diff options
| author | des <des@FreeBSD.org> | 2002-03-08 13:03:58 +0000 |
|---|---|---|
| committer | des <des@FreeBSD.org> | 2002-03-08 13:03:58 +0000 |
| commit | 0a97605a6c87d27444f11cb0bf824b6e8f881d07 (patch) | |
| tree | 4d6500487685f7c21a139f3455ca551a727f851c /contrib | |
| parent | e62e9c04de1a55761e71fbf3bd13226a5fa5318c (diff) | |
| download | FreeBSD-src-0a97605a6c87d27444f11cb0bf824b6e8f881d07.zip FreeBSD-src-0a97605a6c87d27444f11cb0bf824b6e8f881d07.tar.gz | |
Say good-bye, Linux-PAM.
Diffstat (limited to 'contrib')
150 files changed, 0 insertions, 29553 deletions
diff --git a/contrib/libpam/CHANGELOG b/contrib/libpam/CHANGELOG deleted file mode 100644 index 162625b..0000000 --- a/contrib/libpam/CHANGELOG +++ /dev/null @@ -1,1396 +0,0 @@ - -$Id: CHANGELOG,v 1.61 2001/04/08 06:17:04 agmorgan Exp $ - ------------------------------ - -TODO: - - - sanitize use of md5 throughout distribution.. Make a static - library for helping to develop modules that contains it and other - stuff. Also add sha-1 and ripemd-160 digest algorithms. - - once above is done. remove hacks from the secret@here module etc.. - - remove prototype for gethostname in pam_access.c (Derrick) - - document PAM_INCOMPLETE changes - - verify that the PAM_INCOMPLETE interface is sensible. Can we - catch errors? should we permit item changing etc., between - pam_authenticate re-invocations? - - verify that the PAM_INCOMPLETE interface works (auth seems ok..) - - add PAM_INCOMPLETE support to modules (partially added to pam_pwdb) - - work on RFC. - - do we still need to remove openlog/closelog from modules..? - - auth and acct support in pam_cracklib, "yes, I know the password - you just typed was valid, I just don't think it was very strong..." - - add in the pam_cap and pam_netid modules - -==================================================================== -Note, as of release 0.73, all checkins should be accompanied with a -Bug ID. The bug IDs relate to sourceforge IDs.. You can query the -related bug description with the following URL: - - http://sourceforge.net/tracker/index.php?func=detail&aid=XXXXXX&group_id=6663&atid=106663 - -Where you should replace XXXXXX with a bug-id. - -If you have found a bug in Linux-PAM, please consider filing such a -bug report - outstanding bugs are listed here: - - http://sourceforge.net/tracker/?atid=106663&group_id=6663&func=browse - -(to file another bug see the 'submit bug' button on this page). - -==================================================================== - -0.76: please submit patches for this section with actual code/doc - patches! - -* - -0.75: Sat Apr 7 23:10:50 PDT 2001 - - ** WARNING ** - -This release contains backwardly incompatible changes to -libpam. Prior versions were buggy - see bugfix for Bug 129775. - - ** WARNING ** - -* made 0.75 release (Bug 414665 - agmorgan) -* pam_pwdb has been removed from the suggested pam.conf template. I've - replaced it with pam_unix. (Bug 227565 - agmorgan) -* pam_limits - Richard M. Yumul reported that "<domain> -" didn't - work, first fix suggested by Werner Puschitz (Bug 404953 - agmorgan) -* Nicolay Pelov suggested a simple fix for freebsd support (Bug 407282 - - agmorgan) -* Michel D'HOOGE submitted documentation fixes (Bug 408961 - agmorgan) -* fix for module linking directions (Bug 133545 - agmorgan) -* fix for glibc-2.2.2 compilation of pam_issue (Bug 133542 - agmorgan) -* fix pam_userdb to make and link both .o files it needs - converse() - wasn't being linked! (Bug 132880 - agmorgan) -* added some sys-admin documentation for the pam_tally module (Bug - 126210 - agmorgan). -* added a link to module examples from the module writers doc (Bug - 131192 - agmorgan). -* fixed a small security hole (more of a user confusion issue) with - the unix and pwdb password helper binaries. The beef is described in - the bug report, but no uid change was possible so no-one should - think they need to issue a security bulletin over this one! (Bug - 112540 - agmorgan) -* pam_lastlog needs to be linked with -lutil, also removed ambiguity - from sysadmin guide regarding this module being a 'session' module - (Bug 131549 - agmorgan). -* pam_cracklib needs to be linked with -lcrypt (old password checking) - (Bug 131601 - agmorgan). -* fixes for static library builds and also the examples when linked - with the debugging build of the libraries. (Bug 131783 - agmorgan) -* fixed URL for original RFC to a cached kernel.org file. (Bug 131503 - - agmorgan) -* quoted the $CRACKLIB_DICTPATH test in configure.in (Bug 130130 - - agmorgan). -* improved handling of the setcred/close_session and update chauthtok - stack. *Warning* This is a backwardly incompatable change, but 'more - sane' than before. (Bug 129775 - agmorgan) -* bumped the version number, and added some code to assist in making - documentation releases (Bug 129644 - agmorgan). - -0.74: Sun Jan 21 22:36:08 PST 2001 - -* made 0.74 release (Bug 129642 - agmorgan) -* libpam - cleaned up a few non-static functions to be static and added - support for libpam to enforce things like pam_[gs]et_data() and - AUTHTOK rules for using the API. Also documented pam_[gs]et_item() - a little better including return codes (Bugs 129027, 128576 - - agmorgan). -* pam_access - fixed the non-default config file option (Bug 127561 - - agmorgan) -* pam.8 manual page clarified with respect to the default location for - finding modules, also added some text describing the [...] control - syntax. (Bug 127625 - agmorgan) -* md5.h ia64 fixes for pam_unix and pam_pwdb (Bug 127700 - agmorgan) -* removed requirement for c++ from the configure{.in,} files (Bug - 128298 - agmorgan) -* removed subdirectories from man page redirections (124396 - baggins) -* per David Lee, fixed non-POSIX shell command in modules/pam_filter/Makefile - (Bug 126440 - vorlon) -* modify format of pam_unix log messages to include service name - (Bug 126423 - vorlon) -* prevent pam_unix from logging unknown usernames (Bug 126431 - vorlon) -* changed format of pam_unix 'authentication failure' log messages to make - them clearer and more consistent (Bug 126036 - vorlon) -* improved portability of pam_unix by eliminating Linux-specific utmp - defines in PAM_getlogin() (Bug 125704 - vorlon) -* removed static variables from pam_tally (Bug 117434 - agmorgan) -* added copyright message to pam_access module from original logdaemon - sources (Bug 125022 - agmorgan) -* configure.in - removed the GCC -Wtraditional flag (Bug 124923 - agmorgan) -* pam_mail - use PAM_PATH_MAILDIR as the location of mail spool - (Bug 124397 - baggins) -* _pam_aconf.h.in, configure.in - added PAM_PATH_MAILDIR set via - --with-mailspool=dir option (default is _PAM_MAILDIR if defined - in paths.h otherwise /var/spool/mail (Bug 124397 - baggins) -* removed unnecessary CVS Log tags from all over the source - (Bug 124391 - baggins) -* pam_tally - check for PAM_TTY if PAM_RHOST is not set when writing - to faillog (Bug 124394 - baggins) -* use O_NOFOLLOW if available when opening debug log (Bug 124385 - baggins) -* pam_cracklib - removed comments about pam_unix not working with - pam_cracklib, added information about use_authtok parameter - (Bug 124388 - baggins) -* pam_userdb - fixed wrong definition of struct pam_module (was pam_wheel) - (Bug 124386 - baggins) -* fixed example/Makefile include path (Bug 124187, 127563(?) - agmorgan) -* pam_userdb compiles on RH5x. Also removed circular dependency on - configure.in. Also bumped revision number to 0.74. (Bug 124136 - - agmorgan) - -0.73: Sat Dec 2 00:04:04 PST 2000 - -* updated documentaion revisions and added 'make release' support - to the top level Makefile (Bug 124132 - agmorgan). -* documented Qmail support in pam_mail (Bug 109219 - baggins) -* add change_uid option to pam_limits, and set real uid only if - this option is present (Bug 124062 - baggins) -* pam_limits - set real uid to the user for who we set limits. - (Bug 123972 - baggins) -* removed static variables from pam_limits (thread safe now). (Bug - 117450 - agmorgan). -* removed static variable from pam_wheel (module should be thread safe - now). (Bug 112906 - agmorgan) -* added support for '/' symbols in pam_time and pam_group config files - (support for modern terminal devices). Fixed infinite loop problem - with '\\[^\n]' in these files. (Bug 116076 - agmorgan) -* avoid potential SIGPIPE when writing to helper binaries with (Bug - 123399 - agmorgan) -* replaced bogus logic in the pam_cracklib module for determining if - the replacement is too similar to the old password (Bug 115055 - - agmorgan) -* added accessconf=<filename> feature to pam_access - request from - Aldrin Martoq and Meelis Roos (Bugs 111927,117240 - agmorgan) -* fix for pam_limit module not dealing with all limits Adam J. Richter - (Bug 119554 - agmorgan) -* comment fix describing fail_delay callback in _pam_types.h (Bug - 112646 - agmorgan) -* "likeauth" fix for pam_unix and pam_pwdb which (Bug 113596 - agmorgan) -* fix for pam_unix (support.c) to avoid segfault with NULL password - (Bug 113238 - vorlon) -* fix to pam_unix_passwd: try repeatedly to get a lock on the password - file, instead of failing immediately (Bug 108845 - fix vorlon) -* fix to pam_shells: logged information was not formatted correctly - (extra comma) (Bug 111491 - fix vorlon) -* fix for C++ application support (Bug 111645 - fix agmorgan) -* fix for typo in pam_client.h (Bug 111648 - fix agmorgan) -* removal of -lpam from pam_mkhomedir Makefile (Bug 116380 - fix agmorgan) -* autoconf support [Task ID 15788, Bug ID 108297 - agmorgan with help!] - - bugfix for libpamc.h include file [Bug ID 117476 - agmorgan] - - bugfix for pam_filter.h inclusion [Bug ID 117474 - agmorgan] - -0.72: Mon Dec 13 22:41:11 PST 1999 - -* patches from Debian (Ben Collins): pam_ftp supports event driven - conversations now; pwdb_chkpwd cleanup; pam_warn static compile fix; - user_db compiler warnings removed; debian defs file; pam_mail can - now be used as a session module -* ndbm compilation option for user_db module (fix explained by Richard Khoo) -* pam_cracklib bug fix -* packaging fixes & build from scratch stuff (Konst Bulatnikov & Frodo - Looijaard) -* -ldl appended to the libpam.so compilation make rule. (Charles Seeger) -* Red Hat security patch for pam_pwdb forwarded by Debian! (Ben - Collins. Fix provided by Andrey as it caught the problem earlier in the - code.) -* heuristic to prevent leaking filedescriptors to an agent. [This needs - to be better supported perhaps by an additional libpamc API function?] -* pam_userdb segfault fix from (Ben Collins) -* PAM draft spec extras added at request of 'sen_ml' - -0.71: Sun Nov 7 20:21:19 PST 1999 - -* added -lc to linker pass for pam_nologin module (glibc is weird). -* various header changes to lower the number of warnings on glibc - systems (Dan Yefimov) -* merged a bunch of Debian fixes/patches/documentation (Ben Collins) - things touched: libpam (minor); doc/modules/pam_unix.sgml; pam_env - (plus docs); pam_mkhomedir (new module for new home directories on - the fly...); pam_motd (new module); pam_limits (adjust to match - docs); pam_issue (new module + doc) [Some of these were also - submitted by Thorsten Kukuk] -* small hack to lower the number of warnings that pam_client.h was - generating. -* debian and SuSE apparently can use the pam_ftp module, so - removed the obsolete comment about this from the docs. (Thorsten - Kukuk) - -0.70: Fri Oct 8 22:05:30 PDT 1999 - -* bug fix for parsing of value=action tokens in libpam/pam_misc.c was - segfaulting (Jan Rekorajski and independently Matthew Melvin) -* numerous fixes from Thorsten Kukuk (icluding much needed fixes for - bitrot in modules and some documentation) that got included in SuSE 6.2. -* reentrancy issues in pam_unix and pam_cracklib resolved (Jan Rekorajski) -* added hosts_equiv_rootok module option to pam_rhosts module (Tim Berger) -* added comment about 'expose_account' module argument to admin and - module writers' docs (request from Michael K Johnson). -* myriad of bug fixes for libpamc - library now built by default and - works with the biomouse fingerprint scanner agent/module - (distributed separately). - -0.69: Sun Aug 1 20:25:37 PDT 1999 - -* c++ header #ifdef'ing for pam_appl.h (Tuomo Pyhala) -* added pam_userdb module (Cristian Gafton) -* minor documentation changes -* added in revised pam_client library (libpamc). Not installed by - default yet, since the example agent/module combo is not very secure. -* glibc fixes (Thorsten Kukuk, Adam J. Richter) - -0.68: Sun Jul 4 23:04:13 PDT 1999 - -* completely new pam_unix module from Jan Rekorajski and Stephen Langasek -* Jan Rekorajski pam_mail - support for Maildir format mailboxes -* Jan Rekorajski pam_cracklib - support for old password comparison -* Jan Rekorajski bug fix for pam_pwdb setcred reusing auth retval -* Andrey's pam_tally patch (lstat -> fstat) -* Robert Milkowski's additional pam_tally patches to **change format of - /var/log/faillog** to one from shadow-utils, add new option "per_user" - for pam_tally module, failure time logging, support for fail_line - field, and support for fail_locktime field with new option - no_lock_time. -* pam_tally: clean up the tally application too. -* Marcin Korzonek added process priority settings to pam_limits (bonus - points for adding to documentation!) -* Andrey's pam_pwdb patch (cleanup + md5 endian fubar fix) -* more binary prompt preparations (make misc conv more compatible with spec) -* modified callback hook for fail delay to be more useful with event - driven applications (changed function prototype - suspect no one - will notice). Documented this in app developer guide. -* documentation for pam_access from Tim Berger -* syntax fixes for the documentation - a long time since I've built it :*( - added some more names to the CREDITS file. - -0.67: Sat Jun 19 14:01:24 PDT 1999 - -* [dropped libpam_client - libpamc will be in the next release and - conforms to the developing spec in doc/specs/draft-morgan-pam.raw. - Sorry if you are keeping a PAM tree in CVS. CVS is a pain for - directories, but this directory was actually not referenced by - anything so the disruption should be light.] -* updates to pam_tally from Tim -* multiple updates from Stephen Langasek to pam_unix -* pam_filter had some trouble compiling (bug report from Sridhar) -* pam_wheel now attempts to identify the wheel group for the local - system instead of blindly assuming it is gid=0. In the case that - there is no "wheel" group, we default to assuming gid=0 is what was - meant - former behavior. (courtesy of Sridhar) -* NIS+ changes to pam_unix module from Dmitry O Panov -* hopefully, a fix for redefinition of LOG_AUTHPRIV (bug report Luke - Kenneth Casson Leighton) -* fix for minor typo in pam_wheel documentation (Jacek Kopecky) -* slightly more explanation of the [x=y] pam.conf syntax in the sys - admin guide. - -0.66: Mon Dec 28 20:22:23 PST 1998 <morgan@linux.kernel.org> - -* Started using cvs to keep track of changes to Linux-PAM. This will - likely break some of the automated building stuff (RPMs etc..). -* security bug fix to pam_unix and pam_tally from Andrey. -* modules make file is now more automatic. It should be possible to - unpack an external module in the modules directory and have it automatically - added to the build process. Also added a modules/download-all script - that will make such downloading easier. I'm happy to receive patches to - this file, informing the distribution of places from which to enrich itself. -* removed pam_system_log stuff. Thought about it long and hard: a - bad idea. If libc cannot guarantee a thread safe syslog, it needs - to be fixed and compatibility with other PAM libraries was - unnecessarily strained. -* SAG documentation changes: Seth Chaiklin -* rhosts: problems with NIS lookup failures with the root-uid check. - As a work-around, I've partially eliminated the need for the lookup - by supplying two new arguments: no_uid_check, superuser=<username>. - As a general rule this is more pluggable, since this module might be - used as an authentication scheme for a network service that does not - need root privilege... -* authenticate retval -> setcred for pam_pwdb (likeauth arg). -* pam_pwdb event driven support -* non openlog pam_listfile logging -* BUGFIX: close filedescriptor in pam_group and pam_time (Emmanuel Galanos) -* Chris Adams' mailhash change for pam_mail module -* fixed malloc failure check in pam_handlers.c (follow up to comment - by Brad M. Garcia). -* update to _pam_compat.h (Brad M. Garcia) -* support static modules in libpam again (Brad M. Garcia) -* libpam/pam_misc.c for egcs to grok the code (Brad M. Garcia) -* added a solaris-2.5.1 defs file (revived by Derrick J Brashear) -* pam_listfile logs failed attempts -* added a comment (Michael K Johnson pointed it out) about sgml2latex - having a new syntax. I'll make it the change real when I upgrade... -* a little more text to the RFC, spelling fix from William J Buffam. -* minor changes to pam_securetty to accommodate event driven support. - -0.65: Sun Apr 5 22:29:09 PDT 1998 <morgan@linux.kernel.org> - -* added event driven programming extensions to libpam - - added PAM_INCOMPLETE handling to libpam/pam_dispatch.c - - added PAM_CONV_AGAIN which is a new conversation response that - should be mapped to PAM_INCOMPLETE by the module. - - ensured that the pam_get_user() function can resume - - changes to pam_strerror to accommodate above return codes - - clean up _pam_former_state at pam_end() - - ensured that former state is correctly initialized - - added resumption tests to pam_authenticate(), pam_chauthtok() - - added PAM_FAIL_DELAY item for pausing on failure - -* improved _pam_macros.h so that macros can be used as single commands - (Andrey) - -* reimplemented logging to avoid bad interactions with libc. Added - new functions, pam_[,v]system_log() to libpam's API. A programmer - can check for this function's availablility by checking if - HAVE_PAM_SYSTEM_LOG is #defined. - -* removed the reduce conflict from pam_conv1 creation -- I can sleep - again now. :^] - -* made building of static and dynamic libpam separate. This is - towards making it possible to build both under Solaris (for Derrick) - -* made USE_CRACKLIB a condition in unix module (Luke Kenneth Casson Leighton) - -* automated (quiet) config installation (Andrey) - -0.64: Thu Feb 19 23:30:24 PST 1998 Andrew Morgan <morgan@linux.kernel.org> - -* miscellaneous patches for building under Solaris (Derrick J Brashear) - -* removed STATIC support from a number of module Makefiles. Notably, - these modules are those that use libpwdb and caused difficulties - satisfying the build process. (Please submit patches to fix this...;) - -* reomved the union for binary packet conversations from - (_pam_types.h). This is now completely implemented in libpam_client. - -* Andrey's patch for working environment variable handling in - sh_secret module. - -* made the libpam_misc conversation function a bit more flexible with - respect to binary conversations. - -* added top level define (DEBUG_REL) for compiling in the form of - a debugging release. I use this on a Red Hat 4.2 system with little - chance of crashing the system as a whole. (Andrey has another - implementation of this -- with a spec file to match..) - -0.63: Wed Jan 28 22:55:30 PST 1998 Andrew Morgan <morgan@linux.kernel.org> - -* added libpam_client "convention" library. This makes explicit the - use of PAM_BINARY_PROMPT. It is a first cut, so don't take it too - seriously yet. Comments/suggestions for improvements are very - welcome. Note, this library does not compile by default. It will - be enabled when it is judged stable. The library comes with two - module/agent pairs and can be used with ssh using a patch available - from my pre-release directory [where you got this file.] - -* backward compatibility patch for libpam/pam_handlers.c (PAM_IGNORE - was working with neither "requistie" nor "required") and a DEBUG'ing - compile time bug with pam_dispatch.c (Savochkin Andrey Vladimirovich) - -* minor Makefile change from (Savochkin Andrey Vladimirovich) - -* added pam_afsauth, pam_afspass, pam_restrict, and pam_syslog hooks - (Derrick J Brashear) - -* pam_access use of uname(2) problematic (security problem - highlighted by Olaf Kirch). - -* pam_listfile went a bit crazy reading group membersips (problem - highlighted by Olaf Kirch and patched independently by Cristian - Gafton and Savochkin Andrey Vladimirovich) - -* compatibility hooks for solaris and hpux (Derrick J Brashear) - -* 64 bit Linux/alpha bug fixed in pam_rhosts (Andrew D. Isaacson) - -0.62: Wed Jan 14 14:10:55 PST 1998 Andrew Morgan <morgan@linux.kernel.org> - -* Derrick J Brashear's patches: adds the HP stuff missed in the first - patch; adds SunOS support; adds support for the Solaris native ld - instead of requiring gnu ld. - -* last line of .rhosts file need not contain a newline. (Bug reported by - Thompson Freeman.) - -0.61: Thu Jan 8 22:57:44 PST 1998 Andrew Morgan <morgan@linux.kernel.org> - -* complete rewrite of the "control flag" logic. Formerly, we were - limited to four flags: requisite, required, sufficient, optional. - We can now use these keywords _and_ a great deal more besides. - The extra logic was inspired by Vipin Samar, a preliminary patch was - written by Andy Berkheimer, but I "had some ideas of my own" and - that's what I've actually included. The basic idea is to allow the - admin to custom build a control flag with a series of token=value - pairs inside square brackets. Eg., '[default=die success=ok]' which - is pretty close to a synonym for 'requisite'. I'll try to document it - better in the sys-admin guide but I'm pretty sure it is a change for - the better.... If what is in the sys-admin guide is not good enough - for you, just take a look at the source for libpam ;^) - -0.59: Thu Jan 8 22:27:22 PST 1998 Andrew Morgan <morgan@linux.kernel.org> - -* better handling of empty lines in .rhosts file. (Formerly, we asked - the nameserver about them!) Fix from Hugh Daschbach. - -* _broke_some_binary_compatibility_ with previous versions to become - compliant with X/Open's XSSO spec. Specifically, this has been - by changing the prototype for pam_strerror(). - -* altered the convention for the conversation mechanism to agree - with that of Sun. (number of responses 'now=' number of messages - with help from Cristian for finding a bug.. Cristian also found a - nasty speradic segfault bug -- Thanks!) - -* added NIS+ support to pam_unix_* - -* fixed a "regular file checking" problem with the ~/.rhosts sanity - check. Added "privategroup" option to permit group write permission - on the ~/.rhosts file in the case that the group owner has the same - name as the authenticating user. :*) "promiscuous" and "suppress" - were not usable! - -* added glibc compatibility to pam_rhosts_auth (protected __USE_MISC - with #ifndef since my libc already defines it!). - -* Security fix from Savochkin Andrey Vladimirovich with suggested - modification from Olaf Seibert. - -* preC contains mostly code clean-ups and a number of changes to - _pam_macros. - -0.58: whenever - -* pam_getenvlist() has a more robust definition (XSSO) than was previously - thought. It would seem that we no longer need pam_misc_copy_env() - which was there to provide the robustness that pam_getenvlist() - lacked before... - - Accordingly, I have REMOVED the prototype from libpam_misc. (The - function, however, will remain in the library as a wrapper for - legacy apps, but will likely be removed from libpam_misc-1.0.) PLEASE - FIX YOUR APPS *BEFORE* WE GET THERE! - -* Alexy Nogin reported garbage output from pam_env in the case of - a non-existent environment variable. - -* 'fixed' pwdb compilation for pam_wheel. Not very cleanly - done.. Mmmm. Should really clean up the entire source tree... - -* added prototypes for mapping functions - - <**WARNING**> - - various constants have had there names changed. Numerical values have - been retained but be aware some source old modules/applications will - need to be fixed before recompilation. - - </**WARNING**> - -* appended documentation to README for pam_rhosts module (Nicolai - Langfeldt). - -* verified X/Open compatibility of header files - note, where we differ - it is at the level of compilation warnings and the use of 'const char *' - instead of 'char *'. Previously, Sun(X/open) have revised their spec - to be more 'const'-ervative in the light of comments from Linux-PAM - development. - -* Ooops! PAM_AUTHTOKEN_REQD should have been PAM_NEW_AUTHTOK_REQD. - - changed: pam_pwdb(pam_unix_acct) (also bug fix for - _shadow_acct_mgmt_exp() return value), pam_stress, - libpam/pam_dispatch, blank, xsh. - -* New: PAM_AUTHTOK_EXPIRED - password has expired. - -* Ooops! PAM_CRED_ESTABLISH (etc.) should have been PAM_ESTABLISH_CRED - etc... (changed - this may break some people's modules - PLEASE TAKE - NOTE!) - changed: pam_group, pam_mail, blank, xsh; module and appl - docs, pam_setcred manual page. - -* renamed internal _pam_handle structure to be pam_handle as per XSSO. - -* added PAM_RADIO_TYPE (for multiple choice input method). Also - added PAM_BINARY_{MSG,PROMPT} (for interaction out of sight of user - - this could be used for RSA type authentication but is currently - just there for experimental purposes). The _BINARY_ types are now - usable with hooks in the libpam_misc conversation function. Still - have to add PAM_RADIO_TYPE. - -* added pam_access module (Alexei Nogin) - -* added documentation for pam_lastlog. Also modified the module to - not (by default) print "welcome to your new account" when it cannot - find a utmp entry for the user (you can turn this on with the - "never" argument). - -* small correction to the pam_fail_delay manual page. Either the appl or - the modules header file will prototype this function. - -* added "bigcrypt" (DEC's C2) algorithm(0) to pam_pwdb. (Andy Phillips) - -* *BSD tweaking for various #include's etc. (pam_lastlog, pam_rhosts, - pam_wheel, libpam/pam_handlers). (Michael Smith) - -* added configuration directory $SCONFIGED for module specific - configuration files. - -* added two new "linked" man pages (pam.conf(8) and pam.d(8)) - -* included a reasonable default for /etc/pam.conf (which can be - translated to /etc/pam.d/* files with the pam_conv1 binary) - -* fixed the names of the new configuration files in - conf/pam_conv1/pam_conv.y - -* fixed make check. - -* pam_lastlog fixed to handle UID in virgin part of /var/log/lastlog - (bug report from Ronald Wahl). - -* grammar fix in pam_cracklib - -* segfault avoided in pam_pwdb (getting user). Updating of passwords - that are directed to a "new" database are more robust now (bug noted - by Michael K. Johnson). Added "unix" module argument for migrating - passwords from another database to /etc/passwd. (documentation - updated). Removed "bad username []" warning for empty passwords - - on again if you supply the 'debug' module argument. - -* ctrl-D respected in conversation function (libpam_misc) - -* Removed -DPAM_FAIL_DELAY_ON from top-level Makefile. Nothing in - the distribution uses it. I guess this change happened a while - back, basically I'm trying to make the module parts of the - distribution "source compatible" with the RFC definition of PAM. - This implementation of PAM is a superset of that definition. I have - added the following symbols to the Linux-PAM header files: - - PAM_DATA_SILENT (see _pam_types.h) - HAVE_PAM_FAIL_DELAY (see _pam_types.h) - PAM_DATA_REPLACE (see _pam_modules.h) - - Any module (or application) that wants to utilize these features, - should check (#ifdef) for these tokens before using the associated - functionality. (Credit to Michael K. Johnson for pointing out my - earlier omission: not documenting this change :*) - -* first stab at making modules more independent of full library - source. Modules converted: - pam_deny - pam_permit - pam_lastlog - pam_pwdb - -* pam_env.c: #include <errno.h> added to ease GNU libc use. (Michael - K. Johnson) - -* pam_unix_passwd fixes to shadow aging code (Eliot Frank) - -* added README for pam_tally - -0.57: Fri Apr 4 23:00:45 PST 1997 Andrew Morgan <morgan@parc.power.net> - -* added "nodelay" argument to pam_pwdb. This can be used to turn off - the call to pam_fail_delay that takes effect when the user fails to - authenticate themself. - -* added "suppress" argument to pam_rhosts_auth module. This will stop - printing the "rlogin failure message" when the user does not have a - .rhosts file. - -* Extra fixes for FAKEROOT in Makefiles (Savochkin Andrey - Vladimirovich) - -* pam_tally added to tree courtesy of Tim Baverstock - -* pam_rhosts_auth was failing to read NFS mounted .rhosts - files. (Fixed by Peter Allgeyer). Refixed and further enhanced - (netgroups) by Nicolai Langfeldt. [Credit also to G.Wilford for some - changes that were not actually included..] - -* optional (#ifdef PAM_READ_BOTH_CONFS) support for parsing of pam.d/ - AND pam.conf files (Elliot Lee). - -* Added (and signed) Cristian's PGP key. (I've never met him, but I am - convinced the key belongs to the guy that is making the PAM rpms and - also producing libpwdb. Please note, I will not be signing anyone - else's key without a personal introduction..) - -* fixed erroneous syslog warning in pam_listfile (Savochkin Andrey - Vladimirovich, whole file reformatted by Cristian) - -* modified pam_securetty to return PAM_IGNORE in the case that the user's - name is not known to the system (was previously, PAM_USER_UNKNOWN). The - Rationale is that pam_securetty's sole purpose is to prevent superuser - login anywhere other than at the console. It is not its concern that the - user is unknown - only that they are _not_ root. Returning - PAM_IGNORE, however, insures that the pam_securetty can never be used to - "authenticate" a non-existent user. (Cristian Gafton with bug report from - Roger Hu) - -* Modified pam_nologin to display the no-login message when the user - is not known. The return value in this case is still PAM_USER_UNKNOWN. - (Bug report from Cristian Gafton) - -* Added NEED_LCKPWD for pam_unix/ This is used to define the locking - functions and should only be turned on if you don't have them in - your libc. - -* tidied up pam_lastlog and pam_pwdb: removed function that was never used. - -* Note for package maintainers: I have added $(FAKEROOT) to the list of - environment variables. This should help greatly when you build PAM - in a subdirectory. I've gone through the tree and tried to make - everything compatible with it. - -* added pam_env (courtesy of Dave Kinchlea) - -* removed pam_passwd+ from the tree. It has not been maintained in a - long time and running a shell script was basically insecure. I've - indicated where you can pick up the source if you want it. - -* #define HAVE_PAM_FAIL_DELAY . Applications can conditionally compile - with this if they want to see if the facility is available. It is - now always available. (corresponding compilation cleanups..) - -* _pam_sanitize() added to pam_misc. It purges the PAM_AUTHTOK and - PAM_OLDAUTHTOK items. (calls replaced in pam_auth and pam_password) - -* pam_rhosts now knows about the '+' entry. Since I think this is a - dangerous thing, I have required that the sysadmin supply the - "promiscuous" flag for it in the corresponding configuration file - before it will work. - -* FULL_LINUX_PAM_SOURCE_TREE exported from the top level make file. - If you want to build a module, you can test for this to determine if - it should take its directions from above or supply default locations - for installation. Etc. - -0.56: Sat Feb 15 12:21:01 PST 1997 <morgan@parc.power.net> - -* pam_handlers.c can now interpret the pam.d/ service config tree: - - if /etc/pam.d/ exists /etc/pam.conf is IGNORED - (otherwise /etc/pam.conf is treated as before) - - given /etc/pam.d/ - . config files are named (in lower case) by service-name - . config files have same syntax as /etc/pam.conf except - that the "service-name" field is not present. (there - are thus three manditory fields (and arguments are - optional): - - module-type control-flag module-path optional-args... - - ) - -* included conf/pam_conv1 for converting pam.conf to a pam.d/ version - 1.0 directory tree. This program reads a pam.conf file on the - standard input stream and creates ./pam.d/ (in the local directory) - and fills it with ./pam.d/"service-name" files. - - *> Note: It will fail if ./pam.d/ already exists. - - PLEASE REPORT ANY BUGS WITH THIS CONVERSION PROGRAM... It currently - cannot retain comments from the old conf file, so take care to do this - by hand. Also, please email me with the fix that makes the - shift/reduce conflict go away... - -* Added default module path to libpam for modules (see pam_handlers.c) - it makes use of Makfile defined symbol: DEFAULT_MODULE_PATH which is - inhereted from the defs/* variable $(SECUREDIR). Removed module - paths from the sample pam.conf file as they are no longer needed. - -* pam_pwdb can now verify read protected passwords when it is not run - by root. This is via a helper binary that is setuid root. - -* pam_permit now prompts for a username if it is not already determined - -* pam_rhosts now honors "debug" and no longer hardwire's "root" as the - superuser's name. - -* pam_securetty now honors the "debug" flag - -* trouble parsing extra spaces fixed in pam_time and pam_group - -* added Michael K. Johnson's PGP key to the pgp.keys.asc list - -* pam_end->env not being free()'d: fixed - -* manuals relocated to section 3 - -* fixed bug in pam_mail.c, and enhanced to recognize '~' as a prefix - to indicate the $HOME of the user (courtesy David - Kinchlea). *Changed* from a "session" module to an "auth" - module. It cannot be used to authenticate a user, but it can be used - in setting credentials. - -* fixed a stupid bug in pam_warn.. Only PAM_SERVICE was being read :*( - -* pam_radius rewritten to exclusively make use of libpwdb. (minor fix - to Makefile for cleaning up - AGM) - -* pam_limits extended to limit the total number of logins on a system - at any given time. - -* libpam and libpam_misc use $(MAJOR_REL) and $(MINOR_REL) to set their - version numbers [defined in top level makefile] - -* bugfix in sed command in defs/redhat.defs (AGM's fault) - -* The following was related to a possibility of buffer overruns in - the syslogging code: removed fixed length array from syslogging - function in the following modules [capitalized the log identifier - so the sysadmin can "know" these are fixed on the local system], - - pam_ftp, pam_stress, pam_rootok, pam_securetty, - pam_listfile, pam_shells, pam_warn, pam_lastlog - and - pam_unix_passwd (where it was definitely _not_ exploitable) - -0.55: Sat Jan 4 14:43:02 PST 1997, Andrew Morgan <morgan@parc.power.net> - -* added "requisite" control_flag to /etc/pam.conf syntax. [See - Sys. Admin. Guide for explanation] changes to pam_handlers.c - -* completely new handling of garbled pam.conf lines. The modus - operandi now is to assume that any errors in the line are minor. - Errors of this sort should *most definitely* lead to the module - failing, however, just ignoring the line (as was the case - previously) can lead to gaping security holes(! Not foreseen by the - RFC). The "motivation" for the RFC's comments about ignoring garbled - lines is present in spirit in the new code: basically a garbled line - is treated like an instance of the pam_deny.so module. - changes to pam_handlers.c and pam_dispatch.c . - -* patched libpam, to (a) call _pam_init_handlers from pam_start() and - (b) to log a text error if there are no modules defined for a given - service when a call to a module is requested. [pam_start() and - pam_dispatch() were changed]. - -* patched pam_securetty to deal with "/dev/" prefix on PAM_TTY item. - -* reorganized the modules/Makefile to include *ALL* modules. It is now - the responsibility of the modules themselves to test whether they can - be compiled locally or not. - -* modified pam_group to add to the getgroups() list rather than overwrite - it. [In the case of "HAVE_LIBPWDB" we use the pwdb_..() calls to - translate the group names.]. Module now pays attention to - PAM_CRED_.. flag(!) - -* identified and removed bugs in field reading code of pam_time and - (thus) pam_group. - -* Cristian's patches to pam_listfile module, corresponding change to - documentation. - -* I've discovered &ero; for sgml! - Added pam_time documentation to the admin guide. - -* added manual pages: pam.8, pam_start.2(=pam_end.2), - pam_authenticate.2, pam_setcred.2, pam_strerror.2, - pam_open_session.2(=pam_close_session.2) and pam_chauthtok.2 . - -* added new modules: - - - pam_mail (tells the user if they have any new mail - and sets their MAIL env variable) - - pam_lastlog (reports on the last time this user called - this module) - -* new module hooks provided. - -* added a timeout feature to the conversation function in - libpam_misc. Documented it in the application developers' guide. - -* fixed bug in pam_misc_paste_env() function.. - -* slight modifications to wheel and rhosts writeup. - -* more security issues added to module and application guides. - --- -Things present but not mentioned in previous release (sorry) - -* pam_pwdb module now resets the "last_change" entry before updating a - password. --- - -Sat Nov 30 19:30:20 PST 1996, Andrew Morgan <morgan@parc.power.net> - -* added environment handling to libpam. involved change to _pam_types.h - also added supplementary functions to libpam_misc - -* added pam_radius - Cristian - -* slight speed up for pam_rhosts - -* significantly enhanced sys-admin documentation (8 p -> 41 p in - PostScript). Added to other documentation too. Mostly the changes - in the other docs concern the new PAM-environment support, there is - also some coverage of libpam_misc in the App. Developers' guide. - -* Cristian's patches to pam_limits and pam_pwdb. Fixing bugs. (MORE added) - -* adopted Cristian's _pam_macros.h file to help with common macros and - debugging stuff, gone through tree tidying up debugging lines to use - this [not complete]. - - - for consistency replaced DROP() with _pam_drop() - -* commented memory debugging in top level makefile - -* added the following modules - - - pam_warn log information to syslog(3) about service application - - pam_ftp if user is 'ftp' then set PAM_RUSER/PAM_RHOST with password - (comment about nologin added to last release's notes) - -* modified the pam_listfile module. It now declares a meaningful static - structure name. - -Sun Nov 10 13:26:39 PST 1996, Andrew Morgan <morgan@parc.power.net> - - **PLEASE *RE*AMEND YOUR PERSONAL LINKS** - - -------> http://parc.power.net/morgan/Linux-PAM/index.html <------- - - **PLEASE *RE*AMEND YOUR PERSONAL LINKS** - -A brief summary of what has changed: - -* many modules have been modified to accomodate fixing the pam_get_user() - change. Please take note if you have a module in this distribution. - -* pam_unix is now the pam_unix that Red Hat has been using and which - should be fairly well debugged. - - - I've added some #ifdef's to make it compile for me, and also - updated it with respect to the libpam-0.53, so have a look at the - .../modules/pam_unix/Makefile to enable cracklib and shadow features - - ** BECAUSE OF THIS, I cannot guarantee this code works as it ** - ** did for Red Hat. Please test and report any problems. ** - -* the pam_unix of .52 (renamed to pam_pwdb) has been enhanced and made - more flexible with by implementing it with respect to the new - "Password Database Library" see - - http://parc.power.net/morgan/libpwdb/index.html - - modules included in this release that require this library to - function are the following: - - - pam_pwdb (ne pam_unix-0.52 + some enhancements) - - pam_wheel - - pam_limits - - pam_nologin - -* Added some optional code for memory debugging. In order to support - this you have to enable MEMORY_DEBUG in the top level makefile and - also #define MEMORY_DEBUG in your applications when they are compiled. - The extra code resides in libpam (compiled if MEMORY_DEBUG is defined) - and the macros for malloc etc. are to be found at the end of - _pam_types.h - -* used above code to locate two memory leaks in pam_unix module and two - in libpam (pam_handlers.h) - -* pam_get_user() now sets the PAM_USER item. After reading the Sun - manual page again, it was clear that it should do this. Various - modules have been assuming this and now I have modified most of them - to account for this change. Additionally, pam_get_user() is now - located in the module include file; modules are supposed to be the - ones that use it(!) [Note, this is explicitly contrary to the Sun - manual page, but in the spirit of the Linux distribution to date.] - -* replaced -D"LINUX" with -D"LINUX_PAM" as this is more explicit and less - likely to be confused with -D"linux". - Also, modified the libpam #include files to behave more like the Sun - ones #ifndef LINUX_PAM. - -* removed <bf/ .. / from documentation titles. This was not giving - politically correct html.. - ------ My vvvvvvvvvvvvvvvvvvv was a long time ago ;*] ----- - -Wed Sep 4 23:57:19 PDT 1996 (Andrew Morgan <morgan@physics.ucla.edu> - -0. Before I begin, Linux-PAM has a new primary distribution site (kindly -donated by Power Net Inc., Los Angeles) - - **PLEASE AMMEND YOUR PERSONAL LINKS** - - -------> http://www.power.net/morgan/Linux-PAM <------- - - **PLEASE AMMEND YOUR PERSONAL LINKS** - -1. I'm hoping to make the next release a bug-fix release... So please find - all the bugs(! ;^) - -2. here are the changes for .52: - -* minor changes to module documentation [Incidently, it is now - available on-line from the WWW page above]. More changes to follow in - the next two releases. PLEASE EMAIL me or the list if there is - anything that isn't clear! - -* completely changed the unix module. Now a single module for all four - management groups (this meant that I could define all functions as - static that were not part of the pam_sm_... scheme. AGM) - - - Shadow support added -PASSWD - Elliot's account management included, and enhanced by Cristian Gafton. - - MD5 password support added by Cristian Gafton. - - maxtries for authentication now enforced. - - Password changing function in pam_unix now works! - Although obviously, I'm not going to *guarantee* it ;^) . - - stole Marek's locking code from the Red Hat unix module. - [ If you like you can #ifdef it in or out ... ] - - You can configure the module more from its Makefile in - 0.52/modules/pam_unix/ - - If you are nervous that it will destroy your /etc/passwd or shadow - files then EDIT the 0.52/modules/pam_unix/pam_unix_pass.-c file. - Here is the warning comment from this file... - --------------8<----------------- -/* <WARNING> - * - * Uncomment the following #define if you are paranoid, and do not - * want to risk losing your /etc/passwd or shadow files. - * It works for me (AGM) but there are no guarantees. - * - * </WARNING> - */ -/* #define TMP__FILE */ -------------->8----------------- - - *** If anyone has any trouble, please *say*. Your problem will be - fixed in the next release. Also please feel free to scour the - code for race conditions etc... - -[* The above change requires that you purge your /usr/lib/security - directory of the old pam_unix_XXX.so modules: they will NOT be deleted - with a 'make remove'.] - -* the prototype for the cleanup function supplied to pam_set_data used - to return "int". According to Sun it should be "void". CHANGED. - -* added some definitions for the 'error_status' mask values that are - passed to the cleanup function associated with each - module-data-item. These numbers were needed to keep up with changing - a data item (see for example the code in pam_unix/support.-c that - manages the maximum number of retries so far). Will see what Sun says - (current indications are positive); this may be undone before 1.0 is - released. Here are the definitions (from pam_modules.h). - -#define PAM_DATA_SILENT 0x40000000 /* used to suppress messages... */ -#define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */ - -* Changed the .../conf/pam.conf file. It now points to the new - pam_unix module for 'su' and 'passwd' [can get these as SimpleApps -- - I use them for testing. A more extensive selection of applications is - available from Red Hat...] - -* corrected a bug in pam_dispatch. Basically, the problem was that if - all the modules were "sufficient" then the return value for this - function was never set. The net effect was that _pam_dispatch_aux - returned success when all the sufficient modules failed. :^( I think - this is the correct fix to a problem that the Red Hat folks had - found... - -sopwith* Removed advisory locking from libpam (thanks for the POSIX patch - goes to Josh Wilmes's, my apologies for not using it in the - end.). Advisory locking did not seem sufficiently secure for libpam. - Thanks to Werner Almesberger for identifying the corresponding "denial - of service attack". :*( - -* related to fix, have introduced a lock file /var/lock/subsys/PAM - that can be used to indicate the system should pay attention to - advisory locking on /etc/pam.conf file. To implement this you need to - define PAM_LOCKING though. (see .52/libpam) - -* modified pam_fail_delay() function. Couldn't find the "not working" - problem indicated by Michael, but modified it to do pseudo-random - delays based on the values indicated by pam_fail_delay() -- the - function "that may eventually go away"... Although Sun is warming to - the idea. - -* new modules include: - - pam_shells - authentication for users with a shell listed in - /etc/shells. Erik Troan <ewt@redhat.com> - - pam_listfile - authentication based on the contents of files. - Set to be more general than the above in the - future. UNTESTED. Elliot Lee <@redhat.com> - [Note, this module compiles with a non-trivial - warning: AGM] - -Thu Aug 8 22:32:15 PDT 1996 (Andrew Morgan <morgan@physics.ucla.edu>) - -* modified makefiles to take more of their installation instructions - from the top level makefile. Desired for integration into the Debian - distribution, and generally a good idea. - -* fixed memory arithmetic in pam_handlers - -- still need to track down why failure to load modules can lead to - authentication succeding.. - -* added tags for new modules (smartcards from Alex -- just a promise - at this stage) and a new module from Elliot Lee; pam_securetty - -* I have not had time to smooth out the wrinkles with it, but Alex's - pam_unix modifications are provided in pam_unix-alex (in the modules - directory) they will not be compiled by 'make all' and I can't even - say if they do compile... I will try to look at them for .52 but, in - the mean time please feel free to study/fix/discuss what is there. - -* pam_rhosts module. Removed code for manually setting the ruser - etc. This was not very secure. - -* [remade .ps docs to be in letter format -- my printer complains - about a4] - -Sunday July, 7 12:45:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>) - -* No longer accompanying the Linux-PAM release with apps installed. - [Will provide what was here in a separate package.. (soon) -lib Also see http://www.redhat.com/pam for some more (in .rpm form...)] - -* renamed libmisc to libpam_misc. It is currently configured to only compile - the static library. For some strange reason (perhaps someone can - investigate) my Linux 2.0.0 kernel with RedHat 3.0.3 system - segfaults when I compile it to be a dynamic library. The segfault - seems to be inside the call to the ** dl_XXX ** function...!? - - There is a simple flag in the libpam_misc/Makefile to turn on dynamic - compiles. - -* Added a little unofficial code for delay support in libpam (will probably - disappear later..) There is some documentation for it in the pam_modules - doc now. That will obviously go too. - -* rewritten pam_time to use *logic* to specify the stringing together of - users/times/terminals etc.. (what was there before was superficially - logical but basically un-predictable!) - -* added pam_group. Its syntax is almost identical to pam_time but it - has another field added; a list of groups to make the user a member - of if they pass the previous tests. It seems to not co-exist too well - with the groups in the /etc/group but I hope to have that fixed by - the next release... - -* minor re-formatting of pam_modules documentation - -* removed ...// since it wasn't being used and didn't look like it - would be! - -GCCSunday 23 22:35:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>) - -* The major change is the addition of a new module: pam_time for - restricting access on terminals at given times for indicated users - it comes with its own configuration file /etc/security/time.conf - and the sample file simply restricts 'you' from satisfying the blank - application if they try to use blank from any tty* - -* Small changes include -- altered pam.conf to demonstrate above new module (try typing username: you) -- very minor changes to the docs (pam_appl and pam_modules) - -Saturday June 2 01:40:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>) - -*** PLEASE READ THE README, it has changed *** - -* NOTE, 'su' exhibits a "system error", when static linking is - used. This is because the pam_unix_... module currently only has - partial static linking support. This is likely to change on Monday - June 3, when Alex makes his latest version availible. I will include - the updated module in next release. - -changes for .42: - -* modified the way in which libpam/pam_modules.h defines prototypes for - the pam_sm_ functions. Now the module must declare which functions it - is to provide *before* the #include <security/pam_modules.h> line. - (for contrasting examples, see the pam_deny and pam_rootok modules) - This removed the ugly hack of defining functions that are never called - to overcome warnings... This seems much tidier. -insterted* updated the TODO list. (changed mailing list address) -* updated README in .../modules to reflect modifications to static - compliation protocol -* modified the pam_modules documentation to describe this. -* corrected last argument of pam_get_item( ... ) in - pam_appl/modules.sgml, to "const void **". -* altered GNU GPL's in the documentation, and various other parts of - the distribution. *Please check* that any code you are responsible for - is corrected. -* Added ./Copyright (please check that it is acceptable) -* updated ./README to make current and indicate the new mailing list - address -* have completely rewritten pam_filter. It now runs modular filter - executables (stored in /usr/sbin/pam_filter/) This should make it - trivial for others to write their own filters.. If you want yours - included in the distribution please email the list/me. -* changes to libpam; there was a silly bug with multiple arguments on a - pam.conf line that was broken with a '\<LF>'. -* 'su' rearranged code (to make better use of PAM) - *Also* now uses POSIX signals--this should help the Alpha port. -* 'passwd' now uses getlogin() to determine who's passwords to change. - -Sunday May 26 9:00:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>) - -* fixed module makefiles to create needed dynamic/static subdirectories - -Saturday May 25 20:30:27.8 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>) - -* LOTS has changed regarding how the modules/libpam are built. -* Michael's mostly complete changes for static support--see below - (Andrew got a little carried away and automated the static linking - of modules---bugs are likely mine ;( ) -* Thanks mostly to Michael, libpam now compiles without a single warning :^] -* made static modules/library optional. -CFLAGS* added 'make sterile' to top level makefile. This does extraclean and remove -* added Michael and Joseph to documentation credits (and a subsection for - future documentation of static module support in pam_modules.sgml) -* libpam; many changes to makefiles and also automated the inclusion of - static module objects in pam_static.c -* modified modules for automated static/dynamic support. Added static & - dynamic subdirectories, as instructed by Michael -* removed an annoying syslog message from pam_filter: "parent exited.." -* updated todo list (anyone know anything about svgalib/X? we probably should - have some support for these...) - -Friday May 24 16:30:15 EDT 1996 (Michael K. Johnson <johnsonm@redhat.com>) - -* Added first (incomplete) cut at static support. - This includes: - . changes in libpam, including a new file, pam_static.c - . changes to modules including exporting struct of function pointers - . static and dynamic linking can be combined - . right now, the only working combinations are just dynamic - linking and dynamic libpam.so with static modules linked - into libpam.so. That's on the list of things to fix... - . modules are built differently depending on whether they - are static or dynamic. Therefore, there are two directories - under each module directory, one for static, and one for - dynamic modules. -* Fixed random brokenness in the Makefiles. [ foo -nt bar ] is - rather redundant in a makefile, for instance. Also, passing - on the command line is broken because it cannot be - overridden in any way (even adding important parts) in lower-level - makefiles. -* Unfortunately, fixing some of the brokenness meant that I used - GNU-specific stuff. However, I *think* that there was GNU-specific - stuff already. And I think that we should just use the GNU - extensions, because any platform that GNU make doesn't port to - easily will be hard to port to anyway. It also won't be likely -passwd to handle autoconf, which was Ted's suggestion for getting - around limitations in standard make... - For now, I suggest that we just use some simple GNU-specific - extensions. - -Monday May 20 22:00:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>) - -* added some text to pam_modules.sgml -* corrected Marek's name in all documentation -* made pam_stress conform to chauthtok conventions -- ie can now request - old password before proceeding. -* included Alex's latest unix module -* included Al's + password strength checking module -* included pam_rootok module -* fixed too many bugs in libpam.. all subtly related to the argument lists - or use of syslog. Added more debugging lines here too. -* fixed the pam.conf file -* deleted pam_test module. It is pretty old and basically superceeded - by pam_stress - -Friday May 9 1:00:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>) - -* updated documentaion, added Al Longyear to credits and corrected the - spelling of Jeff's name(!). Most changes to pam.sgml (even added a figure!) -* new module pam_rhosts_auth (from Al Longyear) -* new apps rlogind and ftpd (a patch) from Al. -* modified 'passwd' to not call pam_authenticate (note, none of the - modules respect this convention yet!) -* fixed bug in libpam that caused trouble if the last line of a - pam.conf file ends with a module name and no newline character -* also made more compatable with documentation, in that bad lines in - pam.conf are now ignored rather than causing libpam to return an - error to the app. -* libpam now overwrites the AUTHTOKs when returning from - pam_authenticate and pam_chauthtok calls (as per Sun/RFC too) -* libpam is now installed as libpam.so.XXX in a way that ldconfig can - handle! - - -Wednesday May 1 22:00:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>) - -* removed .../test directory, use .../examples from now on. -* added .../apps directory for fully functional applications - - the apps directory contains directories that actually contain the apps. - the idea is to make application compilation conditional on the presence - of the directory. Note, there are entries in the Makefile for - 'login' and 'ftpd' that are ready for installation... Email me if - you want to reserve a directory name for an application you are - working on... -* similar changes to .../modules makefile [entries for pam_skey and - pam_kerberos created---awaiting the directories.] Email me if you - want to register another module... -* minor changes to docs.. Not really worth reprinting them quite yet! - [save the trees] -* added misc_conv to libmisc. it is a generic conversation function - for text based applications. [would be nice to see someone create - an Xlib and/or svgalib version] -* fixed ctrl-z/c bug with pam_filter module [try xsh with the default - pam.conf file] -* added 'required' argument to 'pam_stress' module. -* added a TODO list... other suggestions to the list please. - -Saturday April 7 00:00:00 PST 1996 ( Andrew Morgan <morgan@physics.ucla.edu> ) - -* Alex and Marek please note I have altered _pam_auth_unix a little, to - make it get the passwords with the "proper method" (and also fixed it - to not have as many compiler warnings) -* updated the conf/pam.conf file -* added new example application examples/xsh.c (like blank but invokes - /bin/sh) -* Marc's patches for examples/blank.c (and AGM's too) -* fixed stacking of modules in libpam/pam_handlers.c -* fixed RESETing in libpam/pam_item.c -* added new module modules/pam_filter/ to demonstrate the possibility - of inserting an arbitrary filter between the terminal and the - application that could do customized logging etc... (see use of - bin/xsh as defined in conf/pam.conf) - - -Saturday March 16 19:00:00 PST 1996 ( Andrew Morgan <morgan@physics.ucla.edu> ) - -These notes are for 0.3 I don't think I've left anything important -out, but I will use emacs 'C-x v a' next time! (Thanks Jeff) - - * not much has changed with the functionality of the Linux-PAM lib - .../libpam - - pam_password calls module twice with different arguments - - added const to some of the function arguments - - added PAM_MAX_MES_ to <security/_pam_types.h> - - was a lot over zealous about purging old passwords... - I have removed much of this from source to make it - more compatible with SUN. - - moved some PAM_... tokens to pam_modules.h from _pam_types.h - (no-one should notice) - - * added three modules: pam_permit pam_deny pam_stress - no prizes for guessing what the first two do. The third is - a reasonably complete (functional) module. Is intended for testing - applications with. - - * fixed a few pieces of examples/blank.c so that it works (with - pam_stress) - - * ammended the documentation. Looking better, but suggestions/comments - very welcome! - -Sunday March 10 10:50:00 PST 1996 ( Andrew Morgan <morgan@physics.ucla.edu> ) - -These notes are for Linux-PAM release 0.21. They cover what's changed -since I relased 0.2. - - * am now using RCS - * substantially changed ./README - * fixed bug reading \\\n in pam.conf file - * small changes to documentation - * added `blank' application to ./examples (could be viewed as - a `Linux-PAM aware' application template.) - * oops. now including pam_passwd.o and pam_session.o in pamlib.so - * compute md5 checksums for all the source when making a release - - added `make check' and `make RCScheck' to compute md5 checksums - * create a second tar file with all the RCS files in. - * removed the .html and .txt docs, supplying sgml sources instead. - - see README for info on where to get .ps files - -Thursday March 6 0:44:?? PST 1996 ( Andrew Morgan <morgan@physics.ucla.edu> ) - -These notes are for Linux-PAM release 0.2. They cover what's changed -since Marc Ewing relased 0.1. - -**** Please note. All of the directories in this release have been modified -**** slightly to conform to the new pamlib. A couple of new directories have -**** been added. As well as some documentation. If some of your code -**** was in the previous release. Feel free to update it, but please -**** try to conform to the new headers and Makefiles. - -* Andrew Morgan (morgan@physics.ucla.edu) is making this release - availible, Marc has been busy...! - -* Marc's pam-0.1/lib has been (quietly) enhanced and integrated into - Alex Yurie's collected tree of library and module code - (linux-pam.prop.1.tar.gz). Most of the changes are to do with error - checking. Some more robustness in the reading of the pam.conf file - and the addition of the pam_get_user() function. - -* The pam_*.h files have been reorganized to logically enforce the - separation of modules from applications. [Don't panic! Apart from - changing references of the form - - #include "pam_appl.h" - - to - - #include <security/pam_appl.h> - - The reorganization should be backwardly compatable (ie. a module - written for SUN will be as compatable as it was before with the - previous version ;)~ ] - - (All of the source in this tree now conforms to this scheme...) - - The new reorganization means that modules can be compiled with a - single header, <security/pam_modules.h>, and applications with - <security/pam_appl.h>. - -* I have tried to remove all the compiler warnings from the updated - "pamlib/*.c" files. On my system, (with a slightly modified <dlfcn.h> - email me if it interests you..) there are only two warnings that - remain: they are that ansi does not permit void --> fn ptr - assignment. K&Rv2 doesn't mention this....? As a matter of principle, - if anyone knows how to get rid of that warning... please - tell. Thanks! "-pedantic" - -* you can "make all" as a plain user, but - -* to "make install" you must be root. The include files are placed in - /usr/include/security. The libpam.so library is installed in /usr/lib - and the modules in /usr/lib/security. The two test binaries - are installed in the Linux-PAM-0.2/bin directory and a chance is given to - replace your /etc/pam.conf file with the one in Linux-PAM-0.2/conf. - -* I have included some documentation (pretty preliminary at the -moment) which I have been working on in .../doc . - -I have had a little trouble with the modules, but atleast there are no -segfaults! Please try it out and discuss your results... I actually -hope it all works for you. But, Email any bugs/suggestions to the -Linux-PAM list: linux-pam@mit.edu ..... - -Regards, - -Andrew Morgan -(morgan@physics.ucla.edu) - - -Sat Feb 17 17:30:24 EST 1996 (Alexander O. Yuriev alex@bach.cis.temple.edu) - - * conf directory created with example of pam_conf - * stable code from pam_unix is added to modules/pam_unix - * test/test.c now requests username and password and attempts - to perform authentication - diff --git a/contrib/libpam/Copyright b/contrib/libpam/Copyright deleted file mode 100644 index 2f27a2e..0000000 --- a/contrib/libpam/Copyright +++ /dev/null @@ -1,41 +0,0 @@ -Unless otherwise *explicitly* stated the following text describes the -licensed conditions under which the contents of this Linux-PAM release -may be distributed: - -------------------------------------------------------------------------- -Redistribution and use in source and binary forms of Linux-PAM, with -or without modification, are permitted provided that the following -conditions are met: - -1. Redistributions of source code must retain any existing copyright - notice, and this entire permission notice in its entirety, - including the disclaimer of warranties. - -2. Redistributions in binary form must reproduce all prior and current - copyright notices, this list of conditions, and the following - disclaimer in the documentation and/or other materials provided - with the distribution. - -3. The name of any author may not be used to endorse or promote - products derived from this software without their specific prior - written permission. - -ALTERNATIVELY, this product may be distributed under the terms of the -GNU General Public License, in which case the provisions of the GNU -GPL are required INSTEAD OF the above restrictions. (This clause is -necessary due to a potential conflict between the GNU GPL and the -restrictions contained in a BSD-style copyright.) - -THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS -OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR -TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -DAMAGE. -------------------------------------------------------------------------- - diff --git a/contrib/libpam/FREEBSD-Xlist b/contrib/libpam/FREEBSD-Xlist deleted file mode 100644 index 3311032..0000000 --- a/contrib/libpam/FREEBSD-Xlist +++ /dev/null @@ -1,18 +0,0 @@ -*.a -*.asc -*.o -*.so -*.tar.gz -*/.