 @@ static int _do_mail(pam_handle_t *pamh, int flags, int argc, ctrl = _pam_parse(pamh, flags, argc, argv, &path_mail, &hashcount); retval = pam_get_user(pamh, &user, NULL); - if (retval != PAM_SUCCESS || user == NULL) { + if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "cannot determine username"); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_nologin/pam_nologin.c b/modules/pam_nologin/pam_nologin.c index 8666251a..4ba33602 100644 --- a/modules/pam_nologin/pam_nologin.c +++ b/modules/pam_nologin/pam_nologin.c @@ -64,7 +64,7 @@ static int perform_check(pam_handle_t *pamh, struct opt_s *opts) int retval = opts->retval_when_nofile; int fd = -1; - if ((pam_get_user(pamh, &username, NULL) != PAM_SUCCESS) || !username) { + if ((pam_get_user(pamh, &username, NULL) != PAM_SUCCESS)) { pam_syslog(pamh, LOG_ERR, "cannot determine username"); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_permit/pam_permit.c b/modules/pam_permit/pam_permit.c index 9e2aedf4..4f973686 100644 --- a/modules/pam_permit/pam_permit.c +++ b/modules/pam_permit/pam_permit.c @@ -29,7 +29,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED, D(("get user returned error: %s", pam_strerror(pamh,retval))); return retval; } - if (user == NULL || *user == '\0') { + if (*user == '\0') { D(("username not known")); retval = pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER); if (retval != PAM_SUCCESS) diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c index c77eb3ea..9b44cd87 100644 --- a/modules/pam_pwhistory/pam_pwhistory.c +++ b/modules/pam_pwhistory/pam_pwhistory.c @@ -139,7 +139,7 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv) if (retval != PAM_SUCCESS) return retval; - if (user == NULL || strlen (user) == 0) + if (strlen (user) == 0) { if (options.debug) pam_syslog (pamh, LOG_DEBUG, diff --git a/modules/pam_rhosts/pam_rhosts.c b/modules/pam_rhosts/pam_rhosts.c index ab2fbd09..4dabfa13 100644 --- a/modules/pam_rhosts/pam_rhosts.c +++ b/modules/pam_rhosts/pam_rhosts.c @@ -94,7 +94,7 @@ int pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, return retval; } - if (rhost == NULL || ruser == NULL || luser == NULL) + if (rhost == NULL || ruser == NULL) return PAM_AUTH_ERR; if (opt_superuser && strcmp(opt_superuser, luser) == 0) diff --git a/modules/pam_securetty/pam_securetty.c b/modules/pam_securetty/pam_securetty.c index 9a2835ef..355a23ab 100644 --- a/modules/pam_securetty/pam_securetty.c +++ b/modules/pam_securetty/pam_securetty.c @@ -83,7 +83,7 @@ securetty_perform_check (pam_handle_t *pamh, int ctrl, } retval = pam_get_user(pamh, &username, NULL); - if (retval != PAM_SUCCESS || username == NULL) { + if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_WARNING, "cannot determine username"); return (retval == PAM_CONV_AGAIN ? PAM_INCOMPLETE:PAM_SERVICE_ERR); } diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c index b6fde6c5..b49b0097 100644 --- a/modules/pam_sepermit/pam_sepermit.c +++ b/modules/pam_sepermit/pam_sepermit.c @@ -384,8 +384,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED, if (debug) pam_syslog(pamh, LOG_NOTICE, "Parsing config file: %s", cfgfile); - if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL - || *user == '\0') { + if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || *user == '\0') { pam_syslog(pamh, LOG_ERR, "Cannot determine the user's name"); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_shells/pam_shells.c b/modules/pam_shells/pam_shells.c index eec86dc4..9e15a566 100644 --- a/modules/pam_shells/pam_shells.c +++ b/modules/pam_shells/pam_shells.c @@ -40,7 +40,7 @@ static int perform_check(pam_handle_t *pamh) return PAM_SERVICE_ERR; } - if (!userName || (userName[0] == '\0')) { + if (userName[0] == '\0') { /* Don't let them use a NULL username... */ retval = pam_get_user(pamh,&userName,NULL); @@ -48,7 +48,7 @@ static int perform_check(pam_handle_t *pamh) return PAM_SERVICE_ERR; /* It could still be NULL the second time. */ - if (!userName || (userName[0] == '\0')) + if (userName[0] == '\0') return PAM_SERVICE_ERR; } diff --git a/modules/pam_stress/pam_stress.c b/modules/pam_stress/pam_stress.c index 62348fab..9baba321 100644 --- a/modules/pam_stress/pam_stress.c +++ b/modules/pam_stress/pam_stress.c @@ -217,11 +217,9 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, /* try to get the username */ retval = pam_get_user(pamh, &username, "username: "); - if (retval != PAM_SUCCESS || !username) { + if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_WARNING, "pam_sm_authenticate: failed to get username"); - if (retval == PAM_SUCCESS) - retval = PAM_USER_UNKNOWN; /* username was null */ return retval; } else if (ctrl & PAM_ST_DEBUG) { diff --git a/modules/pam_succeed_if/pam_succeed_if.c b/modules/pam_succeed_if/pam_succeed_if.c index 76bc9825..db2c2db5 100644 --- a/modules/pam_succeed_if/pam_succeed_if.c +++ b/modules/pam_succeed_if/pam_succeed_if.c @@ -501,7 +501,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, } else { /* Get the user's name. */ ret = pam_get_user(pamh, &user, NULL); - if ((ret != PAM_SUCCESS) || (user == NULL)) { + if (ret != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "error retrieving user name: %s", pam_strerror(pamh, ret)); diff --git a/modules/pam_time/pam_time.c b/modules/pam_time/pam_time.c index e786d0f9..d965cabd 100644 --- a/modules/pam_time/pam_time.c +++ b/modules/pam_time/pam_time.c @@ -623,8 +623,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED, /* set username */ - if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL - || *user == '\0') { + if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || *user == '\0') { pam_syslog(pamh, LOG_ERR, "can not get the username"); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index 249a9692..30be883c 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -296,10 +296,7 @@ get_timestamp_name(pam_handle_t *pamh, int argc, const char **argv, return i; } /* Get the name of the target user. */ - if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS) { - user = NULL; - } - if ((user == NULL) || (strlen(user) == 0)) { + if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user[0] == '\0') { return PAM_AUTH_ERR; } if (debug) { diff --git a/modules/pam_umask/pam_umask.c b/modules/pam_umask/pam_umask.c index 1b5df4b6..e17d0fc1 100644 --- a/modules/pam_umask/pam_umask.c +++ b/modules/pam_umask/pam_umask.c @@ -205,14 +205,10 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED, return (retval == PAM_CONV_AGAIN ? PAM_INCOMPLETE:retval); } - if (name == NULL || name[0] == '\0') + if (name[0] == '\0') { - if (name) - { - pam_syslog (pamh, LOG_NOTICE, "bad username [%s]", name); - return PAM_USER_UNKNOWN; - } - return PAM_SERVICE_ERR; + pam_syslog (pamh, LOG_NOTICE, "bad username [%s]", name); + return PAM_USER_UNKNOWN; } pw = pam_modutil_getpwnam (pamh, name); diff --git a/modules/pam_unix/pam_unix_auth.c b/modules/pam_unix/pam_unix_auth.c index 9a0cd372..4eccff8e 100644 --- a/modules/pam_unix/pam_unix_auth.c +++ b/modules/pam_unix/pam_unix_auth.c @@ -121,7 +121,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) * '+' or '-' as the first character of a user name. Don't * allow this characters here. */ - if (name == NULL || name[0] == '-' || name[0] == '+') { + if (name[0] == '-' || name[0] == '+') { pam_syslog(pamh, LOG_NOTICE, "bad username [%s]", name); retval = PAM_USER_UNKNOWN; AUTH_RETURN; diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index e9c960a2..e988b2e3 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -631,7 +631,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) * '+' or '-' as the first character of a user name. Don't * allow them. */ - if (user == NULL || user[0] == '-' || user[0] == '+') { + if (user[0] == '-' || user[0] == '+') { pam_syslog(pamh, LOG_NOTICE, "bad username [%s]", user); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c index d7d41233..3692465d 100644 --- a/modules/pam_userdb/pam_userdb.c +++ b/modules/pam_userdb/pam_userdb.c @@ -346,7 +346,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED, /* Get the username */ retval = pam_get_user(pamh, &username, NULL); - if ((retval != PAM_SUCCESS) || (!username)) { + if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "can not get the username"); return PAM_SERVICE_ERR; } @@ -437,7 +437,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED, /* Get the username */ retval = pam_get_user(pamh, &username, NULL); - if ((retval != PAM_SUCCESS) || (!username)) { + if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR,"can not get the username"); return PAM_SERVICE_ERR; } diff --git a/modules/pam_usertype/pam_usertype.c b/modules/pam_usertype/pam_usertype.c index 76325063..eb656c09 100644 --- a/modules/pam_usertype/pam_usertype.c +++ b/modules/pam_usertype/pam_usertype.c @@ -126,7 +126,7 @@ pam_usertype_get_uid(struct pam_usertype_opts *opts, /* Get uid of user that is being authenticated. */ ret = pam_get_user(pamh, &username, NULL); - if (ret != PAM_SUCCESS || username == NULL) { + if (ret != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "error retrieving user name: %s", pam_strerror(pamh, ret)); return ret; diff --git a/modules/pam_wheel/pam_wheel.c b/modules/pam_wheel/pam_wheel.c index 94f8887a..f40eafff 100644 --- a/modules/pam_wheel/pam_wheel.c +++ b/modules/pam_wheel/pam_wheel.c @@ -107,7 +107,7 @@ perform_check (pam_handle_t *pamh, int ctrl, const char *use_group) int retval = PAM_AUTH_ERR; retval = pam_get_user(pamh, &username, NULL); - if ((retval != PAM_SUCCESS) || (!username)) { + if (retval != PAM_SUCCESS) { if (ctrl & PAM_DEBUG_ARG) { pam_syslog(pamh, LOG_DEBUG, "can not get the username"); } -- cgit v1.2.3