[a-zA-Z]* -*/CONFIGURE_COMMAND -*/bin/pam_conv1 -*/blank -*/blank -*/check_user -*/check_user -*/default.defs -*/dynamic -*/pam_conv1/pam_conv1 -*/upperLOWER/upperLOWER -*/xsh -*/xsh diff --git a/contrib/libpam/FREEBSD-upgrade b/contrib/libpam/FREEBSD-upgrade deleted file mode 100644 index 3f3b379..0000000 --- a/contrib/libpam/FREEBSD-upgrade +++ /dev/null @@ -1,9 +0,0 @@ -To strip down a new version of Linux PAM for import, extract -the files like this: - - tar -xvzf pam-xxx.tar.gz -X FREEBSD-Xlist - -If you decide to bring in more of the files, import them -- don't -use "cvs add". And please remember to adjust the contents of -"FREEBSD-Xlist" so that it reflects what is really imported from -the vendor. diff --git a/contrib/libpam/Make.Rules.in b/contrib/libpam/Make.Rules.in deleted file mode 100644 index 2818c1c..0000000 --- a/contrib/libpam/Make.Rules.in +++ /dev/null @@ -1,94 +0,0 @@ -## -## $Id: Make.Rules.in,v 1.6 2001/02/10 22:33:09 agmorgan Exp $ -## -## @configure_input@ -## - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ - -absolute_srcdir = @LOCALSRCDIR@ - -# major and minor numbers of this release -MAJOR_REL=@LIBPAM_VERSION_MAJOR@ -MINOR_REL=@LIBPAM_VERSION_MINOR@ - -# The following is the generic set of compiler options for compiling -# Linux-PAM. True, they are a little anal. Pay attention to the comments -# they generate. - -HEADER_DIRS=-I./include -I$(absolute_srcdir)/libpam/include \ - -I$(absolute_srcdir) -I$(absolute_srcdir)/libpamc/include -WARNINGS=@WARNINGS@ -OS_CFLAGS=@OS_CFLAGS@ -PIC=@PIC@ - -# Mode to install shared libraries with -SHLIBMODE=@SHLIBMODE@ - -NEED_LINK_LIB_C=@PAM_NEEDS_LIBC@ -HAVE_LCKPWDF=@HAVE_LCKPWDF@ -HAVE_LIBCRACK=@HAVE_LIBCRACK@ -HAVE_LIBCRYPT=@HAVE_LIBCRYPT@ -HAVE_LIBUTIL=@HAVE_LIBUTIL@ -HAVE_NDBM_H=@HAVE_NDBM_H@ -HAVE_LIBNDBM=@HAVE_LIBNDBM@ -HAVE_LIBDB=@HAVE_LIBDB@ -HAVE_LIBFL=@HAVE_LIBFL@ -HAVE_LIBNSL=@HAVE_LIBNSL@ -HAVE_LIBPWDB=@HAVE_LIBPWDB@ - -# documentation support -HAVE_SGML2TXT=@HAVE_SGML2TXT@ -HAVE_SGML2HTML=@HAVE_SGML2HTML@ -PSER=@PSER@ - -# configuration settings -WITH_DEBUG=@WITH_DEBUG@ -WITH_LIBDEBUG=@WITH_LIBDEBUG@ -WITH_PAMLOCKING=@WITH_PAMLOCKING@ -WITH_LCKPWDF=@WITH_LCKPWDF@ -STATIC_LIBPAM=@STATIC_LIBPAM@ -DYNAMIC_LIBPAM=@DYNAMIC_LIBPAM@ -STATIC=@STATIC@ -DYNAMIC=@DYNAMIC@ - -# Location of libraries when installed on the system -FAKEROOT=@FAKEROOT@ -SECUREDIR=@SECUREDIR@ -SCONFIGD=@SCONFIGDIR@ -SUPLEMENTED=@SUPLEMENTED@ -INCLUDED=@INCLUDEDIR@/security -CRACKLIB_DICTPATH=@CRACKLIB_DICTPATH@ - -# generic build setup -OS=@OS@ -CC=@CC@ -CFLAGS=$(WARNINGS) -D$(OS) $(OS_CFLAGS) $(HEADER_DIRS) @CONF_CFLAGS@ -LD=@LD@ -LD_D=@LD_D@ -LD_L=@LD_L@ -DYNTYPE=@DYNTYPE@ -LIBDL=@LIBDL@ -MKDIR=@MKDIR@ -INSTALL=@INSTALL@ -RANLIB=@RANLIB@ -STRIP=@STRIP@ -CC_STATIC=@CC_STATIC@ - -LINKLIBS = $(NEED_LINK_LIB_C) $(LIBDL) diff --git a/contrib/libpam/Makefile b/contrib/libpam/Makefile deleted file mode 100644 index ad2eea2..0000000 --- a/contrib/libpam/Makefile +++ /dev/null @@ -1,78 +0,0 @@ -## -## $Id: Makefile,v 1.5 2001/01/20 22:29:47 agmorgan Exp $ -## - -## Note, ideally I would prefer it if this top level makefile did -## not get created by autoconf. As I find typing 'make' and relying -## on it to take care of all dependencies much more friendly than -## the multi-stage autoconf+make and also worry about updates to -## configure.in not getting propagated down the tree. (AGM) [I realise -## that this may not prove possible, but at least I tried.. Sigh.] - -DISTNAME=Linux-PAM - -ifeq ($(shell test \! -f Make.Rules || echo yes),yes) - include Make.Rules -endif - -THINGSTOMAKE = modules libpam libpamc libpam_misc doc examples - -all: $(THINGSTOMAKE) - -prep: - rm -f security - ln -sf . security - -clean: - if [ ! -f Make.Rules ]; then touch Make.Rules ; fi - for i in $(THINGSTOMAKE) ; do $(MAKE) -C $$i clean ; done - rm -f security *~ *.orig *.rej Make.Rules #*# - -distclean: clean - rm -f Make.Rules _pam_aconf.h - rm -f config.status config.cache config.log core - -maintainer-clean: distclean - @echo files should be ok for packaging now. - -# NB _pam_aconf.h.in changes will remake this too -Make.Rules: configure Make.Rules.in _pam_aconf.h.in - @echo XXX - not sure how to preserve past configure options.. - @echo XXX - so not attempting to. Feel free to run ./configure - @echo XXX - by hand, with the options you want. - ./configure - -_pam_aconf.h: Make.Rules - -configure: configure.in - @echo - @echo You do not appear to have an up-to-date ./configure file. - @echo Please run autoconf, and then ./configure [..options..] - @echo - @rm -f configure - @exit 1 - -$(THINGSTOMAKE): _pam_aconf.h prep - $(MAKE) -C $@ all - -install: _pam_aconf.h prep - $(MKDIR) $(FAKEROOT)$(INCLUDED) - $(INSTALL) -m 444 security/_pam_aconf.h $(FAKEROOT)$(INCLUDED) - for x in $(THINGSTOMAKE) ; do make -C $$x install ; done - -remove: - rm -f $(FAKEROOT)$(INCLUDED)/_pam_aconf.h - for x in $(THINGSTOMAKE) ; do make -C $$x remove ; done - -release: - @if [ ! -f Make.Rules ]; then echo make Make.Rules first ; exit 1; fi - @if [ ! -L ../$(DISTNAME)-$(MAJOR_REL).$(MINOR_REL) ]; then \ - echo generating ../$(DISTNAME)-$(MAJOR_REL).$(MINOR_REL) link ; \ - ln -sf $(DISTNAME) ../$(DISTNAME)-$(MAJOR_REL).$(MINOR_REL) ; \ - echo to ../$(DISTNAME) . ; fi - @diff ../$(DISTNAME)-$(MAJOR_REL).$(MINOR_REL)/Make.Rules Make.Rules - make distclean - cd .. ; tar zvfc $(DISTNAME)-$(MAJOR_REL).$(MINOR_REL).tar.gz \ - --exclude CVS --exclude .cvsignore --exclude '.#*' \ - $(DISTNAME)-$(MAJOR_REL).$(MINOR_REL)/* - diff --git a/contrib/libpam/README b/contrib/libpam/README deleted file mode 100644 index 1e769a5..0000000 --- a/contrib/libpam/README +++ /dev/null @@ -1,28 +0,0 @@ -# -# $Id: README,v 1.3 2000/11/20 00:01:49 agmorgan Exp $ -# - -Hello! - -Thanks for downloading Linux-PAM. - -NOTES: - -How to use it is as follows: - - ./configure --help | less - ./configure <your-options> - make - -Note, if you are worried - don't even think about doing the next line -(most Linux distributions already support PAM out of the box, so if -something goes wrong with installing the code from this version your -box may stop working..) - - make install - -That said, please report problems to me. - -Andrew Morgan -<morgan@kernel.org> -<agmorgan@users.sourceforge.net> diff --git a/contrib/libpam/TODO b/contrib/libpam/TODO deleted file mode 100644 index 5ed6acb..0000000 --- a/contrib/libpam/TODO +++ /dev/null @@ -1,59 +0,0 @@ -$Id: TODO,v 1.10 1997/02/15 19:30:51 morgan Exp morgan $ - -Here are some things to think about if you are interested in -contributing to the Linux-PAM effort. - -1. If you have a suggestion mail the pam-list! - -2. TODO: Comments - ----- -------- - - [modules] - -pam_time should log an error if it denies access. - -pam_smartcard?? It has already started to happen. (Alex Yuriev has a - smart-card module...) - -pam_floppy?? A alternative login mechanism might involve - authenticating with a personal specially - formatted floppy!? (got to make some use of - all those strange Linux incompatible floppies - I keep getting from ISPs ;^) - -pam_??? If you are interested in another type of - authentication method--just make a module! - If you want it registered/some help, email the - list. - - [misc] - -SVGA & X-conv Currently, libpam-misc contains a text-only - conversation function. A graphical one, - for X or SVGA would be very welcome, - [Ben Buxton is working on an X one (as of - 1996/12/1)] applications like xlock - etc.. would benefit from this. - - -Issues that need to be resolved: --------------------------------- - -- can we support the use_mapped_pass flag without running into problems - with ITAR rules? [this problem is likely to mutate. The DCE-RFC - people are considering the addition of a mapping module type - one - that other modules can use to safely store passwords...] - - - anyone know where someone to email for FREE legal advice/support? - ------------ -Comments to <pam-list@redhat.com> -(administrative requests to <pam-list-request@redhat.com> use - - Subject: help - <empty_message> - -) ------------ -Andrew Morgan <morgan@linux.kernel.org>. -http://linux.kernel.org/pub/linux/libs/pam/index.html diff --git a/contrib/libpam/_pam_aconf.h.in b/contrib/libpam/_pam_aconf.h.in deleted file mode 100644 index 0da92b7..0000000 --- a/contrib/libpam/_pam_aconf.h.in +++ /dev/null @@ -1,64 +0,0 @@ -/* - * $Id: _pam_aconf.h.in,v 1.4 2000/12/04 20:56:10 baggins Exp $ - * - * - */ - -#ifndef PAM_ACONF_H -#define PAM_ACONF_H - -/* lots of stuff gets written to /tmp/pam-debug.log */ -#undef DEBUG - -/* build libraries with different names (suffixed with 'd') */ -#undef WITH_LIBDEBUG - -/* provide a global locking facility within libpam */ -#undef PAM_LOCKING - -/* GNU systems as a class, all have the feature.h file */ -#undef HAVE_FEATURES_H -#ifdef HAVE_FEATURES_H -# define _SVID_SOURCE -# define _BSD_SOURCE -# define __USE_BSD -# define __USE_SVID -# define __USE_MISC -# define _GNU_SOURCE -# include <features.h> -#endif /* HAVE_FEATURES_H */ - -/* we have libcrack available */ -#undef HAVE_LIBCRACK - -/* we have libcrypt - its not part of libc (do we need both definitions?) */ -#undef HAVE_LIBCRYPT -#undef HAVE_CRYPT_H - -/* we have libndbm and/or libdb */ -#undef HAVE_DB_H -#undef HAVE_NDBM_H - -/* have libfl (Flex) */ -#undef HAVE_LIBFL - -/* have libnsl - instead of libc support */ -#undef HAVE_LIBNSL - -/* have libpwdb - don't expect this to be important for much longer */ -#undef HAVE_LIBPWDB - -/* ugly hack to partially support old pam_strerror syntax */ -#undef UGLY_HACK_FOR_PRIOR_BEHAVIOR_SUPPORT - -/* read both confs - read /etc/pam.d and /etc/pam.conf in serial */ -#undef PAM_READ_BOTH_CONFS - -#undef HAVE_PATHS_H -#ifdef HAVE_PATHS_H -#include <paths.h> -#endif -/* location of the mail spool directory */ -#undef PAM_PATH_MAILDIR - -#endif /* PAM_ACONF_H */ diff --git a/contrib/libpam/configure b/contrib/libpam/configure deleted file mode 100755 index d63a2fb..0000000 --- a/contrib/libpam/configure +++ /dev/null @@ -1,3548 +0,0 @@ -#! /bin/sh - -# Guess values for system-dependent variables and create Makefiles. -# Generated automatically using autoconf version 2.13 -# Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc. -# -# This configure script is free software; the Free Software Foundation -# gives unlimited permission to copy, distribute and modify it. - -# Defaults: -ac_help= -ac_default_prefix=/usr/local -# Any additions from configure.in: -ac_default_prefix= -ac_help="$ac_help - --enable-debug qspecify you are building with debugging on" -ac_help="$ac_help - --enable-libdebug specify you are building debugging libraries" -ac_help="$ac_help - --enable-fakeroot=<path to packaging directory>" -ac_help="$ac_help - --enable-securedir=<path to location of PAMs> [default \$libdir/security]" -ac_help="$ac_help - --enable-sconfigdir=<path to module conf files> [default \$sysconfdir/security]" -ac_help="$ac_help - --enable-suplementedir=<path to module helper binaries> [default \$sbindir]" -ac_help="$ac_help - --enable-includedir=<path to include location> - where to put <security>" -ac_help="$ac_help - --enable-pamlocking configure libpam to observe a global authentication lock" -ac_help="$ac_help - --enable-uglyhack configure libpam to try to honor old pam_strerror syntax" -ac_help="$ac_help - --enable-read-both-confs read both /etc/pam.d and /etc/pam.conf files" -ac_help="$ac_help - --enable-static-libpam build a libpam.a library" -ac_help="$ac_help - --disable-dynamic-libpam do not build a shared libpam library" -ac_help="$ac_help - --enable-static-modules do not make the modules dynamically loadable" -ac_help="$ac_help - --disable-lckpwdf do not use the lckpwdf function" -ac_help="$ac_help - --with-mailspool path to mail spool directory - [default _PATH_MAILDIR if defined in paths.h, otherwise /var/spool/mail]" - -# Initialize some variables set by options. -# The variables have the same names as the options, with -# dashes changed to underlines. -build=NONE -cache_file=./config.cache -exec_prefix=NONE -host=NONE -no_create= -nonopt=NONE -no_recursion= -prefix=NONE -program_prefix=NONE -program_suffix=NONE -program_transform_name=s,x,x, -silent= -site= -srcdir= -target=NONE -verbose= -x_includes=NONE -x_libraries=NONE -bindir='${exec_prefix}/bin' -sbindir='${exec_prefix}/sbin' -libexecdir='${exec_prefix}/libexec' -datadir='${prefix}/share' -sysconfdir='${prefix}/etc' -sharedstatedir='${prefix}/com' -localstatedir='${prefix}/var' -libdir='${exec_prefix}/lib' -includedir='${prefix}/include' -oldincludedir='/usr/include' -infodir='${prefix}/info' -mandir='${prefix}/man' - -# Initialize some other variables. -subdirs= -MFLAGS= MAKEFLAGS= -SHELL=${CONFIG_SHELL-/bin/sh} -# Maximum number of lines to put in a shell here document. -ac_max_here_lines=12 - -ac_prev= -for ac_option -do - - # If the previous option needs an argument, assign it. - if test -n "$ac_prev"; then - eval "$ac_prev=\$ac_option" - ac_prev= - continue - fi - - case "$ac_option" in - -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;; - *) ac_optarg= ;; - esac - - # Accept the important Cygnus configure options, so we can diagnose typos. - - case "$ac_option" in - - -bindir | --bindir | --bindi | --bind | --bin | --bi) - ac_prev=bindir ;; - -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) - bindir="$ac_optarg" ;; - - -build | --build | --buil | --bui | --bu) - ac_prev=build ;; - -build=* | --build=* | --buil=* | --bui=* | --bu=*) - build="$ac_optarg" ;; - - -cache-file | --cache-file | --cache-fil | --cache-fi \ - | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) - ac_prev=cache_file ;; - -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ - | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) - cache_file="$ac_optarg" ;; - - -datadir | --datadir | --datadi | --datad | --data | --dat | --da) - ac_prev=datadir ;; - -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \ - | --da=*) - datadir="$ac_optarg" ;; - - -disable-* | --disable-*) - ac_feature=`echo $ac_option|sed -e 's/-*disable-//'` - # Reject names that are not valid shell variable names. - if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then - { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } - fi - ac_feature=`echo $ac_feature| sed 's/-/_/g'` - eval "enable_${ac_feature}=no" ;; - - -enable-* | --enable-*) - ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'` - # Reject names that are not valid shell variable names. - if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then - { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } - fi - ac_feature=`echo $ac_feature| sed 's/-/_/g'` - case "$ac_option" in - *=*) ;; - *) ac_optarg=yes ;; - esac - eval "enable_${ac_feature}='$ac_optarg'" ;; - - -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ - | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ - | --exec | --exe | --ex) - ac_prev=exec_prefix ;; - -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ - | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ - | --exec=* | --exe=* | --ex=*) - exec_prefix="$ac_optarg" ;; - - -gas | --gas | --ga | --g) - # Obsolete; use --with-gas. - with_gas=yes ;; - - -help | --help | --hel | --he) - # Omit some internal or obsolete options to make the list less imposing. - # This message is too long to be a string in the A/UX 3.1 sh. - cat << EOF -Usage: configure [options] [host] -Options: [defaults in brackets after descriptions] -Configuration: - --cache-file=FILE cache test results in FILE - --help print this message - --no-create do not create output files - --quiet, --silent do not print \`checking...' messages - --version print the version of autoconf that created configure -Directory and file names: - --prefix=PREFIX install architecture-independent files in PREFIX - [$ac_default_prefix] - --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX - [same as prefix] - --bindir=DIR user executables in DIR [EPREFIX/bin] - --sbindir=DIR system admin executables in DIR [EPREFIX/sbin] - --libexecdir=DIR program executables in DIR [EPREFIX/libexec] - --datadir=DIR read-only architecture-independent data in DIR - [PREFIX/share] - --sysconfdir=DIR read-only single-machine data in DIR [PREFIX/etc] - --sharedstatedir=DIR modifiable architecture-independent data in DIR - [PREFIX/com] - --localstatedir=DIR modifiable single-machine data in DIR [PREFIX/var] - --libdir=DIR object code libraries in DIR [EPREFIX/lib] - --includedir=DIR C header files in DIR [PREFIX/include] - --oldincludedir=DIR C header files for non-gcc in DIR [/usr/include] - --infodir=DIR info documentation in DIR [PREFIX/info] - --mandir=DIR man documentation in DIR [PREFIX/man] - --srcdir=DIR find the sources in DIR [configure dir or ..] - --program-prefix=PREFIX prepend PREFIX to installed program names - --program-suffix=SUFFIX append SUFFIX to installed program names - --program-transform-name=PROGRAM - run sed PROGRAM on installed program names -EOF - cat << EOF -Host type: - --build=BUILD configure for building on BUILD [BUILD=HOST] - --host=HOST configure for HOST [guessed] - --target=TARGET configure for TARGET [TARGET=HOST] -Features and packages: - --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) - --enable-FEATURE[=ARG] include FEATURE [ARG=yes] - --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] - --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) - --x-includes=DIR X include files are in DIR - --x-libraries=DIR X library files are in DIR -EOF - if test -n "$ac_help"; then - echo "--enable and --with options recognized:$ac_help" - fi - exit 0 ;; - - -host | --host | --hos | --ho) - ac_prev=host ;; - -host=* | --host=* | --hos=* | --ho=*) - host="$ac_optarg" ;; - - -includedir | --includedir | --includedi | --included | --include \ - | --includ | --inclu | --incl | --inc) - ac_prev=includedir ;; - -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ - | --includ=* | --inclu=* | --incl=* | --inc=*) - includedir="$ac_optarg" ;; - - -infodir | --infodir | --infodi | --infod | --info | --inf) - ac_prev=infodir ;; - -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) - infodir="$ac_optarg" ;; - - -libdir | --libdir | --libdi | --libd) - ac_prev=libdir ;; - -libdir=* | --libdir=* | --libdi=* | --libd=*) - libdir="$ac_optarg" ;; - - -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ - | --libexe | --libex | --libe) - ac_prev=libexecdir ;; - -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ - | --libexe=* | --libex=* | --libe=*) - libexecdir="$ac_optarg" ;; - - -localstatedir | --localstatedir | --localstatedi | --localstated \ - | --localstate | --localstat | --localsta | --localst \ - | --locals | --local | --loca | --loc | --lo) - ac_prev=localstatedir ;; - -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ - | --localstate=* | --localstat=* | --localsta=* | --localst=* \ - | --locals=* | --local=* | --loca=* | --loc=* | --lo=*) - localstatedir="$ac_optarg" ;; - - -mandir | --mandir | --mandi | --mand | --man | --ma | --m) - ac_prev=mandir ;; - -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) - mandir="$ac_optarg" ;; - - -nfp | --nfp | --nf) - # Obsolete; use --without-fp. - with_fp=no ;; - - -no-create | --no-create | --no-creat | --no-crea | --no-cre \ - | --no-cr | --no-c) - no_create=yes ;; - - -no-recursion | --no-recursion | --no-recursio | --no-recursi \ - | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) - no_recursion=yes ;; - - -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ - | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ - | --oldin | --oldi | --old | --ol | --o) - ac_prev=oldincludedir ;; - -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ - | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ - | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) - oldincludedir="$ac_optarg" ;; - - -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) - ac_prev=prefix ;; - -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) - prefix="$ac_optarg" ;; - - -program-prefix | --program-prefix | --program-prefi | --program-pref \ - | --program-pre | --program-pr | --program-p) - ac_prev=program_prefix ;; - -program-prefix=* | --program-prefix=* | --program-prefi=* \ - | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) - program_prefix="$ac_optarg" ;; - - -program-suffix | --program-suffix | --program-suffi | --program-suff \ - | --program-suf | --program-su | --program-s) - ac_prev=program_suffix ;; - -program-suffix=* | --program-suffix=* | --program-suffi=* \ - | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) - program_suffix="$ac_optarg" ;; - - -program-transform-name | --program-transform-name \ - | --program-transform-nam | --program-transform-na \ - | --program-transform-n | --program-transform- \ - | --program-transform | --program-transfor \ - | --program-transfo | --program-transf \ - | --program-trans | --program-tran \ - | --progr-tra | --program-tr | --program-t) - ac_prev=program_transform_name ;; - -program-transform-name=* | --program-transform-name=* \ - | --program-transform-nam=* | --program-transform-na=* \ - | --program-transform-n=* | --program-transform-=* \ - | --program-transform=* | --program-transfor=* \ - | --program-transfo=* | --program-transf=* \ - | --program-trans=* | --program-tran=* \ - | --progr-tra=* | --program-tr=* | --program-t=*) - program_transform_name="$ac_optarg" ;; - - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil) - silent=yes ;; - - -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) - ac_prev=sbindir ;; - -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ - | --sbi=* | --sb=*) - sbindir="$ac_optarg" ;; - - -sharedstatedir | --sharedstatedir | --sharedstatedi \ - | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ - | --sharedst | --shareds | --shared | --share | --shar \ - | --sha | --sh) - ac_prev=sharedstatedir ;; - -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ - | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ - | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ - | --sha=* | --sh=*) - sharedstatedir="$ac_optarg" ;; - - -site | --site | --sit) - ac_prev=site ;; - -site=* | --site=* | --sit=*) - site="$ac_optarg" ;; - - -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) - ac_prev=srcdir ;; - -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) - srcdir="$ac_optarg" ;; - - -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ - | --syscon | --sysco | --sysc | --sys | --sy) - ac_prev=sysconfdir ;; - -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ - | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) - sysconfdir="$ac_optarg" ;; - - -target | --target | --targe | --targ | --tar | --ta | --t) - ac_prev=target ;; - -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) - target="$ac_optarg" ;; - - -v | -verbose | --verbose | --verbos | --verbo | --verb) - verbose=yes ;; - - -version | --version | --versio | --versi | --vers) - echo "configure generated by autoconf version 2.13" - exit 0 ;; - - -with-* | --with-*) - ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'` - # Reject names that are not valid shell variable names. - if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then - { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } - fi - ac_package=`echo $ac_package| sed 's/-/_/g'` - case "$ac_option" in - *=*) ;; - *) ac_optarg=yes ;; - esac - eval "with_${ac_package}='$ac_optarg'" ;; - - -without-* | --without-*) - ac_package=`echo $ac_option|sed -e 's/-*without-//'` - # Reject names that are not valid shell variable names. - if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then - { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } - fi - ac_package=`echo $ac_package| sed 's/-/_/g'` - eval "with_${ac_package}=no" ;; - - --x) - # Obsolete; use --with-x. - with_x=yes ;; - - -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ - | --x-incl | --x-inc | --x-in | --x-i) - ac_prev=x_includes ;; - -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ - | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) - x_includes="$ac_optarg" ;; - - -x-libraries | --x-libraries | --x-librarie | --x-librari \ - | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) - ac_prev=x_libraries ;; - -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ - | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) - x_libraries="$ac_optarg" ;; - - -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; } - ;; - - *) - if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then - echo "configure: warning: $ac_option: invalid host type" 1>&2 - fi - if test "x$nonopt" != xNONE; then - { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; } - fi - nonopt="$ac_option" - ;; - - esac -done - -if test -n "$ac_prev"; then - { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; } -fi - -trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 - -# File descriptor usage: -# 0 standard input -# 1 file creation -# 2 errors and warnings -# 3 some systems may open it to /dev/tty -# 4 used on the Kubota Titan -# 6 checking for... messages and results -# 5 compiler messages saved in config.log -if test "$silent" = yes; then - exec 6>/dev/null -else - exec 6>&1 -fi -exec 5>./config.log - -echo "\ -This file contains any messages produced by compilers while -running configure, to aid debugging if configure makes a mistake. -" 1>&5 - -# Strip out --no-create and --no-recursion so they do not pile up. -# Also quote any args containing shell metacharacters. -ac_configure_args= -for ac_arg -do - case "$ac_arg" in - -no-create | --no-create | --no-creat | --no-crea | --no-cre \ - | --no-cr | --no-c) ;; - -no-recursion | --no-recursion | --no-recursio | --no-recursi \ - | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;; - *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*) - ac_configure_args="$ac_configure_args '$ac_arg'" ;; - *) ac_configure_args="$ac_configure_args $ac_arg" ;; - esac -done - -# NLS nuisances. -# Only set these to C if already set. These must not be set unconditionally -# because not all systems understand e.g. LANG=C (notably SCO). -# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'! -# Non-C LC_CTYPE values break the ctype check. -if test "${LANG+set}" = set; then LANG=C; export LANG; fi -if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi -if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi -if test "${LC_CTYPE+set}" = set; then LC_CTYPE=C; export LC_CTYPE; fi - -# confdefs.h avoids OS command line length limits that DEFS can exceed. -rm -rf conftest* confdefs.h -# AIX cpp loses on an empty file, so make sure it contains at least a newline. -echo > confdefs.h - -# A filename unique to this package, relative to the directory that -# configure is in, which we can look for to find out if srcdir is correct. -ac_unique_file=conf/pam_conv1/pam_conv.y - -# Find the source files, if location was not specified. -if test -z "$srcdir"; then - ac_srcdir_defaulted=yes - # Try the directory containing this script, then its parent. - ac_prog=$0 - ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'` - test "x$ac_confdir" = "x$ac_prog" && ac_confdir=. - srcdir=$ac_confdir - if test ! -r $srcdir/$ac_unique_file; then - srcdir=.. - fi -else - ac_srcdir_defaulted=no -fi -if test ! -r $srcdir/$ac_unique_file; then - if test "$ac_srcdir_defaulted" = yes; then - { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; } - else - { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; } - fi -fi -srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'` - -# Prefer explicitly selected file to automatically selected ones. -if test -z "$CONFIG_SITE"; then - if test "x$prefix" != xNONE; then - CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site" - else - CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" - fi -fi -for ac_site_file in $CONFIG_SITE; do - if test -r "$ac_site_file"; then - echo "loading site script $ac_site_file" - . "$ac_site_file" - fi -done - -if test -r "$cache_file"; then - echo "loading cache $cache_file" - . $cache_file -else - echo "creating cache $cache_file" - > $cache_file -fi - -ac_ext=c -# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. -ac_cpp='$CPP $CPPFLAGS' -ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' -ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' -cross_compiling=$ac_cv_prog_cc_cross - -ac_exeext= -ac_objext=o -if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then - # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu. - if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then - ac_n= ac_c=' -' ac_t=' ' - else - ac_n=-n ac_c= ac_t= - fi -else - ac_n= ac_c='\c' ac_t= -fi - - - - - - -LIBPAM_VERSION_MAJOR=0 -LIBPAM_VERSION_MINOR=75 - - - -cat >> confdefs.h <<\EOF -#define LIBPAM_VERSION_MAJOR 1 -EOF - -cat >> confdefs.h <<\EOF -#define LIBPAM_VERSION_MINOR 1 -EOF - - - - - - -CC=gcc ; -CONF_CFLAGS= ; -MKDIR="mkdir -p" ; -LOCALSRCDIR=`/bin/pwd` ; -OS=`uname|sed -e 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/'` - - -DYNTYPE=so ; -USESONAME=yes ; -NEEDSONAME=yes ; -SHLIBMODE=755 ; - -INSTALL=/usr/bin/install ; - -# Extract the first word of "gcc", so it can be a program name with args. -set dummy gcc; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:596: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_CC="gcc" - break - fi - done - IFS="$ac_save_ifs" -fi -fi -CC="$ac_cv_prog_CC" -if test -n "$CC"; then - echo "$ac_t""$CC" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -if test -z "$CC"; then - # Extract the first word of "cc", so it can be a program name with args. -set dummy cc; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:626: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_prog_rejected=no - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then - ac_prog_rejected=yes - continue - fi - ac_cv_prog_CC="cc" - break - fi - done - IFS="$ac_save_ifs" -if test $ac_prog_rejected = yes; then - # We found a bogon in the path, so make sure we never use it. - set dummy $ac_cv_prog_CC - shift - if test $# -gt 0; then - # We chose a different compiler from the bogus one. - # However, it has the same basename, so the bogon will be chosen - # first if we set CC to just the basename; use the full file name. - shift - set dummy "$ac_dir/$ac_word" "$@" - shift - ac_cv_prog_CC="$@" - fi -fi -fi -fi -CC="$ac_cv_prog_CC" -if test -n "$CC"; then - echo "$ac_t""$CC" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - - if test -z "$CC"; then - case "`uname -s`" in - *win32* | *WIN32*) - # Extract the first word of "cl", so it can be a program name with args. -set dummy cl; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:677: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_CC="cl" - break - fi - done - IFS="$ac_save_ifs" -fi -fi -CC="$ac_cv_prog_CC" -if test -n "$CC"; then - echo "$ac_t""$CC" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - ;; - esac - fi - test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; } -fi - -echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6 -echo "configure:709: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 - -ac_ext=c -# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. -ac_cpp='$CPP $CPPFLAGS' -ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' -ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' -cross_compiling=$ac_cv_prog_cc_cross - -cat > conftest.$ac_ext << EOF - -#line 720 "configure" -#include "confdefs.h" - -main(){return(0);} -EOF -if { (eval echo configure:725: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - ac_cv_prog_cc_works=yes - # If we can't run a trivial program, we are probably using a cross compiler. - if (./conftest; exit) 2>/dev/null; then - ac_cv_prog_cc_cross=no - else - ac_cv_prog_cc_cross=yes - fi -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - ac_cv_prog_cc_works=no -fi -rm -fr conftest* -ac_ext=c -# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. -ac_cpp='$CPP $CPPFLAGS' -ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' -ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' -cross_compiling=$ac_cv_prog_cc_cross - -echo "$ac_t""$ac_cv_prog_cc_works" 1>&6 -if test $ac_cv_prog_cc_works = no; then - { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } -fi -echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 -echo "configure:751: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 -echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 -cross_compiling=$ac_cv_prog_cc_cross - -echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 -echo "configure:756: checking whether we are using GNU C" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.c <<EOF -#ifdef __GNUC__ - yes; -#endif -EOF -if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:765: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then - ac_cv_prog_gcc=yes -else - ac_cv_prog_gcc=no -fi -fi - -echo "$ac_t""$ac_cv_prog_gcc" 1>&6 - -if test $ac_cv_prog_gcc = yes; then - GCC=yes -else - GCC= -fi - -ac_test_CFLAGS="${CFLAGS+set}" -ac_save_CFLAGS="$CFLAGS" -CFLAGS= -echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 -echo "configure:784: checking whether ${CC-cc} accepts -g" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - echo 'void f(){}' > conftest.c -if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then - ac_cv_prog_cc_g=yes -else - ac_cv_prog_cc_g=no -fi -rm -f conftest* - -fi - -echo "$ac_t""$ac_cv_prog_cc_g" 1>&6 -if test "$ac_test_CFLAGS" = set; then - CFLAGS="$ac_save_CFLAGS" -elif test $ac_cv_prog_cc_g = yes; then - if test "$GCC" = yes; then - CFLAGS="-g -O2" - else - CFLAGS="-g" - fi -else - if test "$GCC" = yes; then - CFLAGS="-O2" - else - CFLAGS= - fi -fi - -for ac_prog in 'bison -y' byacc -do -# Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:820: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_YACC'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$YACC"; then - ac_cv_prog_YACC="$YACC" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_YACC="$ac_prog" - break - fi - done - IFS="$ac_save_ifs" -fi -fi -YACC="$ac_cv_prog_YACC" -if test -n "$YACC"; then - echo "$ac_t""$YACC" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -test -n "$YACC" && break -done -test -n "$YACC" || YACC="yacc" - -# Extract the first word of "flex", so it can be a program name with args. -set dummy flex; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:853: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_LEX'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$LEX"; then - ac_cv_prog_LEX="$LEX" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_LEX="flex" - break - fi - done - IFS="$ac_save_ifs" - test -z "$ac_cv_prog_LEX" && ac_cv_prog_LEX="lex" -fi -fi -LEX="$ac_cv_prog_LEX" -if test -n "$LEX"; then - echo "$ac_t""$LEX" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -if test -z "$LEXLIB" -then - case "$LEX" in - flex*) ac_lib=fl ;; - *) ac_lib=l ;; - esac - echo $ac_n "checking for yywrap in -l$ac_lib""... $ac_c" 1>&6 -echo "configure:887: checking for yywrap in -l$ac_lib" >&5 -ac_lib_var=`echo $ac_lib'_'yywrap | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-l$ac_lib $LIBS" -cat > conftest.$ac_ext <<EOF -#line 895 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char yywrap(); - -int main() { -yywrap() -; return 0; } -EOF -if { (eval echo configure:906: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - LEXLIB="-l$ac_lib" -else - echo "$ac_t""no" 1>&6 -fi - -fi - -echo $ac_n "checking whether ln -s works""... $ac_c" 1>&6 -echo "configure:929: checking whether ln -s works" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_LN_S'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - rm -f conftestdata -if ln -s X conftestdata 2>/dev/null -then - rm -f conftestdata - ac_cv_prog_LN_S="ln -s" -else - ac_cv_prog_LN_S=ln -fi -fi -LN_S="$ac_cv_prog_LN_S" -if test "$ac_cv_prog_LN_S" = "ln -s"; then - echo "$ac_t""yes" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -echo $ac_n "checking whether ${MAKE-make} sets \${MAKE}""... $ac_c" 1>&6 -echo "configure:950: checking whether ${MAKE-make} sets \${MAKE}" >&5 -set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_prog_make_${ac_make}_set'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftestmake <<\EOF -all: - @echo 'ac_maketemp="${MAKE}"' -EOF -# GNU make sometimes prints "make[1]: Entering...", which would confuse us. -eval `${MAKE-make} -f conftestmake 2>/dev/null | grep temp=` -if test -n "$ac_maketemp"; then - eval ac_cv_prog_make_${ac_make}_set=yes -else - eval ac_cv_prog_make_${ac_make}_set=no -fi -rm -f conftestmake -fi -if eval "test \"`echo '$ac_cv_prog_make_'${ac_make}_set`\" = yes"; then - echo "$ac_t""yes" 1>&6 - SET_MAKE= -else - echo "$ac_t""no" 1>&6 - SET_MAKE="MAKE=${MAKE-make}" -fi - - - -# Check whether --enable-debug or --disable-debug was given. -if test "${enable_debug+set}" = set; then - enableval="$enable_debug" - WITH_DEBUG=yes ; cat >> confdefs.h <<\EOF -#define DEBUG 1 -EOF - -else - WITH_DEBUG=no -fi - - - -# Check whether --enable-libdebug or --disable-libdebug was given. -if test "${enable_libdebug+set}" = set; then - enableval="$enable_libdebug" - WITH_LIBDEBUG=yes ; cat >> confdefs.h <<\EOF -#define WITH_LIBDEBUG 1 -EOF - -else - WITH_LIBDEBUG=no -fi - - - -# Check whether --enable-fakeroot or --disable-fakeroot was given. -if test "${enable_fakeroot+set}" = set; then - enableval="$enable_fakeroot" - FAKEROOT=$enableval -fi - - - -# Check whether --enable-securedir or --disable-securedir was given. -if test "${enable_securedir+set}" = set; then - enableval="$enable_securedir" - SECUREDIR=$enableval -else - SECUREDIR=$libdir/security -fi - - - -# Check whether --enable-sconfigdir or --disable-sconfigdir was given. -if test "${enable_sconfigdir+set}" = set; then - enableval="$enable_sconfigdir" - SCONFIGDIR=$enableval -else - SCONFIGDIR=$sysconfdir/security -fi - - - -# Check whether --enable-suplementedir or --disable-suplementedir was given. -if test "${enable_suplementedir+set}" = set; then - enableval="$enable_suplementedir" - SUPLEMENTED=$enableval -else - SUPLEMENTED=$sbindir -fi - - - -# Check whether --enable-includedir or --disable-includedir was given. -if test "${enable_includedir+set}" = set; then - enableval="$enable_includedir" - INCLUDEDIR=$enableval -else - INCLUDEDIR=/usr/include -fi - - - -# Check whether --enable-pamlocking or --disable-pamlocking was given. -if test "${enable_pamlocking+set}" = set; then - enableval="$enable_pamlocking" - WITH_PAMLOCKING=yes ; cat >> confdefs.h <<\EOF -#define PAM_LOCKING 1 -EOF - -else - WITH_PAMLOCKING=no -fi - - - -# Check whether --enable-uglyhack or --disable-uglyhack was given. -if test "${enable_uglyhack+set}" = set; then - enableval="$enable_uglyhack" - cat >> confdefs.h <<\EOF -#define UGLY_HACK_FOR_PRIOR_BEHAVIOR_SUPPORT 1 -EOF - -fi - - -# Check whether --enable-read-both-confs or --disable-read-both-confs was given. -if test "${enable_read_both_confs+set}" = set; then - enableval="$enable_read_both_confs" - cat >> confdefs.h <<\EOF -#define PAM_READ_BOTH_CONFS 1 -EOF - -fi - - - -# Check whether --enable-static-libpam or --disable-static-libpam was given. -if test "${enable_static_libpam+set}" = set; then - enableval="$enable_static_libpam" - STATIC_LIBPAM=yes -else - STATIC_LIBPAM=no -fi - - - -# Check whether --enable-dynamic-libpam or --disable-dynamic-libpam was given. -if test "${enable_dynamic_libpam+set}" = set; then - enableval="$enable_dynamic_libpam" - DYNAMIC_LIBPAM=no -else - DYNAMIC_LIBPAM=yes -fi - - - -DYNAMIC=-DPAM_DYNAMIC - - -# Check whether --enable-static-modules or --disable-static-modules was given. -if test "${enable_static_modules+set}" = set; then - enableval="$enable_static_modules" - STATIC=-DPAM_STATIC -fi - - - -# Check whether --enable-lckpwdf or --disable-lckpwdf was given. -if test "${enable_lckpwdf+set}" = set; then - enableval="$enable_lckpwdf" - WITH_LCKPWDF=no -else - WITH_LCKPWDF=yes -fi - - - -echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 -echo "configure:1128: checking how to run the C preprocessor" >&5 -# On Suns, sometimes $CPP names a directory. -if test -n "$CPP" && test -d "$CPP"; then - CPP= -fi -if test -z "$CPP"; then -if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - # This must be in double quotes, not single quotes, because CPP may get - # substituted into the Makefile and "${CC-cc}" will confuse make. - CPP="${CC-cc} -E" - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. - cat > conftest.$ac_ext <<EOF -#line 1143 "configure" -#include "confdefs.h" -#include <assert.h> -Syntax Error -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:1149: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - : -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - CPP="${CC-cc} -E -traditional-cpp" - cat > conftest.$ac_ext <<EOF -#line 1160 "configure" -#include "confdefs.h" -#include <assert.h> -Syntax Error -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:1166: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - : -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - CPP="${CC-cc} -nologo -E" - cat > conftest.$ac_ext <<EOF -#line 1177 "configure" -#include "confdefs.h" -#include <assert.h> -Syntax Error -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:1183: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - : -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - CPP=/lib/cpp -fi -rm -f conftest* -fi -rm -f conftest* -fi -rm -f conftest* - ac_cv_prog_CPP="$CPP" -fi - CPP="$ac_cv_prog_CPP" -else - ac_cv_prog_CPP="$CPP" -fi -echo "$ac_t""$CPP" 1>&6 - -for ac_hdr in paths.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:1211: checking for $ac_hdr" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 1216 "configure" -#include "confdefs.h" -#include <$ac_hdr> -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:1221: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <<EOF -#define $ac_tr_hdr 1 -EOF - -else - echo "$ac_t""no" 1>&6 -fi -done - -# Check whether --with-mailspool or --without-mailspool was given. -if test "${with_mailspool+set}" = set; then - withval="$with_mailspool" - with_mailspool=${withval} -fi - -if test x$with_mailspool != x ; then - pam_mail_spool="\"$with_mailspool\"" -else - if test "$cross_compiling" = yes; then - pam_mail_spool="\"/var/spool/mail\"" -else - cat > conftest.$ac_ext <<EOF -#line 1260 "configure" -#include "confdefs.h" - -#include <paths.h> -int main() { -#ifdef _PATH_MAILDIR -exit(0); -#else -exit(1); -#endif -} -EOF -if { (eval echo configure:1272: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - pam_mail_spool="_PATH_MAILDIR" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - pam_mail_spool="\"/var/spool/mail\"" -fi -rm -fr conftest* -fi - -fi -cat >> confdefs.h <<EOF -#define PAM_PATH_MAILDIR $pam_mail_spool -EOF - - -echo $ac_n "checking for __libc_sched_setscheduler in -lc""... $ac_c" 1>&6 -echo "configure:1291: checking for __libc_sched_setscheduler in -lc" >&5 -ac_lib_var=`echo c'_'__libc_sched_setscheduler | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lc $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1299 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char __libc_sched_setscheduler(); - -int main() { -__libc_sched_setscheduler() -; return 0; } -EOF -if { (eval echo configure:1310: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - PAM_NEEDS_LIBC= -else - echo "$ac_t""no" 1>&6 -PAM_NEEDS_LIBC=-lc -fi - - - -echo $ac_n "checking for lckpwdf in -lc""... $ac_c" 1>&6 -echo "configure:1334: checking for lckpwdf in -lc" >&5 -ac_lib_var=`echo c'_'lckpwdf | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lc $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1342 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char lckpwdf(); - -int main() { -lckpwdf() -; return 0; } -EOF -if { (eval echo configure:1353: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - HAVE_LCKPWDF=yes -else - echo "$ac_t""no" 1>&6 -HAVE_LCKPWDF=no -fi - - - -echo $ac_n "checking for dlopen in -ldl""... $ac_c" 1>&6 -echo "configure:1377: checking for dlopen in -ldl" >&5 -ac_lib_var=`echo dl'_'dlopen | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-ldl $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1385 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char dlopen(); - -int main() { -dlopen() -; return 0; } -EOF -if { (eval echo configure:1396: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - LIBDL=-ldl -else - echo "$ac_t""no" 1>&6 -fi - - - -echo $ac_n "checking for FascistCheck in -lcrack""... $ac_c" 1>&6 -echo "configure:1419: checking for FascistCheck in -lcrack" >&5 -ac_lib_var=`echo crack'_'FascistCheck | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lcrack $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1427 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char FascistCheck(); - -int main() { -FascistCheck() -; return 0; } -EOF -if { (eval echo configure:1438: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - HAVE_LIBCRACK=yes ; cat >> confdefs.h <<\EOF -#define HAVE_LIBCRACK 1 -EOF - -else - echo "$ac_t""no" 1>&6 -HAVE_LIBCRACK=no -fi - - - -echo $ac_n "checking for fcrypt in -lcrypt""... $ac_c" 1>&6 -echo "configure:1465: checking for fcrypt in -lcrypt" >&5 -ac_lib_var=`echo crypt'_'fcrypt | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lcrypt $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1473 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char fcrypt(); - -int main() { -fcrypt() -; return 0; } -EOF -if { (eval echo configure:1484: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - HAVE_LIBCRYPT=yes ; cat >> confdefs.h <<\EOF -#define HAVE_LIBCRYPT 1 -EOF - -else - echo "$ac_t""no" 1>&6 -HAVE_LIBCRYPT=no -fi - - -echo $ac_n "checking for logwtmp in -lutil""... $ac_c" 1>&6 -echo "configure:1510: checking for logwtmp in -lutil" >&5 -ac_lib_var=`echo util'_'logwtmp | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lutil $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1518 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char logwtmp(); - -int main() { -logwtmp() -; return 0; } -EOF -if { (eval echo configure:1529: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - HAVE_LIBUTIL=yes ; cat >> confdefs.h <<\EOF -#define HAVE_LIBUTIL 1 -EOF - -else - echo "$ac_t""no" 1>&6 -HAVE_LIBUTIL=no -fi - - -echo $ac_n "checking for dbm_store in -lndbm""... $ac_c" 1>&6 -echo "configure:1555: checking for dbm_store in -lndbm" >&5 -ac_lib_var=`echo ndbm'_'dbm_store | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lndbm $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1563 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char dbm_store(); - -int main() { -dbm_store() -; return 0; } -EOF -if { (eval echo configure:1574: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - HAVE_LIBNDBM=yes ; cat >> confdefs.h <<\EOF -#define HAVE_LIBNDBM 1 -EOF - -else - echo "$ac_t""no" 1>&6 -HAVE_LIBNDBM=no -fi - - -echo $ac_n "checking for dbm_store in -ldb""... $ac_c" 1>&6 -echo "configure:1600: checking for dbm_store in -ldb" >&5 -ac_lib_var=`echo db'_'dbm_store | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-ldb $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1608 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char dbm_store(); - -int main() { -dbm_store() -; return 0; } -EOF -if { (eval echo configure:1619: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - HAVE_LIBDB=yes ; cat >> confdefs.h <<\EOF -#define HAVE_LIBDB 1 -EOF - -else - echo "$ac_t""no" 1>&6 -HAVE_LIBDB=no -fi - - -echo $ac_n "checking for yylex in -lfl""... $ac_c" 1>&6 -echo "configure:1645: checking for yylex in -lfl" >&5 -ac_lib_var=`echo fl'_'yylex | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lfl HAVE_LIBFL=no $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1653 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char yylex(); - -int main() { -yylex() -; return 0; } -EOF -if { (eval echo configure:1664: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - yyterminate -else - echo "$ac_t""no" 1>&6 -HAVE_LIBFL=yes ; cat >> confdefs.h <<\EOF -#define HAVE_LIBFL 1 -EOF - -fi - - -echo $ac_n "checking for yp_maplist in -lnsl""... $ac_c" 1>&6 -echo "configure:1690: checking for yp_maplist in -lnsl" >&5 -ac_lib_var=`echo nsl'_'yp_maplist | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lnsl $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1698 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char yp_maplist(); - -int main() { -yp_maplist() -; return 0; } -EOF -if { (eval echo configure:1709: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - HAVE_LIBNSL=yes ; cat >> confdefs.h <<\EOF -#define HAVE_LIBNSL 1 -EOF - -else - echo "$ac_t""no" 1>&6 -HAVE_LIBNSL=no -fi - - -echo $ac_n "checking for pwdb_db_name in -lpwdb""... $ac_c" 1>&6 -echo "configure:1735: checking for pwdb_db_name in -lpwdb" >&5 -ac_lib_var=`echo pwdb'_'pwdb_db_name | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lpwdb $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1743 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char pwdb_db_name(); - -int main() { -pwdb_db_name() -; return 0; } -EOF -if { (eval echo configure:1754: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - HAVE_LIBPWDB=yes ; cat >> confdefs.h <<\EOF -#define HAVE_LIBPWDB 1 -EOF - -else - echo "$ac_t""no" 1>&6 -HAVE_LIBPWDB=no -fi - - - -ac_header_dirent=no -for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr that defines DIR""... $ac_c" 1>&6 -echo "configure:1785: checking for $ac_hdr that defines DIR" >&5 -if eval "test \"`echo '$''{'ac_cv_header_dirent_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 1790 "configure" -#include "confdefs.h" -#include <sys/types.h> -#include <$ac_hdr> -int main() { -DIR *dirp = 0; -; return 0; } -EOF -if { (eval echo configure:1798: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_header_dirent_$ac_safe=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_dirent_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_dirent_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <<EOF -#define $ac_tr_hdr 1 -EOF - ac_header_dirent=$ac_hdr; break -else - echo "$ac_t""no" 1>&6 -fi -done -# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix. -if test $ac_header_dirent = dirent.h; then -echo $ac_n "checking for opendir in -ldir""... $ac_c" 1>&6 -echo "configure:1823: checking for opendir in -ldir" >&5 -ac_lib_var=`echo dir'_'opendir | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-ldir $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1831 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char opendir(); - -int main() { -opendir() -; return 0; } -EOF -if { (eval echo configure:1842: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - LIBS="$LIBS -ldir" -else - echo "$ac_t""no" 1>&6 -fi - -else -echo $ac_n "checking for opendir in -lx""... $ac_c" 1>&6 -echo "configure:1864: checking for opendir in -lx" >&5 -ac_lib_var=`echo x'_'opendir | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lx $LIBS" -cat > conftest.$ac_ext <<EOF -#line 1872 "configure" -#include "confdefs.h" -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char opendir(); - -int main() { -opendir() -; return 0; } -EOF -if { (eval echo configure:1883: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - LIBS="$LIBS -lx" -else - echo "$ac_t""no" 1>&6 -fi - -fi - -echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 -echo "configure:1906: checking for ANSI C header files" >&5 -if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 1911 "configure" -#include "confdefs.h" -#include <stdlib.h> -#include <stdarg.h> -#include <string.h> -#include <float.h> -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:1919: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - ac_cv_header_stdc=yes -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_header_stdc=no -fi -rm -f conftest* - -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. -cat > conftest.$ac_ext <<EOF -#line 1936 "configure" -#include "confdefs.h" -#include <string.h> -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "memchr" >/dev/null 2>&1; then - : -else - rm -rf conftest* - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. -cat > conftest.$ac_ext <<EOF -#line 1954 "configure" -#include "confdefs.h" -#include <stdlib.h> -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "free" >/dev/null 2>&1; then - : -else - rm -rf conftest* - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. -if test "$cross_compiling" = yes; then - : -else - cat > conftest.$ac_ext <<EOF -#line 1975 "configure" -#include "confdefs.h" -#include <ctype.h> -#define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -#define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) -int main () { int i; for (i = 0; i < 256; i++) -if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); -exit (0); } - -EOF -if { (eval echo configure:1986: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - : -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_header_stdc=no -fi -rm -fr conftest* -fi - -fi -fi - -echo "$ac_t""$ac_cv_header_stdc" 1>&6 -if test $ac_cv_header_stdc = yes; then - cat >> confdefs.h <<\EOF -#define STDC_HEADERS 1 -EOF - -fi - -echo $ac_n "checking for sys/wait.h that is POSIX.1 compatible""... $ac_c" 1>&6 -echo "configure:2010: checking for sys/wait.h that is POSIX.1 compatible" >&5 -if eval "test \"`echo '$''{'ac_cv_header_sys_wait_h'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2015 "configure" -#include "confdefs.h" -#include <sys/types.h> -#include <sys/wait.h> -#ifndef WEXITSTATUS -#define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8) -#endif -#ifndef WIFEXITED -#define WIFEXITED(stat_val) (((stat_val) & 255) == 0) -#endif -int main() { -int s; -wait (&s); -s = WIFEXITED (s) ? WEXITSTATUS (s) : 1; -; return 0; } -EOF -if { (eval echo configure:2031: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_header_sys_wait_h=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_header_sys_wait_h=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_header_sys_wait_h" 1>&6 -if test $ac_cv_header_sys_wait_h = yes; then - cat >> confdefs.h <<\EOF -#define HAVE_SYS_WAIT_H 1 -EOF - -fi - -for ac_hdr in fcntl.h limits.h malloc.h sys/file.h sys/ioctl.h sys/time.h syslog.h termio.h unistd.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:2055: checking for $ac_hdr" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2060 "configure" -#include "confdefs.h" -#include <$ac_hdr> -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2065: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <<EOF -#define $ac_tr_hdr 1 -EOF - -else - echo "$ac_t""no" 1>&6 -fi -done - - -for ac_hdr in features.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:2096: checking for $ac_hdr" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2101 "configure" -#include "confdefs.h" -#include <$ac_hdr> -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2106: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <<EOF -#define $ac_tr_hdr 1 -EOF - -else - echo "$ac_t""no" 1>&6 -fi -done - - -for ac_hdr in crypt.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:2137: checking for $ac_hdr" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2142 "configure" -#include "confdefs.h" -#include <$ac_hdr> -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2147: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <<EOF -#define $ac_tr_hdr 1 -EOF - -else - echo "$ac_t""no" 1>&6 -fi -done - - -for ac_hdr in ndbm.h db.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:2178: checking for $ac_hdr" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2183 "configure" -#include "confdefs.h" -#include <$ac_hdr> -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2188: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <<EOF -#define $ac_tr_hdr 1 -EOF - -else - echo "$ac_t""no" 1>&6 -fi -done - -HAVE_NDBM_H=$ac_cv_header_ndbm_h - - -for ac_hdr in lastlog.h utmp.h utmpx.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:2221: checking for $ac_hdr" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2226 "configure" -#include "confdefs.h" -#include <$ac_hdr> -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2231: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <<EOF -#define $ac_tr_hdr 1 -EOF - -else - echo "$ac_t""no" 1>&6 -fi -done - - - -echo $ac_n "checking path to cracklib dictionary""... $ac_c" 1>&6 -echo "configure:2260: checking path to cracklib dictionary" >&5 -DICT_DIR_CANDIDATES="/usr/lib /usr/share/dict /usr/share/lib \ - /usr/local/lib /usr/local/share/lib" -DICT_FILE_CANDIDATES="pw_dict cracklib_dict" -CRACKLIB_DICTPATH="" -for d in $DICT_DIR_CANDIDATES ; do - for f in $DICT_FILE_CANDIDATES ; do - if test -r $d/$f.hwm ; then - CRACKLIB_DICTPATH=$d/$f - break 2 - elif test -r $d/dict/$f.hwm ; then - CRACKLIB_DICTPATH=$d/dict/$f - break 2 - fi - done -done -if test -z "$CRACKLIB_DICTPATH" ; then - echo "$ac_t""none found" 1>&6 -else - echo "$ac_t""$CRACKLIB_DICTPATH" 1>&6 -fi - - - -GCC_WARNINGS="-Wall -Wwrite-strings \ - -Wpointer-arith -Wcast-qual -Wcast-align \ - -Wstrict-prototypes -Wmissing-prototypes \ - -Wnested-externs -Winline -Wshadow" - -if test "$GCC" = yes; then -### -### Non-Linux needs attention on per-OS basis - OS_CFLAGS="-ansi -D_POSIX_SOURCE -pedantic" - WARNINGS="$GCC_WARNINGS" - PIC="-fPIC" -#can/should we use LD=gcc ??? - LD=ld - LD_D="gcc -shared -Xlinker -x" - LD_L="$LD -x -shared" - RANLIB=ranlib - STRIP=strip - CC_STATIC="-Xlinker -export-dynamic" -else -### -### Non-gcc needs attention on per-OS basis -### -### [These are Solaris-C specific...] - OS_CFLAGS="" - WARNINGS="" - PIC="-K pic" - LD=ld - LD_D="cc -z text -G -R." - LD_L="$LD_D" - RANLIB=ranlib - STRIP=strip - CC_STATIC= -fi - - - - - - - - - - - -echo $ac_n "checking whether byte ordering is bigendian""... $ac_c" 1>&6 -echo "configure:2329: checking whether byte ordering is bigendian" >&5 -if eval "test \"`echo '$''{'ac_cv_c_bigendian'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_cv_c_bigendian=unknown -# See if sys/param.h defines the BYTE_ORDER macro. -cat > conftest.$ac_ext <<EOF -#line 2336 "configure" -#include "confdefs.h" -#include <sys/types.h> -#include <sys/param.h> -int main() { - -#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN - bogus endian macros -#endif -; return 0; } -EOF -if { (eval echo configure:2347: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - # It does; now see whether it defined to BIG_ENDIAN or not. -cat > conftest.$ac_ext <<EOF -#line 2351 "configure" -#include "confdefs.h" -#include <sys/types.h> -#include <sys/param.h> -int main() { - -#if BYTE_ORDER != BIG_ENDIAN - not big endian -#endif -; return 0; } -EOF -if { (eval echo configure:2362: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_c_bigendian=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_c_bigendian=no -fi -rm -f conftest* -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* -if test $ac_cv_c_bigendian = unknown; then -if test "$cross_compiling" = yes; then - { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } -else - cat > conftest.$ac_ext <<EOF -#line 2382 "configure" -#include "confdefs.h" -main () { - /* Are we little or big endian? From Harbison&Steele. */ - union - { - long l; - char c[sizeof (long)]; - } u; - u.l = 1; - exit (u.c[sizeof (long) - 1] == 1); -} -EOF -if { (eval echo configure:2395: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - ac_cv_c_bigendian=no -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_c_bigendian=yes -fi -rm -fr conftest* -fi - -fi -fi - -echo "$ac_t""$ac_cv_c_bigendian" 1>&6 -if test $ac_cv_c_bigendian = yes; then - cat >> confdefs.h <<\EOF -#define WORDS_BIGENDIAN 1 -EOF - -fi - -echo $ac_n "checking for working const""... $ac_c" 1>&6 -echo "configure:2419: checking for working const" >&5 -if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2424 "configure" -#include "confdefs.h" - -int main() { - -/* Ultrix mips cc rejects this. */ -typedef int charset[2]; const charset x; -/* SunOS 4.1.1 cc rejects this. */ -char const *const *ccp; -char **p; -/* NEC SVR4.0.2 mips cc rejects this. */ -struct point {int x, y;}; -static struct point const zero = {0,0}; -/* AIX XL C 1.02.0.0 rejects this. - It does not let you subtract one const X* pointer from another in an arm - of an if-expression whose if-part is not a constant expression */ -const char *g = "string"; -ccp = &g + (g ? g-g : 0); -/* HPUX 7.0 cc rejects these. */ -++ccp; -p = (char**) ccp; -ccp = (char const *const *) p; -{ /* SCO 3.2v4 cc rejects this. */ - char *t; - char const *s = 0 ? (char *) 0 : (char const *) 0; - - *t++ = 0; -} -{ /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ - int x[] = {25, 17}; - const int *foo = &x[0]; - ++foo; -} -{ /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ - typedef const int *iptr; - iptr p = 0; - ++p; -} -{ /* AIX XL C 1.02.0.0 rejects this saying - "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ - struct s { int j; const int *ap[3]; }; - struct s *b; b->j = 5; -} -{ /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ - const int foo = 10; -} - -; return 0; } -EOF -if { (eval echo configure:2473: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_c_const=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_c_const=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_c_const" 1>&6 -if test $ac_cv_c_const = no; then - cat >> confdefs.h <<\EOF -#define const -EOF - -fi - -echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6 -echo "configure:2494: checking for uid_t in sys/types.h" >&5 -if eval "test \"`echo '$''{'ac_cv_type_uid_t'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2499 "configure" -#include "confdefs.h" -#include <sys/types.h> -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "uid_t" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_uid_t=yes -else - rm -rf conftest* - ac_cv_type_uid_t=no -fi -rm -f conftest* - -fi - -echo "$ac_t""$ac_cv_type_uid_t" 1>&6 -if test $ac_cv_type_uid_t = no; then - cat >> confdefs.h <<\EOF -#define uid_t int -EOF - - cat >> confdefs.h <<\EOF -#define gid_t int -EOF - -fi - -echo $ac_n "checking for off_t""... $ac_c" 1>&6 -echo "configure:2528: checking for off_t" >&5 -if eval "test \"`echo '$''{'ac_cv_type_off_t'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2533 "configure" -#include "confdefs.h" -#include <sys/types.h> -#if STDC_HEADERS -#include <stdlib.h> -#include <stddef.h> -#endif -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "(^|[^a-zA-Z_0-9])off_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_off_t=yes -else - rm -rf conftest* - ac_cv_type_off_t=no -fi -rm -f conftest* - -fi -echo "$ac_t""$ac_cv_type_off_t" 1>&6 -if test $ac_cv_type_off_t = no; then - cat >> confdefs.h <<\EOF -#define off_t long -EOF - -fi - -echo $ac_n "checking for pid_t""... $ac_c" 1>&6 -echo "configure:2561: checking for pid_t" >&5 -if eval "test \"`echo '$''{'ac_cv_type_pid_t'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2566 "configure" -#include "confdefs.h" -#include <sys/types.h> -#if STDC_HEADERS -#include <stdlib.h> -#include <stddef.h> -#endif -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "(^|[^a-zA-Z_0-9])pid_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_pid_t=yes -else - rm -rf conftest* - ac_cv_type_pid_t=no -fi -rm -f conftest* - -fi -echo "$ac_t""$ac_cv_type_pid_t" 1>&6 -if test $ac_cv_type_pid_t = no; then - cat >> confdefs.h <<\EOF -#define pid_t int -EOF - -fi - -echo $ac_n "checking for size_t""... $ac_c" 1>&6 -echo "configure:2594: checking for size_t" >&5 -if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2599 "configure" -#include "confdefs.h" -#include <sys/types.h> -#if STDC_HEADERS -#include <stdlib.h> -#include <stddef.h> -#endif -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "(^|[^a-zA-Z_0-9])size_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_size_t=yes -else - rm -rf conftest* - ac_cv_type_size_t=no -fi -rm -f conftest* - -fi -echo "$ac_t""$ac_cv_type_size_t" 1>&6 -if test $ac_cv_type_size_t = no; then - cat >> confdefs.h <<\EOF -#define size_t unsigned -EOF - -fi - -echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6 -echo "configure:2627: checking whether time.h and sys/time.h may both be included" >&5 -if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2632 "configure" -#include "confdefs.h" -#include <sys/types.h> -#include <sys/time.h> -#include <time.h> -int main() { -struct tm *tp; -; return 0; } -EOF -if { (eval echo configure:2641: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_header_time=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_header_time=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_header_time" 1>&6 -if test $ac_cv_header_time = yes; then - cat >> confdefs.h <<\EOF -#define TIME_WITH_SYS_TIME 1 -EOF - -fi - -echo $ac_n "checking whether struct tm is in sys/time.h or time.h""... $ac_c" 1>&6 -echo "configure:2662: checking whether struct tm is in sys/time.h or time.h" >&5 -if eval "test \"`echo '$''{'ac_cv_struct_tm'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2667 "configure" -#include "confdefs.h" -#include <sys/types.h> -#include <time.h> -int main() { -struct tm *tp; tp->tm_sec; -; return 0; } -EOF -if { (eval echo configure:2675: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_struct_tm=time.h -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_struct_tm=sys/time.h -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_struct_tm" 1>&6 -if test $ac_cv_struct_tm = sys/time.h; then - cat >> confdefs.h <<\EOF -#define TM_IN_SYS_TIME 1 -EOF - -fi - - -echo $ac_n "checking type of array argument to getgroups""... $ac_c" 1>&6 -echo "configure:2697: checking type of array argument to getgroups" >&5 -if eval "test \"`echo '$''{'ac_cv_type_getgroups'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test "$cross_compiling" = yes; then - ac_cv_type_getgroups=cross -else - cat > conftest.$ac_ext <<EOF -#line 2705 "configure" -#include "confdefs.h" - -/* Thanks to Mike Rendell for this test. */ -#include <sys/types.h> -#define NGID 256 -#undef MAX -#define MAX(x, y) ((x) > (y) ? (x) : (y)) -main() -{ - gid_t gidset[NGID]; - int i, n; - union { gid_t gval; long lval; } val; - - val.lval = -1; - for (i = 0; i < NGID; i++) - gidset[i] = val.gval; - n = getgroups (sizeof (gidset) / MAX (sizeof (int), sizeof (gid_t)) - 1, - gidset); - /* Exit non-zero if getgroups seems to require an array of ints. This - happens when gid_t is short but getgroups modifies an array of ints. */ - exit ((n > 0 && gidset[n] != val.gval) ? 1 : 0); -} - -EOF -if { (eval echo configure:2730: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - ac_cv_type_getgroups=gid_t -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_type_getgroups=int -fi -rm -fr conftest* -fi - -if test $ac_cv_type_getgroups = cross; then - cat > conftest.$ac_ext <<EOF -#line 2744 "configure" -#include "confdefs.h" -#include <unistd.h> -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "getgroups.*int.*gid_t" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_getgroups=gid_t -else - rm -rf conftest* - ac_cv_type_getgroups=int -fi -rm -f conftest* - -fi -fi - -echo "$ac_t""$ac_cv_type_getgroups" 1>&6 -cat >> confdefs.h <<EOF -#define GETGROUPS_T $ac_cv_type_getgroups -EOF - - -if test $ac_cv_prog_gcc = yes; then - echo $ac_n "checking whether ${CC-cc} needs -traditional""... $ac_c" 1>&6 -echo "configure:2769: checking whether ${CC-cc} needs -traditional" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_gcc_traditional'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_pattern="Autoconf.*'x'" - cat > conftest.$ac_ext <<EOF -#line 2775 "configure" -#include "confdefs.h" -#include <sgtty.h> -Autoconf TIOCGETP -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "$ac_pattern" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_prog_gcc_traditional=yes -else - rm -rf conftest* - ac_cv_prog_gcc_traditional=no -fi -rm -f conftest* - - - if test $ac_cv_prog_gcc_traditional = no; then - cat > conftest.$ac_ext <<EOF -#line 2793 "configure" -#include "confdefs.h" -#include <termio.h> -Autoconf TCGETA -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "$ac_pattern" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_prog_gcc_traditional=yes -fi -rm -f conftest* - - fi -fi - -echo "$ac_t""$ac_cv_prog_gcc_traditional" 1>&6 - if test $ac_cv_prog_gcc_traditional = yes; then - CC="$CC -traditional" - fi -fi - -echo $ac_n "checking for 8-bit clean memcmp""... $ac_c" 1>&6 -echo "configure:2815: checking for 8-bit clean memcmp" >&5 -if eval "test \"`echo '$''{'ac_cv_func_memcmp_clean'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test "$cross_compiling" = yes; then - ac_cv_func_memcmp_clean=no -else - cat > conftest.$ac_ext <<EOF -#line 2823 "configure" -#include "confdefs.h" - -main() -{ - char c0 = 0x40, c1 = 0x80, c2 = 0x81; - exit(memcmp(&c0, &c2, 1) < 0 && memcmp(&c1, &c2, 1) < 0 ? 0 : 1); -} - -EOF -if { (eval echo configure:2833: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - ac_cv_func_memcmp_clean=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_func_memcmp_clean=no -fi -rm -fr conftest* -fi - -fi - -echo "$ac_t""$ac_cv_func_memcmp_clean" 1>&6 -test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS memcmp.${ac_objext}" - -echo $ac_n "checking for vprintf""... $ac_c" 1>&6 -echo "configure:2851: checking for vprintf" >&5 -if eval "test \"`echo '$''{'ac_cv_func_vprintf'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2856 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char vprintf(); below. */ -#include <assert.h> -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char vprintf(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_vprintf) || defined (__stub___vprintf) -choke me -#else -vprintf(); -#endif - -; return 0; } -EOF -if { (eval echo configure:2879: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_vprintf=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_vprintf=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'vprintf`\" = yes"; then - echo "$ac_t""yes" 1>&6 - cat >> confdefs.h <<\EOF -#define HAVE_VPRINTF 1 -EOF - -else - echo "$ac_t""no" 1>&6 -fi - -if test "$ac_cv_func_vprintf" != yes; then -echo $ac_n "checking for _doprnt""... $ac_c" 1>&6 -echo "configure:2903: checking for _doprnt" >&5 -if eval "test \"`echo '$''{'ac_cv_func__doprnt'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2908 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char _doprnt(); below. */ -#include <assert.h> -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char _doprnt(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub__doprnt) || defined (__stub____doprnt) -choke me -#else -_doprnt(); -#endif - -; return 0; } -EOF -if { (eval echo configure:2931: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func__doprnt=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func__doprnt=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'_doprnt`\" = yes"; then - echo "$ac_t""yes" 1>&6 - cat >> confdefs.h <<\EOF -#define HAVE_DOPRNT 1 -EOF - -else - echo "$ac_t""no" 1>&6 -fi - -fi - -for ac_func in gethostname gettimeofday mkdir select strcspn strdup strerror strspn strstr strtol uname -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:2958: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <<EOF -#line 2963 "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func(); below. */ -#include <assert.h> -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:2986: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` - cat >> confdefs.h <<EOF -#define $ac_tr_func 1 -EOF - -else - echo "$ac_t""no" 1>&6 -fi -done - - -# Extract the first word of "sgml2txt", so it can be a program name with args. -set dummy sgml2txt; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3014: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_HAVE_SGML2TXT'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$HAVE_SGML2TXT"; then - ac_cv_prog_HAVE_SGML2TXT="$HAVE_SGML2TXT" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_HAVE_SGML2TXT="yes" - break - fi - done - IFS="$ac_save_ifs" - test -z "$ac_cv_prog_HAVE_SGML2TXT" && ac_cv_prog_HAVE_SGML2TXT="no" -fi -fi -HAVE_SGML2TXT="$ac_cv_prog_HAVE_SGML2TXT" -if test -n "$HAVE_SGML2TXT"; then - echo "$ac_t""$HAVE_SGML2TXT" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -# Extract the first word of "sgml2html", so it can be a program name with args. -set dummy sgml2html; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3044: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_HAVE_SGML2HTML'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$HAVE_SGML2HTML"; then - ac_cv_prog_HAVE_SGML2HTML="$HAVE_SGML2HTML" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_HAVE_SGML2HTML="yes" - break - fi - done - IFS="$ac_save_ifs" - test -z "$ac_cv_prog_HAVE_SGML2HTML" && ac_cv_prog_HAVE_SGML2HTML="no" -fi -fi -HAVE_SGML2HTML="$ac_cv_prog_HAVE_SGML2HTML" -if test -n "$HAVE_SGML2HTML"; then - echo "$ac_t""$HAVE_SGML2HTML" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -# Extract the first word of "sgml2latex", so it can be a program name with args. -set dummy sgml2latex; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3074: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_HAVE_SGML2LATEX'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$HAVE_SGML2LATEX"; then - ac_cv_prog_HAVE_SGML2LATEX="$HAVE_SGML2LATEX" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_HAVE_SGML2LATEX="yes" - break - fi - done - IFS="$ac_save_ifs" - test -z "$ac_cv_prog_HAVE_SGML2LATEX" && ac_cv_prog_HAVE_SGML2LATEX="no" -fi -fi -HAVE_SGML2LATEX="$ac_cv_prog_HAVE_SGML2LATEX" -if test -n "$HAVE_SGML2LATEX"; then - echo "$ac_t""$HAVE_SGML2LATEX" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -if test $HAVE_SGML2LATEX = "yes" ; then - if sgml2latex -h | grep -e --paper | grep ' -p ' > /dev/null ; then - PSER="sgml2latex -o ps" - else - PSER="sgml2latex -p" - fi -else - # Extract the first word of "sgml2ps", so it can be a program name with args. -set dummy sgml2ps; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:3111: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_HAVE_SGML2PS'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$HAVE_SGML2PS"; then - ac_cv_prog_HAVE_SGML2PS="$HAVE_SGML2PS" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_HAVE_SGML2PS="yes" - break - fi - done - IFS="$ac_save_ifs" - test -z "$ac_cv_prog_HAVE_SGML2PS" && ac_cv_prog_HAVE_SGML2PS="no" -fi -fi -HAVE_SGML2PS="$ac_cv_prog_HAVE_SGML2PS" -if test -n "$HAVE_SGML2PS"; then - echo "$ac_t""$HAVE_SGML2PS" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - - if test $HAVE_SGML2PS = yes ; then - PSER="sgml2ps" - fi -fi - - -trap '' 1 2 15 -cat > confcache <<\EOF -# This file is a shell script that caches the results of configure -# tests run on this system so they can be shared between configure -# scripts and configure runs. It is not useful on other systems. -# If it contains results you don't want to keep, you may remove or edit it. -# -# By default, configure uses ./config.cache as the cache file, -# creating it if it does not exist already. You can give configure -# the --cache-file=FILE option to use a different cache file; that is -# what configure does when it calls configure scripts in -# subdirectories, so they share the cache. -# Giving --cache-file=/dev/null disables caching, for debugging configure. -# config.status only pays attention to the cache file if you give it the -# --recheck option to rerun configure. -# -EOF -# The following way of writing the cache mishandles newlines in values, -# but we know of no workaround that is simple, portable, and efficient. -# So, don't put newlines in cache variables' values. -# Ultrix sh set writes to stderr and can't be redirected directly, -# and sets the high bit in the cache file unless we assign to the vars. -(set) 2>&1 | - case `(ac_space=' '; set | grep ac_space) 2>&1` in - *ac_space=\ *) - # `set' does not quote correctly, so add quotes (double-quote substitution - # turns \\\\ into \\, and sed turns \\ into \). - sed -n \ - -e "s/'/'\\\\''/g" \ - -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p" - ;; - *) - # `set' quotes correctly as required by POSIX, so do not add quotes. - sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p' - ;; - esac >> confcache -if cmp -s $cache_file confcache; then - : -else - if test -w $cache_file; then - echo "updating cache $cache_file" - cat confcache > $cache_file - else - echo "not updating unwritable cache $cache_file" - fi -fi -rm -f confcache - -trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 - -test "x$prefix" = xNONE && prefix=$ac_default_prefix -# Let make expand exec_prefix. -test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' - -# Any assignment to VPATH causes Sun make to only execute -# the first set of double-colon rules, so remove it if not needed. -# If there is a colon in the path, we need to keep it. -if test "x$srcdir" = x.; then - ac_vpsub='/^[ ]*VPATH[ ]*=[^:]*$/d' -fi - -trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15 - -DEFS=-DHAVE_CONFIG_H - -# Without the "./", some shells look in PATH for config.status. -: ${CONFIG_STATUS=./config.status} - -echo creating $CONFIG_STATUS -rm -f $CONFIG_STATUS -cat > $CONFIG_STATUS <<EOF -#! /bin/sh -# Generated automatically by configure. -# Run this file to recreate the current configuration. -# This directory was configured as follows, -# on host `(hostname || uname -n) 2>/dev/null | sed 1q`: -# -# $0 $ac_configure_args -# -# Compiler output produced by configure, useful for debugging -# configure, is in ./config.log if it exists. - -ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]" -for ac_option -do - case "\$ac_option" in - -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) - echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion" - exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;; - -version | --version | --versio | --versi | --vers | --ver | --ve | --v) - echo "$CONFIG_STATUS generated by autoconf version 2.13" - exit 0 ;; - -help | --help | --hel | --he | --h) - echo "\$ac_cs_usage"; exit 0 ;; - *) echo "\$ac_cs_usage"; exit 1 ;; - esac -done - -ac_given_srcdir=$srcdir - -trap 'rm -fr `echo "Make.Rules _pam_aconf.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 -EOF -cat >> $CONFIG_STATUS <<EOF - -# Protect against being on the right side of a sed subst in config.status. -sed 's/%@/@@/; s/@%/@@/; s/%g\$/@g/; /@g\$/s/[\\\\&%]/\\\\&/g; - s/@@/%@/; s/@@/@%/; s/@g\$/%g/' > conftest.subs <<\\CEOF -$ac_vpsub -$extrasub -s%@SHELL@%$SHELL%g -s%@CFLAGS@%$CFLAGS%g -s%@CPPFLAGS@%$CPPFLAGS%g -s%@CXXFLAGS@%$CXXFLAGS%g -s%@FFLAGS@%$FFLAGS%g -s%@DEFS@%$DEFS%g -s%@LDFLAGS@%$LDFLAGS%g -s%@LIBS@%$LIBS%g -s%@exec_prefix@%$exec_prefix%g -s%@prefix@%$prefix%g -s%@program_transform_name@%$program_transform_name%g -s%@bindir@%$bindir%g -s%@sbindir@%$sbindir%g -s%@libexecdir@%$libexecdir%g -s%@datadir@%$datadir%g -s%@sysconfdir@%$sysconfdir%g -s%@sharedstatedir@%$sharedstatedir%g -s%@localstatedir@%$localstatedir%g -s%@libdir@%$libdir%g -s%@includedir@%$includedir%g -s%@oldincludedir@%$oldincludedir%g -s%@infodir@%$infodir%g -s%@mandir@%$mandir%g -s%@LIBPAM_VERSION_MAJOR@%$LIBPAM_VERSION_MAJOR%g -s%@LIBPAM_VERSION_MINOR@%$LIBPAM_VERSION_MINOR%g -s%@CC@%$CC%g -s%@CONF_CFLAGS@%$CONF_CFLAGS%g -s%@MKDIR@%$MKDIR%g -s%@LOCALSRCDIR@%$LOCALSRCDIR%g -s%@OS@%$OS%g -s%@DYNTYPE@%$DYNTYPE%g -s%@USESONAME@%$USESONAME%g -s%@NEEDSONAME@%$NEEDSONAME%g -s%@SHLIBMODE@%$SHLIBMODE%g -s%@INSTALL@%$INSTALL%g -s%@YACC@%$YACC%g -s%@LEX@%$LEX%g -s%@LEXLIB@%$LEXLIB%g -s%@LN_S@%$LN_S%g -s%@SET_MAKE@%$SET_MAKE%g -s%@WITH_DEBUG@%$WITH_DEBUG%g -s%@WITH_LIBDEBUG@%$WITH_LIBDEBUG%g -s%@FAKEROOT@%$FAKEROOT%g -s%@SECUREDIR@%$SECUREDIR%g -s%@SCONFIGDIR@%$SCONFIGDIR%g -s%@SUPLEMENTED@%$SUPLEMENTED%g -s%@INCLUDEDIR@%$INCLUDEDIR%g -s%@WITH_PAMLOCKING@%$WITH_PAMLOCKING%g -s%@PAM_READ_BOTH_CONFS@%$PAM_READ_BOTH_CONFS%g -s%@STATIC_LIBPAM@%$STATIC_LIBPAM%g -s%@DYNAMIC_LIBPAM@%$DYNAMIC_LIBPAM%g -s%@DYNAMIC@%$DYNAMIC%g -s%@STATIC@%$STATIC%g -s%@WITH_LCKPWDF@%$WITH_LCKPWDF%g -s%@CPP@%$CPP%g -s%@PAM_NEEDS_LIBC@%$PAM_NEEDS_LIBC%g -s%@HAVE_LCKPWDF@%$HAVE_LCKPWDF%g -s%@LIBDL@%$LIBDL%g -s%@HAVE_LIBCRACK@%$HAVE_LIBCRACK%g -s%@HAVE_LIBCRYPT@%$HAVE_LIBCRYPT%g -s%@HAVE_LIBUTIL@%$HAVE_LIBUTIL%g -s%@HAVE_LIBNDBM@%$HAVE_LIBNDBM%g -s%@HAVE_LIBDB@%$HAVE_LIBDB%g -s%@HAVE_LIBFL@%$HAVE_LIBFL%g -s%@HAVE_LIBNSL@%$HAVE_LIBNSL%g -s%@HAVE_LIBPWDB@%$HAVE_LIBPWDB%g -s%@HAVE_NDBM_H@%$HAVE_NDBM_H%g -s%@CRACKLIB_DICTPATH@%$CRACKLIB_DICTPATH%g -s%@OS_CFLAGS@%$OS_CFLAGS%g -s%@WARNINGS@%$WARNINGS%g -s%@PIC@%$PIC%g -s%@LD@%$LD%g -s%@LD_D@%$LD_D%g -s%@LD_L@%$LD_L%g -s%@RANLIB@%$RANLIB%g -s%@STRIP@%$STRIP%g -s%@CC_STATIC@%$CC_STATIC%g -s%@LIBOBJS@%$LIBOBJS%g -s%@HAVE_SGML2TXT@%$HAVE_SGML2TXT%g -s%@HAVE_SGML2HTML@%$HAVE_SGML2HTML%g -s%@HAVE_SGML2LATEX@%$HAVE_SGML2LATEX%g -s%@HAVE_SGML2PS@%$HAVE_SGML2PS%g -s%@PSER@%$PSER%g - -CEOF -EOF - -cat >> $CONFIG_STATUS <<\EOF - -# Split the substitutions into bite-sized pieces for seds with -# small command number limits, like on Digital OSF/1 and HP-UX. -ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script. -ac_file=1 # Number of current file. -ac_beg=1 # First line for current file. -ac_end=$ac_max_sed_cmds # Line after last line for current file. -ac_more_lines=: -ac_sed_cmds="" -while $ac_more_lines; do - if test $ac_beg -gt 1; then - sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file - else - sed "${ac_end}q" conftest.subs > conftest.s$ac_file - fi - if test ! -s conftest.s$ac_file; then - ac_more_lines=false - rm -f conftest.s$ac_file - else - if test -z "$ac_sed_cmds"; then - ac_sed_cmds="sed -f conftest.s$ac_file" - else - ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file" - fi - ac_file=`expr $ac_file + 1` - ac_beg=$ac_end - ac_end=`expr $ac_end + $ac_max_sed_cmds` - fi -done -if test -z "$ac_sed_cmds"; then - ac_sed_cmds=cat -fi -EOF - -cat >> $CONFIG_STATUS <<EOF - -CONFIG_FILES=\${CONFIG_FILES-"Make.Rules"} -EOF -cat >> $CONFIG_STATUS <<\EOF -for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then - # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". - case "$ac_file" in - *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` - ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; - *) ac_file_in="${ac_file}.in" ;; - esac - - # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories. - - # Remove last slash and all that follows it. Not all systems have dirname. - ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` - if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then - # The file is in a subdirectory. - test ! -d "$ac_dir" && mkdir "$ac_dir" - ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`" - # A "../" for each directory in $ac_dir_suffix. - ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'` - else - ac_dir_suffix= ac_dots= - fi - - case "$ac_given_srcdir" in - .) srcdir=. - if test -z "$ac_dots"; then top_srcdir=. - else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;; - /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;; - *) # Relative path. - srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix" - top_srcdir="$ac_dots$ac_given_srcdir" ;; - esac - - - echo creating "$ac_file" - rm -f "$ac_file" - configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure." - case "$ac_file" in - *Makefile*) ac_comsub="1i\\ -# $configure_input" ;; - *) ac_comsub= ;; - esac - - ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` - sed -e "$ac_comsub -s%@configure_input@%$configure_input%g -s%@srcdir@%$srcdir%g -s%@top_srcdir@%$top_srcdir%g -" $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file -fi; done -rm -f conftest.s* - -# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where -# NAME is the cpp macro being defined and VALUE is the value it is being given. -# -# ac_d sets the value in "#define NAME VALUE" lines. -ac_dA='s%^\([ ]*\)#\([ ]*define[ ][ ]*\)' -ac_dB='\([ ][ ]*\)[^ ]*%\1#\2' -ac_dC='\3' -ac_dD='%g' -# ac_u turns "#undef NAME" with trailing blanks into "#define NAME VALUE". -ac_uA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' -ac_uB='\([ ]\)%\1#\2define\3' -ac_uC=' ' -ac_uD='\4%g' -# ac_e turns "#undef NAME" without trailing blanks into "#define NAME VALUE". -ac_eA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' -ac_eB='$%\1#\2define\3' -ac_eC=' ' -ac_eD='%g' - -if test "${CONFIG_HEADERS+set}" != set; then -EOF -cat >> $CONFIG_STATUS <<EOF - CONFIG_HEADERS="_pam_aconf.h" -EOF -cat >> $CONFIG_STATUS <<\EOF -fi -for ac_file in .. $CONFIG_HEADERS; do if test "x$ac_file" != x..; then - # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". - case "$ac_file" in - *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` - ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; - *) ac_file_in="${ac_file}.in" ;; - esac - - echo creating $ac_file - - rm -f conftest.frag conftest.in conftest.out - ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` - cat $ac_file_inputs > conftest.in - -EOF - -# Transform confdefs.h into a sed script conftest.vals that substitutes -# the proper values into config.h.in to produce config.h. And first: -# Protect against being on the right side of a sed subst in config.status. -# Protect against being in an unquoted here document in config.status. -rm -f conftest.vals -cat > conftest.hdr <<\EOF -s/[\\&%]/\\&/g -s%[\\$`]%\\&%g -s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD}%gp -s%ac_d%ac_u%gp -s%ac_u%ac_e%gp -EOF -sed -n -f conftest.hdr confdefs.h > conftest.vals -rm -f conftest.hdr - -# This sed command replaces #undef with comments. This is necessary, for -# example, in the case of _POSIX_SOURCE, which is predefined and required -# on some systems where configure will not decide to define it. -cat >> conftest.vals <<\EOF -s%^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*%/* & */% -EOF - -# Break up conftest.vals because some shells have a limit on -# the size of here documents, and old seds have small limits too. - -rm -f conftest.tail -while : -do - ac_lines=`grep -c . conftest.vals` - # grep -c gives empty output for an empty file on some AIX systems. - if test -z "$ac_lines" || test "$ac_lines" -eq 0; then break; fi - # Write a limited-size here document to conftest.frag. - echo ' cat > conftest.frag <<CEOF' >> $CONFIG_STATUS - sed ${ac_max_here_lines}q conftest.vals >> $CONFIG_STATUS - echo 'CEOF - sed -f conftest.frag conftest.in > conftest.out - rm -f conftest.in - mv conftest.out conftest.in -' >> $CONFIG_STATUS - sed 1,${ac_max_here_lines}d conftest.vals > conftest.tail - rm -f conftest.vals - mv conftest.tail conftest.vals -done -rm -f conftest.vals - -cat >> $CONFIG_STATUS <<\EOF - rm -f conftest.frag conftest.h - echo "/* $ac_file. Generated automatically by configure. */" > conftest.h - cat conftest.in >> conftest.h - rm -f conftest.in - if cmp -s $ac_file conftest.h 2>/dev/null; then - echo "$ac_file is unchanged" - rm -f conftest.h - else - # Remove last slash and all that follows it. Not all systems have dirname. - ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` - if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then - # The file is in a subdirectory. - test ! -d "$ac_dir" && mkdir "$ac_dir" - fi - rm -f $ac_file - mv conftest.h $ac_file - fi -fi; done - -EOF -cat >> $CONFIG_STATUS <<EOF - -EOF -cat >> $CONFIG_STATUS <<\EOF - -exit 0 -EOF -chmod +x $CONFIG_STATUS -rm -fr confdefs* $ac_clean_files -test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1 - diff --git a/contrib/libpam/configure.in b/contrib/libpam/configure.in deleted file mode 100644 index fb3752d..0000000 --- a/contrib/libpam/configure.in +++ /dev/null @@ -1,339 +0,0 @@ -dnl Process this file with autoconf to produce a configure script. -AC_INIT(conf/pam_conv1/pam_conv.y) - -dnl The configuration header file -AC_CONFIG_HEADER(_pam_aconf.h) - -dnl -dnl Release specific -dnl - -LIBPAM_VERSION_MAJOR=0 -LIBPAM_VERSION_MINOR=75 - -AC_SUBST(LIBPAM_VERSION_MAJOR) -AC_SUBST(LIBPAM_VERSION_MINOR) -AC_DEFINE(LIBPAM_VERSION_MAJOR) -AC_DEFINE(LIBPAM_VERSION_MINOR) - -dnl -dnl By default, everything under PAM is installed under the root fs. -dnl - -AC_PREFIX_DEFAULT() - -dnl -dnl Rules needed for the following (hardcoded Linux defaults for now) -dnl - -CC=gcc ; AC_SUBST(CC) -CONF_CFLAGS= ; AC_SUBST(CONF_CFLAGS) -MKDIR="mkdir -p" ; AC_SUBST(MKDIR) -LOCALSRCDIR=`/bin/pwd` ; AC_SUBST(LOCALSRCDIR) -OS=`uname|sed -e 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/'` -AC_SUBST(OS) - -dnl These are most likely platform specific - I think HPUX differs -DYNTYPE=so ; AC_SUBST(DYNTYPE) -USESONAME=yes ; AC_SUBST(USESONAME) -NEEDSONAME=yes ; AC_SUBST(NEEDSONAME) -SHLIBMODE=755 ; AC_SUBST(SHLIBMODE) - -dnl ### Should enable this INSTALL detection. -dnl ### Would need to distribute GNU's config.guess and config.sub -dnl AC_PROG_INSTALL -INSTALL=/usr/bin/install ; AC_SUBST(INSTALL) - -dnl Checks for programs. -AC_PROG_CC -dnl ### AC_PROG_CXX -AC_PROG_YACC -AC_PROG_LEX -dnl AC_PROG_INSTALL -AC_PROG_LN_S -AC_PROG_MAKE_SET - -dnl -dnl options and defaults -dnl - -dnl lots of debugging information goes to /tmp/pam-debug.log -AC_ARG_ENABLE(debug, -[ --enable-debug qspecify you are building with debugging on], - WITH_DEBUG=yes ; AC_DEFINE(DEBUG) , WITH_DEBUG=no) -AC_SUBST(WITH_DEBUG) - -dnl build specially named libraries (for debugging purposes) -AC_ARG_ENABLE(libdebug, -[ --enable-libdebug specify you are building debugging libraries], - WITH_LIBDEBUG=yes ; AC_DEFINE(WITH_LIBDEBUG) , WITH_LIBDEBUG=no) -AC_SUBST(WITH_LIBDEBUG) - -dnl packaging convenience -AC_ARG_ENABLE(fakeroot, -[ --enable-fakeroot=<path to packaging directory>], FAKEROOT=$enableval) -AC_SUBST(FAKEROOT) - -AC_ARG_ENABLE(securedir, -[ --enable-securedir=<path to location of PAMs> [default \$libdir/security]], - SECUREDIR=$enableval, SECUREDIR=$libdir/security) -AC_SUBST(SECUREDIR) - -AC_ARG_ENABLE(sconfigdir, -[ --enable-sconfigdir=<path to module conf files> [default \$sysconfdir/security]], - SCONFIGDIR=$enableval, SCONFIGDIR=$sysconfdir/security) -AC_SUBST(SCONFIGDIR) - -AC_ARG_ENABLE(suplementedir, -[ --enable-suplementedir=<path to module helper binaries> [default \$sbindir]], - SUPLEMENTED=$enableval, SUPLEMENTED=$sbindir) -AC_SUBST(SUPLEMENTED) - -AC_ARG_ENABLE(includedir, -[ --enable-includedir=<path to include location> - where to put <security>], - INCLUDEDIR=$enableval, INCLUDEDIR=/usr/include) -AC_SUBST(INCLUDEDIR) - -AC_ARG_ENABLE(pamlocking, -[ --enable-pamlocking configure libpam to observe a global authentication lock], - WITH_PAMLOCKING=yes ; AC_DEFINE(PAM_LOCKING) , WITH_PAMLOCKING=no) -AC_SUBST(WITH_PAMLOCKING) - -AC_ARG_ENABLE(uglyhack, -[ --enable-uglyhack configure libpam to try to honor old pam_strerror syntax], - AC_DEFINE(UGLY_HACK_FOR_PRIOR_BEHAVIOR_SUPPORT)) - -AC_ARG_ENABLE(read-both-confs, -[ --enable-read-both-confs read both /etc/pam.d and /etc/pam.conf files], - AC_DEFINE(PAM_READ_BOTH_CONFS)) -AC_SUBST(PAM_READ_BOTH_CONFS) - -AC_ARG_ENABLE(static-libpam, [ --enable-static-libpam build a libpam.a library], - STATIC_LIBPAM=yes , STATIC_LIBPAM=no) -AC_SUBST(STATIC_LIBPAM) - -AC_ARG_ENABLE(dynamic-libpam, -[ --disable-dynamic-libpam do not build a shared libpam library], - DYNAMIC_LIBPAM=no, DYNAMIC_LIBPAM=yes) -AC_SUBST(DYNAMIC_LIBPAM) - -DYNAMIC=-DPAM_DYNAMIC -AC_SUBST(DYNAMIC) - -AC_ARG_ENABLE(static-modules, -[ --enable-static-modules do not make the modules dynamically loadable], - STATIC=-DPAM_STATIC) -AC_SUBST(STATIC) - -AC_ARG_ENABLE(lckpwdf, -[ --disable-lckpwdf do not use the lckpwdf function], - WITH_LCKPWDF=no, WITH_LCKPWDF=yes) -AC_SUBST(WITH_LCKPWDF) - -AC_CHECK_HEADERS(paths.h) -AC_ARG_WITH(mailspool, -[ --with-mailspool path to mail spool directory - [default _PATH_MAILDIR if defined in paths.h, otherwise /var/spool/mail]], -with_mailspool=${withval}) -if test x$with_mailspool != x ; then - pam_mail_spool="\"$with_mailspool\"" -else - AC_TRY_RUN([ -#include <paths.h> -int main() { -#ifdef _PATH_MAILDIR -exit(0); -#else -exit(1); -#endif -}], pam_mail_spool="_PATH_MAILDIR", -pam_mail_spool="\"/var/spool/mail\"", -pam_mail_spool="\"/var/spool/mail\"") -fi -AC_DEFINE_UNQUOTED(PAM_PATH_MAILDIR, $pam_mail_spool) - -dnl Checks for libraries. -AC_CHECK_LIB(c, __libc_sched_setscheduler, PAM_NEEDS_LIBC=, PAM_NEEDS_LIBC=-lc) -AC_SUBST(PAM_NEEDS_LIBC) - -dnl Checks for the existence of lckpwdf in libc -AC_CHECK_LIB(c, lckpwdf, HAVE_LCKPWDF=yes, HAVE_LCKPWDF=no) -AC_SUBST(HAVE_LCKPWDF) - -dnl Checks for the existence of libdl - on BSD its part of libc -AC_CHECK_LIB(dl, dlopen, LIBDL=-ldl) -AC_SUBST(LIBDL) - -dnl -dnl At least on Solaris, the existing libcrack must be dynamic. -dnl Ought to introduce a check for this. -dnl -AC_CHECK_LIB(crack, FascistCheck, HAVE_LIBCRACK=yes ; AC_DEFINE(HAVE_LIBCRACK), - HAVE_LIBCRACK=no) -AC_SUBST(HAVE_LIBCRACK) - -AC_CHECK_LIB(crypt, fcrypt, HAVE_LIBCRYPT=yes ; AC_DEFINE(HAVE_LIBCRYPT), - HAVE_LIBCRYPT=no) -AC_SUBST(HAVE_LIBCRYPT) -AC_CHECK_LIB(util, logwtmp, HAVE_LIBUTIL=yes ; AC_DEFINE(HAVE_LIBUTIL), - HAVE_LIBUTIL=no) -AC_SUBST(HAVE_LIBUTIL) -AC_CHECK_LIB(ndbm, dbm_store, HAVE_LIBNDBM=yes ; AC_DEFINE(HAVE_LIBNDBM), - HAVE_LIBNDBM=no) -AC_SUBST(HAVE_LIBNDBM) -AC_CHECK_LIB(db, dbm_store, HAVE_LIBDB=yes ; AC_DEFINE(HAVE_LIBDB), - HAVE_LIBDB=no) -AC_SUBST(HAVE_LIBDB) -AC_CHECK_LIB(fl, yylex, yyterminate, HAVE_LIBFL=yes ; AC_DEFINE(HAVE_LIBFL), - HAVE_LIBFL=no) -AC_SUBST(HAVE_LIBFL) -AC_CHECK_LIB(nsl, yp_maplist, HAVE_LIBNSL=yes ; AC_DEFINE(HAVE_LIBNSL), - HAVE_LIBNSL=no) -AC_SUBST(HAVE_LIBNSL) -AC_CHECK_LIB(pwdb, pwdb_db_name, HAVE_LIBPWDB=yes ; AC_DEFINE(HAVE_LIBPWDB), - HAVE_LIBPWDB=no) -AC_SUBST(HAVE_LIBPWDB) - -dnl Checks for header files. -AC_HEADER_DIRENT -AC_HEADER_STDC -AC_HEADER_SYS_WAIT -AC_CHECK_HEADERS(fcntl.h limits.h malloc.h sys/file.h sys/ioctl.h sys/time.h syslog.h termio.h unistd.h) - -dnl Linux wants features.h in some of the source files. -AC_CHECK_HEADERS(features.h) - -dnl For module/pam_cracklib -AC_CHECK_HEADERS(crypt.h) - -dnl For module/pam_userdb -AC_CHECK_HEADERS(ndbm.h db.h) -dnl I suspect the following two lines are a hack. -HAVE_NDBM_H=$ac_cv_header_ndbm_h -AC_SUBST(HAVE_NDBM_H) - -dnl For module/pam_lastlog -AC_CHECK_HEADERS(lastlog.h utmp.h utmpx.h) - -dnl This following rule should be made conditional upon HAVE_LIBCRYPT -dnl being found. - -dnl Look for cracklib dictionary -AC_MSG_CHECKING(path to cracklib dictionary) -DICT_DIR_CANDIDATES="/usr/lib /usr/share/dict /usr/share/lib \ - /usr/local/lib /usr/local/share/lib" -DICT_FILE_CANDIDATES="pw_dict cracklib_dict" -CRACKLIB_DICTPATH="" -for d in $DICT_DIR_CANDIDATES ; do - for f in $DICT_FILE_CANDIDATES ; do - if test -r $d/$f.hwm ; then - CRACKLIB_DICTPATH=$d/$f - break 2 - elif test -r $d/dict/$f.hwm ; then - CRACKLIB_DICTPATH=$d/dict/$f - break 2 - fi - done -done -if test -z "$CRACKLIB_DICTPATH" ; then - AC_MSG_RESULT(none found) -else - AC_MSG_RESULT($CRACKLIB_DICTPATH) -fi -AC_SUBST(CRACKLIB_DICTPATH) - -dnl Set FLAGS, linker options etc. depending on C compiler. -dnl gcc is tested and much preferred; others less so, if at all -dnl -dnl If compiling with gcc, linking is also supposed to be done with gcc; -dnl since we use linker-specific arguments, we may not gain anything by -dnl switching LD_L over, but I think we can use LD_D as-is. -dnl -dnl For the moment, gcc is enforced above at "CC=gcc". -dnl -dnl There is an issue over _POSIX_SOURCE _BSD_SOURCE and _GNU_SOURCE . -dnl The original "Linux-PAM" had blanket inclusion. But portability -dnl requires their default absence: if particular OSes require them, -dnl this should be done selectively. - -GCC_WARNINGS="-Wall -Wwrite-strings \ - -Wpointer-arith -Wcast-qual -Wcast-align \ - -Wstrict-prototypes -Wmissing-prototypes \ - -Wnested-externs -Winline -Wshadow" - -if test "$GCC" = yes; then -### -### Non-Linux needs attention on per-OS basis - OS_CFLAGS="-ansi -D_POSIX_SOURCE -pedantic" - WARNINGS="$GCC_WARNINGS" - PIC="-fPIC" -#can/should we use LD=gcc ??? - LD=ld - LD_D="gcc -shared -Xlinker -x" - LD_L="$LD -x -shared" - RANLIB=ranlib - STRIP=strip - CC_STATIC="-Xlinker -export-dynamic" -else -### -### Non-gcc needs attention on per-OS basis -### -### [These are Solaris-C specific...] - OS_CFLAGS="" - WARNINGS="" - PIC="-K pic" - LD=ld - LD_D="cc -z text -G -R." - LD_L="$LD_D" - RANLIB=ranlib - STRIP=strip - CC_STATIC= -fi - -AC_SUBST(OS_CFLAGS) -AC_SUBST(WARNINGS) -AC_SUBST(PIC) -AC_SUBST(LD) -AC_SUBST(LD_D) -AC_SUBST(LD_L) -AC_SUBST(RANLIB) -AC_SUBST(STRIP) -AC_SUBST(CC_STATIC) - -dnl Checks for typedefs, structures, and compiler characteristics. -AC_C_BIGENDIAN -AC_C_CONST -AC_TYPE_UID_T -AC_TYPE_OFF_T -AC_TYPE_PID_T -AC_TYPE_SIZE_T -AC_HEADER_TIME -AC_STRUCT_TM - -dnl Checks for library functions. -AC_TYPE_GETGROUPS -AC_PROG_GCC_TRADITIONAL -AC_FUNC_MEMCMP -AC_FUNC_VPRINTF -AC_CHECK_FUNCS(gethostname gettimeofday mkdir select strcspn strdup strerror strspn strstr strtol uname) - -dnl Checks for programs/utilities -AC_CHECK_PROG(HAVE_SGML2TXT, sgml2txt, yes, no) -AC_CHECK_PROG(HAVE_SGML2HTML, sgml2html, yes, no) -AC_CHECK_PROG(HAVE_SGML2LATEX, sgml2latex, yes, no) -if test $HAVE_SGML2LATEX = "yes" ; then - if sgml2latex -h | grep -e --paper | grep ' -p ' > /dev/null ; then - PSER="sgml2latex -o ps" - else - PSER="sgml2latex -p" - fi -else - AC_CHECK_PROG(HAVE_SGML2PS, sgml2ps, yes, no) - if test $HAVE_SGML2PS = yes ; then - PSER="sgml2ps" - fi -fi -AC_SUBST(PSER) - -dnl Files to be created from when we run configure -AC_OUTPUT(Make.Rules) diff --git a/contrib/libpam/defs/debian.defs b/contrib/libpam/defs/debian.defs deleted file mode 100644 index 19ba466..0000000 --- a/contrib/libpam/defs/debian.defs +++ /dev/null @@ -1,40 +0,0 @@ -## -# defs for Debian -# Ben Collins <bcollins@debian.org> -## -# this file indicates the compiler and the various hardware/OS dependent -# flags for installation. It also defines the various destinations of -# installed files on the system. -## - -CFLAGS := -O2 -I${shell pwd}/include # -D__NO_STRING_INLINES -ifneq (,$(findstring $(DEB_BUILD_OPTIONS),debug DEBUG Debug)) - CFLAGS += -g -endif - -OS := $(shell dpkg-architecture -qDEB_BUILD_GNU_SYSTEM) -ARCH := $(shell dpkg-architecture -qDEB_BUILD_GNU_CPU) -CC := gcc -INSTALL := install -MKDIR := mkdir -p -ULIBS := -LD := ld -LD_D := gcc -shared -Xlinker -x -LD_L := $(LD) -x -shared -AR := ar -cr -RANLIB := ranlib -PREFIX := -LIBDIR := $(PREFIX)/lib -USESONAME := yes -SOSWITCH := -soname -LINKLIBS := -lc -L${shell pwd}/libpam -L${shell pwd}/libpam_misc -NEEDSONAME := no -LDCONFIG := /sbin/ldconfig -FAKEROOT := -SUPLEMENTED := $(PREFIX)/sbin -SECUREDIR := $(LIBDIR)/security -INCLUDED := /usr/include/security -CONFIGED := /etc -SCONFIGED := /etc/security -EXTRALS := -lnsl -lcrypt -WARNINGS := -Wall diff --git a/contrib/libpam/defs/redhat4.defs b/contrib/libpam/defs/redhat4.defs deleted file mode 100644 index 219abeb..0000000 --- a/contrib/libpam/defs/redhat4.defs +++ /dev/null @@ -1,35 +0,0 @@ -## -# defs for Red Hat Linux -# Michael K. Johnson <johnsonm@redhat.com> -## -# this file indicates the compiler and the various hardware/OS dependent -# flags for installation. It also defines the various destinations of -# installed files on the system. -# -# This file is the version used for Red Hat Linux. - -OS=linux -ARCH=$(shell rpm --showrc | grep '^build arch' | sed 's/^.*: //g') -CC=gcc -INSTALL=install -MKDIR=mkdir -p -CFLAGS=$(RPM_OPT_FLAGS) -pipe -g -ULIBS=#-lefence -LD=ld -LD_D=gcc -shared -Xlinker -x -LD_L=$(LD) -x -shared -USESONAME=yes -SOSWITCH=-soname -LINKLIBS=-lc -NEEDSONAME=no -LDCONFIG=/sbin/ldconfig -AR=ar -cr -RANLIB=ranlib -FAKEROOT=$(RPM_BUILD_ROOT) -PREFIX= -SUPLEMENTED=$(PREFIX)/sbin -LIBDIR=$(PREFIX)/lib -SECUREDIR=$(LIBDIR)/security -INCLUDED=/usr/include/security -CONFIGED=/etc -SCONFIGED=/etc/security diff --git a/contrib/libpam/defs/solaris-2.1.5.defs b/contrib/libpam/defs/solaris-2.1.5.defs deleted file mode 100644 index 4624b60..0000000 --- a/contrib/libpam/defs/solaris-2.1.5.defs +++ /dev/null @@ -1,45 +0,0 @@ -## -# Solaris defs contributed by Josh Wilmes <josh@makita.jpl.nasa.gov> -## -# this file indicates the compiler and the various hardware/OS dependent -# flags for installation. It also defines the various destinations of -# installed files on the system. -# -# This file is the default version. Please look in .../defs/ for your -# preferred OS/vendor. - -# Please note that the linker used must be the GNU ld, not the native Sun -# linker. It is fairly common for the gnu linker (/usr/ccs/bin/ld) to be -# configured as the default linker for gcc. To tell gcc to use the -# gnu linker, you need to set the GCC_EXEC_PREFIX environment variable -# to point at the directory where the gnu linker is installed. Here's -# what I do: -# $ mkdir /tmp/foo -# $ ln -s /path/to/gnu/ld /tmp/foo/ld -# $ export GCC_EXEC_PREFIX=/tmp/foo/ -# $ export PATH=/tmp/foo:$PATH - -OS=solaris -ARCH=sun -CC=gcc -INSTALL=install -MKDIR=mkdir -p -CFLAGS=-O7 -pipe -g -D__EXTENSIONS__ -Dsolaris -ULIBS= -LD_D=gcc -shared -Xlinker -x -LD=ld -LD_L=$(LD) -G -USESONAME=yes -SOSWITCH=-h -NEEDSONAME=no -LDCONFIG=/sbin/echo -AR=ar -cr -RANLIB=ranlib -FAKEROOT= -PREFIX=/usr -SUPLEMENTED=$(PREFIX)/sbin -LIBDIR=$(PREFIX)/lib -SECUREDIR=$(LIBDIR)/security -INCLUDED=/usr/include/security -CONFIGED=/etc -SCONFIGED=/etc/security diff --git a/contrib/libpam/defs/suse.defs b/contrib/libpam/defs/suse.defs deleted file mode 100644 index 1fc6b74..0000000 --- a/contrib/libpam/defs/suse.defs +++ /dev/null @@ -1,36 +0,0 @@ -## -# defs for SuSE Linux -# Thorsten Kukuk <kukuk@suse.de> -## -# this file indicates the compiler and the various hardware/OS dependent -# flags for installation. It also defines the various destinations of -# installed files on the system. -# -# This file is the version used for SuSE Linux. - -OS=linux -ARCH=$(shell rpm --showrc | grep 'build arch' | grep -v "compatible" | sed 's/^.*: //g') -CC=gcc -INSTALL=install -MKDIR=mkdir -p -CFLAGS=$(RPM_OPT_FLAGS) -pipe -D_REENTRANT -ULIBS=#-lefence -LD=ld -LD_D=gcc -shared -Xlinker -x -LD_L=$(LD) -x -shared -USESONAME=yes -SOSWITCH=-soname -LINKLIBS=-lc -NEEDSONAME=yes -LDCONFIG=/sbin/ldconfig -AR=ar -cr -RANLIB=ranlib -FAKEROOT=$(RPM_BUILD_ROOT) -PREFIX= -SUPLEMENTED=$(PREFIX)/sbin -LIBDIR=$(PREFIX)/lib -SECUREDIR=$(LIBDIR)/security -INCLUDED=/usr/include/security -CONFIGED=/etc -SCONFIGED=/etc/security -EXTRALS=-lcrypt diff --git a/contrib/libpam/doc/CREDITS b/contrib/libpam/doc/CREDITS deleted file mode 100644 index 528032b..0000000 --- a/contrib/libpam/doc/CREDITS +++ /dev/null @@ -1,49 +0,0 @@ -<!-- - an sgml list of people to credit for their contributions to Linux-PAM - $Id: CREDITS,v 1.2 2001/03/19 01:46:41 agmorgan Exp $ - --> -Chris Adams, -Peter Allgeyer, -Tim Baverstock, -Tim Berger, -Craig S. Bell, -Derrick J. Brashear, -Ben Buxton, -Seth Chaiklin, -Oliver Crow, -Chris Dent, -Marc Ewing, -Cristian Gafton, -Emmanuel Galanos, -Brad M. Garcia, -Eric Hester, -Michel D'Hooge, -Roger Hu, -Eric Jacksch, -Michael K. Johnson, -David Kinchlea, -Olaf Kirch, -Marcin Korzonek, -Stephen Langasek, -Nicolai Langfeldt, -Elliot Lee, -Luke Kenneth Casson Leighton, -Al Longyear, -Ingo Luetkebohle, -Marek Michalkiewicz, -Robert Milkowski, -Aleph One, -Martin Pool, -Sean Reifschneider, -Jan Rekorajski, -Erik Troan, -Theodore Ts'o, -Jeff Uphoff, -Myles Uyema, -Savochkin Andrey Vladimirovich, -Ronald Wahl, -David Wood, -John Wilmes, -Joseph S. D. Yao -and -Alex O. Yuriev. diff --git a/contrib/libpam/doc/Makefile b/contrib/libpam/doc/Makefile deleted file mode 100644 index 8ff1607..0000000 --- a/contrib/libpam/doc/Makefile +++ /dev/null @@ -1,145 +0,0 @@ - -### $Id: Makefile,v 1.3 2001/01/22 08:03:01 agmorgan Exp $ - -include ../Make.Rules - -# These two should probably be moved into autoconf... -DOCDIR=/usr/doc/Linux-PAM -MANDIR=/usr/man - -####################################################### - -FILES=pam pam_appl pam_modules -FSRCS=pam.sgml pam_appl.sgml pam_modules.sgml - -TEXTS=txts/pam.txt txts/pam_appl.txt txts/pam_modules.txt -HTMLS=html/pam.html html/pam_appl.html html/pam_modules.html -PSFILES=ps/pam.ps ps/pam_appl.ps ps/pam_modules.ps - -MODULES=$(shell ls modules/*.sgml) - -####################################################### - -dummy: - @echo "Making the documentation..." - @make all - -all: htmls texts postscript - -htmls: $(HTMLS) - -$(HTMLS) : $(FSRCS) -ifeq ($(HAVE_SGML2HTML),yes) - @for i in $(FILES) ; do \ - if [ ! -f "html/$$i.html" ] || [ "$$i.sgml" -nt "html/$$i.html" ]; \ - then \ - cd html ; sgml2html ../$$i ; \ - if [ $$? -ne 0 ]; then exit 1 ; fi ; \ - cd .. ; \ - fi ; \ - done -else - @echo XXX - you do not have the sgml2html binary installed -endif - -texts: $(TEXTS) - -$(TEXTS) : $(FSRCS) -ifeq ($(HAVE_SGML2TXT),yes) - @for i in $(FILES) ; do \ - if [ ! -f "txts/$$i.txt" ] \ - || [ "$$i.sgml" -nt "txts/$$i.txt" ]; then \ - cd txts ; sgml2txt ../$$i ; cd .. ; \ - fi ; \ - done -else - @echo XXX - you do not have the sgml2txt binary installed -endif - -postscript: $(PSFILES) - -$(PSFILES): $(FSRCS) -ifneq ($(PSER),) - @for i in $(FILES) ; do \ - if [ ! -f "ps/$$i.ps" ] || [ "$$i.sgml" -nt "ps/$$i.ps" ]; then \ - cd ps ; $(PSER) ../$$i ; cd .. ; \ - fi ; \ - done -else - @echo XXX - neither sgml2ps nor sgml2latex binaries are installed -endif - -pam.sgml: pam_source.sgml MODULES-SGML CREDITS - @sed -e '/^<!\-\- insert\-file MODULES\-SGML \-\->/r MODULES-SGML' pam_source.sgml | sed -e '/^<!\-\- insert\-file CREDITS \-\->/r CREDITS' > pam.sgml - -MODULES-SGML: $(MODULES) - @echo 'Building module text from files in modules/*.sgml' - @rm -f MODULES-SGML - @echo '<!-- modules included:' > MODULES-SGML - @ls modules/*.sgml >> MODULES-SGML - @echo ' and that is all -->' >> MODULES-SGML - @cat modules/*.sgml >> MODULES-SGML - -extraclean: clean - -remove: - cd man && for file in *.3 ; do \ - rm -f $(FAKEROOT)$(MANDIR)/man3/$$file ; \ - done - cd man && for file in *.8 ; do \ - rm -f $(FAKEROOT)$(MANDIR)/man8/$$file ; \ - done - cd txts && for file in *.txt; do \ - rm -f $(FAKEROOT)$(DOCDIR)/text/$$file ; \ - done - cd ps && for file in *.ps; do \ - rm -f $(FAKEROOT)$(DOCDIR)/ps/$$file ; \ - done - cd html && for file in *.html; do \ - rm -f $(FAKEROOT)$(DOCDIR)/html/$$file ; \ - done - -install: all -ifeq ($(HAVE_SGML2TXT),yes) - mkdir -p $(FAKEROOT)$(DOCDIR)/text - for file in txts/*.txt; do \ - install -m 644 $$file $(FAKEROOT)$(DOCDIR)/text ; \ - done -endif -ifneq ($(PSER),) - mkdir -p $(FAKEROOT)$(DOCDIR)/ps - for file in ps/*.ps; do \ - install -m 644 $$file $(FAKEROOT)$(DOCDIR)/ps ; \ - done -endif -ifeq ($(HAVE_SGML2HTML),yes) - mkdir -p $(FAKEROOT)$(DOCDIR)/html - for file in html/*.html; do \ - install -m 644 $$file $(FAKEROOT)$(DOCDIR)/html ; \ - done -endif - mkdir -p $(FAKEROOT)$(MANDIR)/man{3,8} - for file in man/*.3 ; do \ - install -m 644 $$file $(FAKEROOT)$(MANDIR)/man3 ; \ - done - for file in man/*.8 ; do \ - install -m 644 $$file $(FAKEROOT)$(MANDIR)/man8 ; \ - done - -spec: - cd specs/formatter && make - specs/formatter/padout < specs/draft-morgan-pam.raw > specs/draft-morgan-pam-current.txt - -releasedocs: all spec - tar zvfc Linux-PAM-$(MAJOR_REL).$(MINOR_REL)-docs.tar.gz --exclude CVS html ps txts specs/draft-morgan-pam-current.txt - -clean: - rm -f *~ *.bak - rm -f html/pam*.html - rm -f man/*~ - rm -f $(TEXTS) - rm -f $(PSFILES) ps/missfont.log - rm -f MODULES-SGML pam.sgml - rm -f specs/draft-morgan-pam-current.txt - make -C specs/formatter clean - diff --git a/contrib/libpam/doc/NOTES b/contrib/libpam/doc/NOTES deleted file mode 100644 index b0f40d4..0000000 --- a/contrib/libpam/doc/NOTES +++ /dev/null @@ -1,16 +0,0 @@ -Things to be added: - -@ modules: -@ application: - - use of - 'user' = user to become, - 'uid' = user requesting service - 'euid' = privilege of current process. - -@ sysadmin: - - included modules: - behavior - non-included modules: - behavior/pointers. diff --git a/contrib/libpam/doc/figs/pam_orient.txt b/contrib/libpam/doc/figs/pam_orient.txt deleted file mode 100644 index a8b745a..0000000 --- a/contrib/libpam/doc/figs/pam_orient.txt +++ /dev/null @@ -1,23 +0,0 @@ - - - - +----------------+ - | application: X | - +----------------+ / +----------+ +================+ - | authentication-[---->--\--] Linux- |--<--| /etc/pam.conf | - | + [----<--/--] PAM | |================| - |[conversation()][--+ \ | | | X auth .. a.so | - +----------------+ | / +-n--n-----+ | X auth .. b.so | - | | | __| | | _____/ - | service user | A | | |____,-----' - | | | V A - +----------------+ +------|-----|---------+ -----+------+ - +---u-----u----+ | | | - | auth.... |--[ a ]--[ b ]--[ c ] - +--------------+ - | acct.... |--[ b ]--[ d ] - +--------------+ - | password |--[ b ]--[ c ] - +--------------+ - | session |--[ e ]--[ c ] - +--------------+
\ No newline at end of file diff --git a/contrib/libpam/doc/html/index.html b/contrib/libpam/doc/html/index.html deleted file mode 100644 index 5cb1e0f..0000000 --- a/contrib/libpam/doc/html/index.html +++ /dev/null @@ -1,21 +0,0 @@ - -<HTML> -<HEAD> -<TITLE>Linux-PAM - Pluggable Authentication Modules for Linux</TITLE> -</HEAD> -<BODY> - -<p> -Here is the documentation for Linux-PAM. As you will see it is -currently not complete. However, in order of decreasing length: - -<ul> -<li> <a href="pam.html">The System Administrators' Guide</a> -<li> <a href="pam_modules.html">The Module Writers' Manual</a> -<li> <a href="pam_appl.html">The Application developers' Manual</a> -</ul> - -<hr> -<p> -REVISION: <tt>$Id: index.html,v 1.1.1.1 2000/06/20 22:10:56 agmorgan Exp $</tt> -</BODY> diff --git a/contrib/libpam/doc/man/pam.8 b/contrib/libpam/doc/man/pam.8 deleted file mode 100644 index 4cbf9cf..0000000 --- a/contrib/libpam/doc/man/pam.8 +++ /dev/null @@ -1,370 +0,0 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam.8,v 1.2 2001/01/20 23:47:07 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1996-7,2001 <morgan@kernel.org> -.\" $FreeBSD$ -.TH PAM 8 "2001 Jan 20" "PAM 0.74" "PAM Manual" -.SH NAME - -PAM \- Pluggable Authentication Modules - -.SH SYNOPSIS -.B /etc/pam.conf -.sp 2 -.SH DESCRIPTION - -This manual is intended to offer a quick introduction to -.BR PAM ". " -For more information the reader is directed to the -.BR "PAM system administrators' guide". - -.sp -.BR PAM -Is a system of libraries that handle the authentication tasks of -applications (services) on the system. The library provides a stable -general interface (Application Programming Interface - API) that -privilege granting programs (such as -.BR login "(1) " -and -.BR su "(1)) " -defer to to perform standard authentication tasks. - -.sp -The principal feature of the PAM approach is that the nature of the -authentication is dynamically configurable. In other words, the -system administrator is free to choose how individual -service-providing applications will authenticate users. This dynamic -configuration is set by the contents of the single -.BR PAM -configuration file -.BR /etc/pam.conf "." -Alternatively, the configuration can be set by individual -configuration files located in the -.B /etc/pam.d/ -directory. -.IB "The presence of this directory will cause " PAM " to ignore" -.BI /etc/pam.conf "." - -.sp -From the point of view of the system administrator, for whom this -manual is provided, it is not of primary importance to understand the -internal behavior of the -.BR PAM -library. The important point to recognize is that the configuration -file(s) -.I define -the connection between applications -.BR "" "(" services ")" -and the pluggable authentication modules -.BR "" "(" PAM "s)" -that perform the actual authentication tasks. - -.sp -.BR PAM -separates the tasks of -.I authentication -into four independent management groups: -.BR "account" " management; " -.BR "auth" "entication management; " -.BR "password" " management; " -and -.BR "session" " management." -(We highlight the abbreviations used for these groups in the -configuration file.) - -.sp -Simply put, these groups take care of different aspects of a typical -user's request for a restricted service: - -.sp -.BR account " - " -provide account verification types of service: has the user's password -expired?; is this user permitted access to the requested service? - -.br -.BR auth "entication - " -establish the user is who they claim to be. Typically this is via some -challenge-response request that the user must satisfy: if you are who -you claim to be please enter your password. Not all authentications -are of this type, there exist hardware based authentication schemes -(such as the use of smart-cards and biometric devices), with suitable -modules, these may be substituted seamlessly for more standard -approaches to authentication - such is the flexibility of -.BR PAM "." - -.br -.BR password " - " -this group's responsibility is the task of updating authentication -mechanisms. Typically, such services are strongly coupled to those of -the -.BR auth -group. Some authentication mechanisms lend themselves well to being -updated with such a function. Standard UN*X password-based access is -the obvious example: please enter a replacement password. - -.br -.BR session " - " -this group of tasks cover things that should be done prior to a -service being given and after it is withdrawn. Such tasks include the -maintenance of audit trails and the mounting of the user's home -directory. The -.BR session -management group is important as it provides both an opening and -closing hook for modules to affect the services available to a user. - -.SH The configuration file(s) - -When a -.BR PAM -aware privilege granting application is started, it activates its -attachment to the PAM-API. This activation performs a number of -tasks, the most important being the reading of the configuration file(s): -.BR /etc/pam.conf "." -Alternatively, this may be the contents of the -.BR /etc/pam.d/ -directory. - -These files list the -.BR PAM "s" -that will do the authentication tasks required by this service, and -the appropriate behavior of the PAM-API in the event that individual -.BR PAM "s " -fail. - -.sp -The syntax of the -.B /etc/pam.conf -configuration file is as follows. The file is made -up of a list of rules, each rule is typically placed on a single line, -but may be extended with an escaped end of line: `\\<LF>'. Comments -are preceded with `#' marks and extend to the next end of line. - -.sp -The format of each rule is a space separated collection of tokens, the -first three being case-insensitive: - -.sp -.br -.BR " service type control module-path module-arguments" - -.sp -The syntax of files contained in the -.B /etc/pam.d/ -directory, are identical except for the absence of any -.I service -field. In this case, the -.I service -is the name of the file in the -.B /etc/pam.d/ -directory. This filename must be in lower case. - -.sp -An important feature of -.BR PAM ", " -is that a number of rules may be -.I stacked -to combine the services of a number of PAMs for a given authentication -task. - -.sp -The -.BR service -is typically the familiar name of the corresponding application: -.BR login -and -.BR su -are good examples. The -.BR service "-name, " other ", " -is reserved for giving -.I default -rules. Only lines that mention the current service (or in the absence -of such, the -.BR other -entries) will be associated with the given service-application. - -.sp -The -.BR type -is the management group that the rule corresponds to. It is used to -specify which of the management groups the subsequent module is to -be associated with. Valid entries are: -.BR account "; " -.BR auth "; " -.BR password "; " -and -.BR session "." -The meaning of each of these tokens was explained above. - -.sp -The third field, -.BR control ", " -indicates the behavior of the PAM-API should the module fail to -succeed in its authentication task. There are two types of syntax for -this control field: the simple one has a single simple keyword; the -more complicated one involves a square-bracketed selection of -.B value=action -pairs. - -.sp -For the simple (historical) syntax valid -.BR control -values are: -.BR requisite -- failure of such a PAM results in the immediate termination of the -authentication process; -.BR required -- failure of such a PAM will ultimately lead to the PAM-API returning -failure but only after the remaining -.I stacked -modules (for this -.BR service -and -.BR type ")" -have been invoked; -.BR sufficient -- success of such a module is enough to satisfy the authentication -requirements of the stack of modules (if a prior -.BR required -module has failed the success of this one is -.IR ignored "); " -.BR optional -- the success or failure of this module is only important if it is the -only module in the stack associated with this -.BR service "+" type "." - -.sp -For the more complicated syntax valid -.B control -values have the following form: -.sp -.RB [value1=action1 value2=action2 ...] -.sp -Where -.B valueN -corresponds to the return code from the function invoked in the module -for which the line is defined. It is selected from one of these: -.BR success ; -.BR open_err ; -.BR symbol_err ; -.BR service_err ; -.BR system_err ; -.BR buf_err ; -.BR perm_denied ; -.BR auth_err ; -.BR cred_insufficient ; -.BR authinfo_unavail ; -.BR user_unknown ; -.BR maxtries ; -.BR new_authtok_reqd ; -.BR acct_expired ; -.BR session_err ; -.BR cred_unavail ; -.BR cred_expired ; -.BR cred_err ; -.BR no_module_data ; -.BR conv_err ; -.BR authtok_err ; -.BR authtok_recover_err ; -.BR authtok_lock_busy ; -.BR authtok_disable_aging ; -.BR try_again ; -.BR ignore ; -.BR abort ; -.BR authtok_expired ; -.BR module_unknown ; -.BR bad_item "; and" -.BR default . -The last of these, -.BR default , -implies 'all -.BR valueN 's -not mentioned explicitly. Note, the full list of PAM errors is -available in /usr/include/security/_pam_types.h . The -.B actionN -can be: an unsigned integer, -.BR J , -signifying an action of 'jump over the next J modules in the stack'; -or take one of the following forms: -.br -.B ignore -- when used with a stack of modules, the module's return status will -not contribute to the return code the application obtains; -.br -.B bad -- this action indicates that the return code should be thought of as -indicative of the module failing. If this module is the first in the -stack to fail, its status value will be used for that of the whole -stack. -.br -.B die -- equivalent to bad with the side effect of terminating the module -stack and PAM immediately returning to the application. -.br -.B ok -- this tells PAM that the administrator thinks this return code -should contribute directly to the return code of the full stack of -modules. In other words, if the former state of the stack would lead -to a return of -.BR PAM_SUCCESS , -the module's return code will override this value. Note, if the former -state of the stack holds some value that is indicative of a modules -failure, this 'ok' value will not be used to override that value. -.br -.B done -- equivalent to ok with the side effect of terminating the module -stack and PAM immediately returning to the application. -.br -.B reset -- clear all memory of the state of the module stack and start again -with the next stacked module. - -.sp -.BR module-path -- this is either the full filename of the PAM to be used by the -application (it begins with a '/'), or a relative pathname from the -default module location: -.BR /usr/lib/ . - -.sp -.BR module-arguments -- these are a space separated list of tokens that can be used to -modify the specific behavior of the given PAM. Such arguments will be -documented for each individual module. - -.SH "FILES" -.BR /etc/pam.conf " - the configuration file" -.br -.BR /etc/pam.d/ " - the" -.BR PAM -configuration directory. Generally, if this directory is present, the -.B /etc/pam.conf -file is ignored. -.br -.BR /usr/lib/libpam.so.X " - the dynamic library" -.br -.BR /usr/lib/pam_*.so " - the PAMs - -.SH ERRORS -Typically errors generated by the -.BR PAM -system of libraries, will be written to -.BR syslog "(3)." - -.SH "CONFORMING TO" -DCE-RFC 86.0, October 1995. -.br -Contains additional features, but remains backwardly compatible with -this RFC. - -.SH BUGS -.sp 2 -None known. - -.SH "SEE ALSO" - -The three -.BR PAM -Guides, for -.BR "system administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " diff --git a/contrib/libpam/doc/man/pam.conf.8 b/contrib/libpam/doc/man/pam.conf.8 deleted file mode 100644 index d067b55..0000000 --- a/contrib/libpam/doc/man/pam.conf.8 +++ /dev/null @@ -1 +0,0 @@ -.so pam.8 diff --git a/contrib/libpam/doc/man/pam.d.8 b/contrib/libpam/doc/man/pam.d.8 deleted file mode 100644 index d067b55..0000000 --- a/contrib/libpam/doc/man/pam.d.8 +++ /dev/null @@ -1 +0,0 @@ -.so pam.8 diff --git a/contrib/libpam/doc/man/pam_authenticate.3 b/contrib/libpam/doc/man/pam_authenticate.3 deleted file mode 100644 index c0975c0..0000000 --- a/contrib/libpam/doc/man/pam_authenticate.3 +++ /dev/null @@ -1,92 +0,0 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_authenticate.3,v 1.1.1.1 2000/06/20 22:10:57 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@parc.power.net> -.\" $FreeBSD$ -.TH PAM_AUTHENTICATE 3 "1996 Dec 9" "PAM 0.55" "App. Programmers' Manual" -.SH NAME - -pam_authenticate \- authenticate a user - -.SH SYNOPSIS -.B #include <security/pam_appl.h> -.sp -.BI "int pam_authenticate(pam_handle_t " *pamh ", int " flags ");" -.sp 2 -.SH DESCRIPTION -.B pam_authenticate - -.br -Use this function to authenticate an applicant user. It is linked -.I dynamically -to the authentication modules by -.BR PAM ". " -It is the task of these module to perform such an authentication. The -specific nature of the authentication is not the concern of the -application. - -.br -Following successful completion, the -.BR name -of the authenticated user will be present in the -.BR PAM -item -.BR PAM_USER ". " -This item may be recovered with a call to -.BR pam_get_item "(3)." - -.br -The application developer should note that the modules may request -that the user enter their username via the conversation mechanism (see -.BR pam_start "(3))." -Should this be the case, the user-prompt string can be set via -the -.BR PAM_USER_PROMPT -item (see -.BR pam_set_item "(3))." - -.SH "RETURN VALUE" -On success -.BR PAM_SUCCESS -is returned. All other returns should be considered -authentication failures and will be -.I delayed -by an amount specified with prior calls to -.BR pam_fail_delay "(3). " -Specific failures that demand special attention are the following: -.TP -.B PAM_ABORT -the application should exit immediately. Of course, -.BR pam_end "(3)" -should be called first. - -.TP -.B PAM_MAXTRIES -the application has tried too many times to authenticate the -user, authentication should not be attempted again. - -.SH ERRORS -May be translated to text with -.BR pam_strerror "(3). " - -.SH "CONFORMING TO" -DCE-RFC 86.0, October 1995. - -.SH BUGS -.sp 2 -none known. - -.SH "SEE ALSO" - -.BR pam_start "(3), " -.BR pam_get_item "(3) " -.BR pam_fail_delay "(3) " -and -.BR pam_strerror "(3). " - -Also, see the three -.BR PAM -Guides, for -.BR "System administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " diff --git a/contrib/libpam/doc/man/pam_chauthtok.3 b/contrib/libpam/doc/man/pam_chauthtok.3 deleted file mode 100644 index dae6c61..0000000 --- a/contrib/libpam/doc/man/pam_chauthtok.3 +++ /dev/null @@ -1,102 +0,0 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_chauthtok.3,v 1.1.1.1 2000/06/20 22:10:57 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> -.\" $FreeBSD$ -.TH PAM_CHAUTHTOK 3 "1997 Jan 4" "PAM 0.55" "App. Programmers' Manual" -.SH NAME - -pam_chauthtok \- updating authentication tokens - -.SH SYNOPSIS -.B #include <security/pam_appl.h> -.sp -.BI "int pam_chauthtok(pam_handle_t " *pamh ", int " flags ");" -.sp 2 -.SH DESCRIPTION -.B pam_chauthtok - -.br -Use this function to rejuvenate the authentication tokens (passwords -etc.) of an applicant user. - -.br -Note, the application should not pre-authenticate the user, as this is -performed (if required) by the -.BR PAM -framework. - -.br -The -.I flags -argument can -.I optionally -take the value, -.BR PAM_CHANGE_EXPIRED_AUTHTOK "." -In such cases the framework is only required to update those -authentication tokens that have expired. Without this argument, the -framework will attempt to obtain new tokens for all configured -authentication mechanisms. The details of the types and number of such -schemes should not concern the calling application. - -.SH RETURN VALUE -A successful return from this function will be indicated with -.BR PAM_SUCCESS "." - -.br -Specific errors of special interest when calling this function are - -.br -.BR PAM_AUTHTOK_ERROR -- a valid new token was not obtained - -.br -.BR PAM_AUTHTOK_RECOVERY_ERR -- old authentication token was not available - -.br -.BR PAM_AUTHTOK_LOCK_BUSY -- a resource needed to update the token was locked (try again later) - -.br -.BR PAM_AUTHTOK_DISABLE_AGING -- one or more of the authentication modules does not honor -authentication token aging - -.br -.BR PAM_TRY_AGAIN -- one or more authentication mechanism is not prepared to update a -token at this time - -.br -In general other return values may be returned. They should be treated -as indicating failure. - -.SH ERRORS -May be translated to text with -.BR pam_strerror "(3). " - -.SH "CONFORMING TO" -DCE-RFC 86.0, October 1995. - -.SH BUGS -.sp 2 -none known. - -.SH "SEE ALSO" - -.BR pam_start "(3), " -.BR pam_authenticate "(3), " -.BR pam_setcred "(3), " -.BR pam_get_item "(3), " -.BR pam_strerror "(3) " -and -.BR pam "(8)." - -.br -Also, see the three -.BR PAM -Guides, for -.BR "System administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " diff --git a/contrib/libpam/doc/man/pam_close_session.3 b/contrib/libpam/doc/man/pam_close_session.3 deleted file mode 100644 index d851700..0000000 --- a/contrib/libpam/doc/man/pam_close_session.3 +++ /dev/null @@ -1 +0,0 @@ -.so pam_open_session.3 diff --git a/contrib/libpam/doc/man/pam_end.3 b/contrib/libpam/doc/man/pam_end.3 deleted file mode 100644 index de999f2..0000000 --- a/contrib/libpam/doc/man/pam_end.3 +++ /dev/null @@ -1 +0,0 @@ -.so pam_start.3 diff --git a/contrib/libpam/doc/man/pam_fail_delay.3 b/contrib/libpam/doc/man/pam_fail_delay.3 deleted file mode 100644 index db80dc3..0000000 --- a/contrib/libpam/doc/man/pam_fail_delay.3 +++ /dev/null @@ -1,131 +0,0 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_fail_delay.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> -.\" $FreeBSD$ -.TH PAM_FAIL_DELAY 3 "1997 Jan 12" "PAM 0.56" "Programmers' Manual" -.SH NAME - -pam_fail_delay \- request a delay on failure - -.SH SYNOPSIS -.B #include <security/pam_appl.h> -.br -or, -.br -.B #include <security/pam_modules.h> -.sp -.BI "int pam_fail_delay(pam_handle_t " "*pamh" ", unsigned int " "usec" ");" -.sp 2 -.SH DESCRIPTION -.br -It is often possible to attack an authentication scheme by exploiting -the time it takes the scheme to deny access to an applicant user. In -cases of -.I short -timeouts, it may prove possible to attempt a -.I brute force -dictionary attack -- with an automated process, the attacker tries all -possible passwords to gain access to the system. In other cases, -where individual failures can take measurable amounts of time -(indicating the nature of the failure), an attacker can obtain useful -information about the authentication process. These latter attacks -make use of procedural delays that constitute a -.I covert channel -of useful information. - -.br -To minimize the effectiveness of such attacks, it is desirable to -introduce a random delay in a failed authentication process. -.B PAM -provides such a facility. The delay occurs upon failure of the -.BR pam_authenticate "(3) " -and -.BR pam_chauthtok "(3) " -functions. It occurs -.I after -all authentication modules have been called, but -.I before -control is returned to the service application. - -.br -The function, -.BR pam_fail_delay "(3)," -is used to specify a required minimum for the length of the -failure-delay; the -.I usec -argument. This function can be called by the service application -and/or the authentication modules, both may have an interest in -delaying a reapplication for service by the user. The length of the -delay is computed at the time it is required. Its length is -pseudo-gausianly distributed about the -.I maximum -requested value; the resultant delay will differ by as much as 25% of -this maximum requested value (both up and down). - -.br -On return from -.BR pam_authenticate "(3) or " pam_chauthtok "(3)," -independent of success or failure, the new requested delay is reset to -its default value: zero. - -.SH EXAMPLE -.br -For example, a -.B login -application may require a failure delay of roughly 3 seconds. It will -contain the following code: -.sp -.br -.B " pam_fail_delay(pamh, 3000000 /* micro-seconds */ );" -.br -.B " pam_authenticate(pamh, 0);" -.sp -.br -if the modules do not request a delay, the failure delay will be -between 2.25 and 3.75 seconds. - -.br -However, the modules, invoked in the authentication process, may -also request delays: -.sp -.br -.RB " (module #1) " "pam_fail_delay(pamh, 2000000);" -.sp -.br -.RB " (module #2) " "pam_fail_delay(pamh, 4000000);" -.sp -.br -in this case, it is the largest requested value that is used to -compute the actual failed delay: here between 3 and 5 seconds. - -.SH "RETURN VALUE" -Following a successful call to -.BR pam_fail_delay "(3), " PAM_SUCCESS -is returned. All other returns should be considered serious failures. - -.SH ERRORS -May be translated to text with -.BR pam_strerror "(3). " - -.SH "CONFORMING TO" -Under consideration by the X/Open group for future inclusion in the -PAM RFC. 1996/1/10 - -.SH BUGS -.sp 2 -none known. - -.SH "SEE ALSO" - -.BR pam_start "(3), " -.BR pam_get_item "(3) " -and -.BR pam_strerror "(3). " - -Also, see the three -.BR PAM -Guides, for -.BR "System administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " diff --git a/contrib/libpam/doc/man/pam_open_session.3 b/contrib/libpam/doc/man/pam_open_session.3 deleted file mode 100644 index 50a7b5f3..0000000 --- a/contrib/libpam/doc/man/pam_open_session.3 +++ /dev/null @@ -1,100 +0,0 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_open_session.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> -.\" $FreeBSD$ -.TH PAM_OPEN_SESSION 3 "1997 Jan 4" "PAM 0.55" "App. Programmers' Manual" -.SH NAME - -pam_open/close_session \- PAM session management - -.SH SYNOPSIS -.B #include <security/pam_appl.h> -.sp -.BI "int pam_open_session(pam_handle_t " *pamh ", int " flags ");" -.sp -.BI "int pam_close_session(pam_handle_t " *pamh ", int " flags ");" -.sp 2 -.SH DESCRIPTION - -PAM provides management-hooks for the initialization and termination -of a session. - -.TP -.B pam_open_session -.br -Use this function to signal that an authenticated user session has -begun. It should be called only after the user is properly identified -and (where necessary) has been granted their credentials with -.BR pam_authenticate "(3)" -and -.BR pam_setcred "(3)" -respectively. - -.br -Some types of functions associated with session -initialization are logging for the purposes of system-audit and -mounting directories (the user's home directory for example). These -should not concern the application. It should be noted that the -.I effective -uid, -.BR geteuid "(2)," -of the application should be of sufficient privilege to perform such -tasks. - -.TP -.B pam_close_session -.br -Use this function to signal that a user session has -terminated. In general this function may not need to be located in the -same application as the initialization function, -.BR pam_open_session "." - -.br -Typically, this function will undo the actions of -.BR pam_open_session "." -That is, log audit information concerning the end of the user session -or unmount the user's home directory. Apart from having sufficient -privilege the details of the session termination should not concern -the calling application. It is good programming practice, however, to -cease acting on behalf of the user on returning from this call. - -.SH RETURN VALUE -A successful return from the session management functions will be -indicated with -.BR PAM_SUCCESS "." - -.br -The specific error indicating a failure to open or close a session is -.BR PAM_SESSION_ERR "." -In general other return values may be returned. They should be treated -as indicating failure. - -.SH ERRORS -May be translated to text with -.BR pam_strerror "(3). " - -.SH "CONFORMING TO" -OSF-RFC 86.0, October 1995. - -.SH BUGS -.sp 2 -none known. - -.SH "SEE ALSO" - -.BR pam_start "(3), " -.BR pam_authenticate "(3), " -.BR pam_setcred "(3), " -.BR pam_get_item "(3), " -.BR pam_strerror "(3) " -and -.BR pam "(3)." - -.br -Also, see the three -.BR PAM -Guides, for -.BR "System administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " diff --git a/contrib/libpam/doc/man/pam_setcred.3 b/contrib/libpam/doc/man/pam_setcred.3 deleted file mode 100644 index 6d2cf45..0000000 --- a/contrib/libpam/doc/man/pam_setcred.3 +++ /dev/null @@ -1,80 +0,0 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_setcred.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1996,1997 <morgan@parc.power.net> -.\" $FreeBSD$ -.TH PAM_SETCRED 3 "1997 July 6" "PAM 0.58" "App. Programmers' Manual" -.SH NAME - -pam_setcred \- set the credentials for the user - -.SH SYNOPSIS -.B #include <security/pam_appl.h> -.sp -.BI "int pam_setcred(pam_handle_t " *pamh ", int " flags ");" -.sp 2 -.SH DESCRIPTION -.B pam_setcred - -This function is used to establish, maintain and delete the -credentials of a user. It should be called after a user has been -authenticated and before a session is opened for the user (with -.BR pam_open_session "(3))." - -It should be noted that credentials come in many forms. Examples -include: group memberships; ticket-files; and PAM environment -variables. For this reason, it is important that the basic identity -of the user is established, by the application, prior to a call to -this function. For example, the default -.BR PAM -environment variables should be set and also -.BR initgroups "(2) " -(or equivalent) should have been performed. - -.SH "VALID FLAGS" -.TP -.BR PAM_ESTABLISH_CRED -initialize the credentials for the user. - -.TP -.BR PAM_DELETE_CRED -delete the user's credentials. - -.TP -.BR PAM_REINITIALIZE_CRED -delete and then initialize the user's credentials. - -.TP -.BR PAM_REFRESH_CRED -extend the lifetime of the existing credentials. - -.SH "RETURN VALUE" - -On success -.BR PAM_SUCCESS -is returned, all other return values should be treated as errors. - -.SH ERRORS -May be translated to text with -.BR pam_strerror "(3). " - -.SH "CONFORMING TO" -DCE-RFC 86.0, October 1995. - -.SH BUGS -.sp 2 -none known. - -.SH "SEE ALSO" - -.BR pam_authenticate "(3), " -.BR pam_strerror "(3)" -and -.BR pam_open_session "(3). " - -Also, see the three -.BR PAM -Guides, for -.BR "System administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " diff --git a/contrib/libpam/doc/man/pam_start.3 b/contrib/libpam/doc/man/pam_start.3 deleted file mode 100644 index 1a78511..0000000 --- a/contrib/libpam/doc/man/pam_start.3 +++ /dev/null @@ -1,99 +0,0 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_start.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@parc.power.net> -.\" $FreeBSD$ -.TH PAM_START 3 "1997 Feb 15" "PAM 0.56" "Application Programmers' Manual" -.SH NAME - -pam_start, pam_end \- activating PAM - -.SH SYNOPSIS -.B #include <security/pam_appl.h> -.sp -.BI "int pam_start(const char " *service ", const char " *user ", const struct pam_conv " *conv ", pam_handle_t " **pamh_p ");" -.sp -.BI "int pam_end(pam_handle_t " *pamh ", int " pam_status ");" -.sp 2 -.SH DESCRIPTION -.TP -.B pam_start -Initialize the -.I PAM -library. Identifying the application with a particular -.IR service -name. The -.IR user "name" -can take the value -.IR NULL ", " -if not known at the time the interface is initialized. The -conversation structure is passed to the library via the -.IR conv -argument. (For a complete description of this and other structures -the reader is directed to the more verbose -.IR PAM -application developers' guide). Upon successful initialization, an -opaque pointer-handle for future access to the library is returned -through the contents of the -.IR pamh_p -pointer. - -.TP -.B pam_end -Terminate the -.B PAM -library. The service application associated with the -.IR pamh -handle, is terminated. The argument, -.IR pam_status ", " -passes the value most recently returned to the application from the -library; it indicates the manner in which the library should be -shutdown. Besides carrying a return value, this argument may be -logically OR'd with -.IR PAM_DATA_SILENT -to indicate that the module should not treat the call too -seriously. It is generally used to indicate that the current closing -of the library is in a -.IR fork "(2)ed" -process, and that the parent will take care of cleaning up things that -exist outside of the current process space (files etc.). - -.SH "RETURN VALUE" -.TP -.B pam_start -.TP -.B pam_end -On success, -.BR PAM_SUCCESS -is returned - -.SH ERRORS -May be translated to text with -.BR pam_strerror "(3). " - -.SH "CONFORMING TO" -DCE-RFC 86.0, October 1995. -.sp -Note, the -.BR PAM_DATA_SILENT -flag is pending acceptance with the DCE (as of 1996/12/4). - -.SH BUGS -.sp 2 -None known. - -.SH "SEE ALSO" - -.BR fork "(2), " -.BR pam_authenticate "(3), " -.BR pam_acct_mgmt "(3), " -.BR pam_open_session "(3), " -and -.BR pam_chauthtok "(3)." - -Also, see the three -.BR PAM -Guides, for -.BR "System administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " diff --git a/contrib/libpam/doc/man/pam_strerror.3 b/contrib/libpam/doc/man/pam_strerror.3 deleted file mode 100644 index 2c40ecd..0000000 --- a/contrib/libpam/doc/man/pam_strerror.3 +++ /dev/null @@ -1,52 +0,0 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" ripped off from Rick Faith's getgroups man page -.\" $Id: pam_strerror.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@linux.kernel.org> -.\" $FreeBSD$ -.TH PAM_STRERROR 3 "1999 Oct 4" "PAM 0.70" "Programmers' Manual" -.SH NAME - -pam_strerror \- return a textual description of a PAM error - -.SH SYNOPSIS -.B #include <security/pam_appl.h> -.br -or, -.br -.B #include <security/pam_modules.h> -.sp -.BI "const char * pam_strerror( pam_handle_t " "*pamh" ", int " pam_error ");" -.sp 2 -.SH DESCRIPTION -.B pam_strerror - -This function returns some text describing the -.BR PAM -error associated with the -.B pam_error -argument. - -.SH "RETURN VALUE" - -On success this function returns a description of the indicated -error. Should the function not recognize the error, ``Unknown -PAM error'' is returned. - -.SH "CONFORMING TO" -DCE-RFC 86.0, October 1995. - -.SH BUGS -.sp 2 -This function should be internationalized. - -.SH "SEE ALSO" - -.BR pam "(8). " - -Also, see the three -.BR PAM -Guides, for -.BR "System administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " diff --git a/contrib/libpam/doc/man/template-man b/contrib/libpam/doc/man/template-man deleted file mode 100644 index cbe8116..0000000 --- a/contrib/libpam/doc/man/template-man +++ /dev/null @@ -1,53 +0,0 @@ -.\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: template-man,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> -.\" $FreeBSD$ -.TH PAM_???? 2 "1997 Jan 4" "PAM 0.55" "Application Programmers' Manual" -.SH NAME - -function names \- brief summary of function - -.SH SYNOPSIS -.B #include <security/pam_????.h> -.sp -.BI "int pam_???(pam_handle_t " pamh ", int " flags); -.sp 2 -.SH DESCRIPTION -.TP -.B pam_??? -Here goes the -.I explanation -it may be quite -.IR long . -.TP -.SH "RETURN VALUE" -.B pam_??? -On success... -.BR PAM_SUCCESS -is returned -.TP -.SH ERRORS -May be translated to text with -.BR pam_strerror "(2). " - -.SH "CONFORMING TO" -.B pam_??? -DCE-RFC 86.0, October 1995. - -.SH BUGS -.sp 2 -none known. - -.SH "SEE ALSO" - -.BR pam_??? "(2), " -and -.BR pam_??? "(2). " - -Also, see the three -.BR PAM -Guides, for -.BR "System administrators" ", " -.BR "module developers" ", " -and -.BR "application developers" ". " diff --git a/contrib/libpam/doc/modules/pam_access.sgml b/contrib/libpam/doc/modules/pam_access.sgml deleted file mode 100644 index 00c7ea1..0000000 --- a/contrib/libpam/doc/modules/pam_access.sgml +++ /dev/null @@ -1,108 +0,0 @@ -<!-- - - pam_access module docs added by Tim Berger <timb@transmeta.com> - ---> - -<sect1> The access module - -<sect2>Synopsis - -<p> -<descrip> - -<tag><bf>Module Name:</bf></tag> - -<tt>pam_access</tt> - - -<tag><bf>Author[s]:</bf></tag> - -Alexei Nogin <alexei@nogin.dnttm.ru> - -<tag><bf>Maintainer:</bf></tag> - -Author - -<tag><bf>Management groups provided:</bf></tag> - -account - -<tag><bf>Cryptographically sensitive:</bf></tag> - -<tag><bf>Security rating:</bf></tag> - -<tag><bf>Clean code base:</bf></tag> - -<tag><bf>System dependencies:</bf></tag> -Requires a configuration file. By default -<tt>/etc/security/access.conf</tt> is used but this can be overridden. - -<tag><bf>Network aware:</bf></tag> - -Through <tt/PAM_TTY/ if set, otherwise attempts getting tty name of -the stdin file descriptor with <tt/ttyname()/. Standard -gethostname(), <tt/yp_get_default_domain()/, <tt/gethostbyname()/ -calls. <bf/NIS/ is used for netgroup support. - -</descrip> - -<sect2>Overview of module - -<p> -Provides logdaemon style login access control. - -<sect2> Account component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> - -<tt>accessfile=<it>/path/to/file.conf</it></tt> - -<tag><bf>Description:</bf></tag> - -This module provides logdaemon style login access control based on -login names and on host (or domain) names, internet addresses (or -network numbers), or on terminal line names in case of non-networked -logins. Diagnostics are reported through <tt/syslog(3)/. Wietse -Venema's <tt/login_access.c/ from <em/logdaemon-5.6/ is used with -several changes by A. Nogin. - -<p> -The behavior of this module can be modified with the following -arguments: -<itemize> - -<item><tt>accessfile=/path/to/file.conf</tt> - -indicate an alternative <em/access/ configuration file to override -the default. This can be useful when different services need different -access lists. - -</itemize> - -<tag><bf>Examples/suggested usage:</bf></tag> - -Use of module is recommended, for example, on administrative machines -such as <bf/NIS/ servers and mail servers where you need several accounts -active but don't want them all to have login capability. - -For <tt>/etc/pam.d</tt> style configurations where your modules live -in <tt>/lib/security</tt>, start by adding the following line to -<tt>/etc/pam.d/login</tt>, <tt>/etc/pam.d/rlogin</tt>, -<tt>/etc/pam.d/rsh</tt> and <tt>/etc/pam.d/ftp</tt>: - -<tscreen> -<verb> -account required /lib/security/pam_access.so -</verb> -</tscreen> - -Note that use of this module is not effective unless your system ignores -<tt>.rhosts</tt> files. See the the pam_rhosts_auth documentation. - -A sample <tt>access.conf</tt> configuration file is included with the -distribution. - -</descrip> diff --git a/contrib/libpam/doc/modules/pam_issue.sgml b/contrib/libpam/doc/modules/pam_issue.sgml deleted file mode 100644 index 1f617e3..0000000 --- a/contrib/libpam/doc/modules/pam_issue.sgml +++ /dev/null @@ -1,120 +0,0 @@ -<!-- - -Ben Collins <bcollins@debian.org> - ---> - -<sect1>Add issue file to user prompt - -<sect2>Synopsis - -<p> -<descrip> - -<tag><bf>Module Name:</bf></tag> -<tt/pam_issue/ - -<tag><bf>Author:</bf></tag> -Ben Collins <bcollins@debian.org> - -<tag><bf>Maintainer:</bf></tag> -Author - -<tag><bf>Management groups provided:</bf></tag> -Authentication (pam_sm_authenticate) - -<tag><bf>Cryptographically sensitive:</bf></tag> - -<tag><bf>Security rating:</bf></tag> - -<tag><bf>Clean code base:</bf></tag> - -<tag><bf>System dependencies:</bf></tag> - -<tag><bf>Network aware:</bf></tag> - -</descrip> - -<sect2>Overview of module - -<p> -This module prepends the issue file (<em>/etc/issue</em> by default) when -prompting for a username. - -<sect2>Authentication component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> -<tt/issue=issue-file-name/; <tt/noesc/; - -<tag><bf>Description:</bf></tag> -This module allows you to prepend an issue file to the username prompt. It -also by default parses escape codes in the issue file similar to some -common getty's (using \x format). -<p> -Recognized escapes: -<itemize> - -<item><tt/d/ -- current date - -<item><tt/s/ -- operating system name - -<item><tt/l/ -- name of this tty - -<item><tt/m/ -- architecture of this system (i686, sparc, powerpc, ...) - -<item><tt/n/ -- hostname of this system - -<item><tt/o/ -- domainname of this system - -<item><tt/r/ -- release number of the operation system (eg. 2.2.12) - -<item><tt/t/ -- current time - -<item><tt/u/ -- number of users currently logged in - -<item><tt/U/ -- same as <tt/u/, except it is suffixed with "user" or "users" (eg. "1 -user" or "10 users" - -<item><tt/v/ -- version/build-date of the operating system (eg. "#3 Mon Aug 23 14:38:16 -EDT 1999" on Linux). - -</itemize> - -<p> -The behavior of this module can be modified with one of the following -flags: - -<p> -<itemize> - -<item><tt/issue/ -- the file to output if not using the default - -<item><tt/noesc/ -- turns off escape code parsing - -</itemize> - -<tag><bf>Examples/suggested usage:</bf></tag> - -login auth pam_issue.so issue=/etc/issue - -</descrip> - -<!-- -End of sgml insert for this module. ---> diff --git a/contrib/libpam/doc/modules/pam_mkhomedir.sgml b/contrib/libpam/doc/modules/pam_mkhomedir.sgml deleted file mode 100644 index 075e16f..0000000 --- a/contrib/libpam/doc/modules/pam_mkhomedir.sgml +++ /dev/null @@ -1,83 +0,0 @@ -<!-- - -Ben Collins <bcollins@debian.org> - ---> - -<sect1>Create home directories on initial login - -<sect2>Synopsis - -<p> -<descrip> - -<tag><bf>Module Name:</bf></tag> -<tt/pam_mkhomedir/ - -<tag><bf>Author:</bf></tag> -Jason Gunthorpe <jgg@ualberta.ca> - -<tag><bf>Maintainer:</bf></tag> -Ben Collins <bcollins@debian.org> - -<tag><bf>Management groups provided:</bf></tag> -Session - -<tag><bf>Cryptographically sensitive:</bf></tag> - -<tag><bf>Security rating:</bf></tag> - -<tag><bf>Clean code base:</bf></tag> - -<tag><bf>System dependencies:</bf></tag> - -<tag><bf>Network aware:</bf></tag> - -</descrip> - -<sect2>Overview of module - -<p> -Creates home directories on the fly for authenticated users. - -<sect2>Session component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> -<tt/debug/; <tt/skel=skeleton-dir/; <tt/umask=octal-umask/; - -<tag><bf>Description:</bf></tag> -This module is useful for distributed systems where the user account is -managed in a central database (such as NIS, NIS+, or LDAP) and accessed -through miltiple systems. It frees the administrator from having to create -a default home directory on each of the systems by creating it upon the -first succesfully authenticated login of that user. The skeleton directory -(usually /etc/skel/) is used to copy default files and also set's a umask -for the creation. - -<p> -The behavior of this module can be modified with one of the following -flags: - -<p> -<itemize> - -<item><tt/skel/ -- The skeleton directory for default files to copy to the new home directory. - -<item><tt/umask/ -- An octal for of the same format as you would pass to the shells umask command. - -</itemize> - -<tag><bf>Examples/suggested usage:</bf></tag> - -session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 - -</descrip> - -<!-- -End of sgml insert for this module. ---> diff --git a/contrib/libpam/doc/modules/pam_motd.sgml b/contrib/libpam/doc/modules/pam_motd.sgml deleted file mode 100644 index 8ddc639..0000000 --- a/contrib/libpam/doc/modules/pam_motd.sgml +++ /dev/null @@ -1,77 +0,0 @@ -<!-- - -Ben Collins <bcollins@debian.org> - ---> - -<sect1>Output the motd file - -<sect2>Synopsis - -<p> -<descrip> - -<tag><bf>Module Name:</bf></tag> -<tt/pam_motd/ - -<tag><bf>Author:</bf></tag> -Ben Collins <bcollins@debian.org> - -<tag><bf>Maintainer:</bf></tag> -Author - -<tag><bf>Management groups provided:</bf></tag> -Session (open) - -<tag><bf>Cryptographically sensitive:</bf></tag> - -<tag><bf>Security rating:</bf></tag> - -<tag><bf>Clean code base:</bf></tag> - -<tag><bf>System dependencies:</bf></tag> - -<tag><bf>Network aware:</bf></tag> - -</descrip> - -<sect2>Overview of module - -<p> -This module outputs the motd file (<em>/etc/motd</em> by default) upon -successful login. - -<sect2>Session component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> -<tt/debug/; <tt/motd=motd-file-name/; - -<tag><bf>Description:</bf></tag> -This module allows you to have arbitrary motd's (message of the day) -output after a succesful login. By default this file is <em>/etc/motd</em>, -but is configurable to any file. - -<p> -The behavior of this module can be modified with one of the following -flags: - -<p> -<itemize> - -<item><tt/motd/ -- the file to output if not using the default. - -</itemize> - -<tag><bf>Examples/suggested usage:</bf></tag> - -login session pam_motd.so motd=/etc/motd - -</descrip> - -<!-- -End of sgml insert for this module. ---> diff --git a/contrib/libpam/doc/modules/pam_tally.sgml b/contrib/libpam/doc/modules/pam_tally.sgml deleted file mode 100644 index aca41bb..0000000 --- a/contrib/libpam/doc/modules/pam_tally.sgml +++ /dev/null @@ -1,191 +0,0 @@ -<!-- - - $Id: pam_tally.sgml,v 1.1 2001/02/11 07:52:56 agmorgan Exp $ - - This template file was written by Andrew G. Morgan <morgan@kernel.org> - adapted from text provided by Tim Baverstock. ---> - -<sect1>The login counter (tallying) module - -<sect2>Synopsis - -<p> -<descrip> - -<tag><bf>Module Name:</bf></tag> -pam_tally - -<tag><bf>Author[s]:</bf></tag> -Tim Baverstock - -<tag><bf>Maintainer:</bf></tag> - -<tag><bf>Management groups provided:</bf></tag> -auth; account - -<tag><bf>Cryptographically sensitive:</bf></tag> - -<tag><bf>Security rating:</bf></tag> - -<tag><bf>Clean code base:</bf></tag> - -<tag><bf>System dependencies:</bf></tag> -A faillog file (default location /var/log/faillog) - -<tag><bf>Network aware:</bf></tag> - -</descrip> - -<sect2>Overview of module - -<p> -This module maintains a count of attempted accesses, can reset count -on success, can deny access if too many attempts fail. - -<p> -pam_tally comes in two parts: <tt>pam_tally.so</tt> and -<tt>pam_tally</tt>. The former is the PAM module and the latter, a -stand-alone program. <tt>pam_tally</tt> is an (optional) application -which can be used to interrogate and manipulate the counter file. It -can display users' counts, set individual counts, or clear all -counts. Setting artificially high counts may be useful for blocking -users without changing their passwords. For example, one might find it -useful to clear all counts every midnight from a cron job. - -<p> -The counts file is organized as a binary-word array, indexed by -uid. You can probably make sense of it with <tt>od</tt>, if you don't -want to use the supplied appliction. - -<p> -Note, there are some outstanding issues with this module: -<tt>pam_tally</tt> is very dependant on <tt>getpw*()</tt> - a database -of usernames would be much more flexible; the `keep a count of current -logins' bit has been <tt>#ifdef</tt>'d out and you can only reset the -counter on successful authentication, for now. - -<sect3>Generic options accepted by both components -<p> -<itemize> -<item> <tt>onerr=</tt>(<tt>succeed</tt>|<tt>fail</tt>): - if something weird happens, such as unable to open the file, how - should the module react? -<item> <tt>file=</tt><em>/where/to/keep/counts</em>: - specify the file location for the counts. - The default location is <tt>/var/log/faillog</tt>. -</itemize> - -<sect2>Authentication component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> -<tt>onerr=</tt>(<tt>succeed</tt>|<tt>fail</tt>); -<tt>file=</tt>/where/to/keep/counts; -<tt>no_magic_root</tt> - -<tag><bf>Description:</bf></tag> - -<p> -The authentication component of this module increments the attempted -login counter. - -<p> -<tag><bf>Examples/suggested usage:</bf></tag> - -<p> -The module argument <tt>no_magic_root</tt> is used to indicate that if -the module is invoked by a user with uid=0, then the counter is -incremented. The sys-admin should use this for daemon-launched -services, like <tt>telnet</tt>/<tt>rsh</tt>/<tt>login</tt>. For user -launched services, like <tt>su</tt>, this argument should be omitted. - -<p> -By way of more explanation, when a process already running as root -tries to access some service, the access is <em>magic</em>, and -bypasses <tt>pam_tally</tt>'s checks: this is handy for <tt>su</tt>ing -from root into an account otherwise blocked. However, for services -like <tt>telnet</tt> or <tt>login</tt>, which always effectively run -from the root account, root (ie everyone) shouldn't be granted this -magic status, and the flag `no_magic_root' should be set in this -situation, as noted in the summary above. - -</descrip> - -<sect2>Account component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> -<tt>onerr=</tt>(<tt>succeed</tt>|<tt>fail</tt>); -<tt>file=</tt>/where/to/keep/counts; -<tt>deny=</tt><em>n</em>; -<tt>no_magic_root</tt>; -<tt>even_deny_root_account</tt>; -<tt>reset</tt>; -<tt>no_reset</tt>; -<tt>per_user</tt>; -<tt>no_lock_time</tt> - -<tag><bf>Description:</bf></tag> - -<p> -The account component can deny access and/or reset the attempts -counter. It also checks to make sure that the counts file is a plain -file and not world writable. - -<tag><bf>Examples/suggested usage:</bf></tag> - -<p> -The <tt>deny=</tt><em>n</em> option is used to deny access if tally -for this user exceeds <em>n</em>. The presence of -<tt>deny=</tt><em>n</em> changes the default for -<tt>reset</tt>/<tt>no_reset</tt> to <tt>reset</tt>, unless the user -trying to gain access is root and the <tt>no_magic_root</tt> option -has NOT been specified. - -<p> -The <tt>no_magic_root</tt> option ensures that access attempts by root -DON'T ignore deny. Use this for daemon-based stuff, like -<tt>telnet</tt>/<tt>rsh</tt>/<tt>login</tt>. - -<p> -The <tt>even_deny_root_account</tt> option is used to ensure that the -root account can become unavailable. <bf>Note</bf> that magic root -trying to gain root bypasses this, but normal users can be locked out. - -<p> -The <tt>reset</tt> option instructs the module to reset count to 0 on -successful entry, even for magic root. The <tt>no_reset</tt> option is -used to instruct the module to not reset the count on successful -entry. This is the default unless <tt>deny</tt> exists and the user -attempting access is NOT magic root. - -<p> -If <tt>/var/log/faillog</tt> contains a non-zero <tt>.fail_max</tt> -field for this user then the <tt>per_user</tt> module argument will -ensure that the module uses this value and not the global -<tt>deny=</tt><em>n</em> parameter. - -<p> -The <tt>no_lock_time</tt> option is for ensuring that the module does -not use the <tt>.fail_locktime</tt> field in /var/log/faillog for this -user. - -<p> -Normally, failed attempts to access root will <bf>NOT</bf> cause the -root account to become blocked, to prevent denial-of-service: if your -users aren't given shell accounts and root may only login via -<tt>su</tt> or at the machine console (not -<tt>telnet</tt>/<tt>rsh</tt>, etc), this is safe. If you really want -root to be blocked for some given service, use -<tt>even_deny_root_account</tt>. - -</descrip> - -<!-- -End of sgml insert for this module. ---> diff --git a/contrib/libpam/doc/modules/pam_unix.sgml b/contrib/libpam/doc/modules/pam_unix.sgml deleted file mode 100644 index 71cb07e..0000000 --- a/contrib/libpam/doc/modules/pam_unix.sgml +++ /dev/null @@ -1,288 +0,0 @@ -<!-- - This file was written by Andrew G. Morgan <morgan@linux.kernel.org> - - Converted from the pam_pwdb.sgml file for pam_unix by Ben Collins <bcollins@debian.org> ---> - -<sect1>The Unix Password module - -<sect2>Synopsis - -<p> -<descrip> - -<tag><bf>Module Name:</bf></tag> -pam_unix - -<tag><bf>Author:</bf></tag> - -<tag><bf>Maintainer:</bf></tag> - -<tag><bf>Management groups provided:</bf></tag> -account; authentication; password; session - -<tag><bf>Cryptographically sensitive:</bf></tag> - -<tag><bf>Security rating:</bf></tag> - -<tag><bf>Clean code base:</bf></tag> - -<tag><bf>System dependencies:</bf></tag> - -<tag><bf>Network aware:</bf></tag> - -</descrip> - -<sect2>Overview of module - -<p> -This is the standard Unix authentication module. It uses standard calls -from the system's libraries to retrieve and set account information as -well as authentication. Usually this is obtained from the /etc/passwd -and the /etc/shadow file as well if shadow is enabled. - -<sect2>Account component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> -<tt/debug/; <tt/audit/ - -<tag><bf>Description:</bf></tag> - -The <tt/debug/ argument makes the accounting functions of this module -<tt/syslog(3)/ more information on its actions. (Remaining arguments -supported by the other functions of this module are silently ignored, -but others are logged as errors through <tt/syslog(3)/). The <tt/audit/ -argument causes even more logging. - -Based on the following <tt/shadow/ elements: -<tt/expire/; -<tt/last_change/; -<tt/max_change/; -<tt/min_change/; -<tt/warn_change/, -this module performs the task of establishing the status of the user's -account and password. In the case of the latter, it may offer advice -to the user on changing their password or, through the -<tt/PAM_AUTHTOKEN_REQD/ return, delay giving service to the user until -they have established a new password. The entries listed above are -documented in the <em/GNU Libc/ info documents. Should the user's record -not contain one or more of these entries, the corresponding <em/shadow/ -check is not performed. - -<tag><bf>Examples/suggested usage:</bf></tag> - -In its accounting mode, this module can be inserted as follows: -<tscreen> -<verb> -# -# Ensure users account and password are still active -# -login account required pam_unix.so -</verb> -</tscreen> - -</descrip> - -<sect2>Authentication component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> -<tt/debug/; -<tt/audit/; -<tt/use_first_pass/; -<tt/try_first_pass/; -<tt/nullok/; -<tt/nodelay/ - -<tag><bf>Description:</bf></tag> - -The <tt/debug/ argument makes the authentication functions of this -module <tt/syslog(3)/ more information on its actions. The <tt/audit/ -causes even more information to be logged. - -<p> -The default action of this module is to not permit the user access to -a service if their <em/official/ password is blank. The <tt/nullok/ -argument overrides this default. - -<p> -When given the argument <tt/try_first_pass/, before prompting the user -for their password, the module first tries the previous stacked -<tt/auth/-module's password in case that satisfies this module as -well. The argument <tt/use_first_pass/ forces the module to use such a -recalled password and will never prompt the user - if no password is -available or the password is not appropriate, the user will be denied -access. - -<p> -The argument, <tt>nodelay</tt>, can be used to discourage the -authentication component from requesting a delay should the -authentication as a whole fail. The default action is for the module -to request a delay-on-failure of the order of one second. - -<p> -Remaining arguments, supported by the other functions of this module, -are silently ignored. Other arguments are logged as errors through -<tt/syslog(3)/. - -<p> -A helper binary, <tt>unix_chkpwd</tt>, is provided to check the user's -password when it is stored in a read protected database. This binary -is very simple and will only check the password of the user invoking -it. It is called transparently on behalf of the user by the -authenticating component of this module. In this way it is possible -for applications like <em>xlock</em> to work without being setuid-root. - -<tag><bf>Examples/suggested usage:</bf></tag> - -The correct functionality of this module is dictated by having an -appropriate <tt>/etc/nsswitch.conf</tt> file, the user -databases specified there dictate the source of the authenticated -user's record. -<p> -In its authentication mode, this module can be inserted as follows: -<tscreen> -<verb> -# -# Authenticate the user -# -login auth required pam_unix.so -</verb> -</tscreen> - -</descrip> - -<sect2>Password component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> -<tt/debug/; -<tt/audit/; -<tt/nullok/; -<tt/not_set_pass/; -<tt/use_authtok/; -<tt/try_first_pass/; -<tt/use_first_pass/; -<tt/md5/; -<tt/bigcrypt/; -<tt/shadow/; -<tt/nis/; -<tt/remember/ - -<tag><bf>Description:</bf></tag> - -This part of the <tt/pam_unix/ module performs the task of updating -the user's password. - -<p> -In the case of conventional unix databases (which store the password -encrypted) the <tt/md5/ argument is used to do the encryption with the -MD5 function as opposed to the <em/conventional/ <tt/crypt(3)/ call. -As an alternative to this, the <tt/bigcrypt/ argument can be used to -encrypt more than the first 8 characters of a password with DEC's -(Digital Equipment Cooperation) `C2' extension to the standard UNIX -<tt/crypt()/ algorithm. - -<p> -The <tt/nullok/ argument is used to permit the changing of a password -<em/from/ an empty one. Without this argument, empty passwords are -treated as account-locking ones. - -<p> -The argument <tt/use_first_pass/ is used to lock the choice of old and -new passwords to that dictated by the previously stacked <tt/password/ -module. The <tt/try_first_pass/ argument is used to avoid the user -having to re-enter an old password when <tt/pam_unix/ follows a module -that possibly shared the user's old password - if this old password is -not correct the user will be prompted for the correct one. The -argument <tt/use_authtok/ is used to <em/force/ this module to set the -new password to the one provided by the previously stacked -<tt/password/ module (this is used in an example of the stacking of -the <em/Cracklib/ module documented above). - -<p> -The <tt/not_set_pass/ argument is used to inform the module that it is -not to pay attention to/make available the old or new passwords from/to -other (stacked) password modules. - -<p> -The <tt/debug/ argument makes the password functions of this module -<tt/syslog(3)/ more information on its actions. Other arguments may be -logged as erroneous to <tt/syslog(3)/. The <tt/audit/ argument causes -even more information to be logged. - -<p> -With the <tt/nis/ argument, <tt/pam_unix/ will attempt to use NIS RPC -for setting new passwords. - -<p> -The <tt/remember/ argument takes one value. This is the number of most -recent passwords to save for each user. These are saved in -<tt>/etc/security/opasswd</tt> in order to force password change history -and keep the user from alternating between the same password too frequently. - -<tag><bf>Examples/suggested usage:</bf></tag> - -Standard usage: -<tscreen> -<verb> -# -# Change the users password -# -passwd password required pam_unix.so -</verb> -</tscreen> - -<p> -An example of the stacking of this module with respect to the -pluggable password checking module, <tt/pam_cracklib/: -<tscreen> -<verb> -# -# Change the users password -# -passwd password required pam_cracklib.so retry=3 minlen=6 difok=3 -passwd password required pam_unix.so use_authtok nullok md5 -</verb> -</tscreen> - -</descrip> - -<sect2>Session component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> - -<tag><bf>Description:</bf></tag> - -No arguments are recognized by this module component. Its action is -simply to log the username and the service-type to -<tt/syslog(3)/. Messages are logged at the beginning and end of the -user's session. - -<tag><bf>Examples/suggested usage:</bf></tag> - -The use of the session modules is straightforward: -<tscreen> -<verb> -# -# session opening and closing -# -login session required pam_unix.so -</verb> -</tscreen> - -</descrip> - -<!-- -End of sgml insert for this module. ---> diff --git a/contrib/libpam/doc/modules/pam_userdb.sgml b/contrib/libpam/doc/modules/pam_userdb.sgml deleted file mode 100644 index bdbf80b..0000000 --- a/contrib/libpam/doc/modules/pam_userdb.sgml +++ /dev/null @@ -1,112 +0,0 @@ -<!-- - This file was written by Cristian Gafton <gafton@redhat.com> ---> - -<sect1>The userdb module - -<sect2>Synopsis - -<p> -<descrip> - -<tag><bf>Module Name:</bf></tag> -<tt/pam_userdb/ - -<tag><bf>Author:</bf></tag> -Cristian Gafton <gafton@redhat.com> - -<tag><bf>Maintainer:</bf></tag> -Author. - -<tag><bf>Management groups provided:</bf></tag> -authentication - -<tag><bf>Cryptographically sensitive:</bf></tag> - -<tag><bf>Security rating:</bf></tag> - -<tag><bf>Clean code base:</bf></tag> - -<tag><bf>System dependencies:</bf></tag> -Requires Berkeley DB. - -<tag><bf>Network aware:</bf></tag> - -</descrip> - -<sect2>Overview of module - -<p> -Look up users in a .db database and verify their password against -what is contained in that database. - -<sect2>Authentication component - -<p> -<descrip> - -<tag><bf>Recognized arguments:</bf></tag> -<tt/debug/; -<tt/icase/; -<tt/dump/; -<tt/db=XXXX/; - -<tag><bf>Description:</bf></tag> - -This module is used to verify a username/password pair against values stored in -a Berkeley DB database. The database is indexed by the username, and the data -fields corresponding to the username keys are the passwords, in unencrypted form, -so caution must be exercised over the access rights to the DB database itself.. - -The module will read the password from the user using the conversation mechanism. If -you are using this module on top of another authetication module (like <tt/pam_pwdb/;) -then you should tell that module to read the entered password from the PAM_AUTHTOK field, which is set by this module. - -<p> -The action of the module may be modified from this default by one or -more of the following flags in the <tt>/etc/pam.d/<service></tt> file. -<itemize> -<item> -<tt/debug/ - -Supply more debugging information to <tt/syslog(3)/. - -<item> -<tt/icase/ - -Perform the password comparisons case insensitive. - -<item> -<tt/dump/ - -dump all the entries in the database to the log (eek, -don't do this by default!) - -<item> -<tt/db=XXXX/ - -use the database found on pathname XXXX. Note that Berkeley DB usually adds the -needed filename extension for you, so you should use something like <tt>/etc/foodata</tt> -instead of <tt>/etc/foodata.db</tt>. - -</itemize> - -<tag><bf>Examples/suggested usage:</bf></tag> - -This is a normal ftp configuration file (usually placed as <tt>/etc/pam.d/ftp</tt> -on most systems) that will accept for login users whose username/password pairs are -provided in the <tt>/tmp/dbtest.db</tt> file: - -<tscreen> -<verb> -#%PAM-1.0 -auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed -auth sufficient pam_userdb.so icase db=/tmp/dbtest -auth required pam_pwdb.so shadow nullok try_first_pass -auth required pam_shells.so -account required pam_pwdb.so -session required pam_pwdb.so -</verb> -</tscreen> - -</descrip> - -<!-- -End of sgml insert for this module. ---> diff --git a/contrib/libpam/doc/pam_appl.sgml b/contrib/libpam/doc/pam_appl.sgml deleted file mode 100644 index c32ee13..0000000 --- a/contrib/libpam/doc/pam_appl.sgml +++ /dev/null @@ -1,1675 +0,0 @@ -<!doctype linuxdoc system> - -<!-- - - $Id: pam_appl.sgml,v 1.5 2001/03/19 01:46:41 agmorgan Exp $ - - Copyright (C) Andrew G. Morgan 1996-2001. All rights reserved. - -Redistribution and use in source (sgml) and binary (derived) forms, -with or without modification, are permitted provided that the -following conditions are met: - -1. Redistributions of source code must retain the above copyright - notice, and the entire permission notice in its entirety, - including the disclaimer of warranties. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. The name of the author may not be used to endorse or promote - products derived from this software without specific prior - written permission. - -ALTERNATIVELY, this product may be distributed under the terms of the -GNU General Public License, in which case the provisions of the GNU -GPL are required INSTEAD OF the above restrictions. (This clause is -necessary due to a potential bad interaction between the GNU GPL and -the restrictions contained in a BSD-style copyright.) - -THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS -OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR -TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -DAMAGE. - - --> - -<article> - -<title>The Linux-PAM Application Developers' Guide -<author>Andrew G. Morgan, <tt>morgan@kernel.org</tt> -<date>DRAFT v0.75 2001/03/18 -<abstract> -This manual documents what an application developer needs to know -about the <bf>Linux-PAM</bf> library. It describes how an application -might use the <bf>Linux-PAM</bf> library to authenticate users. In -addition it contains a description of the funtions to be found in -<tt/libpam_misc/ library, that can be used in general applications. -Finally, it contains some comments on PAM related security issues for -the application developer. -</abstract> - -<toc> - -<sect>Introduction - -<sect1>Synopsis - -<p> -For general applications that wish to use the services provided by -<bf/Linux-PAM/ the following is a summary of the relevant linking -information: -<tscreen> -<verb> -#include <security/pam_appl.h> - -cc -o application .... -lpam -ldl -</verb> -</tscreen> - -<p> -In addition to <tt/libpam/, there is a library of miscellaneous -functions that make the job of writing <em/PAM-aware/ applications -easier (this library is not covered in the DCE-RFC for PAM and is -specific to the Linux-PAM distribution): -<tscreen> -<verb> -... -#include <security/pam_misc.h> - -cc -o application .... -lpam -lpam_misc -ldl -</verb> -</tscreen> - -<sect1> Description - -<p> -<bf>Linux-PAM</bf> (Pluggable Authentication Modules for Linux) is a -library that enables the local system administrator to choose how -individual applications authenticate users. For an overview of the -<bf>Linux-PAM</bf> library see the <bf/Linux-PAM/ System -Administrators' Guide. - -<p> -It is the purpose of the <bf>Linux-PAM</bf> project to liberate the -development of privilege granting software from the development of -secure and appropriate authentication schemes. This is accomplished -by providing a documented library of functions that an application may -use for all forms of user authentication management. This library -dynamically loads locally configured authentication modules that -actually perform the authentication tasks. - -<p> -From the perspective of an application developer the information -contained in the local configuration of the PAM library should not be -important. Indeed it is intended that an application treat the -functions documented here as a ``black box'' that will deal with all -aspects of user authentication. ``All aspects'' includes user -verification, account management, session initialization/termination -and also the resetting of passwords (<em/authentication tokens/). - -<sect>Overview - -<p> -Most service-giving applications are restricted. In other words, -their service is not available to all and every prospective client. -Instead, the applying client must jump through a number of hoops to -convince the serving application that they are authorized to obtain -service. - -The process of <em/authenticating/ a client is what PAM is designed to -manage. In addition to authentication, PAM provides account -management, credential management, session management and -authentication-token (password changing) management services. It is -important to realize when writing a PAM based application that these -services are provided in a manner that is <bf>transparent</bf> to -the application. That is to say, when the application is written, no -assumptions can be made about <em>how</em> the client will be -authenticated. - -<p> -The process of authentication is performed by the PAM library via a -call to <tt>pam_authenticate()</tt>. The return value of this -function will indicate whether a named client (the <em>user</em>) has -been authenticated. If the PAM library needs to prompt the user for -any information, such as their <em>name</em> or a <em>password</em> -then it will do so. If the PAM library is configured to authenticate -the user using some silent protocol, it will do this too. (This -latter case might be via some hardware interface for example.) - -<p> -It is important to note that the application must leave all decisions -about when to prompt the user at the discretion of the PAM library. - -<p> -The PAM library, however, must work equally well for different styles -of application. Some applications, like the familiar <tt>login</tt> -and <tt>passwd</tt> are terminal based applications, exchanges of -information with the client in these cases is as plain text messages. -Graphically based applications, however, have a more sophisticated -interface. They generally interact with the user via specially -constructed dialogue boxes. Additionally, network based services -require that text messages exchanged with the client are specially -formatted for automated processing: one such example is <tt>ftpd</tt> -which prefixes each exchanged message with a numeric identifier. - -<p> -The presentation of simple requests to a client is thus something very -dependent on the protocol that the serving application will use. In -spite of the fact that PAM demands that it drives the whole -authentication process, it is not possible to leave such protocol -subtleties up to the PAM library. To overcome this potential problem, -the application provides the PAM library with a <em>conversation</em> -function. This function is called from <bf>within</bf> the PAM -library and enables the PAM to directly interact with the client. The -sorts of things that this conversation function must be able to do are -prompt the user with text and/or obtain textual input from the user -for processing by the PAM library. The details of this function are -provided in a later section. - -<p> -For example, the conversation function may be called by the PAM library -with a request to prompt the user for a password. Its job is to -reformat the prompt request into a form that the client will -understand. In the case of <tt>ftpd</tt>, this might involve prefixing -the string with the number <tt>331</tt> and sending the request over -the network to a connected client. The conversation function will -then obtain any reply and, after extracting the typed password, will -return this string of text to the PAM library. Similar concerns need -to be addressed in the case of an X-based graphical server. - -<p> -There are a number of issues that need to be addressed when one is -porting an existing application to become PAM compliant. A section -below has been devoted to this: Porting legacy applications. - -<p> -Besides authentication, PAM provides other forms of management. -Session management is provided with calls to -<tt>pam_open_session()</tt> and <tt>pam_close_session()</tt>. What -these functions actually do is up to the local administrator. But -typically, they could be used to log entry and exit from the system or -for mounting and unmounting the user's home directory. If an -application provides continuous service for a period of time, it -should probably call these functions, first open after the user is -authenticated and then close when the service is terminated. - -<p> -Account management is another area that an application developer -should include with a call to <tt/pam_acct_mgmt()/. This call will -perform checks on the good health of the user's account (has it -expired etc.). One of the things this function may check is whether -the user's authentication token has expired - in such a case the -application may choose to attempt to update it with a call to -<tt/pam_chauthtok()/, although some applications are not suited to -this task (<em>ftp</em> for example) and in this case the application -should deny access to the user. - -<p> -PAM is also capable of setting and deleting the users credentials with -the call <tt>pam_setcred()</tt>. This function should always be -called after the user is authenticated and before service is offered -to the user. By convention, this should be the last call to the PAM -library before the PAM session is opened. What exactly a credential -is, is not well defined. However, some examples are given in the -glossary below. - -<sect>The public interface to <bf>Linux-PAM</bf> - -<p> -Firstly, the relevant include file for the <bf>Linux-PAM</bf> library -is <tt><security/pam_appl.h></tt>. It contains the definitions -for a number of functions. After listing these functions, we collect -some guiding remarks for programmers. - -<sect1>What can be expected by the application - -<p> -Below we document those functions in the <bf/Linux-PAM/ library that -may be called from an application. - -<sect2>Initialization of Linux-PAM -<label id="pam-start-section"> - -<p> -<tscreen> -<verb> -extern int pam_start(const char *service_name, const char *user, - const struct pam_conv *pam_conversation, - pam_handle_t **pamh); -</verb> -</tscreen> - -<p> -This is the first of the <bf>Linux-PAM</bf> functions that must be -called by an application. It initializes the interface and reads the -system configuration file, <tt>/etc/pam.conf</tt> (see the -<bf/Linux-PAM/ System Administrators' Guide). Following a successful -return (<tt/PAM_SUCCESS/) the contents of <tt/*pamh/ is a handle that -provides continuity for successive calls to the <bf/Linux-PAM/ -library. The arguments expected by <tt/pam_start/ are as follows: the -<tt/service_name/ of the program, the <tt/user/name of the individual -to be authenticated, a pointer to an application-supplied -<tt/pam_conv/ structure and a pointer to a <tt/pam_handle_t/ -<em/pointer/. - -<p> -The <tt>pam_conv</tt> structure is discussed more fully in the section -<ref id="the-conversation-function" name="below">. The -<tt>pam_handle_t</tt> is a <em>blind</em> structure and the -application should not attempt to probe it directly for information. -Instead the <bf>Linux-PAM</bf> library provides the functions -<tt>pam_set_item</tt> and <tt>pam_get_item</tt>. These functions are -documented below. - -<sect2>Termination of the library -<label id="pam-end-section"> - -<p> -<tscreen> -<verb> -extern int pam_end(pam_handle_t *pamh, int pam_status); -</verb> -</tscreen> - -<p> -This function is the last function an application should call in the -<bf>Linux-PAM</bf> library. Upon return the handle <tt/pamh/ is no -longer valid and all memory associated with it will be invalid (likely -to cause a segmentation fault if accessed). - -<p> -Under normal conditions the argument <tt/pam_status/ has the value -PAM_SUCCESS, but in the event of an unsuccessful application for -service the appropriate <bf/Linux-PAM/ error-return value should be -used here. Note, <tt/pam_end()/ unconditionally shuts down the -authentication stack associated with the <tt/pamh/ handle. The value -taken by <tt/pam_status/ is used as an argument to the module specific -callback functions, <tt/cleanup()/ (see the <bf/Linux-PAM/ <htmlurl -url="pam_modules.html" name="Module Developers' Guide">). In this way, -the module can be given notification of the pass/fail nature of the -tear-down process, and perform any last minute tasks that are -appropriate to the module before it is unlinked. - -<sect2>Setting PAM items -<label id="pam-set-item-section"> - -<p> -<tscreen> -<verb> -extern int pam_set_item(pam_handle_t *pamh, int item_type, - const void *item); -</verb> -</tscreen> - -<p>This function is used to (re)set the value of one of the following -<bf/item_type/s: - -<p><descrip> -<tag><tt/PAM_SERVICE/</tag> - The service name - -<tag><tt/PAM_USER/</tag> - The user name - -<tag><tt/PAM_USER_PROMPT/</tag> - The string used when prompting for a user's name. The default -value for this string is ``Please enter username: ''. - -<tag><tt/PAM_TTY/</tag> - The terminal name: prefixed by <tt>/dev/</tt> if it is a -device file; for graphical, X-based, applications the value for this -item should be the <tt/$DISPLAY/ variable. - -<tag><tt/PAM_RUSER/</tag> - The requesting user's username - -<tag><tt/PAM_RHOST/</tag> - The requesting hostname (the hostname of the machine from which - the <tt/PAM_RUSER/ is requesting service) - -<tag><tt/PAM_CONV/</tag> - The conversation structure (see section <ref -id="the-conversation-function" name="below">) - -<tag><tt/PAM_FAIL_DELAY/</tag> A function pointer to redirect - centrally managed failure delays (see section <ref - id="the-failure-delay-function" name="below">). - -</descrip> - -<p> -For all <tt/item_type/s, other than <tt/PAM_CONV/ and -<tt/PAM_FAIL_DELAY/, <tt/item/ is a pointer to a <tt><NUL></tt> -terminated character string. In the case of <tt/PAM_CONV/, <tt/item/ -points to an initialized <tt/pam_conv/ structure (see section <ref -id="the-conversation-function" name="below">). In the case of -<tt/PAM_FAIL_DELAY/, <tt/item/ is a function pointer: <tt/void -(*delay_fn)(int retval, unsigned usec_delay, void *appdata_ptr)/ (see -section <ref id="the-failure-delay-function" name="below">). - -<p> -A successful call to this function returns <tt/PAM_SUCCESS/. However, -the application should expect one of the following errors: - -<p> -<descrip> -<tag><tt/PAM_SYSTEM_ERR/</tag> - The <tt/pam_handle_t/ passed as a first argument to this - function was invalid. -<tag><tt/PAM_PERM_DENIED/</tag> - An attempt was made to replace the conversation structure with - a <tt/NULL/ value. -<tag><tt/PAM_BUF_ERR/</tag> - The function ran out of memory making a copy of the item. -<tag><tt/PAM_BAD_ITEM/</tag> - The application attempted to set an undefined or inaccessible - item. -</descrip> - -<sect2>Getting PAM items -<label id="pam-get-item-section"> - -<p> -<tscreen> -<verb> -extern int pam_get_item(const pam_handle_t *pamh, int item_type, - const void **item); -</verb> -</tscreen> - -<p> -This function is used to obtain the value of the indicated -<tt/item_type/. Upon successful return, <tt/*item/ contains a pointer -to the value of the corresponding item. Note, this is a pointer to -the <em/actual/ data and should <em/not/ be <tt/free()/'ed or -over-written! - -<p> -A successful call is signaled by a return value of <tt/PAM_SUCCESS/. -However, the application should expect one of the following errors: - -<p> -<descrip> -<tag><tt/PAM_SYSTEM_ERR/</tag> - The <tt/pam_handle_t/ passed as a first argument to this - function was invalid. -<tag><tt/PAM_PERM_DENIED/</tag> - The value of <tt/item/ was <tt/NULL/. -<tag><tt/PAM_BAD_ITEM/</tag> - The application attempted to set an undefined or inaccessible - item. -</descrip> - -<p> -Note, in the case of an error, the contents of <tt/item/ is not -modified - that is, it retains its pre-call value. One should take -care to initialize this value prior to calling -<tt/pam_get_item()/. Since, if its value - despite the -<tt/pam_get_item()/ function failing - is to be used the consequences -are undefined. - -<sect2>Understanding errors -<label id="pam-strerror-section"> - -<p> -<tscreen> -<verb> -extern const char *pam_strerror(pam_handle_t *pamh, int errnum); -</verb> -</tscreen> - -<p> -This function returns some text describing the <bf>Linux-PAM</bf> -error associated with the argument <tt/errnum/. If the error is not -recognized ``<tt/Unknown Linux-PAM error/'' is returned. - -<sect2>Planning for delays -<label id="the-failure-delay-function"> - -<p> -<tscreen> -<verb> -extern int pam_fail_delay(pam_handle_t *pamh, unsigned int micro_sec); -</verb> -</tscreen> - -<p> -This function is offered by <bf/Linux-PAM/ to facilitate time delays -following a failed call to <tt/pam_authenticate()/ and before control -is returned to the application. When using this function the -application programmer should check if it is available with, -<tscreen> -<verb> -#ifdef PAM_FAIL_DELAY - .... -#endif /* PAM_FAIL_DELAY */ -</verb> -</tscreen> - - -<p> -Generally, an application requests that a user is authenticated by -<bf/Linux-PAM/ through a call to <tt/pam_authenticate()/ or -<tt/pam_chauthtok()/. These functions call each of the <em/stacked/ -authentication modules listed in the relevant <bf/Linux-PAM/ -configuration file. As directed by this file, one of more of the -modules may fail causing the <tt/pam_...()/ call to return an error. -It is desirable for there to also be a pause before the application -continues. The principal reason for such a delay is security: a delay -acts to discourage <em/brute force/ dictionary attacks primarily, but -also helps hinder <em/timed/ (covert channel) attacks. - -<p> -The <tt/pam_fail_delay()/ function provides the mechanism by which an -application or module can suggest a minimum delay (of <tt/micro_sec/ -<em/micro-seconds/). <bf/Linux-PAM/ keeps a record of the longest time -requested with this function. Should <tt/pam_authenticate()/ fail, -the failing return to the application is delayed by an amount of time -randomly distributed (by up to 25%) about this longest value. - -<p> -Independent of success, the delay time is reset to its zero default -value when <bf/Linux-PAM/ returns control to the application. - -<p> -For applications written with a single thread that are event driven in -nature, <tt/libpam/ generating this delay may be undesirable. Instead, -the application may want to register the delay in some other way. For -example, in a single threaded server that serves multiple -authentication requests from a single event loop, the application -might want to simply mark a given connection as blocked until an -application timer expires. For this reason, <bf/Linux-PAM/ supplies -the <tt/PAM_FAIL_DELAY/ item. It can be queried and set with -<tt/pam_get_item()/ and <tt/pam_set_item()/ respectively. The value -used to set it should be a function pointer of the following -prototype: - -<tscreen> -<verb> -void (*delay_fn)(int retval, unsigned usec_delay, void *appdata_ptr); -</verb> -</tscreen> - -The arguments being the <tt/retval/ return code of the module stack, -the <tt/usec_delay/ micro-second delay that libpam is requesting and -the <tt/appdata_ptr/ that the application has associated with the -current <tt/pamh/ (<tt/pam_handle_t/). This last value was set by the -application when it called <tt/pam_start/ or explicitly with -<tt/pam_set_item(... , PAM_CONV, ...)/. Note, if <tt/PAM_FAIL_DELAY/ -is unset (or set to <tt/NULL/), then <tt/libpam/ will perform any -delay. - -<sect2>Authenticating the user - -<p> -<tscreen> -<verb> -extern int pam_authenticate(pam_handle_t *pamh, int flags); -</verb> -</tscreen> - -<p> -This function serves as an interface to the authentication mechanisms -of the loaded modules. The single <em/optional/ flag, which may be -logically OR'd with <tt/PAM_SILENT/, takes the following value, - -<p><descrip> - -<tag><tt/PAM_DISALLOW_NULL_AUTHTOK/</tag> - Instruct the authentication modules to return -<tt/PAM_AUTH_ERR/ if the user does not have a registered -authorization token---it is set to <tt/NULL/ in the system database. -</descrip> - -<p> -The value returned by this function is one of the following: - -<p><descrip> - -<tag><tt/PAM_AUTH_ERR/</tag> - The user was not authenticated -<tag><tt/PAM_CRED_INSUFFICIENT/</tag> - For some reason the application does not have sufficient -credentials to authenticate the user. -<tag><tt/PAM_AUTHINFO_UNAVAIL/</tag> - The modules were not able to access the authentication -information. This might be due to a network or hardware failure etc. -<tag><tt/PAM_USER_UNKNOWN/</tag> - The supplied username is not known to the authentication -service -<tag><tt/PAM_MAXTRIES/</tag> - One or more of the authentication modules has reached its -limit of tries authenticating the user. Do not try again. - -</descrip> - -<p> -If one or more of the authentication modules fails to load, for -whatever reason, this function will return <tt/PAM_ABORT/. - -<sect2>Setting user credentials -<label id="pam-setcred-section"> - -<p> -<tscreen> -<verb> -extern int pam_setcred(pam_handle_t *pamh, int flags); -</verb> -</tscreen> - -<p> -This function is used to set the module-specific credentials of the -user. It is usually called after the user has been authenticated, -after the account management function has been called but before a -session has been opened for the user. - -<p> -A credential is something that the user possesses. It is some -property, such as a <em>Kerberos</em> ticket, or a supplementary group -membership that make up the uniqueness of a given user. On a Linux -(or UN*X system) the user's <tt>UID</tt> and <tt>GID</tt>'s are -credentials too. However, it has been decided that these properties -(along with the default supplementary groups of which the user is a -member) are credentials that should be set directly by the application -and not by PAM. - -<p> -This function simply calls the <tt/pam_sm_setcred/ functions of each -of the loaded modules. Valid <tt/flags/, any one of which, may be -logically OR'd with <tt/PAM_SILENT/, are: - -<p><descrip> -<tag><tt/PAM_ESTABLISH_CRED/</tag> - Set the credentials for the authentication service, -<tag><tt/PAM_DELETE_CRED/</tag> - Delete the credentials associated with the authentication service, -<tag><tt/PAM_REINITIALIZE_CRED/</tag> - Reinitialize the user credentials, and -<tag><tt/PAM_REFRESH_CRED/</tag> - Extend the lifetime of the user credentials. -</descrip> - -<p> -A successful return is signalled with <tt/PAM_SUCCESS/. Errors that -are especially relevant to this function are the following: - -<p><descrip> -<tag><tt/PAM_CRED_UNAVAIL/</tag> - A module cannot retrieve the user's credentials. -<tag><tt/PAM_CRED_EXPIRED/</tag> - The user's credentials have expired. -<tag><tt/PAM_USER_UNKNOWN/</tag> - The user is not known to an authentication module. -<tag><tt/PAM_CRED_ERR/</tag> - A module was unable to set the credentials of the user. -</descrip> - -<sect2>Account management - -<p> -<tscreen> -<verb> -extern int pam_acct_mgmt(pam_handle_t *pamh, int flags); -</verb> -</tscreen> - -<p> -This function is typically called after the user has been -authenticated. It establishes whether the user's account is healthy. -That is to say, whether the user's account is still active and whether -the user is permitted to gain access to the system at this time. -Valid flags, any one of which, may be logically OR'd with -<tt/PAM_SILENT/, and are the same as those applicable to the -<tt/flags/ argument of <tt/pam_authenticate/. - -<p> -This function simply calls the corresponding functions of each of the -loaded modules, as instructed by the configuration file, -<tt>/etc/pam.conf</tt>. - -<p> -The normal response from this function is <tt/PAM_SUCCESS/, however, -specific failures are indicated by the following error returns: - -<descrip> -<tag><tt/PAM_AUTHTOKEN_REQD/</tag> -The user <bf/is/ valid but their authentication token has -<em/expired/. The correct response to this return-value is to require -that the user satisfies the <tt/pam_chauthtok()/ function before -obtaining service. It may not be possible for some applications to do -this. In such cases, the user should be denied access until such time -as they can update their password. - -<tag><tt/PAM_ACCT_EXPIRED/</tag> - The user is no longer permitted to access the system. -<tag><tt/PAM_AUTH_ERR/</tag> - There was an authentication error. - -<tag><tt/PAM_PERM_DENIED/</tag> - The user is not permitted to gain access at this time. -<tag><tt/PAM_USER_UNKNOWN/</tag> - The user is not known to a module's account management -component. - -</descrip> - -<sect2>Updating authentication tokens -<label id="pam-chauthtok-section"> - -<p> -<tscreen> -<verb> -extern int pam_chauthtok(pam_handle_t *pamh, const int flags); -</verb> -</tscreen> - -<p> -This function is used to change the authentication token for a given -user (as indicated by the state associated with the handle, -<tt/pamh/). The following is a valid but optional flag which may be -logically OR'd with <tt/PAM_SILENT/, - -<descrip> -<tag><tt/PAM_CHANGE_EXPIRED_AUTHTOK/</tag> - This argument indicates to the modules that the users -authentication token (password) should only be changed if it has -expired. -</descrip> - -<p> -Note, if this argument is not passed, the application requires that -<em/all/ authentication tokens are to be changed. - -<p> -<tt/PAM_SUCCESS/ is the only successful return value, valid -error-returns are: - -<descrip> -<tag><tt/PAM_AUTHTOK_ERR/</tag> - A module was unable to obtain the new authentication token. - -<tag><tt/PAM_AUTHTOK_RECOVERY_ERR/</tag> - A module was unable to obtain the old authentication token. - -<tag><tt/PAM_AUTHTOK_LOCK_BUSY/</tag> - One or more of the modules was unable to change the -authentication token since it is currently locked. - -<tag><tt/PAM_AUTHTOK_DISABLE_AGING/</tag> - Authentication token aging has been disabled for at least one -of the modules. - -<tag><tt/PAM_PERM_DENIED/</tag> - Permission denied. - -<tag><tt/PAM_TRY_AGAIN/</tag> - Not all of the modules were in a position to update the -authentication token(s). In such a case none of the user's -authentication tokens are updated. - -<tag><tt/PAM_USER_UNKNOWN/</tag> - The user is not known to the authentication token changing -service. - -</descrip> - -<sect2>Session initialization -<label id="pam-open-session-section"> - -<p> -<tscreen> -<verb> -extern int pam_open_session(pam_handle_t *pamh, int flags); -</verb> -</tscreen> - -<p> -This function is used to indicate that an authenticated session has -begun. It is used to inform the modules that the user is currently in -a session. It should be possible for the <bf>Linux-PAM</bf> library -to open a session and close the same session (see section <ref -id="pam-close-session-section" name="below">) from different -applications. - -<p> -Currently, this function simply calls each of the corresponding -functions of the loaded modules. The only valid flag is -<tt/PAM_SILENT/ and this is, of course, <em/optional/. - -<p> -If any of the <em/required/ loaded modules are unable to open a -session for the user, this function will return <tt/PAM_SESSION_ERR/. - -<sect2>Terminating sessions -<label id="pam-close-session-section"> - -<p> -<tscreen> -<verb> -extern int pam_close_session(pam_handle_t *pamh, int flags); -</verb> -</tscreen> - -<p> -This function is used to indicate that an authenticated session has -ended. It is used to inform the modules that the user is exiting a -session. It should be possible for the <bf>Linux-PAM</bf> library to -open a session and close the same session from different applications. - -<p> -This function simply calls each of the corresponding functions of the -loaded modules in the same order that they were invoked with -<tt/pam_open_session()/. The only valid flag is <tt/PAM_SILENT/ and -this is, of course, <em/optional/. - -<p> -If any of the <em/required/ loaded modules are unable to close a -session for the user, this function will return <tt/PAM_SESSION_ERR/. - -<sect2>Setting PAM environment variables -<label id="pam-putenv-section"> - -<p> -<tscreen> -<verb> -extern int pam_putenv(pam_handle_t *pamh, const char *name_value); -</verb> -</tscreen> - -<p> -This function attempts to (re)set a <bf/Linux-PAM/ environment -variable. The <tt/name_value/ argument is a single <tt/NUL/ terminated -string of one of the following forms: -<descrip> -<tag>``<tt/NAME=value of variable/''</tag> - -In this case the environment variable of the given <tt/NAME/ is set to -the indicated value: ``<tt/value of variable/''. If this variable is -already known, it is overwritten. Otherwise it is added to the -<bf/Linux-PAM/ environment. - -<tag>``<tt/NAME=/''</tag> - -This function sets the variable to an empty value. It is listed -separately to indicate that this is the correct way to achieve such a -setting. - -<tag>``<tt/NAME/''</tag> - -Without an `<tt/=/' the <tt/pam_putenv()/ function will delete the -corresponding variable from the <bf/Linux-PAM/ environment. - -</descrip> - -<p> -Success is indicated with a return value of <tt/PAM_SUCCESS/. Failure -is indicated by one of the following returns: - -<descrip> -<tag><tt/PAM_PERM_DENIED/</tag> - name given is a <tt/NULL/ pointer - -<tag><tt/PAM_BAD_ITEM/</tag> - variable requested (for deletion) is not currently set - -<tag><tt/PAM_ABORT/</tag> - the <bf/Linux-PAM/ handle, <tt/pamh/, is corrupt - -<tag><tt/PAM_BUF_ERR/</tag> - failed to allocate memory when attempting update - -</descrip> - -<sect2>Getting a PAM environment variable -<label id="pam-getenv-section"> - -<p> -<tscreen> -<verb> -extern const char *pam_getenv(pam_handle_t *pamh, const char *name); -</verb> -</tscreen> - -<p> -<em> -Warning, the environment support in <bf/Linux-PAM/ is based solely -on a six-line email from the developers at Sun. Its interface is -likely to be generally correct, however, the details are likely to be -changed as more information becomes available. -</em> - -<p> -Obtain the value of the indicated <bf/Linux-PAM/ environment -variable. On error, internal failure or the unavailability of the -given variable (unspecified), this function simply returns <tt/NULL/. - -<sect2>Getting the PAM environment -<label id="pam-getenvlist-section"> - -<p> -<tscreen> -<verb> -extern const char * const *pam_getenvlist(pam_handle_t *pamh); -</verb> -</tscreen> - -<p> -<em> -Warning, the environment support in <bf/Linux-PAM/ is based solely -on a six line email from the developers at Sun. Its interface is -likely to be generally correct, however, the details are likely to be -changed as more information becomes available. -</em> - -<p> -This function returns a pointer to the complete <tt/Linux-PAM/ -environment. It is a pointer to a <em/read-only/ list of -<em/read-only/ environment variables. It should be noted that this -memory will become invalid after a call to <tt/pam_end()/ (see the -section <ref id="pam-end-section" name="above">). If application -wishes to make use of this list after such a call, it should first -make a copy of all the set variables. (A function that performs such a -transcription is to be found in <tt/libpam_misc/.) - -<sect1>What is expected of an application - -<sect2>The conversation function -<label id="the-conversation-function"> - -<p> -An application must provide a ``conversation function''. It is used -for direct communication between a loaded module and the application -and will typically provide a means for the module to prompt the user -for a password etc. . The structure, <tt/pam_conv/, is defined by -including <tt><security/pam_appl.h></tt>; to be, - -<p> -<tscreen> -<verb> -struct pam_conv { - int (*conv)(int num_msg, - const struct pam_message **msg, - struct pam_response **resp, - void *appdata_ptr); - void *appdata_ptr; -}; -</verb> -</tscreen> - -<p> -It is initialized by the application before it is passed to the -library. The <em/contents/ of this structure are attached to the -<tt/*pamh/ handle. The point of this argument is to provide a -mechanism for any loaded module to interact directly with the -application program. This is why it is called a <em/conversation/ -structure. - -<p> -When a module calls the referenced <tt/conv()/ function, the argument -<tt/*appdata_ptr/ is set to the second element of this structure. - -<p> -The other arguments of a call to <tt/conv()/ concern the information -exchanged by module and application. That is to say, <tt/num_msg/ -holds the length of the array of pointers, <tt/msg/. After a -successful return, the pointer <tt/*resp/ points to an array of -<tt/pam_response/ structures, holding the application supplied text. -Note, <tt/*resp/ is an <tt/struct pam_response/ array and <em/not/ an -array of pointers. - -<p> -The message (from the module to the application) passing structure is -defined by <tt><security/pam_appl.h></tt> as: - -<p> -<tscreen> -<verb> -struct pam_message { - int msg_style; - const char *msg; -}; -</verb> -</tscreen> - -<p> -Valid choices for <tt/msg_style/ are: - -<p><descrip> -<tag><tt/PAM_PROMPT_ECHO_OFF/</tag> - Obtain a string without echoing any text -<tag><tt/PAM_PROMPT_ECHO_ON/</tag> - Obtain a string whilst echoing text -<tag><tt/PAM_ERROR_MSG/</tag> - Display an error -<tag><tt/PAM_TEXT_INFO/</tag> - Display some text. -</descrip> - -<p> -The point of having an array of messages is that it becomes possible -to pass a number of things to the application in a single call from -the module. It can also be convenient for the application that related -things come at once: a windows based application can then present a -single form with many messages/prompts on at once. - -<p> -The response (from the application to the module) passing structure is -defined by including <tt><security/pam_appl.h></tt> as: - -<p><tscreen><verb> -struct pam_response { - char *resp; - int resp_retcode; -}; -</verb></tscreen> - -<p> -Currently, there are no definitions for <tt/resp_retcode/ values; the -normal value is <tt/0/. - -<p> -Prior to the 0.59 release of Linux-PAM, the length of the returned -<tt/pam_response/ array was equal to the number of <em/prompts/ (types -<tt/PAM_PROMPT_ECHO_OFF/ and <tt/PAM_PROMPT_ECHO_ON/) in the -<tt/pam_message/ array with which the conversation function was -called. This meant that it was not always necessary for the module to -<tt/free(3)/ the responses if the conversation function was only used -to display some text. - -<p> -Post Linux-PAM-0.59 (and in the interests of compatibility with -Sunsoft). The number of responses is always equal to the <tt/num_msg/ -conversation function argument. This is slightly easier to program -but does require that the response array is <tt/free(3)/'d after every -call to the conversation function. The index of the responses -corresponds directly to the prompt index in the <tt/pam_message/ -array. - -<p> -The maximum length of the <tt/pam_msg.msg/ and <tt/pam_response.resp/ -character strings is <tt/PAM_MAX_MSG_SIZE/. (This is not enforced by -Linux-PAM.) - -<p> -<tt/PAM_SUCCESS/ is the expected return value of this -function. However, should an error occur the application should not -set <tt/*resp/ but simply return <tt/PAM_CONV_ERR/. - -<p> -Note, if an application wishes to use two conversation functions, it -should activate the second with a call to <tt/pam_set_item()/. - -<p> -<bf>Notes:</bf> New item types are being added to the conversation -protocol. Currently Linux-PAM supports: <tt>PAM_BINARY_PROMPT</tt> -and <tt>PAM_BINARY_MSG</tt>. These two are intended for server-client -hidden information exchange and may be used as an interface for -maching-machine authentication. - -<sect1>Programming notes - -<p> -Note, all of the authentication service function calls accept the -token <tt/PAM_SILENT/, which instructs the modules to not send -messages to the application. This token can be logically OR'd with any -one of the permitted tokens specific to the individual function calls. -<tt/PAM_SILENT/ does not override the prompting of the user for -passwords etc., it only stops informative messages from being -generated. - -<sect>Security issues of <bf>Linux-PAM</bf> - -<p> -PAM, from the perspective of an application, is a convenient API for -authenticating users. PAM modules generally have no increased -privilege over that possessed by the application that is making use of -it. For this reason, the application must take ultimate responsibility -for protecting the environment in which PAM operates. - -<p> -A poorly (or maliciously) written application can defeat any -<bf/Linux-PAM/ module's authentication mechanisms by simply ignoring -it's return values. It is the applications task and responsibility to -grant privileges and access to services. The <bf/Linux-PAM/ library -simply assumes the responsibility of <em/authenticating/ the user; -ascertaining that the user <em/is/ who they say they are. Care should -be taken to anticipate all of the documented behavior of the -<bf/Linux-PAM/ library functions. A failure to do this will most -certainly lead to a future security breach. - -<sect1>Care about standard library calls - -<p> -In general, writers of authorization-granting applications should -assume that each module is likely to call any or <em/all/ `libc' -functions. For `libc' functions that return pointers to -static/dynamically allocated structures (ie. the library allocates the -memory and the user is not expected to `<tt/free()/' it) any module -call to this function is likely to corrupt a pointer previously -obtained by the application. The application programmer should either -re-call such a `libc' function after a call to the <bf/Linux-PAM/ -library, or copy the structure contents to some safe area of memory -before passing control to the <bf/Linux-PAM/ library. - -<p> -Two important function classes that fall into this category are -<tt>getpwnam(3)</tt> and <tt>syslog(3)</tt>. - -<sect1>Choice of a service name - -<p> -When picking the <em/service-name/ that corresponds to the first entry -in the <bf/Linux-PAM/ configuration file, the application programmer -should <bf/avoid/ the temptation of choosing something related to -<tt/argv[0]/. It is a trivial matter for any user to invoke any -application on a system under a different name and this should not be -permitted to cause a security breach. - -<p> -To invoke some <tt/target/ application by another name, the user may -symbolically link the target application with the desired name. To be -precise all the user need do is, -<tscreen> -<verb> -ln -s /target/application ./preferred_name -</verb> -</tscreen> -and then <em/run/ <tt>./preferred_name</tt> - -<p> -By studying the <bf/Linux-PAM/ configuration file(s), an attacker can -choose the <tt/preferred_name/ to be that of a service enjoying -minimal protection; for example a game which uses <bf/Linux-PAM/ to -restrict access to certain hours of the day. If the service-name were -to be linked to the filename under which the service was invoked, it -is clear that the user is effectively in the position of dictating -which authentication scheme the service uses. Needless to say, this -is not a secure situation. - -<p> -The conclusion is that the application developer should carefully -define the service-name of an application. The safest thing is to make -it a single hard-wired name. - -<sect1>The conversation function - -<p> -Care should be taken to ensure that the <tt/conv()/ function is -robust. Such a function is provided in the library <tt/libpam_misc/ -(see <ref id="libpam-misc-section" name="below">). - -<sect1>The identity of the user - -<p> -The <bf/Linux-PAM/ modules will need to determine the identity of the -user who requests a service, and the identity of the user who grants -the service. These two users will seldom be the same. Indeed there -is generally a third user identity to be considered, the new (assumed) -identity of the user once the service is granted. - -<p> -The need for keeping tabs on these identities is clearly an issue of -security. One convention that is actively used by some modules is -that the identity of the user requesting a service should be the -current <tt/uid/ (userid) of the running process; the identity of the -privilege granting user is the <tt/euid/ (effective userid) of the -running process; the identity of the user, under whose name the -service will be executed, is given by the contents of the -<tt/PAM_USER/ <tt/pam_get_item(3)/. - -<p> -For network-serving databases and other applications that provide -their own security model (independent of the OS kernel) the above -scheme is insufficient to identify the requesting user. - -<p> -A more portable solution to storing the identity of the requesting -user is to use the <tt/PAM_RUSER/ <tt/pam_get_item(3)/. The -application should supply this value before attempting to authenticate -the user with <tt/pam_authenticate()/. How well this name can be -trusted will ultimately be at the discretion of the local -administrator (who configures PAM for your application) and a selected -module may attempt to override the value where it can obtain more -reliable data. If an application is unable to determine the identity -of the requesting entity/user, it should not call <tt/pam_set_item(3)/ -to set <tt/PAM_RUSER/. - -<p> -In addition to the <tt/PAM_RUSER/ item, the application should supply -the <tt/PAM_RHOST/ (<em/requesting host/) item. As a general rule, the -following convention for its value can be assumed: <tt/<unset>/ -= unknown; <tt/localhost/ = invoked directly from the local system; -<em/other.place.xyz/ = some component of the user's connection -originates from this remote/requesting host. At present, PAM has no -established convention for indicating whether the application supports -a trusted path to communication from this host. - -<sect1>Sufficient resources - -<p> -Care should be taken to ensure that the proper execution of an -application is not compromised by a lack of system resources. If an -application is unable to open sufficient files to perform its service, -it should fail gracefully, or request additional resources. -Specifically, the quantities manipulated by the <tt/setrlimit(2)/ -family of commands should be taken into consideration. - -<p> -This is also true of conversation prompts. The application should not -accept prompts of arbitrary length with out checking for resource -allocation failure and dealing with such extreme conditions gracefully -and in a mannor that preserves the PAM API. Such tolerance may be -especially important when attempting to track a malicious adversary. - -<sect>A library of miscellaneous helper functions -<label id="libpam-misc-section"> - -<p> -To aid the work of the application developer a library of -miscellaneous functions is provided. It is called <tt/libpam_misc/, -and contains functions for allocating memory (securely), a text based -conversation function, and routines for enhancing the standard -PAM-environment variable support. - -<sect1>Requirements - -<p> -The functions, structures and macros, made available by this library -can be defined by including <tt><security/pam_misc.h></tt>. It -should be noted that this library is specific to <bf/Linux-PAM/ and is -not referred to in the defining DCE-RFC (see <ref id="bibliography" -name="the bibliography">) below. - -<sect1>Functions supplied - -<sect2>Safe string duplication - -<p> -<tscreen> -<verb> -extern char *xstrdup(const char *s) -</verb> -</tscreen> -Return a duplicate copy of the <tt/NUL/ terminated string, -<tt/s/. <tt/NULL/ is returned if there is insufficient memory -available for the duplicate or if <tt/s=NULL/. - -<sect2>A text based conversation function - -<p> -<tscreen> -<verb> -extern int misc_conv(int num_msg, const struct pam_message **msgm, - struct pam_response **response, void *appdata_ptr); -</verb> -</tscreen> - -<p> -This is a function that will prompt the user with the appropriate -comments and obtain the appropriate inputs as directed by -authentication modules. - -<p> -In addition to simply slotting into the appropriate <tt/struct -pam_conv/, this function provides some time-out facilities. The -function exports five variables that can be used by an application -programmer to limit the amount of time this conversation function will -spend waiting for the user to type something. - -<p> -The five variables are as follows: -<descrip> -<tag><tt>extern time_t pam_misc_conv_warn_time;</tt></tag> - -This variable contains the <em/time/ (as returned by <tt/time()/) that -the user should be first warned that the clock is ticking. By default -it has the value <tt/0/, which indicates that no such warning will be -given. The application may set its value to sometime in the future, -but this should be done prior to passing control to the <bf/Linux-PAM/ -library. - -<tag><tt>extern const char *pam_misc_conv_warn_line;</tt></tag> - -Used in conjuction with <tt/pam_misc_conv_warn_time/, this variable is -a pointer to the string that will be displayed when it becomes time to -warn the user that the timeout is approaching. Its default value is -``..\a.Time is running out...\n'', but this can be changed -by the application prior to passing control to <bf/Linux-PAM/. - -<tag><tt>extern time_t pam_misc_conv_die_time;</tt></tag> - -This variable contains the <em/time/ (as returned by <tt/time()/) that -the conversation will time out. By default it has the value <tt/0/, -which indicates that the conversation function will not timeout. The -application may set its value to sometime in the future, this should -be done prior to passing control to the <bf/Linux-PAM/ library. - -<tag><tt>extern const char *pam_misc_conv_die_line;</tt></tag> - -Used in conjuction with <tt/pam_misc_conv_die_time/, this variable is -a pointer to the string that will be displayed when the conversation -times out. Its default value is ``..\a.Sorry, your time is -up!\n'', but this can be changed by the application prior to -passing control to <bf/Linux-PAM/. - -<tag><tt>extern int pam_misc_conv_died;</tt></tag> - -Following a return from the <bf/Linux-PAM/ libraray, the value of this -variable indicates whether the conversation has timed out. A value of -<tt/1/ indicates the time-out occurred. - -<tag><tt>extern int (*pam_binary_handler_fn)(const union pam_u_packet_p send, - union pam_u_packet_p *receive);</tt></tag> - -This function pointer is initialized to <tt/NULL/ but can be filled -with a function that provides machine-machine (hidden) message -exchange. It is intended for use with hidden authentication protocols -such as RSA or Diffie-Hellman key exchanges. (This is still under -development.) - -</descrip> - -<sect2>Transcribing an environment to that of Linux-PAM -<p> -<tscreen> -<verb> -extern int pam_misc_paste_env(pam_handle_t *pamh, - const char * const * user_env); -</verb> -</tscreen> - -This function takes the supplied list of environment pointers and -<em/uploads/ its contents to the <bf/Linux-PAM/ environment. Success -is indicated by <tt/PAM_SUCCESS/. - -<sect2>Saving the Linux-PAM environment for later use -<p> -<tscreen> -<verb> -extern char **pam_misc_copy_env(pam_handle_t *pamh); -</verb> -</tscreen> - -This function returns a pointer to a list of environment variables -that are a direct copy of the <bf/Linux-PAM/ environment. The memory -associated with these variables are the responsibility of the -application and should be liberated with a call to -<tt/pam_misc_drop_env()/. - -<sect2>Liberating a locally saved environment -<p> -<tscreen> -<verb> -extern char **pam_misc_drop_env(char **env); -</verb> -</tscreen> - -This function is defined to complement the <tt/pam_misc_copy_env()/ -function. It liberates the memory associated with <tt/env/, -<em/overwriting/ with <tt/0/ all memory before <tt/free()/ing it. - -<sect2>BSD like Linux-PAM environment variable setting -<p> -<tscreen> -<verb> -extern int pam_misc_setenv(pam_handle_t *pamh, const char *name, - const char *value, int readonly); -</verb> -</tscreen> - -This function performs a task equivalent to <tt/pam_putenv()/, its -syntax is, however, more like the BSD style function; <tt/setenv()/. -The <tt/name/ and <tt/value/ are concatenated with an ``<tt/=/'' to -form a <tt/name_value/ and passed to <tt/pam_putenv()/. If, however, -the <bf/Linux-PAM/ variable is already set, the replacement will only -be applied if the last argument, <tt/readonly/, is zero. - -<sect>Porting legacy applications - -<p> -The following is extracted from an email. I'll tidy it up later. - -<p> -The point of PAM is that the application is not supposed to have any -idea how the attached authentication modules will choose to -authenticate the user. So all they can do is provide a conversation -function that will talk directly to the user(client) on the modules' -behalf. - -<p> -Consider the case that you plug a retinal scanner into the login -program. In this situation the user would be prompted: "please look -into the scanner". No username or password would be needed - all this -information could be deduced from the scan and a database lookup. The -point is that the retinal scanner is an ideal task for a "module". - -<p> -While it is true that a pop-daemon program is designed with the POP -protocol in mind and no-one ever considered attaching a retinal -scanner to it, it is also the case that the "clean" PAM'ification of -such a daemon would allow for the possibility of a scanner module -being be attached to it. The point being that the "standard" -pop-authentication protocol(s) [which will be needed to satisfy -inflexible/legacy clients] would be supported by inserting an -appropriate pam_qpopper module(s). However, having rewritten popd -once in this way any new protocols can be implemented in-situ. - -<p> -One simple test of a ported application would be to insert the -<tt/pam_permit/ module and see if the application demands you type a -password... In such a case, <tt/xlock/ would fail to lock the -terminal - or would at best be a screen-saver, ftp would give password -free access to all etc.. Neither of these is a very secure thing to -do, but they do illustrate how much flexibility PAM puts in the hands -of the local admin. - -<p> -The key issue, in doing things correctly, is identifying what is part -of the authentication procedure (how many passwords etc..) the -exchange protocol (prefixes to prompts etc., numbers like 331 in the -case of ftpd) and what is part of the service that the application -delivers. PAM really needs to have total control in the -authentication "procedure", the conversation function should only -deal with reformatting user prompts and extracting responses from raw -input. - -<sect>Glossary of PAM related terms - -<p> -The following are a list of terms used within this document. - -<p> -<descrip> - -<tag>Authentication token</tag> -Generally, this is a password. However, a user can authenticate -him/herself in a variety of ways. Updating the user's authentication -token thus corresponds to <em>refreshing</em> the object they use to -authenticate themself with the system. The word password is avoided -to keep open the possibility that the authentication involves a -retinal scan or other non-textual mode of challenge/response. - -<tag>Credentials</tag> -Having successfully authenticated the user, PAM is able to establish -certain characteristics/attributes of the user. These are termed -<em>credentials</em>. Examples of which are group memberships to -perform privileged tasks with, and <em>tickets</em> in the form of -environment variables etc. . Some user-credentials, such as the -user's UID and GID (plus default group memberships) are not deemed to -be PAM-credentials. It is the responsibility of the application to -grant these directly. - -</descrip> - -<sect>An example application - -<p> -To get a flavor of the way a <tt/Linux-PAM/ application is written we -include the following example. It prompts the user for their password -and indicates whether their account is valid on the standard output, -its return code also indicates the success (<tt/0/ for success; <tt/1/ -for failure). - -<p> -<tscreen> -<verb> -/* - This program was contributed by Shane Watts - [modifications by AGM] - - You need to add the following (or equivalent) to the /etc/pam.conf file. - # check authorization - check_user auth required /usr/lib/security/pam_unix_auth.so - check_user account required /usr/lib/security/pam_unix_acct.so - */ - -#include <security/pam_appl.h> -#include <security/pam_misc.h> -#include <stdio.h> - -static struct pam_conv conv = { - misc_conv, - NULL -}; - -int main(int argc, char *argv[]) -{ - pam_handle_t *pamh=NULL; - int retval; - const char *user="nobody"; - - if(argc == 2) { - user = argv[1]; - } - - if(argc > 2) { - fprintf(stderr, "Usage: check_user [username]\n"); - exit(1); - } - - retval = pam_start("check_user", user, &ero;conv, &ero;pamh); - - if (retval == PAM_SUCCESS) - retval = pam_authenticate(pamh, 0); /* is user really user? */ - - if (retval == PAM_SUCCESS) - retval = pam_acct_mgmt(pamh, 0); /* permitted access? */ - - /* This is where we have been authorized or not. */ - - if (retval == PAM_SUCCESS) { - fprintf(stdout, "Authenticated\n"); - } else { - fprintf(stdout, "Not Authenticated\n"); - } - - if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */ - pamh = NULL; - fprintf(stderr, "check_user: failed to release authenticator\n"); - exit(1); - } - - return ( retval == PAM_SUCCESS ? 0:1 ); /* indicate success */ -} -</verb> -</tscreen> - -<sect>Files - -<p><descrip> - -<tag><tt>/usr/include/security/pam_appl.h</tt></tag> - -header file for <bf/Linux-PAM/ applications interface - -<tag><tt>/usr/include/security/pam_misc.h</tt></tag> - -header file for useful library functions for making applications -easier to write - -<tag><tt>/usr/lib/libpam.so.*</tt></tag> - -the shared library providing applications with access to -<bf/Linux-PAM/. - -<tag><tt>/etc/pam.conf</tt></tag> - -the <bf/Linux-PAM/ configuration file. - -<tag><tt>/usr/lib/security/pam_*.so</tt></tag> - -the primary location for <bf/Linux-PAM/ dynamically loadable object -files; the modules. - -</descrip> - -<sect>See also -<label id="bibliography"> - -<p><itemize> - -<item>The <bf/Linux-PAM/ -<htmlurl url="pam.html" name="System Administrators' Guide">. - -<item>The <bf/Linux-PAM/ -<htmlurl url="pam_modules.html" name="Module Writers' Guide">. - -<item>The V. Samar and R. Schemers (SunSoft), ``UNIFIED LOGIN WITH -PLUGGABLE AUTHENTICATION MODULES'', Open Software Foundation Request -For Comments 86.0, October 1995. - -</itemize> - -<sect>Notes - -<p> -I intend to put development comments here... like ``at the moment -this isn't actually supported''. At release time what ever is in -this section will be placed in the Bugs section below! :) - -<p> -<itemize> - -<item> <tt/pam_strerror()/ should be internationalized.... - -<item> -Note, the <tt/resp_retcode/ of struct <tt/pam_message/, has no -purpose at the moment. Ideas/suggestions welcome! - -<item> more security issues are required.... - -</itemize> - -<sect>Author/acknowledgments - -<p> -This document was written by Andrew G. Morgan -(morgan@transmeta.com) with many contributions from -<!-- insert credits here --> -<!-- - an sgml list of people to credit for their contributions to Linux-PAM - $Id: pam_appl.sgml,v 1.5 2001/03/19 01:46:41 agmorgan Exp $ - --> -Chris Adams, -Peter Allgeyer, -Tim Baverstock, -Tim Berger, -Craig S. Bell, -Derrick J. Brashear, -Ben Buxton, -Seth Chaiklin, -Oliver Crow, -Chris Dent, -Marc Ewing, -Cristian Gafton, -Emmanuel Galanos, -Brad M. Garcia, -Eric Hester, -Roger Hu, -Eric Jacksch, -Michael K. Johnson, -David Kinchlea, -Olaf Kirch, -Marcin Korzonek, -Stephen Langasek, -Nicolai Langfeldt, -Elliot Lee, -Luke Kenneth Casson Leighton, -Al Longyear, -Ingo Luetkebohle, -Marek Michalkiewicz, -Robert Milkowski, -Aleph One, -Martin Pool, -Sean Reifschneider, -Jan Rekorajski, -Erik Troan, -Theodore Ts'o, -Jeff Uphoff, -Myles Uyema, -Savochkin Andrey Vladimirovich, -Ronald Wahl, -David Wood, -John Wilmes, -Joseph S. D. Yao -and -Alex O. Yuriev. - -<p> -Thanks are also due to Sun Microsystems, especially to Vipin Samar and -Charlie Lai for their advice. At an early stage in the development of -<bf/Linux-PAM/, Sun graciously made the documentation for their -implementation of PAM available. This act greatly accelerated the -development of <bf/Linux-PAM/. - -<sect>Bugs/omissions - -<p> -This manual is hopelessly unfinished. Only a partial list of people is -credited for all the good work they have done. - -<sect>Copyright information for this document - -<p> -Copyright (c) Andrew G. Morgan 1996-9. All rights reserved. -<newline> -Email: <tt><morgan@transmeta.com></tt> - -<p> -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - -<p> -<itemize> - -<item> -1. Redistributions of source code must retain the above copyright - notice, and the entire permission notice in its entirety, - including the disclaimer of warranties. - -<item> -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -<item> -3. The name of the author may not be used to endorse or promote - products derived from this software without specific prior - written permission. - -</itemize> - -<p> -<bf/Alternatively/, this product may be distributed under the terms of -the GNU General Public License (GPL), in which case the provisions of -the GNU GPL are required <bf/instead of/ the above restrictions. -(This clause is necessary due to a potential bad interaction between -the GNU GPL and the restrictions contained in a BSD-style copyright.) - -<p> -THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS -OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR -TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -DAMAGE. - -<p> -<tt>$Id: pam_appl.sgml,v 1.5 2001/03/19 01:46:41 agmorgan Exp $</tt> - -</article> diff --git a/contrib/libpam/doc/pam_modules.sgml b/contrib/libpam/doc/pam_modules.sgml deleted file mode 100644 index 609916c..0000000 --- a/contrib/libpam/doc/pam_modules.sgml +++ /dev/null @@ -1,1498 +0,0 @@ -<!doctype linuxdoc system> - -<!-- - - $Id: pam_modules.sgml,v 1.6 2001/02/22 04:58:51 agmorgan Exp $ - - Copyright (c) Andrew G. Morgan 1996-2001. All rights reserved. - - ** some sections, in this document, were contributed by other - ** authors. They carry individual copyrights. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - -1. Redistributions of source code must retain the above copyright - notice, and the entire permission notice in its entirety, - including the disclaimer of warranties. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. The name of the author may not be used to endorse or promote - products derived from this software without specific prior - written permission. - -ALTERNATIVELY, this product may be distributed under the terms of the -GNU General Public License, in which case the provisions of the GNU -GPL are required INSTEAD OF the above restrictions. (This clause is -necessary due to a potential bad interaction between the GNU GPL and -the restrictions contained in a BSD-style copyright.) - -THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS -OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR -TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -DAMAGE. - - --> - -<article> - -<title>The Linux-PAM Module Writers' Guide -<author>Andrew G. Morgan, <tt>morgan@kernel.org</tt> -<date>DRAFT v0.75 2001/02/21 -<abstract> -This manual documents what a programmer needs to know in order to -write a module that conforms to the <bf/Linux-PAM/ standard. It also -discusses some security issues from the point of view of the module -programmer. -</abstract> - -<toc> - -<sect>Introduction - -<sect1> Synopsis -<p> -<tscreen> -<verb> -#include <security/pam_modules.h> - -gcc -fPIC -c pam_module-name.c -ld -x --shared -o pam_module-name.so pam_module-name.o -</verb> -</tscreen> - -<sect1> Description - -<p> -<bf/Linux-PAM/ (Pluggable Authentication Modules for Linux) is a -library that enables the local system administrator to choose how -individual applications authenticate users. For an overview of the -<bf/Linux-PAM/ library see the <bf/Linux-PAM/ System Administrators' -Guide. - -<p> -A <bf/Linux-PAM/ module is a single executable binary file that can be -loaded by the <bf/Linux-PAM/ interface library. This PAM library is -configured locally with a system file, <tt>/etc/pam.conf</tt>, to -authenticate a user request via the locally available authentication -modules. The modules themselves will usually be located in the -directory <tt>/usr/lib/security</tt> and take the form of dynamically -loadable object files (see dlopen(3)). Alternatively, the modules can -be statically linked into the <bf/Linux-PAM/ library; this is mostly to -allow <bf/Linux-PAM/ to be used on platforms without dynamic linking -available, but the two forms can be used together. It is the -<bf/Linux-PAM/ interface that is called by an application and it is -the responsibility of the library to locate, load and call the -appropriate functions in a <bf/Linux-PAM/-module. - -<p> -Except for the immediate purpose of interacting with the user -(entering a password etc..) the module should never call the -application directly. This exception requires a "conversation -mechanism" which is documented below. - -<sect>What can be expected by the module - -<p> -Here we list the interface that the conventions that all -<bf/Linux-PAM/ modules must adhere to. - -<sect1>Getting and setting <tt/PAM_ITEM/s and <em/data/ - -<p> -First, we cover what the module should expect from the <bf/Linux-PAM/ -library and a <bf/Linux-PAM/ <em/aware/ application. Essesntially this -is the <tt/libpam.*/ library. - -<sect2> -Setting data - -<p> -Synopsis: -<tscreen> -<verb> -extern int pam_set_data(pam_handle_t *pamh, - const char *module_data_name, - void *data, - void (*cleanup)(pam_handle_t *pamh, - void *data, int error_status) ); -</verb> -</tscreen> - -<p> -The modules may be dynamically loadable objects. In general such files -should not contain <tt/static/ variables. This and the subsequent -function provide a mechanism for a module to associate some data with -the handle <tt/pamh/. Typically a module will call the -<tt/pam_set_data()/ function to register some data under a (hopefully) -unique <tt/module_data_name/. The data is available for use by other -modules too but <em/not/ by an application. - -<p> -The function <tt/cleanup()/ is associated with the <tt/data/ and, if -non-<tt/NULL/, it is called when this data is over-written or -following a call to <tt/pam_end()/ (see the Linux-PAM Application -Developers' Guide). - -<p> -The <tt/error_status/ argument is used to indicate to the module the -sort of action it is to take in cleaning this data item. As an -example, Kerberos creates a ticket file during the authentication -phase, this file might be associated with a data item. When -<tt/pam_end()/ is called by the module, the <tt/error_status/ -carries the return value of the <tt/pam_authenticate()/ or other -<tt/libpam/ function as appropriate. Based on this value the Kerberos -module may choose to delete the ticket file (<em/authentication -failure/) or leave it in place. - -<p> -The <tt/error_status/ may have been logically OR'd with either of the -following two values: - -<p> -<descrip> -<tag><tt/PAM_DATA_REPLACE/</tag> - When a data item is being replaced (through a second call to -<tt/pam_set_data()/) this mask is used. Otherwise, the call is assumed -to be from <tt/pam_end()/. - -<tag><tt/PAM_DATA_SILENT/</tag> - Which indicates that the process would prefer to perform the -<tt/cleanup()/ quietly. That is, discourages logging/messages to the -user. - -</descrip> - - -<sect2> -Getting data - -<p> -Synopsis: -<tscreen> -<verb> -extern int pam_get_data(const pam_handle_t *pamh, - const char *module_data_name, - const void **data); -</verb> -</tscreen> - -<p> -This function together with the previous one provides a method of -associating module-specific data with the handle <tt/pamh/. A -successful call to <tt/pam_get_data/ will result in <tt/*data/ -pointing to the data associated with the <tt/module_data_name/. Note, -this data is <em/not/ a copy and should be treated as <em/constant/ -by the module. - -<p> -Note, if there is an entry but it has the value <tt/NULL/, then this -call returns <tt/PAM_NO_MODULE_DATA/. - -<sect2> -Setting items - -<p> -Synopsis: -<tscreen> -<verb> -extern int pam_set_item(pam_handle_t *pamh, - int item_type, - const void *item); -</verb> -</tscreen> - -<p> -This function is used to (re)set the value of one of the -<tt/item_type/s. The reader is urged to read the entry for this -function in the <bf/Linux-PAM/ application developers' manual. - -<p> -In addition to the <tt/item/s listed there, the module can set the -following two <tt/item_type/s: - -<p> -<descrip> -<tag><tt/PAM_AUTHTOK/</tag> - -The authentication token (often a password). This token should be -ignored by all module functions besides <tt/pam_sm_authenticate()/ and -<tt/pam_sm_chauthtok()/. In the former function it is used to pass the -most recent authentication token from one stacked module to -another. In the latter function the token is used for another -purpose. It contains the currently active authentication token. - -<tag><tt/PAM_OLDAUTHTOK/</tag> - -The old authentication token. This token should be ignored by all -module functions except <tt/pam_sm_chauthtok()/. - -</descrip> - -<p> -Both of these items are reset before returning to the application. -When resetting these items, the <bf/Linux-PAM/ library first writes -<tt/0/'s to the current tokens and then <tt/free()/'s the associated -memory. - -<p> -The return values for this function are listed in the -<bf>Linux-PAM</bf> Application Developers' Guide. - -<sect2> -Getting items - -<p> -Synopsis: -<tscreen> -<verb> -extern int pam_get_item(const pam_handle_t *pamh, - int item_type, - const void **item); -</verb> -</tscreen> - -<p> -This function is used to obtain the value of the specified -<tt/item_type/. It is better documented in the <bf/Linux-PAM/ -Application Developers' Guide. However, there are three things worth -stressing here: -<itemize> - -<item> -Generally, if the module wishes to obtain the name of the user, it -should not use this function, but instead perform a call to -<tt/pam_get_user()/ (see section <ref id="pam-get-user" -name="below">). - -<item> -The module is additionally privileged to read the authentication -tokens, <tt/PAM_AUTHTOK/ and <tt/PAM_OLDAUTHTOK/ (see the section -above on <tt/pam_set_data()/). - -<item> -The module should <em/not/ <tt/free()/ or alter the data pointed to by -<tt/*item/ after a successful return from <tt/pam_get_item()/. This -pointer points directly at the data contained within the <tt/*pamh/ -structure. Should a module require that a change is made to the this -<tt/ITEM/ it should make the appropriate call to <tt/pam_set_item()/. -</itemize> - -<sect2>The <em/conversation/ mechanism - -<p> -Following the call <tt>pam_get_item(pamh,PAM_CONV,&item)</tt>, the -pointer <tt/item/ points to a <em/conversation/-function that provides -limited but direct access to the application. The purpose of this -function is to allow the module to prompt the user for their password -and pass other information in a manner consistent with the -application. For example, an X-windows based program might pop up a -dialog box to report a login failure. Just as the application should -not be concerned with the method of authentication, so the module -should not dictate the manner in which input (output) is -obtained from (presented to) to the user. - -<p> -The reader is strongly urged to read the more complete description of -the <tt/pam_conv/ structure, written from the perspective of the -application developer, in the <bf/Linux-PAM/ Application Developers' -Guide. - -<p> -The <tt/pam_response/ structure returned after a call to the -<tt/pam_conv/ function must be <tt/free()/'d by the module. Since the -call to the conversation function originates from the module, it is -clear that either this <tt/pam_response/ structure could be either -statically or dynamically (using <tt/malloc()/ etc.) allocated within -the application. Repeated calls to the conversation function would -likely overwrite static memory, so it is required that for a -successful return from the conversation function the memory for the -response structure is dynamically allocated by the application with -one of the <tt/malloc()/ family of commands and <em/must/ be -<tt/free()/'d by the module. - -<p> -If the <tt/pam_conv/ mechanism is used to enter authentication tokens, -the module should either pass the result to the <tt/pam_set_item()/ -library function, or copy it itself. In such a case, once the token -has been stored (by one of these methods or another one), the memory -returned by the application should be overwritten with <tt/0/'s, and -then <tt/free()/'d. - -<p> -The return values for this function are listed in the -<bf>Linux-PAM</bf> Application Developers' Guide. - -<sect2>Getting the name of a user<label id="pam-get-user"> - -<p> -Synopsis: -<tscreen> -<verb> -extern int pam_get_user(pam_handle_t *pamh, - const char **user, - const char *prompt); -</verb> -</tscreen> - -<p> -This is a <bf/Linux-PAM/ library function that returns the -(prospective) name of the user. To determine the username it does the -following things, in this order: -<itemize> - -<item> checks what <tt/pam_get_item(pamh, PAM_USER, ... );/ would have -returned. If this is not <tt/NULL/ this is what it returns. Otherwise, - -<item> obtains a username from the application via the <tt/pam_conv/ -mechanism, it prompts the user with the first non-<tt/NULL/ string in -the following list: -<itemize> - -<item> The <tt/prompt/ argument passed to the function -<item> What is returned by <tt/pam_get_item(pamh,PAM_USER_PROMPT, ... );/ -<item> The default prompt: ``Please enter username: '' - -</itemize> -</itemize> - -<p> -By whatever means the username is obtained, a pointer to it is -returned as the contents of <tt/*user/. Note, this memory should -<em/not/ be <tt/free()/'d by the module. Instead, it will be liberated -on the next call to <tt/pam_get_user()/, or by <tt/pam_end()/ when the -application ends its interaction with <bf/Linux-PAM/. - -<p> -Also, in addition, it should be noted that this function sets the -<tt/PAM_USER/ item that is associated with the <tt/pam_[gs]et_item()/ -function. - -<p> -The return value of this function is one of the following: -<itemize> - -<item> <tt/PAM_SUCCESS/ - username obtained. - -<item> <tt/PAM_CONV_AGAIN/ - converstation did not complete and the -caller is required to return control to the application, until such -time as the application has completed the conversation process. A -module calling <tt/pam_get_user()/ that obtains this return code, -should return <tt/PAM_INCOMPLETE/ and be prepared (when invoked the -next time) to recall <tt/pam_get_user()/ to fill in the user's name, -and then pick up where it left off as if nothing had happened. This -procedure is needed to support an event-driven application programming -model. - -<item> <tt/PAM_CONV_ERR/ - the conversation method supplied by the -application failed to obtain the username. - -</itemize> - -<sect2>Setting a Linux-PAM environment variable - -<p> -Synopsis: -<tscreen> -<verb> -extern int pam_putenv(pam_handle_t *pamh, const char *name_value); -</verb> -</tscreen> - -<p> -<bf/Linux-PAM/ comes equipped with a series of functions for -maintaining a set of <em/environment/ variables. The environment is -initialized by the call to <tt/pam_start()/ and is <bf/erased/ with a -call to <tt/pam_end()/. This <em/environment/ is associated with the -<tt/pam_handle_t/ pointer returned by the former call. - -<p> -The default environment is all but empty. It contains a single -<tt/NULL/ pointer, which is always required to terminate the -variable-list. The <tt/pam_putenv()/ function can be used to add a -new environment variable, replace an existing one, or delete an old -one. - -<p> -<itemize> -<item>Adding/replacing a variable<newline> - -To add or overwrite a <bf/Linux-PAM/ environment variable the value of -the argument <tt/name_value/, should be of the following form: -<tscreen> -<verb> -name_value="VARIABLE=VALUE OF VARIABLE" -</verb> -</tscreen> -Here, <tt/VARIABLE/ is the environment variable's name and what -follows the `<tt/=/' is its (new) value. (Note, that <tt/"VARIABLE="/ -is a valid value for <tt/name_value/, indicating that the variable is -set to <tt/""/.) - -<item> Deleting a variable<newline> - -To delete a <bf/Linux-PAM/ environment variable the value of -the argument <tt/name_value/, should be of the following form: -<tscreen> -<verb> -name_value="VARIABLE" -</verb> -</tscreen> -Here, <tt/VARIABLE/ is the environment variable's name and the absence -of an `<tt/=/' indicates that the variable should be removed. - -</itemize> - -<p> -In all cases <tt/PAM_SUCCESS/ indicates success. - -<sect2>Getting a Linux-PAM environment variable - -<p> -Synopsis: -<tscreen> -<verb> -extern const char *pam_getenv(pam_handle_t *pamh, const char *name); -</verb> -</tscreen> - -<p> -This function can be used to return the value of the given -variable. If the returned value is <tt/NULL/, the variable is not -known. - -<sect2>Listing the Linux-PAM environment - -<p> -Synopsis: -<tscreen> -<verb> -extern char * const *pam_getenvlist(pam_handle_t *pamh); -</verb> -</tscreen> - -<p> -This function returns a pointer to the entire <bf/Linux-PAM/ -environment array. At first sight the <em/type/ of the returned data -may appear a little confusing. It is basically a <em/read-only/ array -of character pointers, that lists the <tt/NULL/ terminated list of -environment variables set so far. - -<p> -Although, this is not a concern for the module programmer, we mention -here that an application should be careful to copy this entire array -before executing <tt/pam_end()/ otherwise all the variable information -will be lost. (There are functions in <tt/libpam_misc/ for this -purpose: <tt/pam_misc_copy_env()/ and <tt/pam_misc_drop_env()/.) - -<sect1>Other functions provided by <tt/libpam/ - -<sect2>Understanding errors - -<p> -<itemize> - -<item> -<tt>extern const char *pam_strerror(pam_handle_t *pamh, int errnum);</tt> - -<p> -This function returns some text describing the <bf/Linux-PAM/ error -associated with the argument <tt/errnum/. If the error is not -recognized <tt/``Unknown Linux-PAM error''/ is returned. - -</itemize> - -<sect2>Planning for delays - -<p> -<itemize> - -<item> -<tt>extern int pam_fail_delay(pam_handle_t *pamh, unsigned int -micro_sec)</tt> - -<p> -This function is offered by <bf/Linux-PAM/ to facilitate time delays -following a failed call to <tt/pam_authenticate()/ and before control -is returned to the application. When using this function the module -programmer should check if it is available with, -<tscreen> -<verb> -#ifdef PAM_FAIL_DELAY - .... -#endif /* PAM_FAIL_DELAY */ -</verb> -</tscreen> - -<p> -Generally, an application requests that a user is authenticated by -<bf/Linux-PAM/ through a call to <tt/pam_authenticate()/ or -<tt/pam_chauthtok()/. These functions call each of the <em/stacked/ -authentication modules listed in the <bf/Linux-PAM/ configuration -file. As directed by this file, one of more of the modules may fail -causing the <tt/pam_...()/ call to return an error. It is desirable -for there to also be a pause before the application continues. The -principal reason for such a delay is security: a delay acts to -discourage <em/brute force/ dictionary attacks primarily, but also -helps hinder <em/timed/ (cf. covert channel) attacks. - -<p> -The <tt/pam_fail_delay()/ function provides the mechanism by which an -application or module can suggest a minimum delay (of <tt/micro_sec/ -<em/micro-seconds/). <bf/Linux-PAM/ keeps a record of the longest time -requested with this function. Should <tt/pam_authenticate()/ fail, -the failing return to the application is delayed by an amount of time -randomly distributed (by up to 25%) about this longest value. - -<p> -Independent of success, the delay time is reset to its zero default -value when <bf/Linux-PAM/ returns control to the application. - -</itemize> - -<sect>What is expected of a module - -<p> -The module must supply a sub-set of the six functions listed -below. Together they define the function of a <bf/Linux-PAM -module/. Module developers are strongly urged to read the comments on -security that follow this list. - -<sect1> Overview - -<p> -The six module functions are grouped into four independent management -groups. These groups are as follows: <em/authentication/, -<em/account/, <em/session/ and <em/password/. To be properly defined, -a module must define all functions within at least one of these -groups. A single module may contain the necessary functions for -<em/all/ four groups. - -<sect2> Functional independence - -<p> -The independence of the four groups of service a module can offer -means that the module should allow for the possibility that any one of -these four services may legitimately be called in any order. Thus, the -module writer should consider the appropriateness of performing a -service without the prior success of some other part of the module. - -<p> -As an informative example, consider the possibility that an -application applies to change a user's authentication token, without -having first requested that <bf/Linux-PAM/ authenticate the user. In -some cases this may be deemed appropriate: when <tt/root/ wants to -change the authentication token of some lesser user. In other cases it -may not be appropriate: when <tt/joe/ maliciously wants to reset -<tt/alice/'s password; or when anyone other than the user themself -wishes to reset their <em/KERBEROS/ authentication token. A policy for -this action should be defined by any reasonable authentication scheme, -the module writer should consider this when implementing a given -module. - -<sect2> Minimizing administration problems - -<p> -To avoid system administration problems and the poor construction of a -<tt>/etc/pam.conf</tt> file, the module developer may define all -six of the following functions. For those functions that would not be -called, the module should return <tt/PAM_SERVICE_ERR/ and write an -appropriate message to the system log. When this action is deemed -inappropriate, the function would simply return <tt/PAM_IGNORE/. - -<sect2> Arguments supplied to the module - -<p> -The <tt/flags/ argument of each of the following functions can be -logically OR'd with <tt/PAM_SILENT/, which is used to inform the -module to not pass any <em/text/ (errors or warnings) to the -application. - -<p> -The <tt/argc/ and <tt/argv/ arguments are taken from the line -appropriate to this module---that is, with the <em/service_name/ -matching that of the application---in the configuration file (see the -<bf/Linux-PAM/ System Administrators' Guide). Together these two -parameters provide the number of arguments and an array of pointers to -the individual argument tokens. This will be familiar to C programmers -as the ubiquitous method of passing command arguments to the function -<tt/main()/. Note, however, that the first argument (<tt/argv[0]/) is -a true argument and <bf/not/ the name of the module. - -<sect1> Authentication management - -<p> -To be correctly initialized, <tt/PAM_SM_AUTH/ must be <tt/#define/'d -prior to including <tt><security/pam_modules.h></tt>. This will -ensure that the prototypes for static modules are properly declared. - -<p> -<itemize> - -<item> -<tt>PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, -int argc, const char **argv);</tt> - -<p> -This function performs the task of authenticating the user. - -<p> -The <tt/flags/ argument can be a logically OR'd with <tt/PAM_SILENT/ -and optionally take the following value: - -<p><descrip> -<tag><tt/PAM_DISALLOW_NULL_AUTHTOK/</tag> - return <tt/PAM_AUTH_ERR/ if the database of authentication -tokens for this authentication mechanism has a <tt/NULL/ entry for the -user. Without this flag, such a <tt/NULL/ token will lead to a success -without the user being prompted. -</descrip> - -<p> -Besides <tt/PAM_SUCCESS/ return values that can be sent by this -function are one of the following: - -<descrip> - -<tag><tt/PAM_AUTH_ERR/</tag> - The user was not authenticated -<tag><tt/PAM_CRED_INSUFFICIENT/</tag> - For some reason the application does not have sufficient -credentials to authenticate the user. -<tag><tt/PAM_AUTHINFO_UNAVAIL/</tag> - The modules were not able to access the authentication -information. This might be due to a network or hardware failure etc. -<tag><tt/PAM_USER_UNKNOWN/</tag> - The supplied username is not known to the authentication -service -<tag><tt/PAM_MAXTRIES/</tag> - One or more of the authentication modules has reached its -limit of tries authenticating the user. Do not try again. - -</descrip> - -<item> -<tt>PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int -argc, const char **argv);</tt> - -<p> -This function performs the task of altering the credentials of the -user with respect to the corresponding authorization -scheme. Generally, an authentication module may have access to more -information about a user than their authentication token. This -function is used to make such information available to the -application. It should only be called <em/after/ the user has been -authenticated but before a session has been established. - -<p> -Permitted flags, one of which, may be logically OR'd with -<tt/PAM_SILENT/ are, - -<p><descrip> -<tag><tt/PAM_ESTABLISH_CRED/</tag> - Set the credentials for the authentication service, -<tag><tt/PAM_DELETE_CRED/</tag> - Delete the credentials associated with the authentication service, -<tag><tt/PAM_REINITIALIZE_CRED/</tag> - Reinitialize the user credentials, and -<tag><tt/PAM_REFRESH_CRED/</tag> - Extend the lifetime of the user credentials. -</descrip> - -<p> -Prior to <bf/Linux-PAM-0.75/, and due to a deficiency with the way the -<tt/auth/ stack was handled in the case of the setcred stack being -processed, the module was required to attempt to return the same error -code as <tt/pam_sm_authenticate/ did. This was necessary to preserve -the logic followed by libpam as it executes the stack of -<em/authentication/ modules, when the application called either -<tt/pam_authenticate()/ or <tt/pam_setcred()/. Failing to do this, -led to confusion on the part of the System Administrator. - -<p> -For <bf/Linux-PAM-0.75/ and later, libpam handles the credential stack -much more sanely. The way the <tt/auth/ stack is navigated in order to -evaluate the <tt/pam_setcred()/ function call, independent of the -<tt/pam_sm_setcred()/ return codes, is exactly the same way that it -was navigated when evaluating the <tt/pam_authenticate()/ library -call. Typically, if a stack entry was ignored in evaluating -<tt/pam_authenticate()/, it will be ignored when libpam evaluates the -<tt/pam_setcred()/ function call. Otherwise, the return codes from -each module specific <tt/pam_sm_setcred()/ call are treated as -<tt/required/. - -<p> -Besides <tt/PAM_SUCCESS/, the module may return one of the following -errors: - -<p><descrip> -<tag><tt/PAM_CRED_UNAVAIL/</tag> - This module cannot retrieve the user's credentials. -<tag><tt/PAM_CRED_EXPIRED/</tag> - The user's credentials have expired. -<tag><tt/PAM_USER_UNKNOWN/</tag> - The user is not known to this authentication module. -<tag><tt/PAM_CRED_ERR/</tag> - This module was unable to set the credentials of the user. -</descrip> - -<p> -these, non-<tt/PAM_SUCCESS/, return values will typically lead to the -credential stack <em/failing/. The first such error will dominate in -the return value of <tt/pam_setcred()/. - -</itemize> - -<sect1> Account management - -<p> -To be correctly initialized, <tt/PAM_SM_ACCOUNT/ must be -<tt/#define/'d prior to including <tt><security/pam_modules.h></tt>. -This will ensure that the prototype for a static module is properly -declared. - -<p> -<itemize> - -<item> -<tt>PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int -argc, const char **argv);</tt> - -<p> -This function performs the task of establishing whether the user is -permitted to gain access at this time. It should be understood that -the user has previously been validated by an authentication -module. This function checks for other things. Such things might be: -the time of day or the date, the terminal line, remote -hostname, etc. . - -<p> -This function may also determine things like the expiration on -passwords, and respond that the user change it before continuing. - -<p> -Valid flags, which may be logically OR'd with <tt/PAM_SILENT/, are the -same as those applicable to the <tt/flags/ argument of -<tt/pam_sm_authenticate/. - -<p> -This function may return one of the following errors, - -<descrip> - -<tag><tt/PAM_ACCT_EXPIRED/</tag> - The user is no longer permitted access to the system. -<tag><tt/PAM_AUTH_ERR/</tag> - There was an authentication error. -<tag><tt/PAM_AUTHTOKEN_REQD/</tag> - The user's authentication token has expired. Before calling -this function again the application will arrange for a new one to be -given. This will likely result in a call to <tt/pam_sm_chauthtok()/. -<tag><tt/PAM_USER_UNKNOWN/</tag> - The user is not known to the module's account management -component. - -</descrip> - -</itemize> - -<sect1> Session management - -<p> -To be correctly initialized, <tt/PAM_SM_SESSION/ must be -<tt/#define/'d prior to including -<tt><security/pam_modules.h></tt>. This will ensure that the -prototypes for static modules are properly declared. - -<p> -The following two functions are defined to handle the -initialization/termination of a session. For example, at the beginning -of a session the module may wish to log a message with the system -regarding the user. Similarly, at the end of the session the module -would inform the system that the user's session has ended. - -<p> -It should be possible for sessions to be opened by one application and -closed by another. This either requires that the module uses only -information obtained from <tt/pam_get_item()/, or that information -regarding the session is stored in some way by the operating system -(in a file for example). - -<p> -<itemize> - -<item> -<tt>PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int -argc, const char **argv);</tt> - -<p> -This function is called to commence a session. The only valid, but -optional, flag is <tt/PAM_SILENT/. - -<p> -As a return value, <tt/PAM_SUCCESS/ signals success and -<tt/PAM_SESSION_ERR/ failure. - -<item> -<tt>PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int -argc, const char **argv);</tt> - -<p> -This function is called to terminate a session. The only valid, but -optional, flag is <tt/PAM_SILENT/. - -<p> -As a return value, <tt/PAM_SUCCESS/ signals success and -<tt/PAM_SESSION_ERR/ failure. - -</itemize> - -<sect1> Password management - -<p> -To be correctly initialized, <tt/PAM_SM_PASSWORD/ must be -<tt/#define/'d prior to including <tt><security/pam_modules.h></tt>. -This will ensure that the prototype for a static module is properly -declared. - -<p> -<itemize> - -<item> -<tt>PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int -argc, const char **argv);</tt> - -<p> -This function is used to (re-)set the authentication token of the -user. A valid flag, which may be logically OR'd with <tt/PAM_SILENT/, -can be built from the following list, - -<descrip> -<tag><tt/PAM_CHANGE_EXPIRED_AUTHTOK/</tag> - This argument indicates to the module that the users -authentication token (password) should only be changed if it has -expired. This flag is optional and <em/must/ be combined with one of -the following two flags. Note, however, the following two options are -<em/mutually exclusive/. - -<tag><tt/PAM_PRELIM_CHECK/</tag> - This indicates that the modules are being probed as to their -ready status for altering the user's authentication token. If the -module requires access to another system over some network it should -attempt to verify it can connect to this system on receiving this -flag. If a module cannot establish it is ready to update the user's -authentication token it should return <tt/PAM_TRY_AGAIN/, this -information will be passed back to the application. - -<tag><tt/PAM_UPDATE_AUTHTOK/</tag> - This informs the module that this is the call it should change -the authorization tokens. If the flag is logically OR'd with -<tt/PAM_CHANGE_EXPIRED_AUTHTOK/, the token is only changed if it has -actually expired. - -</descrip> - -<p> -Note, the <bf/Linux-PAM/ library calls this function twice in -succession. The first time with <tt/PAM_PRELIM_CHECK/ and then, if the -module does not return <tt/PAM_TRY_AGAIN/, subsequently with -<tt/PAM_UPDATE_AUTHTOK/. It is only on the second call that the -authorization token is (possibly) changed. - -<p> -<tt/PAM_SUCCESS/ is the only successful return value, valid -error-returns are: - -<descrip> -<tag><tt/PAM_AUTHTOK_ERR/</tag> - The module was unable to obtain the new authentication token. - -<tag><tt/PAM_AUTHTOK_RECOVERY_ERR/</tag> - The module was unable to obtain the old authentication token. - -<tag><tt/PAM_AUTHTOK_LOCK_BUSY/</tag> - Cannot change the authentication token since it is currently -locked. - -<tag><tt/PAM_AUTHTOK_DISABLE_AGING/</tag> - Authentication token aging has been disabled. - -<tag><tt/PAM_PERM_DENIED/</tag> - Permission denied. - -<tag><tt/PAM_TRY_AGAIN/</tag> - Preliminary check was unsuccessful. Signals an immediate return -to the application is desired. - -<tag><tt/PAM_USER_UNKNOWN/</tag> - The user is not known to the authentication token changing -service. - -</descrip> - -</itemize> - -<sect>Generic optional arguments - -<p> -Here we list the generic arguments that all modules can expect to -be passed. They are not mandatory, and their absence should be -accepted without comment by the module. - -<p> -<descrip> -<tag><tt/debug/</tag> - -Use the <tt/syslog(3)/ call to log debugging information to the system -log files. - -<tag><tt/no_warn/</tag> - -Instruct module to not give warning messages to the application. - -<tag><tt/use_first_pass/</tag> - -The module should not prompt the user for a password. Instead, it -should obtain the previously typed password (by a call to -<tt/pam_get_item()/ for the <tt/PAM_AUTHTOK/ item), and use that. If -that doesn't work, then the user will not be authenticated. (This -option is intended for <tt/auth/ and <tt/passwd/ modules only). - -<tag><tt/try_first_pass/</tag> - -The module should attempt authentication with the previously typed -password (by a call to <tt/pam_get_item()/ for the <tt/PAM_AUTHTOK/ -item). If that doesn't work, then the user is prompted for a -password. (This option is intended for <tt/auth/ modules only). - -<tag><tt/use_mapped_pass/</tag> - -<bf/WARNING:/ coding this functionality may cause the module writer to -break <em/local/ encryption laws. For example, in the U.S. there are -restrictions on the export computer code that is capable of strong -encryption. It has not been established whether this option is -affected by this law, but one might reasonably assume that it does -until told otherwise. For this reason, this option is not supported -by any of the modules distributed with <bf/Linux-PAM/. - -The intended function of this argument, however, is that the module -should take the existing authentication token from a previously -invoked module and use it as a key to retrieve the authentication -token for this module. For example, the module might create a strong -hash of the <tt/PAM_AUTHTOK/ item (established by a previously -executed module). Then, with logical-exclusive-or, use the result as a -<em/key/ to safely store/retrieve the authentication token for this -module in/from a local file <em/etc/. . - -<tag><tt/expose_account/</tag> - -<p> -In general the leakage of some information about user accounts is not -a secure policy for modules to adopt. Sometimes information such as -users names or home directories, or preferred shell, can be used to -attack a user's account. In some circumstances, however, this sort of -information is not deemed a threat: displaying a user's full name when -asking them for a password in a secured environment could also be -called being 'friendly'. The <tt/expose_account/ argument is a -standard module argument to encourage a module to be less discrete -about account information as it is deemed appropriate by the local -administrator. - -</descrip> - -<sect>Programming notes - -<p> -Here we collect some pointers for the module writer to bear in mind -when writing/developing a <bf/Linux-PAM/ compatible module. - -<sect1>Security issues for module creation - -<sect2>Sufficient resources - -<p> -Care should be taken to ensure that the proper execution of a module -is not compromised by a lack of system resources. If a module is -unable to open sufficient files to perform its task, it should fail -gracefully, or request additional resources. Specifically, the -quantities manipulated by the <tt/setrlimit(2)/ family of commands -should be taken into consideration. - -<sect2>Who's who? - -<p> -Generally, the module may wish to establish the identity of the user -requesting a service. This may not be the same as the username -returned by <tt/pam_get_user()/. Indeed, that is only going to be the -name of the user under whose identity the service will be given. This -is not necessarily the user that requests the service. - -<p> -In other words, user X runs a program that is setuid-Y, it grants the -user to have the permissions of Z. A specific example of this sort of -service request is the <em/su/ program: user <tt/joe/ executes -<em/su/ to become the user <em/jane/. In this situation X=<tt/joe/, -Y=<tt/root/ and Z=<tt/jane/. Clearly, it is important that the module -does not confuse these different users and grant an inappropriate -level of privilege. - -<p> -The following is the convention to be adhered to when juggling -user-identities. - -<p> -<itemize> -<item>X, the identity of the user invoking the service request. -This is the user identifier; returned by the function <tt/getuid(2)/. - -<item>Y, the privileged identity of the application used to grant the -requested service. This is the <em/effective/ user identifier; -returned by the function <tt/geteuid(2)/. - -<item>Z, the user under whose identity the service will be granted. -This is the username returned by <tt/pam_get_user(2)/ and also stored -in the <bf/Linux-PAM/ item, <tt/PAM_USER/. - -<item><bf/Linux-PAM/ has a place for an additional user identity that -a module may care to make use of. This is the <tt/PAM_RUSER/ item. -Generally, network sensitive modules/applications may wish to set/read -this item to establish the identity of the user requesting a service -from a remote location. - -</itemize> - -<p> -Note, if a module wishes to modify the identity of either the <tt/uid/ -or <tt/euid/ of the running process, it should take care to restore -the original values prior to returning control to the <bf/Linux-PAM/ -library. - -<sect2>Using the conversation function -<p> -Prior to calling the conversation function, the module should reset -the contents of the pointer that will return the applications -response. This is a good idea since the application may fail to fill -the pointer and the module should be in a position to notice! - -<p> -The module should be prepared for a failure from the conversation. The -generic error would be <tt/PAM_CONV_ERR/, but anything other than -<tt/PAM_SUCCESS/ should be treated as indicating failure. - -<sect2>Authentication tokens - -<p> -To ensure that the authentication tokens are not left lying around the -items, <tt/PAM_AUTHTOK/ and <tt/PAM_OLDAUTHTOK/, are not available to -the application: they are defined in -<tt><security/pam_modules.h></tt>. This is ostensibly for -security reasons, but a maliciously programmed application will always -have access to all memory of the process, so it is only superficially -enforced. As a general rule the module should overwrite -authentication tokens as soon as they are no longer needed. -Especially before <tt/free()/'ing them. The <bf/Linux-PAM/ library is -required to do this when either of these authentication token items -are (re)set. - -<p> -Not to dwell too little on this concern; should the module store the -authentication tokens either as (automatic) function variables or -using <tt/pam_[gs]et_data()/ the associated memory should be -over-written explicitly before it is released. In the case of the -latter storage mechanism, the associated <tt/cleanup()/ function -should explicitly overwrite the <tt/*data/ before <tt/free()/'ing it: -for example, - -<tscreen> -<verb> -/* - * An example cleanup() function for releasing memory that was used to - * store a password. - */ - -int cleanup(pam_handle_t *pamh, void *data, int error_status) -{ - char *xx; - - if ((xx = data)) { - while (*xx) - *xx++ = '\0'; - free(data); - } - return PAM_SUCCESS; -} -</verb> -</tscreen> - -<sect1>Use of <tt/syslog(3)/ - -<p> -Only rarely should error information be directed to the user. Usually, -this is to be limited to ``<em/sorry you cannot login now/'' type -messages. Information concerning errors in the configuration file, -<tt>/etc/pam.conf</tt>, or due to some system failure encountered by -the module, should be written to <tt/syslog(3)/ with -<em/facility-type/ <tt/LOG_AUTHPRIV/. - -<p> -With a few exceptions, the level of logging is, at the discretion of -the module developer. Here is the recommended usage of different -logging levels: - -<p> -<itemize> - -<item> -As a general rule, errors encountered by a module should be logged at -the <tt/LOG_ERR/ level. However, information regarding an unrecognized -argument, passed to a module from an entry in the -<tt>/etc/pam.conf</tt> file, is <bf/required/ to be logged at the -<tt/LOG_ERR/ level. - -<item> -Debugging information, as activated by the <tt/debug/ argument to the -module in <tt>/etc/pam.conf</tt>, should be logged at the -<tt/LOG_DEBUG/ level. - -<item> -If a module discovers that its personal configuration file or some -system file it uses for information is corrupted or somehow unusable, -it should indicate this by logging messages at level, <tt/LOG_ALERT/. - -<item> -Shortages of system resources, such as a failure to manipulate a file -or <tt/malloc()/ failures should be logged at level <tt/LOG_CRIT/. - -<item> -Authentication failures, associated with an incorrectly typed password -should be logged at level, <tt/LOG_NOTICE/. - -</itemize> - -<sect1> Modules that require system libraries - -<p> -Writing a module is much like writing an application. You have to -provide the "conventional hooks" for it to work correctly, like -<tt>pam_sm_authenticate()</tt> etc., which would correspond to the -<tt/main()/ function in a normal function. - -<p> -Typically, the author may want to link against some standard system -libraries. As when one compiles a normal program, this can be done for -modules too: you simply append the <tt>-l</tt><em>XXX</em> arguments -for the desired libraries when you create the shared module object. To -make sure a module is linked to the <tt>lib<em>whatever</em>.so</tt> -library when it is <tt>dlopen()</tt>ed, try: -<tscreen> -<verb> -% gcc -shared -Xlinker -x -o pam_module.so pam_module.o -lwhatever -</verb> -</tscreen> - -<sect1> Added requirements for <em/statically/ loaded modules. - -<!-- - Copyright (C) Michael K. Johnson 1996. - Last modified: AGM 1996/5/31. - --> - -<p> -Modules may be statically linked into libpam. This should be true of -all the modules distributed with the basic <bf/Linux-PAM/ -distribution. To be statically linked, a module needs to export -information about the functions it contains in a manner that does not -clash with other modules. - -The extra code necessary to build a static module should be delimited -with <tt/#ifdef PAM_STATIC/ and <tt/#endif/. The static code should do -the following: -<itemize> -<item> Define a single structure, <tt/struct pam_module/, called -<tt>_pam_<it>modname</it>_modstruct</tt>, where -<tt><it>modname</it></tt> is the name of the module <bf/as used in the -filesystem/ but without the leading directory name (generally -<tt>/usr/lib/security/</tt> or the suffix (generally <tt/.so/). - -</itemize> - -<p> -As a simple example, consider the following module code which defines -a module that can be compiled to be <em/static/ or <em/dynamic/: - -<p> -<tscreen> -<verb> -#include <stdio.h> /* for NULL define */ - -#define PAM_SM_PASSWORD /* the only pam_sm_... function declared */ -#include <security/pam_modules.h> - -PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - return PAM_SUCCESS; -} - -#ifdef PAM_STATIC /* for the case that this module is static */ - -struct pam_module _pam_modname_modstruct = { /* static module data */ - "pam_modname", - NULL, - NULL, - NULL, - NULL, - NULL, - pam_sm_chauthtok, -}; - -#endif /* end PAM_STATIC */ -</verb> -</tscreen> - -<p> -To be linked with <em/libpam/, staticly-linked modules must be built -from within the <tt>Linux-PAM-X.YY/modules/</tt> subdirectory of the -<bf/Linux-PAM/ source directory as part of a normal build of the -<bf/Linux-PAM/ system. - -The <em/Makefile/, for the module in question, must execute the -<tt/register_static/ shell script that is located in the -<tt>Linux-PAM-X.YY/modules/</tt> subdirectory. This is to ensure that -the module is properly registered with <em/libpam/. - -The <bf/two/ manditory arguments to <tt/register_static/ are the -title, and the pathname of the object file containing the module's -code. The pathname is specified relative to the -<tt>Linux-PAM-X.YY/modules</tt> directory. The pathname may be an -empty string---this is for the case that a single object file needs to -register more than one <tt/struct pam_module/. In such a case, exactly -one call to <tt/register_static/ must indicate the object file. - -<p> -Here is an example; a line in the <em/Makefile/ might look like this: -<tscreen> -<verb> -register: -ifdef STATIC - (cd ..; ./register_static pam_modname pam_modname/pam_modname.o) -endif -</verb> -</tscreen> - -For some further examples, see the <tt>modules</tt> subdirectory of -the current <bf/Linux-PAM/ distribution. - -<sect>An example module file - -<p> -At some point, we may include a fully commented example of a module in -this document. For now, we point the reader to these two locations in -the public CVS repository: -<itemize> -<item> A module that always succeeds: <tt><htmlurl -url="http://cvs.sourceforge.net/cgi-bin/cvsweb.cgi/Linux-PAM/modules/pam_permit/?cvsroot=pam" -name="http://cvs.sourceforge.net/cgi-bin/cvsweb.cgi/Linux-PAM/modules/pam_permit/?cvsroot=pam" -></tt> -<item> A module that always fails: <tt><htmlurl -url="http://cvs.sourceforge.net/cgi-bin/cvsweb.cgi/Linux-PAM/modules/pam_deny/?cvsroot=pam" -name="http://cvs.sourceforge.net/cgi-bin/cvsweb.cgi/Linux-PAM/modules/pam_deny/?cvsroot=pam" -></tt> -</itemize> - -<sect>Files - -<p><descrip> - -<tag><tt>/usr/lib/libpam.so.*</tt></tag> - -the shared library providing applications with access to -<bf/Linux-PAM/. - -<tag><tt>/etc/pam.conf</tt></tag> - -the <bf/Linux-PAM/ configuration file. - -<tag><tt>/usr/lib/security/pam_*.so</tt></tag> - -the primary location for <bf/Linux-PAM/ dynamically loadable object -files; the modules. - -</descrip> - -<sect>See also - -<p><itemize> -<item>The <bf/Linux-PAM/ System Administrators' Guide. -<item>The <bf/Linux-PAM/ Application Writers' Guide. -<item> -V. Samar and R. Schemers (SunSoft), ``UNIFIED LOGIN WITH PLUGGABLE -AUTHENTICATION MODULES'', Open Software Foundation Request For -Comments 86.0, October 1995. -</itemize> - -<sect>Notes - -<p> -I intend to put development comments here... like ``at the moment -this isn't actually supported''. At release time what ever is in -this section will be placed in the Bugs section below! :) - -<p> -<itemize> -<item> -Perhaps we should keep a registry of data-names as used by -<tt/pam_[gs]et_data()/ so there are no unintentional problems due to -conflicts? - -<item> -<tt/pam_strerror()/ should be internationalized.... - -<item> -There has been some debate about whether <tt/initgroups()/ should be -in an application or in a module. It was settled by Sun who stated -that initgroups is an action of the <em/application/. The modules are -permitted to add additional groups, however. - -<item> -Refinements/futher suggestions to <tt/syslog(3)/ usage by modules are -needed. - -</itemize> - -<sect>Author/acknowledgments - -<p> -This document was written by Andrew G. Morgan -(<tt/morgan@transmeta.com/) with many contributions from -<!-- insert credits here --> -<!-- - an sgml list of people to credit for their contributions to Linux-PAM - $Id: pam_modules.sgml,v 1.6 2001/02/22 04:58:51 agmorgan Exp $ - --> -Chris Adams, -Peter Allgeyer, -Tim Baverstock, -Tim Berger, -Craig S. Bell, -Derrick J. Brashear, -Ben Buxton, -Seth Chaiklin, -Oliver Crow, -Chris Dent, -Marc Ewing, -Cristian Gafton, -Emmanuel Galanos, -Brad M. Garcia, -Eric Hester, -Roger Hu, -Eric Jacksch, -Michael K. Johnson, -David Kinchlea, -Olaf Kirch, -Marcin Korzonek, -Stephen Langasek, -Nicolai Langfeldt, -Elliot Lee, -Luke Kenneth Casson Leighton, -Al Longyear, -Ingo Luetkebohle, -Marek Michalkiewicz, -Robert Milkowski, -Aleph One, -Martin Pool, -Sean Reifschneider, -Jan Rekorajski, -Erik Troan, -Theodore Ts'o, -Jeff Uphoff, -Myles Uyema, -Savochkin Andrey Vladimirovich, -Ronald Wahl, -David Wood, -John Wilmes, -Joseph S. D. Yao -and -Alex O. Yuriev. - -<p> -Thanks are also due to Sun Microsystems, especially to Vipin Samar and -Charlie Lai for their advice. At an early stage in the development of -<bf/Linux-PAM/, Sun graciously made the documentation for their -implementation of PAM available. This act greatly accelerated the -development of <bf/Linux-PAM/. - -<sect>Bugs/omissions - -<p> -Few PAM modules currently exist. Few PAM-aware applications exist. -This document is hopelessly unfinished. Only a partial list of people is -credited for all the good work they have done. - -<sect>Copyright information for this document - -<p> -Copyright (c) Andrew G. Morgan 1996, 1997. All rights reserved. -<newline> -Email: <tt><morgan@transmeta.com></tt> - -<p> -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - -<p> -<itemize> - -<item> -1. Redistributions of source code must retain the above copyright - notice, and the entire permission notice in its entirety, - including the disclaimer of warranties. - -<item> -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -<item> -3. The name of the author may not be used to endorse or promote - products derived from this software without specific prior - written permission. - -</itemize> - -<p> -<bf/Alternatively/, this product may be distributed under the terms of -the GNU General Public License (GPL), in which case the provisions of -the GNU GPL are required <bf/instead of/ the above restrictions. -(This clause is necessary due to a potential bad interaction between -the GNU GPL and the restrictions contained in a BSD-style copyright.) - -<p> -THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS -OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR -TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -DAMAGE. - -<p> -<tt>$Id: pam_modules.sgml,v 1.6 2001/02/22 04:58:51 agmorgan Exp $</tt> - -</article> diff --git a/contrib/libpam/doc/pam_source.sgml b/contrib/libpam/doc/pam_source.sgml deleted file mode 100644 index 5e4be44..0000000 --- a/contrib/libpam/doc/pam_source.sgml +++ /dev/null @@ -1,1125 +0,0 @@ -<!doctype linuxdoc system> - -<!-- - - $Id: pam_source.sgml,v 1.5 2001/03/19 01:46:41 agmorgan Exp $ - - Copyright (c) Andrew G. Morgan 1996-2001. All rights reserved. - -Redistribution and use in source (sgml) and binary (derived) forms, -with or without modification, are permitted provided that the -following conditions are met: - -1. Redistributions of source code must retain the above copyright - notice, and the entire permission notice in its entirety, - including the disclaimer of warranties. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. The name of the author may not be used to endorse or promote - products derived from this software without specific prior - written permission. - -ALTERNATIVELY, this product may be distributed under the terms of the -GNU General Public License, in which case the provisions of the GNU -GPL are required INSTEAD OF the above restrictions. (This clause is -necessary due to a potential bad interaction between the GNU GPL and -the restrictions contained in a BSD-style copyright.) - -THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS -OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR -TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -DAMAGE. - - --> - -<article> - -<title>The Linux-PAM System Administrators' Guide -<author>Andrew G. Morgan, <tt>morgan@kernel.org</tt> -<date>DRAFT v0.75 2001/03/18 -<abstract> -This manual documents what a system-administrator needs to know about -the <bf>Linux-PAM</bf> library. It covers the correct syntax of the -PAM configuration file and discusses strategies for maintaining a -secure system. -</abstract> - -<!-- Table of contents --> -<toc> - -<!-- Begin the document --> - -<sect>Introduction - -<p><bf/Linux-PAM/ (Pluggable Authentication Modules for Linux) is a -suite of shared libraries that enable the local system administrator -to choose how applications authenticate users. - -<p>In other words, without (rewriting and) recompiling a PAM-aware -application, it is possible to switch between the authentication -mechanism(s) it uses. Indeed, one may entirely upgrade the local -authentication system without touching the applications themselves. - -<p>Historically an application that has required a given user to be -authenticated, has had to be compiled to use a specific authentication -mechanism. For example, in the case of traditional UN*X systems, the -identity of the user is verified by the user entering a correct -password. This password, after being prefixed by a two character -``salt'', is encrypted (with crypt(3)). The user is then authenticated -if this encrypted password is identical to the second field of the -user's entry in the system password database (the <tt>/etc/passwd</tt> -file). On such systems, most if not all forms of privileges are -granted based on this single authentication scheme. Privilege comes in -the form of a personal user-identifier (<tt/uid/) and membership of -various groups. Services and applications are available based on the -personal and group identity of the user. Traditionally, group -membership has been assigned based on entries in the -<tt>/etc/group</tt> file. - -<p> -Unfortunately, increases in the speed of computers and the -widespread introduction of network based computing, have made once -secure authentication mechanisms, such as this, vulnerable to -attack. In the light of such realities, new methods of authentication -are continuously being developed. - -<p> -It is the purpose of the <bf/Linux-PAM/ project to separate the -development of privilege granting software from the development of -secure and appropriate authentication schemes. This is accomplished -by providing a library of functions that an application may use to -request that a user be authenticated. This PAM library is configured -locally with a system file, <tt>/etc/pam.conf</tt> (or a series of -configuration files located in <tt>/etc/pam.d/</tt>) to authenticate a -user request via the locally available authentication modules. The -modules themselves will usually be located in the directory -<tt>/usr/lib/security</tt> and take the form of dynamically loadable -object files (see <tt/dlopen(3)/). - -<sect>Some comments on the text<label id="text-conventions"> - -<p> -Before proceeding to read the rest of this document, it should be -noted that the text assumes that certain files are placed in certain -directories. Where they have been specified, the conventions we adopt -here for locating these files are those of the relevant RFC (RFC-86.0, -see <ref id="see-also-sec" name="bibliography">). If you are using a -distribution of Linux (or some other operating system) that supports -PAM but chooses to distribute these files in a diferent way (Red Hat -is one such distribution), you should be careful when copying examples -directly from the text. - -<p> -As an example of the above, where it is explicit, the text assumes -that PAM loadable object files (the <em/modules/) are to be located in -the following directory: <tt>/usr/lib/security/</tt>. However, Red Hat -Linux, in agreement with the Linux File System Standard (the FSSTND), -places these files in <tt>/lib/security</tt>. Please be careful to -perform the necessary transcription when using the examples from the -text. - -<sect>Overview<label id="overview-section"> - -<p> -For the uninitiated, we begin by considering an example. We take an -application that grants some service to users; <em/login/ is one such -program. <em/Login/ does two things, it first establishes that the -requesting user is whom they claim to be and second provides them with -the requested service: in the case of <em/login/ the service is a -command shell (<em>bash, tcsh, zsh, etc.</em>) running with the -identity of the user. - -<p> -Traditionally, the former step is achieved by the <em/login/ -application prompting the user for a password and then verifying that -it agrees with that located on the system; hence verifying that -as far as the system is concerned the user is who they claim to be. -This is the task that is delegated to <bf/Linux-PAM/. - -<p> -From the perspective of the application programmer (in this case the -person that wrote the <em/login/ application), <bf/Linux-PAM/ takes -care of this authentication task -- verifying the identity of the user. - -<p> -The flexibility of <bf/Linux-PAM/ is that <em/you/, the system -administrator, have the freedom to stipulate which authentication -scheme is to be used. You have the freedom to set the scheme for -any/all PAM-aware applications on your Linux system. That is, you can -authenticate from anything as naive as <em/simple trust/ -(<tt/pam_permit/) to something as paranoid as a combination of a -retinal scan, a voice print and a one-time password! - -<p> -To illustrate the flexibility you face, consider the following -situation: a system administrator (parent) wishes to improve the -mathematical ability of her users (children). She can configure their -favorite ``Shoot 'em up game'' (PAM-aware of course) to authenticate -them with a request for the product of a couple of random numbers less -than 12. It is clear that if the game is any good they will soon learn -their <em/multiplication tables/. As they mature, the authentication -can be upgraded to include (long) division! - -<p> -<bf/Linux-PAM/ deals with four separate types of (management) -task. These are: <em/authentication management/; <em/account -management/; <em/session management/; and <em/password management/. -The association of the preferred management scheme with the behavior -of an application is made with entries in the relevant <bf/Linux-PAM/ -configuration file. The management functions are performed by -<em/modules/ specified in the configuration file. The syntax for this -file is discussed in the section <ref id="configuration" -name="below">. - -<p> -Here is a figure that describes the overall organization of -<bf/Linux-PAM/. -<tscreen> -<verb> - +----------------+ - | application: X | - +----------------+ / +----------+ +================+ - | authentication-[---->--\--] Linux- |--<--| PAM config file| - | + [----<--/--] PAM | |================| - |[conversation()][--+ \ | | | X auth .. a.so | - +----------------+ | / +-n--n-----+ | X auth .. b.so | - | | | __| | | _____/ - | service user | A | | |____,-----' - | | | V A - +----------------+ +------|-----|---------+ -----+------+ - +---u-----u----+ | | | - | auth.... |--[ a ]--[ b ]--[ c ] - +--------------+ - | acct.... |--[ b ]--[ d ] - +--------------+ - | password |--[ b ]--[ c ] - +--------------+ - | session |--[ e ]--[ c ] - +--------------+ -</verb> -</tscreen> -By way of explanation, the left of the figure represents the -application; application X. Such an application interfaces with the -<bf/Linux-PAM/ library and knows none of the specifics of its -configured authentication method. The <bf/Linux-PAM/ library (in the -center) consults the contents of the PAM configuration file and loads -the modules that are appropriate for application-X. These modules fall -into one of four management groups (lower-center) and are stacked in -the order they appear in the configuration file. These modules, when -called by <bf/Linux-PAM/, perform the various authentication tasks for -the application. Textual information, required from/or offered to the -user, can be exchanged through the use of the application-supplied -<em/conversation/ function. - -<sect1>Getting started - -<p> -The following text was contributed by Seth Chaiklin: -<tscreen> -<verb> -To this point, we have described how PAM should work in an -ideal world, in which all applications are coded properly. -However, at the present time (October 1998), this is far -from the case. Therefore, here are some practical considerations -in trying to use PAM in your system. - -Why bother, is it really worth all the trouble? - -If you running Linux as a single user system, or in an -environment where all the users are trusted, then there -is no real advantage for using PAM. -</verb> -</tscreen> - -<p> -<BF>Ed:</BF> there is actually an advantage since you can <em/dummy -down/ the authentication to the point where you don't have -any... Almost like Win95. -<p> -In a networked environment, it is clear that you need to think a -little more about how users etc., are authenticated:] - -<p> -<tscreen> -<verb> -If you are running Linux as a server, where several different -services are being provided (e.g., WWW with areas restricted by -password control, PPP), then there can be some real and interesting -value for PAM. In particular, through the use of modules, PAM can -enable a program to search through several different password -databases, even if that program is not explicitly coded for -that particular database. Here are some examples of the possibilities -that this enables. - - o Apache has a module that provides PAM services. Now - authentication - to use particular directories can be conducted by PAM, which - means that the range of modules that are available to PAM can - be used, including RADIUS, NIS, NCP (which means that Novell - password databases can be used). - - o pppd has a PAMified version (available from RedHat) Now it is - possible to use a series of databases to authenticate ppp users. - In addition to the normal Linux-based password databases (such - as /etc/passwd and /etc/shadow), you can use PAM modules to - authenticate against Novell password databases or NT-based - password databases. - - o The preceding two examples can be combined. Imagaine that the - persons in your office/department are already registered with a - username and password in a Novell or NT LAN. If you wanted to - use this database on your Linux server (for PPP access, for - web access, or even for normal shell access), you can use PAM - to authenticate against this existing database, rather than - maintain a separate database on both Linux and the LAN server. - - -Can I use PAM for any program that requires authentication? - -Yes and no. Yes, if you have access to the source code, and can -add the appropriate PAM functions. No, if you do not have access -to the source code, and the binary does not have the PAM functions -included. - -In other words, if a program is going to use PAM, then it has to -have PAM functions explicitly coded into the program. If they -are not, then it is not possible to use PAM. - -How can I tell whether a program has PAM coded into it or not? - -A quick-and-dirty (but not always reliable) method is to ldd -<programname> -If libpam and libpam_misc are not among the libraries that the program -uses, then it is not going to work with PAM. However, it is possible -that the libraries are included, but there are still problems, because -the PAM coding in the program does not work as it should. So a -more reliable method is to make the follow tests. - -In the /etc/pam.d directory, one needs to make a configuration file -for the program that one wants to run. The exact name of the -configuration -file is hard-coded into the program. Usually, it is the same name as -the -program, but not always. For sake of illustration, let's assume that -the program is named "pamprog" and the name of the configuration file -is /etc/pam.d/pamprog. - -In the /etc/pam.d/pamprog but the following two lines: - -auth required pam_permit.so -auth required pam_warn.so - - -Now try to use pamprog. The first line in the configuration file -says that all users are permitted. The second line will write a -warning to your syslog file (or whether you syslog is writing - -messages). If this test succeeds, then you know that you have -a program that can understand pam, and you can start the more -interesting work of deciding how to stack modules in your -/etc/pam.d/pamprog file. -</verb> -</tscreen> - -<sect>The Linux-PAM configuration file -<label id="configuration"> - -<p> -<bf/Linux-PAM/ is designed to provide the system administrator with a -great deal of flexibility in configuring the privilege granting -applications of their system. The local configuration of those aspects -of system security controlled by <tt/Linux-PAM/ is contained in one of -two places: either the single system file, <tt>/etc/pam.conf</tt>; or -the <tt>/etc/pam.d/</tt> directory. In this section we discuss the -correct syntax of and generic options respected by entries to these -files. - -<sect1>Configuration file syntax - -<p> -The reader should note that the <bf/Linux-PAM/ specific tokens in this -file are case <em/insensitive/. The module paths, however, are case -sensitive since they indicate a file's <em/name/ and reflect the case -dependence of typical Linux file-systems. The case-sensitivity of the -arguments to any given module is defined for each module in turn. - -<p> -In addition to the lines described below, there are two <em/special/ -characters provided for the convenience of the system administrator: -comments are preceded by a `<tt/#/' and extend to the -next end-of-line; also, module specification lines may be extended -with a `<tt/\/' escaped newline. - -<p> -A general configuration line of the <tt>/etc/pam.conf</tt> file has -the following form: -<tscreen> -<verb> -service-name module-type control-flag module-path arguments -</verb> -</tscreen> -Below, we explain the meaning of each of these tokens. The second (and -more recently adopted) way of configuring <bf/Linux-PAM/ is via the -contents of the <tt>/etc/pam.d/</tt> directory. Once we have explained -the meaning of the above tokens, we will describe this method. - -<p> -<descrip> -<tag><tt/service-name/</tag> -The name of the service associated with this entry. Frequently the -service name is the conventional name of the given application. For -example, `<tt/ftpd/', `<tt/rlogind/' and `<tt/su/', <em/etc./ . - -<p> -There is a special <tt/service-name/, reserved for defining a default -authentication mechanism. It has the name `<tt/OTHER/' and may be -specified in either lower or upper case characters. Note, when there -is a module specified for a named service, the `<tt/OTHER/' entries -are ignored. - -<tag><tt/module-type/</tag> -One of (currently) four types of module. The four types are as -follows: -<itemize> -<item> <tt/auth/; this module type provides two aspects of -authenticating the user. Firstly, it establishes that the user is who -they claim to be, by instructing the application to prompt the user -for a password or other means of identification. Secondly, the module -can grant <tt/group/ membership (independently of the -<tt>/etc/groups</tt> file discussed above) or other privileges through -its <em/credential/ granting properties. - -<item> <tt/account/; this module performs non-authentication based -account management. It is typically used to restrict/permit access to -a service based on the time of day, currently available system -resources (maximum number of users) or perhaps the location of the -applicant user---`<tt/root/' login only on the console. - -<item> <tt/session/; primarily, this module is associated with doing -things that need to be done for the user before/after they can be -given service. Such things include the logging of information -concerning the opening/closing of some data exchange with a user, -mounting directories, etc. . - -<item> <tt/password/; this last module type is required for updating the -authentication token associated with the user. Typically, there is one -module for each `challenge/response' based authentication (<tt/auth/) -module-type. - -</itemize> - -<tag><tt/control-flag/</tag> - -The control-flag is used to indicate how the PAM library will react to -the success or failure of the module it is associated with. Since -modules can be <em/stacked/ (modules of the same type execute in -series, one after another), the control-flags determine the relative -importance of each module. The application is not made aware of the -individual success or failure of modules listed in the -`<tt>/etc/pam.conf</tt>' file. Instead, it receives a summary -<em/success/ or <em/fail/ response from the <bf/Linux-PAM/ library. -The order of execution of these modules is that of the entries in the -<tt>/etc/pam.conf</tt> file; earlier entries are executed before later -ones. As of Linux-PAM v0.60, this <em/control-flag/ can be defined -with one of two syntaxes. - -<p> -The simpler (and historical) syntax for the control-flag is a single -keyword defined to indicate the severity of concern associated with -the success or failure of a specific module. There are four such -keywords: <tt/required/, <tt/requisite/, <tt/sufficient/ and -<tt/optional/. - -<p> -The Linux-PAM library interprets these keywords in the following -manner: - -<itemize> - -<item> <tt/required/; this indicates that the success of the module is -required for the <tt/module-type/ facility to succeed. Failure of this -module will not be apparent to the user until all of the remaining -modules (of the same <tt/module-type/) have been executed. - -<item> <tt/requisite/; like <tt/required/, however, in the case that -such a module returns a failure, control is directly returned to the -application. The return value is that associated with the <em/first/ -<tt/required/ or <tt/requisite/ module to fail. Note, this flag can be -used to protect against the possibility of a user getting the -opportunity to enter a password over an unsafe medium. It is -conceivable that such behavior might inform an attacker of valid -accounts on a system. This possibility should be weighed against the -not insignificant concerns of exposing a sensitive password in a -hostile environment. - -<item> <tt/sufficient/; the success of this module is deemed -`<em/sufficient/' to satisfy the <bf/Linux-PAM/ library that this -module-type has succeeded in its purpose. In the event that no -previous <tt/required/ module has failed, no more `<em/stacked/' -modules of this type are invoked. (Note, in this case subsequent -<tt/required/ modules are <bf/not/ invoked.). A failure of this module -is not deemed as fatal to satisfying the application that this -<tt/module-type/ has succeeded. - -<item> <tt/optional/; as its name suggests, this <tt/control-flag/ -marks the module as not being critical to the success or failure of -the user's application for service. In general, <bf/Linux-PAM/ -ignores such a module when determining if the module stack will -succeed or fail. However, in the absence of any definite successes or -failures of previous or subsequent stacked modules this module will -determine the nature of the response to the application. One example -of this latter case, is when the other modules return something like -<tt/PAM_IGNORE/. - -</itemize> - -<p> -The more elaborate (newer) syntax is much more specific and gives the -administrator a great deal of control over how the user is -authenticated. This form of the control flag is delimeted with square -brackets and consists of a series of <tt/value=action/ tokens: -<tscreen> -<verb> - [value1=action1 value2=action2 ...] -</verb> -</tscreen> - -<p> -Here, <tt/valueI/ is one of the following <em/return values/: -<tt/success/; <tt/open_err/; <tt/symbol_err/; <tt/service_err/; -<tt/system_err/; <tt/buf_err/; <tt/perm_denied/; <tt/auth_err/; -<tt/cred_insufficient/; <tt/authinfo_unavail/; <tt/user_unknown/; -<tt/maxtries/; <tt/new_authtok_reqd/; <tt/acct_expired/; -<tt/session_err/; <tt/cred_unavail/; <tt/cred_expired/; <tt/cred_err/; -<tt/no_module_data/; <tt/conv_err/; <tt/authtok_err/; -<tt/authtok_recover_err/; <tt/authtok_lock_busy/; -<tt/authtok_disable_aging/; <tt/try_again/; <tt/ignore/; <tt/abort/; -<tt/authtok_expired/; <tt/module_unknown/; <tt/bad_item/; and -<tt/default/. The last of these (<tt/default/) can be used to set the -action for those return values that are not explicitly defined. - -<p> -The <tt/actionI/ can be a positive integer or one of the following -tokens: <tt/ignore/; <tt/ok/; <tt/done/; <tt/bad/; <tt/die/; and -<tt/reset/. A positive integer, <tt/J/, when specified as the action, -can be used to indicate that the next <em/J/ modules of the current -type will be skipped. In this way, the administrator can develop a -moderately sophisticated stack of modules with a number of different -paths of execution. Which path is taken can be determined by the -reactions of individual modules. - -<p> -<itemize> -<item><tt/ignore/ - when used with a stack of modules, the module's - return status will not contribute to the return code the application - obtains. -<item><tt/bad/ - this action indicates that the return code should be - thought of as indicative of the module failing. If this module is - the first in the stack to fail, its status value will be used for - that of the whole stack. -<item><tt/die/ - equivalent to <tt/bad/ with the side effect of - terminating the module stack and PAM immediately returning to the - application. -<item><tt/ok/ - this tells <bf/PAM/ that the administrator thinks this - return code should contribute directly to the return code of the full - stack of modules. In other words, if the former state of the stack - would lead to a return of <tt/PAM_SUCCESS/, the module's return code - will override this value. Note, if the former state of the stack - holds some value that is indicative of a modules failure, this 'ok' - value will not be used to override that value. -<item><tt/done/ - equivalent to <tt/ok/ with the side effect of - terminating the module stack and PAM immediately returning to the - application. -<item><tt/reset/ - clear all memory of the state of the module stack and - start again with the next stacked module. -</itemize> - -<p> -Just to get a feel for the power of this new syntax, here is a taste -of what you can do with it. With <bf/Linux-PAM-0.63/, the notion of -client plug-in agents was introduced. This is something that makes it -possible for PAM to support machine-machine authentication using the -transport protocol inherent to the client/server application. With -the ``<tt/[ ... value=action ... ]/'' control syntax, it is possible -for an application to be configured to support binary prompts with -compliant clients, but to gracefully fall over into an alternative -authentication mode for older, legacy, applications. Flexible eh? - -<tag> <tt/module-path/</tag> - -The path-name of the dynamically loadable object file; <em/the -pluggable module/ itself. If the first character of the module path is -`<tt>/</tt>', it is assumed to be a complete path. If this is not the -case, the given module path is appended to the default module path: -<tt>/usr/lib/security</tt> (but see the notes <ref -id="text-conventions" name="above">). - -<tag> <tt/args/</tag> - -The <tt/args/ are a list of tokens that are passed to the module when -it is invoked. Much like arguments to a typical Linux shell command. -Generally, valid arguments are optional and are specific to any given -module. Invalid arguments are ignored by a module, however, when -encountering an invalid argument, the module is required to write an -error to <tt/syslog(3)/. For a list of <em/generic/ options see the -next section. - -</descrip> - -<p> -Any line in (one of) the configuration file(s), that is not formatted -correctly, will generally tend (erring on the side of caution) to make -the authentication process fail. A corresponding error is written to -the system log files with a call to <tt/syslog(3)/. - -<sect1>Directory based configuration - -<p> -More flexible than the single configuration file, as of version 0.56, -it is possible to configure <tt>libpam</tt> via the contents of the -<tt>/etc/pam.d/</tt> directory. In this case the directory is filled -with files each of which has a filename equal to a service-name (in -lower-case): it is the personal configuration file for the named -service. - -<p> -<bf/Linux-PAM/ can be compiled in one of two modes. The preferred -mode uses either <tt>/etc/pam.d/</tt> or <tt>/etc/pam.conf</tt> -configuration but not both. That is to say, if there is a -<tt>/etc/pam.d/</tt> directory then libpam only uses the files -contained in this directory. However, in the absence of the -<tt>/etc/pam.d/</tt> directory the <tt>/etc/pam.conf</tt> file is -used. The other mode (and the one currently supported by Red Hat 4.2 -and higher) is to use both <tt>/etc/pam.d/</tt> and -<tt>/etc/pam.conf</tt> in sequence. In this mode, entries in -<tt>/etc/pam.d/</tt> override those of <tt>/etc/pam.conf</tt>. - -The syntax of each file in <tt>/etc/pam.d/</tt> is similar to that of -the <tt>/etc/pam.conf</tt> file and is made up of lines of the -following form: -<tscreen> -<verb> -module-type control-flag module-path arguments -</verb> -</tscreen> -The only difference being that the <tt>service-name</tt> is not -present. The service-name is of course the name of the given -configuration file. For example, <tt>/etc/pam.d/login</tt> contains -the configuration for the <em>login</em> service. - -<p> -This method of configuration has a number of advantages over the -single file approach. We list them here to assist the reader in -deciding which scheme to adopt: - -<p> -<itemize> - -<item>A lower chance of misconfiguring an application. There is one -less field to mis-type when editing the configuration files by hand. - -<item>Easier to maintain. One application may be reconfigured without -risk of interfering with other applications on the system. - -<item>It is possible to symbolically link different services -configuration files to a single file. This makes it easier to keep the -system policy for access consistent across different applications. -(It should be noted, to conserve space, it is equally possible to -<em>hard</em> link a number of configuration files. However, care -should be taken when administering this arrangement as editing a hard -linked file is likely to break the link.) - -<item>A potential for quicker configuration file parsing. Only the -relevant entries are parsed when a service gets bound to its modules. - -<item>It is possible to limit read access to individual <bf/Linux-PAM/ -configuration files using the file protections of the filesystem. - -<item>Package management becomes simpler. Every time a new -application is installed, it can be accompanied by an -<tt>/etc/pam.d/</tt><em>xxxxxx</em> file. - -</itemize> - -<sect1>Generic optional arguments - -<p> -The following are optional arguments which are likely to be understood -by any module. Arguments (including these) are in general -<em/optional/. - -<p> -<descrip> -<tag><tt/debug/</tag> - -Use the <tt/syslog(3)/ call to log debugging information to the system -log files. - -<tag> <tt/no_warn/</tag> - -Instruct module to not give warning messages to the application. - -<tag> <tt/use_first_pass/</tag> - -The module should not prompt the user for a password. Instead, it -should obtain the previously typed password (from the preceding -<tt/auth/ module), and use that. If that doesn't work, then the user -will not be authenticated. (This option is intended for <tt/auth/ -and <tt/password/ modules only). - -<tag> <tt/try_first_pass/</tag> - -The module should attempt authentication with the previously typed -password (from the preceding <tt/auth/ module). If that doesn't work, -then the user is prompted for a password. (This option is intended for -<tt/auth/ modules only). - -<tag> <tt/use_mapped_pass/</tag> - -This argument is not currently supported by any of the modules in the -<bf/Linux-PAM/ distribution because of possible consequences -associated with U.S. encryption exporting restrictions. Within the -U.S., module developers are, of course, free to implement it (as are -developers in other countries). For compatibility reasons we describe -its use as suggested in the <bf/DCE-RFC 86.0/, see section <ref -id="see-also-sec" name="bibliography"> for a pointer to this document. - -<p> -The <tt/use_mapped_pass/ argument instructs the module to take the -clear text authentication token entered by a previous module (that -requests such a token) and use it to generate an encryption/decryption -key with which to safely store/retrieve the authentication token -required for this module. In this way the user can enter a single -authentication token and be quietly authenticated by a number of -stacked modules. Obviously a convenient feature that necessarily -requires some reliably strong encryption to make it secure. -This argument is intended for the <tt/auth/ and <tt/password/ module -types only. - -<tag><tt/expose_account/</tag> - -<p> -In general the leakage of some information about user accounts is not -a secure policy for modules to adopt. Sometimes information such as -users names or home directories, or preferred shell, can be used to -attack a user's account. In some circumstances, however, this sort of -information is not deemed a threat: displaying a user's full name when -asking them for a password in a secured environment could also be -called being 'friendly'. The <tt/expose_account/ argument is a -standard module argument to encourage a module to be less discrete -about account information as it is deemed appropriate by the local -administrator. - -</descrip> - -<sect1>Example configuration file entries - -<p> -In this section, we give some examples of entries that can be present -in the <bf/Linux-PAM/ configuration file. As a first attempt at -configuring your system you could do worse than to implement these. - -<sect2>Default policy - -<p> -If a system is to be considered secure, it had better have a -reasonably secure `<tt/OTHER/' entry. The following is a paranoid -setting (which is not a bad place to start!): -<tscreen> -<verb> -# -# default; deny access -# -OTHER auth required /usr/lib/security/pam_deny.so -OTHER account required /usr/lib/security/pam_deny.so -OTHER password required /usr/lib/security/pam_deny.so -OTHER session required /usr/lib/security/pam_deny.so -</verb> -</tscreen> -Whilst fundamentally a secure default, this is not very sympathetic to -a misconfigured system. For example, such a system is vulnerable to -locking everyone out should the rest of the file become badly written. - -<p> -The module <tt/pam_deny/ (documented in a later section) is not very -sophisticated. For example, it logs no information when it is invoked -so unless the users of a system contact the administrator when failing -to execute a service application, the administrator may go for a long -while in ignorance of the fact that his system is misconfigured. - -<p> -The addition of the following line before those in the above example -would provide a suitable warning to the administrator. -<tscreen> -<verb> -# -# default; wake up! This application is not configured -# -OTHER auth required /usr/lib/security/pam_warn.so -OTHER password required /usr/lib/security/pam_warn.so -</verb> -</tscreen> -Having two ``<tt/OTHER auth/'' lines is an example of stacking. - -<p> -On a system that uses the <tt>/etc/pam.d/</tt> configuration, the -corresponding default setup would be achieved with the following file: -<tscreen> -<verb> -# -# default configuration: /etc/pam.d/other -# -auth required /usr/lib/security/pam_warn.so -auth required /usr/lib/security/pam_deny.so -account required /usr/lib/security/pam_deny.so -password required /usr/lib/security/pam_warn.so -password required /usr/lib/security/pam_deny.so -session required /usr/lib/security/pam_deny.so -</verb> -</tscreen> -This is the only explicit example we give for an <tt>/etc/pam.d/</tt> -file. In general, it should be clear how to transpose the remaining -examples to this configuration scheme. - -<p> -On a less sensitive computer, one on which the system administrator -wishes to remain ignorant of much of the power of <tt/Linux-PAM/, the -following selection of lines (in <tt>/etc/pam.conf</tt>) is likely to -mimic the historically familiar Linux setup. -<tscreen> -<verb> -# -# default; standard UNIX access -# -OTHER auth required /usr/lib/security/pam_unix_auth.so -OTHER account required /usr/lib/security/pam_unix_acct.so -OTHER password required /usr/lib/security/pam_unix_passwd.so -OTHER session required /usr/lib/security/pam_unix_session.so -</verb> -</tscreen> -In general this will provide a starting place for most applications. -Unfortunately, most is not all. One application that might require -additional lines is <em/ftpd/ if you wish to enable -<em/anonymous-ftp/. - -<p> -To enable anonymous-ftp, the following lines might be used to replace -the default (<tt/OTHER/) ones. (<bf/*WARNING*/ as of 1996/12/28 this -does not work correctly with any ftpd. Consequently, this description -may be subject to change or the application will be fixed.) -<tscreen> -<verb> -# -# ftpd; add ftp-specifics. These lines enable anonymous ftp over -# standard UNIX access (the listfile entry blocks access to -# users listed in /etc/ftpusers) -# -ftpd auth sufficient /usr/lib/security/pam_ftp.so -ftpd auth required /usr/lib/security/pam_unix_auth.so use_first_pass -ftpd auth required /usr/lib/security/pam_listfile.so \ - onerr=succeed item=user sense=deny file=/etc/ftpusers -</verb> -</tscreen> -Note, the second line is necessary since the default entries are -ignored by a service application (here <em/ftpd/) if there are -<em/any/ entries in <tt>/etc/pam.conf</tt> for that specified service. -Again, this is an example of authentication module stacking. Note the -use of the <tt/sufficient/ control-flag. It says that ``if this module -authenticates the user, ignore the subsequent <tt/auth/ -modules''. Also note the use of the ``<tt/use_first_pass/'' -module-argument, this instructs the UNIX authentication module that it -is not to prompt for a password but rely one already having been -obtained by the ftp module. - -<sect>Security issues of Linux-PAM - -<p> -This section will discuss good practices for using Linux-PAM in a -secure manner. <em>It is currently sadly lacking...suggestions are -welcome!</em> - -<sect1>If something goes wrong - -<p> -<bf/Linux-PAM/ has the potential to seriously change the security of -your system. You can choose to have no security or absolute security -(no access permitted). In general, <bf/Linux-PAM/ errs towards the -latter. Any number of configuration errors can dissable access to -your system partially, or completely. - -<p> -The most dramatic problem that is likely to be encountered when -configuring <bf/Linux-PAM/ is that of <em>deleting</em> the -configuration file(s): <tt>/etc/pam.d/*</tt> and/or -<tt>/etc/pam.conf</tt>. This will lock you out of your own system! - -<p> -To recover, your best bet is to reboot the system in single user mode -and set about correcting things from there. The following has been -<em>adapted</em> from a life-saving email on the subject from David -Wood: -<verb> -> What the hell do I do now? - -OK, don't panic. The first thing you have to realize is that -this happens to 50% of users who ever do anything with PAM. -It happened here, not once, not twice, but three times, all -different, and in the end, the solution was the same every -time. - -First, I hope you installed LILO with a delay. If you can, -reboot, hit shift or tab or something and type: - - LILO boot: linux single - -(Replace 'linux' with 'name-of-your-normal-linux-image'). -This will let you in without logging in. Ever wondered how -easy it is to break into a linux machine from the console? -Now you know. - -If you can't do that, then get yourself a bootkernel floppy -and a root disk a-la slackware's rescue.gz. (Red Hat's -installation disks can be used in this mode too.) - -In either case, the point is to get back your root prompt. - -Second, I'm going to assume that you haven't completely -nuked your pam installation - just your configuration files. -Here's how you make your configs nice again: - - cd /etc - mv pam.conf pam.conf.orig - mv pam.d pam.d.orig - mkdir pam.d - cd pam.d - -and then use vi to create a file called "other" in this -directory. It should contain the following four lines: - - auth required pam_unix_auth.so - account required pam_unix_acct.so - password required pam_unix_passwd.so - session required pam_unix_session.so - -Now you have the simplest possible PAM configuration that -will work the way you're used to. Everything should -magically start to work again. Try it out by hitting ALT-F2 -and logging in on another virtual console. If it doesn't -work, you have bigger problems, or you've mistyped -something. One of the wonders of this system (seriously, -perhaps) is that if you mistype anything in the conf files, -you usually get no error reporting of any kind on the -console - just some entries in the log file. So look there! -(Try 'tail /var/log/messages'.) - -From here you can go back and get a real configuration -going, hopefully after you've tested it first on a machine -you don't care about screwing up. :/ - -Some pointers (to make everything "right" with Red Hat...): - - Install the newest pam, pamconfig, and pwdb from the - redhat current directory, and do it all on the same - command line with rpm... - - rpm -Uvh [maybe --force too] pam-* pamconfig-* pwdb-* - - Then make sure you install (or reinstall) the newest - version of libc, util-linux, wuftp, and NetKit. For - kicks you might try installing the newest versions of - the affected x apps, like xlock, but I haven't gotten - those to work at all yet. - -</verb> - -<sect1>Avoid having a weak `other' configuration - -<p> -It is not a good thing to have a weak default (<tt/OTHER/) entry. -This service is the default configuration for all PAM aware -applications and if it is weak, your system is likely to be vulnerable -to attack. - -<p> -Here is a sample "other" configuration file. The <em/pam_deny/ module will -deny access and the <em/pam_warn/ module will send a syslog message to -<tt/auth.notice/: - -<p> -<tscreen> -<verb> -# -# The PAM configuration file for the `other' service -# -auth required pam_deny.so -auth required pam_warn.so -account required pam_deny.so -account required pam_warn.so -password required pam_deny.so -password required pam_warn.so -session required pam_deny.so -session required pam_warn.so -</verb> -</tscreen> - -<sect>A reference guide for available modules - -<p> -Here, we collect together some descriptions of the various modules -available for <bf/Linux-PAM/. In general these modules should be -freely available. Where this is not the case, it will be indicated. - -<p> -Also please note the comments contained in the section <ref -id="text-conventions" name="on text conventions above"> when copying -the examples listed below. - -<!-- insert-file MODULES-SGML --> - -<sect>Files - -<p><descrip> - -<tag><tt>/usr/lib/libpam.so.*</tt></tag> - -the shared library providing applications with access to -<bf/Linux-PAM/. - -<tag><tt>/etc/pam.conf</tt></tag> - -the <bf/Linux-PAM/ configuration file. - -<tag><tt>/usr/lib/security/pam_*.so</tt></tag> - -the primary location for <bf/Linux-PAM/ dynamically loadable object -files; the modules. - -</descrip> - -<sect>See also<label id="see-also-sec"> - -<p><itemize> - -<item>The <bf/Linux-PAM/ Application Writers' Guide. - -<item>The <bf/Linux-PAM/ Module Writers' Guide. - -<item>The V. Samar and R. Schemers (SunSoft), ``UNIFIED LOGIN WITH -PLUGGABLE AUTHENTICATION MODULES'', Open Software Foundation Request -For Comments 86.0, October 1995. See this url: -<tt><htmlurl -url="http://www.kernel.org/pub/linux/libs/pam/pre/doc/rfc86.0.txt.gz" -name="http://www.kernel.org/pub/linux/libs/pam/pre/doc/rfc86.0.txt.gz"></tt> - -</itemize> - -<sect>Notes - -<p> -I intend to put development comments here... like ``at the moment -this isn't actually supported''. At release time what ever is in -this section will be placed in the Bugs section below! :) - -<p> -Are we going to be able to support the <tt/use_mapped_pass/ module -argument? Anyone know a cheap (free) good lawyer?! - -<p> -<itemize> -<item> -This issue may go away, as Sun have investigated adding a new -management group for mappings. In this way, libpam would have mapping -modules that could securely store passwords using strong cryptography -and in such a way that they need not be distributed with Linux-PAM. -</itemize> - -<sect>Author/acknowledgments - -<p> -This document was written by Andrew G. Morgan (morgan@kernel.org) -with many contributions from -<!-- insert-file CREDITS --> - -<p> -Thanks are also due to Sun Microsystems, especially to Vipin Samar and -Charlie Lai for their advice. At an early stage in the development of -<bf/Linux-PAM/, Sun graciously made the documentation for their -implementation of PAM available. This act greatly accelerated the -development of <bf/Linux-PAM/. - -<sect>Bugs/omissions - -<p> -More PAM modules are being developed all the time. It is unlikely that -this document will ever be truely up to date! - -<p> -This manual is unfinished. Only a partial list of people is credited -for all the good work they have done. - -<sect>Copyright information for this document - -<p> -Copyright (c) Andrew G. Morgan 1996-9. All rights reserved. -<newline> -Email: <tt><morgan@linux.kernel.org></tt> - -<p> -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - -<p> -<itemize> - -<item> -1. Redistributions of source code must retain the above copyright - notice, and the entire permission notice in its entirety, - including the disclaimer of warranties. - -<item> -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -<item> -3. The name of the author may not be used to endorse or promote - products derived from this software without specific prior - written permission. - -</itemize> - -<p> -<bf/Alternatively/, this product may be distributed under the terms of -the GNU General Public License (GPL), in which case the provisions of -the GNU GPL are required <bf/instead of/ the above restrictions. -(This clause is necessary due to a potential bad interaction between -the GNU GPL and the restrictions contained in a BSD-style copyright.) - -<p> -THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS -OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR -TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -DAMAGE. - -<p> -<tt>$Id: pam_source.sgml,v 1.5 2001/03/19 01:46:41 agmorgan Exp $</tt> - -</article> diff --git a/contrib/libpam/doc/specs/draft-morgan-pam.raw b/contrib/libpam/doc/specs/draft-morgan-pam.raw deleted file mode 100644 index dec3e56..0000000 --- a/contrib/libpam/doc/specs/draft-morgan-pam.raw +++ /dev/null @@ -1,702 +0,0 @@ -PAM working group ## A.G. Morgan -Internet Draft: ## October 6, 1999 -Document: draft-morgan-pam-07.txt ## -Expires: June 13, 2000 ## -Obsoletes: draft-morgan-pam-06.txt## - -## Pluggable Authentication Modules ## - -#$ Status of this memo - -This document is an draft specification. The latest version of this -draft may be obtained from here: - - http://linux.kernel.org/pub/linux/libs/pam/pre/doc/ - -As - - Linux-PAM-'version'-docs.tar.gz - -It is also contained in the Linux-PAM tar ball. - -#$ Abstract - -This document is concerned with the definition of a general -infrastructure for module based authentication. The infrastructure is -named Pluggable Authentication Modules (PAM for short). - -#$ Introduction - -Computers are tools. They provide services to people and other -computers (collectively we shall call these _users_ entities). In -order to provide convenient, reliable and individual service to -different entities, it is common for entities to be labelled. Having -defined a label as referring to a some specific entity, the label is -used for the purpose of protecting and allocating data resources. - -All modern operating systems have a notion of labelled entities and -all modern operating systems face a common problem: how to -authenticate the association of a predefined label with applicant -entities. - -There are as many authentication methods as one might care to count. -None of them are perfect and none of them are invulnerable. In -general, any given authentication method becomes weaker over time. It -is common then for new authentication methods to be developed in -response to newly discovered weaknesses in the old authentication -methods. - -The problem with inventing new authentication methods is the fact that -old applications do not support them. This contributes to an inertia -that discourages the overhaul of weakly protected systems. Another -problem is that individuals (people) are frequently powerless to layer -the protective authentication around their systems. They are forced -to rely on single (lowest common denominator) authentication schemes -even in situations where this is far from appropriate. - -PAM, as discussed in this document, is a generalization of the -approach first introduced in [#$R#{OSF_RFC_PAM}]. In short, it is a -general framework of interfaces that abstract the process of -authentication. With PAM, a service provider can custom protect -individual services to the level that they deem is appropriate. - -PAM has nothing explicit to say about transport layer encryption. -Within the context of this document encryption and/or compression of -data exchanges are application specific (strictly between client and -server) and orthogonal to the process of authentication. - -#$ Definitions - -Here we pose the authentication problem as one of configuring defined -interfaces between two entities. - -#$$#{players} Players in the authentication process - -PAM reserves the following words to specify unique entities in the -authentication process: - - applicant - the entity (user) initiating an application for service - [PAM associates the PAM_RUSER _item_ with this requesting user]. - - arbitrator - the entity (user) under whose identity the service application - is negotiated and with whose authority service is granted. - - user - the entity (user) whose identity is being authenticated - [PAM associates the PAM_USER _item_ with this identity]. - - server - the application that provides service, or acts as an - authenticated gateway to the requested service. This - application is completely responsible for the server end of - the transport layer connecting the server to the client. - PAM makes no assumptions about how data is encapsulated for - exchanges between the server and the client, only that full - octet sequences can be freely exchanged without corruption. - - client - application providing the direct/primary interface to - applicant. This application is completely responsible - for the client end of the transport layer connecting the - server to the client. PAM makes no assumptions about how data - is encapsulated for exchanges between the server and the - client, only that full octet sequences can be freely - exchanged without corruption. - - module - authentication binary that provides server-side support for - some (arbitrary) authentication method. - - agent - authentication binary that provides client-side support for - some (arbitrary) authentication method. - -Here is a diagram to help orient the reader: - -## +-------+ +--------+ ## -## . . . . .| agent | .| module | ## -## . +-------+ .+--------+ ## -## V | . | ## -## . | V | ## -## +---------+ +-------+ . +------+ ## -## | | |libpamc| . |libpam| ## -## | | +-------+ . +------+ ## -## |applicant| | . | ## -## | | +--------+ +----------+ ## -## | |---| client |-----------| server | ## -## +---------+ +--------+ +----------+ ## - -Solid lines connecting the boxes represent two-way interaction. The -dotted-directed lines indicate an optional connection beteween the -plugin module (agent) and the server (applicant). In the case of the -module, this represents the module invoking the 'conversation' -callback function provided to libpam by the server application when it -inititializes the libpam library. In the case of the agent, this may -be some out-of-PAM API interaction (for example directly displaying a -dialog box under X). - -#$$ Defined Data Types - -In this draft, we define two composite data types, the text string and -the binary prompt. They are the data types used to communicate -authentication requests and responses. - -#$$$#{text_string} text string - -The text string is a simple sequence of non-NUL (NUL = 0x00) -octets. Terminated with a single NUL (0x00) octet. The character set -employed in the octet sequence may be negotiated out of band, but -defaults to utf-8. - -## --------------------------- ## -## [ character data | NUL ] ## -## [ octet sequence | 0x00 ] ## -## --------------------------- ## - -Within the rest of this text, PAM text strings are delimited with a -pair of double quotes. Example, "this" = {'t';'h';'i';'s';0x00}. - -#$$$#{binary_prompt} binary prompt - -A binary prompt consists of a stream of octets arranged as follows: - -## ---------------------------------------- ## -## [ u32 | u8 | (length-5 octets) ] ## -## [ length | control | data ] ## -## ---------------------------------------- ## - -That is, a 32-bit unsigned integer in network byte order, a single -unsigned byte of control information and a sequence of octets of -length (length-5). The composition of the _data_ is context dependent -but is generally not a concern for either the server or the client. It -is very much the concern of modules and agents. - -For purposes of interoperability, we define the following control -characters as legal. - -## value symbol description ## -## ------------------------------------------------- ## -## 0x01 PAM_BPC_OK - continuation packet ## -## 0x02 PAM_BPC_SELECT - initialization packet ## -## 0x03 PAM_BPC_DONE - termination packet ## -## 0x04 PAM_BPC_FAIL - unable to execute ## - -The following control characters are only legal for exchanges between -an agent and a client (it is the responsibility of the client to -enforce this rule in the face of a rogue server): - -## 0x41 PAM_BPC_GETENV - obtain client env.var ## -## 0x42 PAM_BPC_PUTENV - set client env.var ## -## 0x43 PAM_BPC_TEXT - display message ## -## 0x44 PAM_BPC_ERROR - display error message ## -## 0x45 PAM_BPC_PROMPT - echo'd text prompt ## -## 0x46 PAM_BPC_PASS - non-echo'd text prompt## - -Note, length is always equal to the total length of the binary -prompt and represented by a network ordered unsigned 32 bit integer. - -#$$$$#{agent_ids} PAM_BPC_SELECT binary prompts - -Binary prompts of control type PAM_BPC_SELECT have a defined -data part. It is composed of three elements: - - {agent_id;'/';data} - -The agent_id is a sequence of characters satisfying the following -regexp: - - /^[a-z0-9\_]+(@[a-z0-9\_.]+)?$/ - -and has a specific form for each independent agent. - -o Agent_ids that do not contain an at-sign (@) are reserved to be - assigned by IANA (Internet Assigned Numbers Authority). Names of - this format MUST NOT be used without first registering with IANA. - Registered names MUST NOT contain an at-sign (@). - -o Anyone can define additional agents by using names in the format - name@domainname, e.g. "ouragent@example.com". The part following - the at-sign MUST be a valid fully qualified internet domain name - [RFC-1034] controlled by the person or organization defining the - name. (Said another way, if you control the email address that - your agent has as an identifier, they you are entitled to use - this identifier.) It is up to each domain how it manages its local - namespace. - -The '/' character is a mandatory delimiter, indicating the end of the -agent_id. The trailing data is of a format specific to the agent with -the given agent_id. - - -#$$ Special cases - -In a previous section (#{players}) we identified the most general -selection of authentication participants. In the case of network -authentication, it is straightforward to ascribe identities to the -defined participants. However, there are also special (less general) -cases that we recognize here. - -The primary authentication step, when a user is directly introduced -into a computer system (log's on to a workstation) is a special case. -In this situation, the client and the server are generally one -application. Before authenticating such a user, the applicant is -formally unknown: PAM_RUSER is NULL. - -Some client-server implementations (telnet for example) provide -effective full tty connections. In these cases, the four simple text -string prompting cases (see below) can be handled as in the primary -login step. In other words, the server absorbs most of the overhead of -propagating authentication messages. In these cases, there is special -client/server support for handling binary prompts. - -#$ Defined interfaces for information flow - -Here, we discuss the information exchange interfaces between the -players in the authentication process. It should be understood that -the server side is responsible for driving the authentication of the -applicant. Notably, every request received by the client from the -server must be matched with a single response from the client to the -server. - -#$$#{applicant_client} Applicant <-> client - -Once the client is invoked, requests to the applicant entity are -initiated by the client application. General clients are able to make -the following requests directly to an applicant: - - echo text string - echo error text string - prompt with text string for echo'd text string input - prompt with text string for concealed text string input - -the nature of the interface provided by the client for the benefit of -the applicant entity is client specific and not defined by PAM. - -#$$#{client_agent} Client <-> agent - -In general, authentication schemes require more modes of exchange than -the four defined in the previous section (#{applicant_client}). This -provides a role for client-loadable agents. The client and agent -exchange binary-messages that can have one of the following forms: - - client -> agent - binary prompt agent expecting binary prompt reply to client - - agent -> client - binary prompt reply from agent to clients binary prompt - -Following the acceptance of a binary prompt by the agent, the agent -may attempt to exchange information with the client before returning -its binary prompt reply. Permitted exchanges are binary prompts of the -following types: - - agent -> client - set environment variable (A) - get environment variable (B) - echo text string (C) - echo error text string (D) - prompt for echo'd text string input (E) - prompt for concealed text string input (F) - -In response to these prompts, the client must legitimately respond -with a corresponding binary prompt reply. We list a complete set of -example exchanges, including each type of legitimate response (passes -and a single fail): - -## Type | Agent request | Client response ## -## --------------------------------------------------------------- ## -## (A) | {13;PAM_BPC_PUTENV;"FOO=BAR"} | {5;PAM_BPC_OK;} ## -## | {10;PAM_BPC_PUTENV;"FOO="} | {5;PAM_BPC_OK;} ## -## | {9;PAM_BPC_PUTENV;"FOO"} (*) | {5;PAM_BPC_OK;} ## -## | {9;PAM_BPC_PUTENV;"BAR"} (*) | {5;PAM_BPC_FAIL;} ## -## --------------------------------------------------------------- ## -## (B) | {10;PAM_BPC_GETENV;"TERM"} | {11;PAM_BPC_OK;"vt100"} ## -## | {9;PAM_BPC_GETENV;"FOO"} | {5;PAM_BPC_FAIL;} ## -## --------------------------------------------------------------- ## -## (C) | {12;PAM_BPC_TEXT;"hello!"} | {5;PAM_BPC_OK;} ## -## | {12;PAM_BPC_TEXT;"hello!"} | {5;PAM_BPC_FAIL;} ## -## --------------------------------------------------------------- ## -## (D) | {11;PAM_BPC_TEXT;"ouch!"} | {5;PAM_BPC_OK;} ## -## | {11;PAM_BPC_TEXT;"ouch!"} | {5;PAM_BPC_FAIL;} ## -## --------------------------------------------------------------- ## -## (E) | {13;PAM_BPC_PROMPT;"login: "} | {9;PAM_BPC_OK;"joe"} ## -## | {13;PAM_BPC_PROMPT;"login: "} | {6;PAM_BPC_OK;""} ## -## | {13;PAM_BPC_PROMPT;"login: "} | {5;PAM_BPC_FAIL;} ## -## --------------------------------------------------------------- ## -## (F) | {16;PAM_BPC_PASS;"password: "} | {9;PAM_BPC_OK;"XYZ"} ## -## | {16;PAM_BPC_PASS;"password: "} | {6;PAM_BPC_OK;""} ## -## | {16;PAM_BPC_PASS;"password: "} | {5;PAM_BPC_FAIL;} ## - -(*) Used to attempt the removal of a pre-existing environment -variable. - -#$$ Client <-> server - -Once the client has established a connection with the server (the -nature of the transport protocol is not specified by PAM), the server -is responsible for driving the authentication process. - -General servers can request the following from the client: - - (to be forwarded by the client to the applicant) - echo text string - echo error text string - prompt for echo'd text string response - prompt for concealed text string response - - (to be forwarded by the client to the appropriate agent) - binary prompt for a binary prompt response - -Client side agents are required to process binary prompts. The -agents' binary prompt responses are returned to the server. - -#$$ Server <-> module - -Modules drive the authentication process. The server provides a -conversation function with which it encapsulates module-generated -requests and exchanges them with the client. Every message sent by a -module should be acknowledged. - -General conversation functions can support the following five -conversation requests: - - echo text string - echo error string - prompt for echo'd text string response - prompt for concealed text string response - binary prompt for binary prompt response - -The server is responsible for redirecting these requests to the -client. - -#$ C API for application interfaces (client and server) - -#$$ Applicant <-> client - -No API is defined for this interface. The interface is considered to -be specific to the client application. Example applications include -terminal login, (X)windows login, machine file transfer applications. - -All that is important is that the client application is able to -present the applicant with textual output and to receive textual -input from the applicant. The forms of textual exchange are listed -in an earlier section (#{applicant_client}). Other methods of -data input/output are better suited to being handled via an -authentication agent. - -#$$ Client <-> agent - -The client makes use of a general API for communicating with -agents. The client is not required to communicate directly with -available agents, instead a layer of abstraction (in the form of a -library: libpamc) takes care of loading and maintaining communication -with all requested agents. This layer of abstraction will choose which -agents to interact with based on the content of binary prompts it -receives that have the control type PAM_BPC_SELECT. - -#$$$ Client <-> libpamc - -#$$$$ Compilation information - -The C-header file provided for client-agent abstraction is included -with the following source line: - - \#include <security/pam_client.h> - -The library providing the corresponding client-agent abstraction -functions is, libpamc. - - cc .... -lpamc - -#$$$$ Initializing libpamc - -The libpamc library is initialized with a call to the following -function: - - pamc_handle_t pamc_start(void); - -This function is responsible for configuring the library and -registering the location of available agents. The location of the -available agents on the system is implementation specific. - -pamc_start() function returns NULL on failure. Otherwise, the return -value is a pointer to an opaque data type which provides a handle to -the libpamc library. On systems where threading is available, the -libpamc libraray is thread safe provided a single (pamc_handler_t *) -is used by each thread. - -#$$$$ Client (Applicant) selection of agents - -For the purpose of applicant and client review of available agents, -the following function is provided. - - char **pamc_list_agents(pamc_handle_t pch); - -This returns a list of pointers to the agent_id's of the agents which -are available on the system. The list is terminated by a NULL pointer. -It is the clients responsibility to free this memory area by calling -free() on each agent id and the block of agent_id pointers in the -result. - -PAM represents a server-driven authentication model, so by default -any available agent may be invoked in the authentication process. - -#$$$$$ Client demands agent - -If the client requires that a specific authentication agent is -satisfied during the authentication process, then the client should -call the following function, immediately after obtaining a -pamc_handle_t from pamc_start(). - - int pamc_load(pamc_handle_t pch, const char *agent_id); - -agent_id is a PAM text string (see section #{agent_ids}) and is not -suffixed with a '/' delimiter. The return value for this function is: - - PAM_BPC_TRUE - agent located and loaded. - PAM_BPC_FALSE - agent is not available. - -Note, although the agent is loaded, no data is fed to it. The agent's -opportunity to inform the client that it does not trust the server is -when the agent is shutdown. - -#$$$$$ Client marks agent as unusable - -The applicant might prefer that a named agent is marked as not -available. To do this, the client would invoke the following function -immediately after obtaining a pamc_handle_t from pam_start(). - - int pamc_disable(pamc_handle_t pch, const char *agent_id); - -here agent_id is a PAM text string containing an agent_id (section -#{agent_ids}). - -The return value for this function is: - - PAM_BPC_TRUE - agent is disabled. This is the response - independent of whether the agent is locally - available. - - PAM_BPC_FALSE - agent cannot be disabled (this may be because - it has already been invoked). - -#$$$$ Allocating and manipulating binary prompts - -All conversation between an client and an agent takes place with -respect to binary prompts. A binary prompt (see section #{binary_prompt}), is -obtained, resized and deleted via the following C-macro: - - CREATION of a binary prompt with control X1 and data length Y1: - - pamc_bp_t prompt = NULL; - PAM_BP_RENEW(&prompt, X1, Y1); - - REPLACEMENT of a binary prompt with a control X2 and data length Y2: - - PAM_BP_RENEW(&prompt, X2, Y2); - - DELETION of a binary prompt (the referenced prompt is scrubbed): - - PAM_BP_RENEW(&prompt, 0, 0); - -Note, the PAM_BP_RENEW macro always overwrites any prompt that you -call it with, deleting and liberating the old contents in a secure -fashion. Also note that PAM_BP_RENEW, when returning a prompt of data -size Y1>0, will always append a '\0' byte to the end of the prompt (at -data offset Y1). It is thus, by definition, acceptable to treat the -data contents of a binary packet as a text string (see #{text_string}). - - FILLING a binary prompt from a memory pointer U1 from offset O1 of - length L1: - - PAM_BP_FILL(prompt, O1, L1, U1); - - the CONTROL type for the packet can be obtained as follows: - - control = PAM_PB_CONTROL(prompt); - - the LENGTH of a data within the prompt (_excluding_ its header - information) can be obtained as follows: - - length = PAM_BP_LENGTH(prompt); - - the total SIZE of the prompt (_including_ its header information) - can be obtained as follows: - - size = PAM_BP_SIZE(prompt); - - EXTRACTING data from a binary prompt from offset O2 of length L2 to - a memory pointer U2: - - PAM_BP_EXTRACT(prompt, O2, L2, U2); - - If you require direct access to the raw prompt DATA, you should use - the following macro: - - __u8 *raw_data = PAM_BP_DATA(prompt); - -#$$$$ Client<->agent conversations - -All exchanges of binary prompts with agents are handled with the -single function: - - int pamc_converse(pamc_handle_t *pch, pamc_bp_t *prompt_p); - -The return value for pamc_converse(...) is PAM_BPC_TRUE when there is -a response packet and PAM_BPC_FALSE when the client is unable to -handle the request represented by the original prompt. In this latter -case, *prompt_p is set to NULL. - -This function takes a binary prompt and returns a replacement binary -prompt that is either a request from an agent to be acted upon by the -client or the 'result' which should be forwarded to the server. In the -former case, the following macro will return 1 (PAM_BPC_TRUE) and in -all other cases, 0 (PAM_BPC_FALSE): - - PAM_BPC_FOR_CLIENT(/* pamc_bp_t */ prompt) - -Note, all non-NULL binary prompts returned by pamc_converse(...), are -terminated with a '\0', even when the full length of the prompt (as -returned by the agent) does not contain this delimiter. This is a -defined property of the PAM_BP_RENEW macro, and can be relied upon. - -Important security note: in certain implementations, agents are -implemented by executable binaries, which are transparently loaded and -managed by the PAM client library. To ensure there is never a leakage -of elevated privilege to an unprivileged agent, the client application -should go to some effort to lower its level of privilege. It remains -the responsibility of the applicant and the client to ensure that it -is not compromised by a rogue agent. - -#$$$$ Termination of agents - -When closing the authentication session and severing the connection -between a client and a selection of agents, the following function is -used: - - int pamc_end(pamc_handle_t *pch); - -Following a call to pamc_end, the pamc_handle_t will be invalid. - -The return value for this function is one of the following: - - PAM_BPC_TRUE - all invoked agents are content with - authentication (the server is _not_ judged - _un_trustworthy by any agent) - - PAM_BPC_FALSE - one or more agents were unsatisfied at - being terminated. In general, the client - should terminate its connection to the - server and indicate to the applicant that - the server is untrusted. - -#$$$ libpamc <-> agents - -The agents are manipulated from within libpamc. Each agent is an -executable in its own right. This permits the agent to have access to -sensitive data not accessible directly from the client. The mode of -communication between libpamc and an agent is through a pair of -pipes. The agent reads binary prompts (section #{binary_prompt}) -through its standard input file descriptor and writes response (to the -server) binary prompts and instruction binary prompts (instructions -for the client) through its standard output file descriptor. - -#$$ Client <-> server - -This interface is concerned with the exchange of text and binary -prompts between the client application and the server application. No -API is provided for this as it is considered specific to the transport -protocol shared by the client and the server. - -#$$ Server <-> modules - -The server makes use of a general API for communicating with -modules. The client is not required to communicate directly with -available modules. By abstracting the authentication interface, it -becomes possible for the local administrator to make a run time -decision about the authentication method adopted by the server. - -#$$$ Functions and definitions available to servers and modules - -[This section will document the following functions - - pam_set_item() - pam_get_item() - pam_fail_delay(pam_handle_t *pamh, unsigned int micro_sec) - pam_get_env(pam_handle_t *pamh, const char *varname) - pam_strerror(pam_handle_t *pamh, int pam_errno) -] - -#$$$ Server <-> libpam - -[This section will document the following pam_ calls: - - pam_start - pam_end - pam_authenticate (*) - pam_setcred - pam_acct_mgmt - pam_open_session - pam_close_session - pam_chauthtok (*) - -The asterisked functions may return PAM_INCOMPLETE. In such cases, the -application should be aware that the conversation function was called -and that it returned PAM_CONV_AGAIN to a module. The correct action -for the application to take in response to receiving PAM_INCOMPLETE, -is to acquire the replies so that the next time the conversation -function is called it will be able to provide the desired -responses. And then recall pam_authenticate (pam_chauthtok) with the -same arguments. Libpam will arrange that the module stack is resumed -from the module that returned before. This functionality is required -for programs whose user interface is maintained by an event loop. ] - -#$$$ libpam <-> modules - -[This section will document the following pam_ and pam_sm_ calls: - -functions provided by libpam - - pam_set_data - pam_get_data - -functions provided to libpam by each module - - groups: - AUTHENTICATION - pam_sm_authenticate - pam_sm_setcred - ACCOUNT - pam_sm_acct_mgmt - SESSION - pam_sm_open_session - pam_sm_close_session - AUTHENTICATION TOKEN MANAGEMENT - pam_sm_chauthtok -] - -#$ Security considerations - -This document is devoted to standardizing authentication -infrastructure: everything in this document has implications for -security. - -#$ Contact - -The email list for discussing issues related to this document is -<pam-list@redhat.com>. - -#$ References - -[#{OSF_RFC_PAM}] OSF RFC 86.0, "Unified Login with Pluggable Authentication - Modules (PAM)", October 1995 - -#$ Author's Address - -Andrew G. Morgan -Email: morgan@ftp.kernel.org - -## $Id: draft-morgan-pam.raw,v 1.1.1.1 2000/06/20 22:11:07 agmorgan Exp $ ## - diff --git a/contrib/libpam/doc/specs/rfc86.0.txt b/contrib/libpam/doc/specs/rfc86.0.txt deleted file mode 100644 index 6dd5e6e..0000000 --- a/contrib/libpam/doc/specs/rfc86.0.txt +++ /dev/null @@ -1,1851 +0,0 @@ - - - - - - - - - Open Software Foundation V. Samar (SunSoft) - Request For Comments: 86.0 R. Schemers (SunSoft) - October 1995 - - - - UNIFIED LOGIN WITH - PLUGGABLE AUTHENTICATION MODULES (PAM) - - - 1. INTRODUCTION - - Since low-level authentication mechanisms constantly evolve, it is - important to shield the high-level consumers of these mechanisms - (system-entry services and users) from such low-level changes. With - the Pluggable Authentication Module (PAM) framework, we can provide - pluggability for a variety of system-entry services -- not just - system authentication _per se_, but also for account, session and - password management. PAM's ability to _stack_ authentication modules - can be used to integrate `login' with different authentication - mechanisms such as RSA, DCE, and Kerberos, and thus unify login - mechanisms. The PAM framework can also provide easy integration of - smart cards into the system. - - Modular design and pluggability have become important for users who - want ease of use. In the PC hardware arena, no one wants to set the - interrupt vector numbers or resolve the addressing conflict between - various devices. In the software arena, people also want to be able - to replace components easily for easy customization, maintenance, and - upgrades. - - Authentication software deserves special attention because - authentication forms a very critical component of any secure computer - system. The authentication infrastructure and its components may - have to be modified or replaced either because some deficiencies have - been found in the current algorithms, or because sites want to - enforce a different security policy than what was provided by the - system vendor. The replacement and modification should be done in - such a way that the user is not affected by these changes. - - The solution has to address not just how the applications use the new - authentication mechanisms in a generic fashion, but also how the user - will be authenticated to these mechanisms in a generic way. The - former is addressed by GSS-API [Linn 93], while this RFC addresses - the later; these two efforts are complementary to each other. - - Since most system-entry services (for example, `login', `dtlogin', - `rlogin', `ftp', `rsh') may want to be independent of the specific - authentication mechanisms used by the machine, it is important that - there be a framework for _plugging_ in various mechanisms. This - requires that the system applications use a standard API to interact - - - - Samar, Schemers Page 1 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - with the authentication services. If these system-entry services - remain independent of the actual mechanism used on that machine, the - system administrator can install suitable authentication modules - without requiring changes to these applications. - - For any security system to be successful, it has to be easy to use. - In the case of authentication, the single most important ease-of-use - characteristic is that the user should not be required to learn about - various ways of authentication and remember multiple passwords. - Ideally, there should be one all-encompassing authentication system - where there is only one password, but for heterogeneous sites, - multiple authentication mechanisms have to co-exist. The problem of - integrating multiple authentication mechanisms such as Kerberos - [Steiner 88], RSA [Rivest 78], and Diffie-Hellman [Diffie 76, Taylor - 88], is also referred to as _integrated login_, or _unified login_ - problem. Even if the user has to use multiple authentication - mechanisms, the user should not be forced to type multiple passwords. - Furthermore, the user should be able to use the new network identity - without taking any further actions. The key here is in modular - integration of the network authentication technologies with `login' - and other system-entry services. - - In this RFC we discuss the architecture and design of pluggable - authentication modules. This design gives the capability to use - field-replaceable authentication modules along with unified login - capability. It thus provides for both _pluggability_ and _ease-of- - use_. - - The RFC is organized as follows. We first motivate the need for a - generic way to authenticate the user by various system-entry services - within the operating system. We describe the goals and constraints - of the design. This leads to the architecture, description of the - interfaces, and _stacking_ of modules to get unified login - functionality. We then describe our experience with the design, and - end with a description of future work. - - - 2. OVERVIEW OF IDENTIFICATION AND AUTHENTICATION MECHANISMS - - An identification and authentication ("I&A") mechanism is used to - establish a user's identity the system (i.e., to a local machine's - operating system) and to other principals on the network. On a - typical UNIX system, there are various ports of entry into the - system, such as `login', `dtlogin', `rlogin', `ftp', `rsh', `su', and - `telnet'. In all cases, the user has to be identified and - authenticated before granting appropriate access rights to the user. - The user identification and authentication for all these entry points - needs to be coordinated to ensure a secure system. - - In most of the current UNIX systems, the login mechanism is based - upon verification of the password using the modified DES algorithm. - - - - Samar, Schemers Page 2 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - The security of the implementation assumes that the password cannot - be guessed, and that the password does not go over the wire in the - clear. These assumptions, however, are not universally valid. - Various programs are now available freely on the Internet that can - run dictionary attack against the encrypted password. Further, some - of the network services (for example, `rlogin', `ftp', `telnet') send - the password over in clear, and there are "sniffer" programs freely - available to steal these passwords. The classical assumptions may be - acceptable on a trusted network, but in an open environment there is - a need to use more restrictive and stronger authentication - mechanisms. Examples of such mechanisms include Kerberos, RSA, - Diffie-Hellman, one-time password [Skey 94], and challenge-response - based smart card authentication systems. Since this list will - continue to evolve, it is important that the system-entry services do - not have hard-coded dependencies on any of these authentication - mechanisms. - - - 3. DESIGN GOALS - - The goals of the PAM framework are as follows: - - (a) The system administrator should be able to choose the default - authentication mechanism for the machine. This can range from - a simple password-based mechanism to a biometric or a smart - card based system. - - (b) It should be possible to configure the user authentication - mechanism on a per application basis. For example, a site may - require S/Key password authentication for `telnet' access, - while allowing machine `login' sessions with just UNIX password - authentication. - - (c) The framework should support the display requirements of the - applications. For example, for a graphical login session such - as `dtlogin', the user name and the password may have to be - entered in a new window. For networking system-entry - applications such as `ftp' and `telnet', the user name and - password has to be transmitted over the network to the client - machine. - - (d) It should be possible to configure multiple authentication - protocols for each of those applications. For example, one may - want the users to get authenticated by both Kerberos and RSA - authentication systems. - - (e) The system administrator should be able to _stack_ multiple - user authentication mechanisms such that the user is - authenticated with all authentication protocols without - retyping the password. - - - - - Samar, Schemers Page 3 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - (f) The architecture should allow for multiple passwords if - necessary to achieve higher security for users with specific - security requirements. - - (g) The system-entry services should not be required to change when - the underlying mechanism changes. This can be very useful for - third-party developers because they often do not have the - source code for these services. - - (h) The architecture should provide for a _pluggable_ model for - system authentication, as well as for other related tasks such - as password, account, and session management. - - (i) For backward-compatibility reasons, the PAM API should support - the authentication requirements of the current system-entry - services. - - There are certain issues that the PAM framework does not specifically - address: - - (a) We focus only on providing a generic scheme through which users - use passwords to establish their identities to the machine. - Once the identity is established, how the identity is - communicated to other interested parties is outside the scope - of this design. There are efforts underway at IETF [Linn 93] - to develop a Generic Security Services Application Interface - (GSSAPI) that can be used by applications for secure and - authenticated communication without knowing the underlying - mechanism. - - (b) The _single-signon_ problem of securely transferring the - identity of the caller to a remote site is not addressed. For - example, the problem of delegating credentials from the - `rlogin' client to the other machine without typing the - password is not addressed by our work. We also do not address - the problem of sending the passwords over the network in the - clear. - - (c) We do not address the source of information obtained from the - "`getXbyY()'" family of calls (e.g., `getpwnam()'). Different - operating systems address this problem differently. For - example, Solaris uses the name service switch (NSS) to - determine the source of information for the "`getXbyY()'" - calls. It is expected that data which is stored in multiple - sources (such as passwd entries in NIS+ and the DCE registry) - is kept in sync using the appropriate commands (such as - `passwd_export'). - - - - - - - - Samar, Schemers Page 4 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - 4. OVERVIEW OF THE PAM FRAMEWORK - - We propose that the goals listed above can be met through a framework - in which authentication modules can be _plugged_ independently of the - application. We call this the _Pluggable Authentication Modules_ - (PAM) framework. - - The core components of the PAM framework are the authentication - library API (the front end) and the authentication mechanism-specific - modules (the back end), connected through the Service Provider - Interface (SPI). Applications write to the PAM API, while the - authentication-system providers write to the PAM SPI and supply the - back end modules that are independent of the application. - - ftp telnet login (Applications) - | | | - | | | - +--------+--------+ - | - +-----+-----+ - | PAM API | <-- pam.conf file - +-----+-----+ - | - +--------+--------+ - UNIX Kerberos Smart Cards (Mechanisms) - - Figure 1: The Basic PAM Architecture - - Figure 1 illustrates the relationship between the application, the - PAM library, and the authentication modules. Three applications - (`login', `telnet' and `ftp') are shown which use the PAM - authentication interfaces. When an application makes a call to the - PAM API, it loads the appropriate authentication module as determined - by the configuration file, `pam.conf'. The request is forwarded to - the underlying authentication module (for example, UNIX password, - Kerberos, smart cards) to perform the specified operation. The PAM - layer then returns the response from the authentication module to the - application. - - PAM unifies system authentication and access control for the system, - and allows plugging of associated authentication modules through well - defined interfaces. The plugging can be defined through various - means, one of which uses a configuration file, such as the one in - Table 1. For each of the system applications, the file specifies the - authentication module that should be loaded. In the example below, - `login' uses the UNIX password module, while `ftp' and `telnet' use - the S/Key module. - - - - - - - - Samar, Schemers Page 5 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - Table 1: A Simplified View of a Sample PAM Configuration File. - - service module_path - ------- ----------- - login pam_unix.so - ftp pam_skey.so - telnet pam_skey.so - - Authentication configuration is only one aspect of this interface. - Other critical components include account management, session - management, and password management. For example, the `login' - program may want to verify not only the password but also whether the - account has aged or expired. Generic interfaces also need to be - provided so that the password can be changed according to the - requirements of the module. Furthermore, the application may want to - log information about the current session as determined by the - module. - - Not all applications or services may need all of the above - components, and not each authentication module may need to provide - support for all of the interfaces. For example, while `login' may - need access to all four components, `su' may need access to just the - authentication component. Some applications may use some specific - authentication and password management modules but share the account - and session management modules with others. - - This reasoning leads to a partitioning of the entire set of - interfaces into four areas of functionality: (1) authentication, (2) - account, (3) session, and (4) password. The concept of PAM was - extended to these functional areas by implementing each of them as a - separate pluggable module. - - Breaking the functionality into four modules helps the module - providers because they can use the system-provided libraries for the - modules that they are not changing. For example, if a supplier wants - to provide a better version of Kerberos, they can just provide that - new authentication and password module, and reuse the existing ones - for account and session. - - 4.1. Module Description - - More details on specific API's are described in Appendix A. A brief - description of four modules follows: - - (a) Authentication management: This set includes the - `pam_authenticate()' function to authenticate the user, and the - `pam_setcred()' interface to set, refresh or destroy the user - credentials. - - (b) Account management: This set includes the `pam_acct_mgmt()' - function to check whether the authenticated user should be - - - - Samar, Schemers Page 6 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - given access to his/her account. This function can implement - account expiration and access hour restrictions. - - (c) Session management: This set includes the `pam_open_session()' - and `pam_close_session()' functions for session management and - accounting. For example, the system may want to store the - total time for the session. - - (d) Password management: This set includes a function, - `pam_chauthtok()', to change the password. - - - 5. FRAMEWORK INTERFACES - - The PAM framework further provides a set of administrative interfaces - to support the above modules and to provide for application-module - communication. There is no corresponding service provider interface - (SPI) for such functions. - - 5.1. Administrative Interfaces - - Each set of PAM transactions starts with `pam_start()' and ends with - the `pam_end()' function. The interfaces `pam_get_item()' and - `pam_set_item()' are used to read and write the state information - associated with the PAM transaction. - - If there is any error with any of the PAM interfaces, the error - message can be printed with `pam_strerror()'. - - 5.2. Application-Module Communication - - During application initialization, certain data such as the user name - is saved in the PAM framework layer through `pam_start()' so that it - can be used by the underlying modules. The application can also pass - opaque data to the module which the modules will pass back while - communicating with the user. - - 5.3. User-Module Communication - - The `pam_start()' function also passes conversation function that has - to be used by the underlying modules to read and write module - specific authentication information. For example, these functions - can be used to prompt the user for the password in a way determined - by the application. PAM can thus be used by graphical, non- - graphical, or networked applications. - - - - - - - - - - Samar, Schemers Page 7 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - 5.4. Inter-Module Communication - - Though the modules are independent, they can share certain common - information about the authentication session such as user name, - service name, password, and conversation function through the - `pam_get_item()' and `pam_set_item()' interfaces. These API's can - also be used by the application to change the state information after - having called `pam_start()' once. - - 5.5. Module State Information - - The PAM service modules may want to keep certain module-specific - state information about the session. The interfaces `pam_get_data()' - and `pam_set_data()' can be used by the service modules to access and - update module-specific information as needed from the PAM handle. - The modules can also attach a cleanup function with the data. The - cleanup function is executed when `pam_end()' is called to indicate - the end of the current authentication activity. - - Since the PAM modules are loaded upon demand, there is no direct - module initialization support in the PAM framework. If there are - certain initialization tasks that the PAM service modules have to do, - they should be done upon the first invocation. However, if there are - certain clean-up tasks to be done when the authentication session - ends, the modules should use `pam_set_data()' to specify the clean-up - functions, which would be called when `pam_end()' is called by the - application. - - - 6. MODULE CONFIGURATION MANAGEMENT - - Table 2 shows an example of a configuration file `pam.conf' with - support for authentication, session, account, and password management - modules. `login' has three entries: one each for authentication - processing, session management and account management. Each entry - specifies the module name that should be loaded for the given module - type. In this example, the `ftp' service uses the authentication and - session modules. Note that all services here share the same session - management module, while having different authentication modules. - - - - - - - - - - - - - - - - Samar, Schemers Page 8 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - Table 2: Configuration File (pam.conf) with Different Modules - and Control Flow - - service module_type control_flag module_path options - ------- ----------- ------------ ----------- ------- - login auth required pam_unix_auth.so nowarn - login session required pam_unix_session.so - login account required pam_unix_account.so - ftp auth required pam_skey_auth.so debug - ftp session required pam_unix_session.so - telnet session required pam_unix_session.so - login password required pam_unix_passwd.so - passwd password required pam_unix_passwd.so - OTHER auth required pam_unix_auth.so - OTHER session required pam_unix_session.so - OTHER account required pam_unix_account.so - - The first field, _service_, denotes the service (for example, - `login', `passwd', `rlogin'). The name `OTHER' indicates the module - used by all other applications that have not been specified in this - file. This name can also be used if all services have the same - requirements. In the example, since all the services use the same - session module, we could have replaced those lines with a single - `OTHER' line. - - The second field, _module_type_, indicates the type of the PAM - functional module. It can be one of `auth', `account', `session', or - `password' modules. - - The third field, _control_flag_ determines the behavior of stacking - multiple modules by specifying whether any particular module is - _required_, _sufficient_, or _optional_. The next section describes - stacking in more detail. - - The fourth field, _module_path_, specifies the location of the - module. The PAM framework loads this module upon demand to invoke - the required function. - - The fifth field, _options_, is used by the PAM framework layer to - pass module specific options to the modules. It is up to the module - to parse and interpret the options. This field can be used by the - modules to turn on debugging or to pass any module specific - parameters such as a timeout value. It is also used to support - unified login as described below. The options field can be used by - the system administrator to fine-tune the PAM modules. - - If any of the fields are invalid, or if a module is not found, that - line is ignored and the error is logged as a critical error via - `syslog(3)'. If no entries are found for the given module type, then - the PAM framework returns an error to the application. - - - - - Samar, Schemers Page 9 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - 7. INTEGRATING MULTIPLE AUTHENTICATION SERVICES WITH STACKING - - In the world of heterogeneous systems, the system administrator often - has to deal with the problem of integrating multiple authentication - mechanisms. The user is often required to know about the - authentication command of the new authentication module (for example, - `kinit', `dce_login') after logging into the system. This is not - user-friendly because it forces people to remember to type the new - command and enter the new password. This functionality should be - invisible instead of burdening the user with it. - - There are two problems to be addressed here: - - (a) Supporting multiple authentication mechanisms. - - (b) Providing unified login in the presence of multiple mechanisms. - - In the previous section, we described how one could replace the - default authentication module with any other module of choice. Now - we demonstrate how the same model can be extended to provide support - for multiple modules. - - 7.1. Design for Stacked Modules - - One possibility was to provide hard-coded rules in `login' or other - applications requiring authentication services [Adamson 95]. But - this becomes very specific to the particular combination of - authentication protocols, and also requires the source code of the - application. Digital's Security Integration Architecture [SIA 95] - addresses this problem by specifying the same list of authentication - modules for all applications. Since requirements for various - applications can vary, it is essential that the configuration be on a - per-application basis. - - To support multiple authentication mechanisms, the PAM framework was - extended to support _stacking_. When any API is called, the back - ends for the stacked modules are invoked in the order listed, and the - result returned to the caller. In Figure 2, the authentication - service of `login' is stacked and the user is authenticated by UNIX, - Kerberos, and RSA authentication mechanisms. Note that in this - example, there is no stacking for session or account management - modules. - - - - - - - - - - - - - Samar, Schemers Page 10 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - login - | - +--------+--------+ - | | | - session auth account - | | | - +--+--+ +--+--+ +--+--+ - | PAM | | PAM | | PAM | - +--+--+ +--+--+ +--+--+ - | | | - UNIX UNIX UNIX - session auth account - | - Kerberos - auth - | - RSA - auth - - Figure 2: Stacking With the PAM Architecture - - Stacking is specified through additional entries in the configuration - file shown earlier. As shown in Table 2, for each application (such - as `login') the configuration file can specify multiple mechanisms - that have to be invoked in the specified order. When mechanisms - fail, the _control_flag_ decides which error should be returned to - the application. Since the user should not know which authentication - module failed when a bad password was typed, the PAM framework - continues to call other authentication modules on the stack even on - failure. The semantics of the control flag are as follows: - - (a) `required': With this flag, the module failure results in the - PAM framework returning the error to the caller _after_ - executing all other modules on the stack. For the function to - be able to return success to the application all `required' - modules have to report success. This flag is normally set when - authentication by this module is a _must_. - - (b) `optional': With this flag, the PAM framework ignores the - module failure and continues with the processing of the next - module in sequence. This flag is used when the user is allowed - to login even if that particular module has failed. - - (c) `sufficient': With this flag, if the module succeeds the PAM - framework returns success to the application immediately - without trying any other modules. For failure cases, the - _sufficient_ modules are treated as `optional'. - - Table 3 shows a sample configuration file that stacks the `login' - command. Here the user is authenticated by UNIX, Kerberos, and RSA - authentication services. The `required' key word for _control_flag_ - - - - Samar, Schemers Page 11 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - enforces that the user is allowed to login only if he/she is - authenticated by _both_ UNIX and Kerberos services. RSA - authentication is optional by virtue of the `optional' key word in - the _control_flag_ field. The user can still log in even if RSA - authentication fails. - - Table 3: PAM Configuration File with Support for Stacking - - service module_type control_flag module_path options - ------- ----------- ------------ ----------- ------- - login auth required pam_unix.so debug - login auth required pam_kerb.so use_mapped_pass - login auth optional pam_rsa.so use_first_pass - - Table 4 illustrates the use of the sufficient flag for the `rlogin' - service. The Berkeley `rlogin' protocol specifies that if the remote - host is trusted (as specified in the `/etc/hosts.equiv' file or in - the `.rhosts' file in the home directory of the user), then the - `rlogin' daemon should not require the user to type the password. If - this is not the case, then the user is required to type the password. - Instead of hard coding this policy in the `rlogin' daemon, this can - be expressed with the `pam.conf' file in Table 4. The PAM module - `pam_rhosts_auth.so.1' implements the `.rhosts' policy described - above. If a site administrator wants to enable remote login with - only passwords, then the first line should be deleted. - - Table 4: PAM Configuration File for the rlogin service - - service module_type control_flag module_path options - ------- ----------- ------------ ----------- ------- - rlogin auth sufficient pam_rhosts_auth.so - rlogin auth required pam_unix.so - - 7.2. Password-Mapping - - Multiple authentication mechanisms on a machine can lead to multiple - passwords that users have to remember. One attractive solution from - the ease-of-use viewpoint is to use the same password for all - mechanisms. This, however, can also weaken the security because if - that password were to be compromised in any of the multiple - mechanisms, all mechanisms would be compromised at the same time. - Furthermore, different authentication mechanisms may have their own - distinctive password requirements in regards to its length, allowed - characters, time interval between updates, aging, locking, and so - forth. These requirements make it problematic to use the same - password for multiple authentication mechanisms. - - The solution we propose, while not precluding use of the same - password for every mechanism, allows for a different password for - each mechanism through what we call _password-mapping_. This - basically means using the user's _primary_ password to encrypt the - - - - Samar, Schemers Page 12 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - user's other (_secondary_) passwords, and storing these encrypted - passwords in a place where they are available to the user. Once the - primary password is verified, the authentication modules would obtain - the other passwords for their own mechanisms by decrypting the - mechanism-specific encrypted password with the primary password, and - passing it to the authentication service. The security of this - design for password-mapping assumes that the primary password is the - user's strongest password, in terms of its unguessability (length, - type and mix of characters used, etc.). - - If there is any error in password-mapping, or if the mapping does not - exist, the user will be prompted for the password by each - authentication module. - - To support password-mapping, the PAM framework saves the primary - password and provides it to stacked authentication modules. The - password is cleared out before the `pam_authenticate' function - returns. - - How the password is encrypted depends completely on the module - implementation. The encrypted secondary password (also called a - "mapped password") can be stored in a trusted or untrusted place, - such as a smart card, a local file, or a directory service. If the - encrypted passwords are stored in an untrusted publicly accessible - place, this does provide an intruder with opportunities for potential - dictionary attack. - - Though password-mapping is voluntary, it is recommended that all - module providers add support for the following four mapping options: - - (a) `use_first_pass': Use the same password used by the first - mechanism that asked for a password. The module should not ask - for the password if the user cannot be authenticated by the - first password. This option is normally used when the system - administrator wants to enforce the same password across - multiple modules. - - (b) `try_first_pass': This is the same as `use_first_pass', except - that if the primary password is not valid, it should prompt the - user for the password. - - (c) `use_mapped_pass': Use the password-mapping scheme to get the - actual password for this module. One possible implementation - is to get the mapped-password using the XFN API [XFN 94], and - decrypt it with the primary password to get the module-specific - password. The module should not ask for the password if the - user cannot be authenticated by the first password. The XFN - API allows user-defined attributes (such as _mapped-password_) - to be stored in the _user-context_. Using the XFN API is - particularly attractive because support for the XFN may be - found on many systems in the future. - - - - Samar, Schemers Page 13 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - (d) `try_mapped_pass': This is the same as `use_mapped_pass', - except that if the primary password is not valid, it should - prompt the user for the password. - - When passwords get updated, the PAM framework stores both the old as - well as the new password to be able to inform other dependent - authentication modules about the change. Other modules can use this - information to update the encrypted password without forcing the user - to type the sequence of passwords again. The PAM framework clears - out the passwords before returning to the application. - - Table 3 illustrates how the same password can be used by `login' for - authenticating to the standard UNIX login, Kerberos and RSA services. - Once the user has been authenticated to the primary authentication - service (UNIX `login' in this example) with the primary password, the - option `use_mapped_pass' indicates to the Kerberos module that it - should use the primary password to decrypt the stored Kerberos - password and then use the Kerberos password to get the ticket for the - ticket-granting-service. After that succeeds, the option - `use_first_pass' indicates to the RSA module that instead of - prompting the user for a password, it should use the primary password - typed earlier for authenticating the user. Note that in this - scenario, the user has to enter the password just once. - - Note that if a one-time password scheme (e.g., S/Key) is used, - password mapping cannot apply. - - 7.3. Implications of Stacking on the PAM Design - - Because of the stacking capability of PAM, we have designed the PAM - API's to not return any data to the application, except status. If - this were not the case, it would be difficult for the PAM framework - to decide which module should return data to the application. When - there is any error, the application does not know which of the - modules failed. This behavior enables (even requires) the - application to be completely independent from the modules. - - Another design decision we have made is that PAM gives only the user - name to all the underlying PAM modules, hence it is the - responsibility of the PAM modules to convert the name to their own - internal format. For example, the Kerberos module may have to - convert the UNIX user name to a Kerberos principal name. - - Stacking also forces the modules to be designed such that they can - occur anywhere in the stack without any side-effects. - - Since modules such as the authentication and the password module are - very closely related, it is important they be configured in the same - order and with compatible options. - - - - - - Samar, Schemers Page 14 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - 8. INTEGRATION WITH SMART CARDS - - Many networking authentication protocols require possession of a long - key to establish the user identity. For ease-of-use reasons, that - long key is normally encrypted with the user's password so that the - user is not required to memorize it. However, weak passwords can be - compromised through a dictionary attack and thus undermine the - stronger network authentication mechanism. Furthermore, the - encrypted data is normally stored in a centrally accessible service - whose availability depends upon the reliability of the associated - service. Solutions have been proposed to use a pass-phrase or one- - time-password, but those are much longer than the regular eight - character passwords traditionally used with UNIX `login'. This makes - the solution user-unfriendly because it requires longer strings to be - remembered and typed. - - For most authentication protocol implementations, the trust boundary - is the local machine. This assumption may not be valid in cases - where the user is mobile and has to use publicly available networked - computers. In such cases, it is required that the clear text of the - key or the password never be made available to the machine. - - Smart cards solve the above problems by reducing password exposure by - supporting a _two factor_ authentication mechanism: the first with - the possession of the card, and the second with the knowledge of the - PIN associated with the card. Not only can the smart cards be a - secure repository of multiple passwords, they can also provide the - encryption and authentication functions such that the long (private) - key is never exposed outside the card. - - The PAM framework allows for integrating smart cards to the system by - providing a smart card specific module for authentication. - Furthermore, the unified login problem is simplified because the - multiple passwords for various authentication mechanisms can be - stored on the smart card itself. This can be enabled by adding a - suitable key-word such as `use_smart_card' in the _options_ field. - - - 9. SECURITY ISSUES - - It is important to understand the impact of PAM on the security of - any system so that the site-administrator can make an informed - decision. - - (a) Sharing of passwords with multiple authentication mechanisms. - - If there are multiple authentication modules, one possibility - is to use the same password for all of them. If the password - for any of the multiple authentication system is compromised, - the user's password in all systems would be compromised. If - this is a concern, then multiple passwords might be considered - - - - Samar, Schemers Page 15 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - at the cost of ease-of-use. - - (b) Password-mapping. - - This technique of encrypting all other passwords with the - primary password assumes that it is lot more difficult to crack - the primary password and that reasonable steps have been taken - to ensure limited availability of the encrypted primary - password. If this is not done, an intruder could target the - primary password as the first point of dictionary attack. If - one of the other modules provide stronger security than the - password based security, the site would be negating the strong - security by using password-mapping. If this is a concern, then - multiple passwords might be considered at the cost of ease-of- - use. If smart cards are used, they obviate the need for - password-mapping completely. - - (c) Security of the configuration file. - - Since the policy file dictates how the user is authenticated, - this file should be protected from unauthorized modifications. - - (d) Stacking various PAM modules. - - The system administrator should fully understand the - implications of stacking various modules that will be installed - on the system and their respective orders and interactions. - The composition of various authentication modules should be - carefully examined. The trusted computing base of the machine - now includes the PAM modules. - - - 10. EXPERIENCE WITH PAM - - The PAM framework was first added in Solaris 2.3 release as a private - internal interface. PAM is currently being used by several system - entry applications such as `login', `passwd', `su', `dtlogin', - `rlogind', `rshd', `telnetd', `ftpd', `in.rexecd', `uucpd', `init', - `sac', and `ttymon'. We have found that PAM provides an excellent - framework to encapsulate the authentication-related tasks for the - entire system. The Solaris 2.3 PAM API's were hence enhanced and - simplified to support stacking. - - PAM modules have been developed for UNIX, DCE, Kerberos, S/Key, - remote user authentication, and dialpass authentication. Other PAM - modules are under development, and integration with smart cards is - being planned. - - Some third parties have used the PAM interface to extend the security - mechanisms offered by the Solaris environment. - - - - - Samar, Schemers Page 16 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - The PAM API has been accepted by Common Desktop Environment (CDE) - vendors as the API to be used for integrating the graphical interface - for login, `dtlogin' with multiple authentication mechanisms. - - - 11. FUTURE WORK - - Amongst the various components of PAM, the password component needs - to be carefully examined to see whether the stacking semantics are - particularly applicable, and how PAM should deal with partial - failures when changing passwords. - - The _control_flag_ of the configuration file can be extended to - include other semantics. For example, if the error is "name service - not available", one may want to retry. It is also possible to offer - semantics of "return success if any of the modules return success". - - In an earlier section, we had mentioned integration of smart cards - with PAM. Though we feel that integration should be straight forward - from the PAM architecture point of view, there may be some issues - with implementation because the interfaces to the smart cards have - not yet been standardized. - - One possible extension to PAM is to allow the passing of module- - specific data between applications and PAM modules. For example, the - `login' program likes to build its new environment from a select list - of variables, yet the DCE module needs the `KRB5CCNAME' variable to - be exported to the child process. For now we have modified the - `login' program to explicitly export the `KRB5CCNAME' variable. - - Administrative tools are needed to help system administrators modify - `pam.conf', and perform sanity checks on it (i.e., a `pam_check' - utility). - - - 12. CONCLUSION - - The PAM framework and the module interfaces provide pluggability for - user authentication, as well as for account, session and password - management. The PAM architecture can be used by `login' and by all - other system-entry services, and thus ensure that all entry points - for the system have been secured. This architecture enables - replacement and modification of authentication modules in the field - to secure the system against the newly found weaknesses without - changing any of the system services. - - The PAM framework can be used to integrate `login' and `dtlogin' with - different authentication mechanisms such as RSA and Kerberos. - Multiple authentication systems can be accessed with the same - password. The PAM framework also provides easy integration of smart - cards into the system. - - - - Samar, Schemers Page 17 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - PAM provides complementary functionality to GSS-API, in that it - provides mechanisms through which the user gets authenticated to any - new system-level authentication service on the machine. GSS-API then - uses the credentials for authenticated and secure communications with - other application-level service entities on the network. - - - 13. ACKNOWLEDGEMENTS - - PAM development has spanned several release cycles at SunSoft. - Shau-Ping Lo, Chuck Hickey, and Alex Choy did the first design and - implementation. Bill Shannon and Don Stephenson helped with the PAM - architecture. Rocky Wu prototyped stacking of multiple modules. - Paul Fronberg, Charlie Lai, and Roland Schemers made very significant - enhancements to the PAM interfaces and took the project to completion - within a very short time. Kathy Slattery wrote the PAM - documentation. John Perry integrated PAM within the CDE framework. - - - APPENDIX A. PAM API'S - - This appendix gives an informal description of the various interfaces - of PAM. Since the goal here is just for the reader to get a working - knowledge about the PAM interfaces, not all flags and options have - been fully defined and explained. The API's described here are - subject to change. - - The PAM Service Provider Interface is very similar to the PAM API, - except for one extra parameter to pass module-specific options to the - underlying modules. - - A.1. Framework Layer API's - - int - pam_start( - char *service_name, - char *user, - struct pam_conv *pam_conversation, - pam_handle_t **pamh - ); - - `pam_start()' is called to initiate an authentication transaction. - `pam_start()' takes as arguments the name of the service, the name of - the user to be authenticated, the address of the conversation - structure. `pamh' is later used as a handle for subsequent calls to - the PAM library. - - The PAM modules do not communicate directly with the user; instead - they rely on the application to perform all such interaction. The - application needs to provide the conversation functions, `conv()', - and associated application data pointers through a `pam_conv' - - - - Samar, Schemers Page 18 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - structure when it initiates an authentication transaction. The - module uses the `conv()' function to prompt the user for data, - display error messages, or text information. - - int - pam_end( - pam_handle_t *pamh, - int pam_status - ); - - `pam_end()' is called to terminate the PAM transaction as specified - by `pamh', and to free any storage area allocated by the PAM modules - with `pam_set_item()'. - - int - pam_set_item( - pam_handle_t *pamh, - int item_type, - void *item - ); - - int - pam_get_item( - pam_handle_t *pamh, - int item_type, - void **item); - - `pam_get_item()' and `pam_set_item()' allow the parameters specified - in the initial call to `pam_start()' to be read and updated. This is - useful when a particular parameter is not available when - `pam_start()' is called or must be modified after the initial call to - `pam_start()'. `pam_set_item()' is passed a pointer to the object, - `item', and its type, `item_type'. `pam_get_item()' is passed the - address of the pointer, `item', which is assigned the address of the - requested object. - - The `item_type' is one of the following: - - Table 5: Possible Values for Item_type - - Item Name Description - --------- ----------- - PAM_SERVICE The service name - PAM_USER The user name - PAM_TTY The tty name - PAM_RHOST The remote host name - PAM_CONV The pam_conv structure - PAM_AUTHTOK The authentication token (password) - PAM_OLDAUTHTOK The old authentication token - PAM_RUSER The remote user name - - - - - Samar, Schemers Page 19 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - Note that the values of `PAM_AUTHTOK' and `PAM_OLDAUTHTOK' are only - available to PAM modules and not to the applications. They are - explicitly cleared out by the framework before returning to the - application. - - char * - pam_strerror( - int errnum - ); - - `pam_strerror()' maps the error number to a PAM error message string, - and returns a pointer to that string. - - int - pam_set_data( - pam_handle_t *pamh, - char *module_data_name, - char *data, - (*cleanup)(pam_handle_t *pamh, char *data, - int error_status) - ); - - The `pam_set_data()' function stores module specific data within the - PAM handle. The `module_data_name' uniquely specifies the name to - which some data and cleanup callback function can be attached. The - cleanup function is called when `pam_end()' is invoked. - - int - pam_get_data( - pam_handle_t *pamh, - char *module_data_name, - void **datap - ); - - The `pam_get_data()' function obtains module-specific data from the - PAM handle stored previously by the `pam_get_data()' function. The - `module_data_name' uniquely specifies the name for which data has to - be obtained. This function is normally used to retrieve module - specific state information. - - A.2. Authentication API's - - int - pam_authenticate( - pam_handle_t *pamh, - int flags - ); - - The `pam_authenticate()' function is called to verify the identity of - the current user. The user is usually required to enter a password - or similar authentication token, depending upon the authentication - - - - Samar, Schemers Page 20 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - module configured with the system. The user in question is specified - by a prior call to `pam_start()', and is referenced by the - authentication handle, `pamh'. - - int - pam_setcred( - pam_handle_t *pamh, - int flags - ); - - The `pam_setcred()' function is called to set the credentials of the - current process associated with the authentication handle, `pamh'. - The actions that can be denoted through `flags' include credential - initialization, refresh, reinitialization and deletion. - - A.3. Account Management API - - int - pam_acct_mgmt( - pam_handle_t *pamh, - int flags - ); - - The function `pam_acct_mgmt()' is called to determine whether the - current user's account and password are valid. This typically - includes checking for password and account expiration, valid login - times, etc. The user in question is specified by a prior call to - `pam_start()', and is referenced by the authentication handle, - `pamh'. - - A.4. Session Management API's - - int - pam_open_session( - pam_handle_t *pamh, - int flags - ); - - `pam_open_session()' is called to inform the session modules that a - new session has been initialized. All programs which use PAM should - invoke `pam_open_session()' when beginning a new session. - - int - pam_close_session( - pam_handle_t *pamh, - int flags - ); - - Upon termination of this session, the `pam_close_session()' function - should be invoked to inform the underlying modules that the session - has terminated. - - - - Samar, Schemers Page 21 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - A.5. Password Management API's - - int - pam_chauthtok( - pam_handle_t *pamh, - int flags - ); - - `pam_chauthtok()' is called to change the authentication token - associated with the user referenced by the authentication handle - `pamh'. After the call, the authentication token of the user will be - changed in accordance with the authentication module configured on - the system. - - - APPENDIX B. SAMPLE PAM APPLICATION - - This appendix shows a sample `login' application which uses the PAM - API's. It is not meant to be a fully functional login program, as - some functionality has been left out in order to emphasize the use of - PAM API's. - - #include <security/pam_appl.h> - - static int login_conv(int num_msg, struct pam_message **msg, - struct pam_response **response, void *appdata_ptr); - - static struct pam_conv pam_conv = {login_conv, NULL}; - - static pam_handle_t *pamh; /* Authentication handle */ - - void - main(int argc, char *argv[], char **renvp) - { - - /* - * Call pam_start to initiate a PAM authentication operation - */ - - if ((pam_start("login", user_name, &pam_conv, &pamh)) - != PAM_SUCCESS) - login_exit(1); - - pam_set_item(pamh, PAM_TTY, ttyn); - pam_set_item(pamh, PAM_RHOST, remote_host); - - while (!authenticated && retry < MAX_RETRIES) { - status = pam_authenticate(pamh, 0); - authenticated = (status == PAM_SUCCESS); - } - - - - - Samar, Schemers Page 22 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - if (status != PAM_SUCCESS) { - fprintf(stderr,"error: %s\n", pam_strerror(status)); - login_exit(1); - } - - /* now check if the authenticated user is allowed to login. */ - - if ((status = pam_acct_mgmt(pamh, 0)) != PAM_SUCCESS) { - if (status == PAM_AUTHTOK_EXPIRED) { - status = pam_chauthtok(pamh, 0); - if (status != PAM_SUCCESS) - login_exit(1); - } else { - login_exit(1); - } - } - - /* - * call pam_open_session to open the authenticated session - * pam_close_session gets called by the process that - * cleans up the utmp entry (i.e., init) - */ - if (status = pam_open_session(pamh, 0) != PAM_SUCCESS) { - login_exit(status); - } - - /* set up the process credentials */ - setgid(pwd->pw_gid); - - /* - * Initialize the supplementary group access list. - * This should be done before pam_setcred because - * the PAM modules might add groups during the pam_setcred call - */ - initgroups(user_name, pwd->pw_gid); - - status = pam_setcred(pamh, PAM_ESTABLISH_CRED); - if (status != PAM_SUCCESS) { - login_exit(status); - } - - /* set the real (and effective) UID */ - setuid(pwd->pw_uid); - - pam_end(pamh, PAM_SUCCESS); /* Done using PAM */ - - /* - * Add DCE/Kerberos cred name, if any. - * XXX - The module specific stuff should be removed from login - * program eventually. This is better placed in DCE module and - * will be once PAM has routines for "exporting" environment - - - - Samar, Schemers Page 23 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - * variables. - */ - krb5p = getenv("KRB5CCNAME"); - if (krb5p != NULL) { - ENVSTRNCAT(krb5ccname, krb5p); - envinit[basicenv++] = krb5ccname; - } - environ = envinit; /* Switch to the new environment. */ - exec_the_shell(); - - /* All done */ - } - - /* - * login_exit - Call exit() and terminate. - * This function is here for PAM so cleanup can - * be done before the process exits. - */ - static void - login_exit(int exit_code) - { - if (pamh) - pam_end(pamh, PAM_ABORT); - exit(exit_code); - /*NOTREACHED*/ - } - - /* - * login_conv(): - * This is the conv (conversation) function called from - * a PAM authentication module to print error messages - * or garner information from the user. - */ - - static int - login_conv(int num_msg, struct pam_message **msg, - struct pam_response **response, void *appdata_ptr) - { - - while (num_msg--) { - switch (m->msg_style) { - - case PAM_PROMPT_ECHO_OFF: - r->resp = strdup(getpass(m->msg)); - break; - - case PAM_PROMPT_ECHO_ON: - (void) fputs(m->msg, stdout); - r->resp = malloc(PAM_MAX_RESP_SIZE); - fgets(r->resp, PAM_MAX_RESP_SIZE, stdin); - /* add code here to remove \n from fputs */ - - - - Samar, Schemers Page 24 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - break; - - case PAM_ERROR_MSG: - (void) fputs(m->msg, stderr); - break; - - case PAM_TEXT_INFO: - (void) fputs(m->msg, stdout); - break; - - default: - /* add code here to log error message, etc */ - break; - } - } - return (PAM_SUCCESS); - } - - - APPENDIX C. DCE MODULE - - This appendix describes a sample implementation of a DCE PAM module. - In order to simplify the description, we do not address the issues - raised by password-mapping or stacking. The intent is to show which - DCE calls are being made by the DCE module. - - The `pam_sm_*()' functions implement the PAM SPI functions which are - called from the PAM API functions. - - C.1. DCE Authentication Management - - The algorithm for authenticating with DCE (not including error - checking, prompting for passwords, etc.) is as follows: - - pam_sm_authenticate() - { - sec_login_setup_identity(...); - pam_set_data(...); - sec_login_valid_and_cert_ident(...); - } - - pam_sm_setcred() - { - pam_get_data(...); - sec_login_set_context(...); - } - - The `pam_sm_authenticate()' function for DCE uses the - `pam_set_data()' and `pam_get_data()' functions to keep state (like - the `sec_login_handle_t' context) between calls. The following - cleanup function is also registered and gets called when `pam_end()' - - - - Samar, Schemers Page 25 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - is called: - - dce_cleanup() - { - if (/* PAM_SUCCESS and - sec_login_valid_and_cert_ident success */) { - sec_login_release_context(...); - } else { - sec_login_purge_context(...); - } - } - - If everything was successful we release the login context, but leave - the credentials file intact. If the status passed to `pam_end()' was - not `PAM_SUCCESS' (i.e., a required module failed) we purge the login - context which also removes the credentials file. - - C.2. DCE Account Management - - The algorithm for DCE account management is as follows: - - pam_sm_acct_mgmt() - { - pam_get_data(...); - sec_login_inquire_net_info(...); - /* check for expired password and account */ - sec_login_free_net_info(...); - } - - The `sec_login_inquire_net_info()' function is called to obtain - information about when the user's account and/or password are going - to expire. A warning message is displayed (using the conversation - function) if the user's account or password is going to expire in the - near future, or has expired. These warning messages can be disabled - using the `nowarn' option in the `pam.conf' file. - - C.3. DCE Session Management - - The DCE session management functions are currently empty. They could - be modified to optionally remove the DCE credentials file upon - logout, etc. - - C.4. DCE Password Management - - The algorithm for DCE password management is as follows: - - - - - - - - - - Samar, Schemers Page 26 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - pam_sm_chauthtok - { - sec_rgy_site_open(...); - sec_rgy_acct_lookup(...); - sec_rgy_acct_passwd(...); - sec_rgy_site_close(...); - } - - The `sec_rgy_acct_passwd()' function is called to change the user's - password in the DCE registry. - - - REFERENCES - - [Adamson 95] W. A. Adamson, J. Rees, and P. Honeyman, "Joining - Security Realms: A Single Login for Netware and - Kerberos", CITI Technical Report 95-1, Center for - Information Technology Integration, University of - Michigan, Ann Arbor, MI, February 1995. - - [Diffie 76] W. Diffie and M. E. Hellman, "New Directions in - Cryptography", IEEE Transactions on Information - Theory, November 1976. - - [Linn 93] J. Linn, "Generic Security Service Application - Programming Interface", Internet RFC 1508, 1509, 1993. - - [Rivest 78] R. L. Rivest, A. Shamir, and L. Adleman., "A Method - for Obtaining Digital Signatures and Pubic-key - Cryptosystems", Communications of the ACM, 21(2), - 1978. - - [SIA 95] "Digital UNIX Security", Digital Equipment - Corporation, Order Number AA-Q0R2C-TE, July 1995. - - [Skey 94] N. M. Haller, "The S/Key One-Time Password System", - ISOC Symposium on Network and Distributed Security, - 1994. - - [Steiner 88] J.G. Steiner, B. C. Neuman, and J. I. Schiller, - "Kerberos, An Authentication Service for Open Network - Systems", in Proceedings of the Winter USENIX - Conference, Dallas, Jan 1988. - - [Taylor 88] B. Taylor and D. Goldberg, "Secure Networking in the - Sun Environment", Sun Microsystems Technical Paper, - 1988. - - [XFN 94] "Federated Naming: the XFN Specifications", X/Open - Preliminary Specification, X/Open Document #P403, - ISBN:1-85912-045-8, X/Open Co. Ltd., July 1994. - - - - Samar, Schemers Page 27 - - - - - - - - OSF-RFC 86.0 PAM October 1995 - - - - AUTHOR'S ADDRESS - - Vipin Samar Internet email: vipin@eng.sun.com - SunSoft, Inc. Telephone: +1-415-336-1002 - 2550 Garcia Avenue - Mountain View, CA 94043 - USA - - Roland J. Schemers III Internet email: schemers@eng.sun.com - SunSoft, Inc. Telephone: +1-415-336-1035 - 2550 Garcia Avenue - Mountain View, CA 94043 - USA - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Samar, Schemers Page 28 - - - - - - diff --git a/contrib/libpam/libpam/Makefile b/contrib/libpam/libpam/Makefile deleted file mode 100644 index 9d3e6d7..0000000 --- a/contrib/libpam/libpam/Makefile +++ /dev/null @@ -1,151 +0,0 @@ -# -# $Id: Makefile,v 1.4 2001/02/10 07:17:53 agmorgan Exp $ -# -# - -include ../Make.Rules - -# need to tell libpam about the default directory for PAMs -MOREFLAGS=-D"DEFAULT_MODULE_PATH=\"$(SECUREDIR)/\"" - -ifeq ($(WITH_LIBDEBUG),yes) - LIBNAME=libpamd -else - LIBNAME=libpam -endif -VERSION=.$(MAJOR_REL) -MODIFICATION=.$(MINOR_REL) - -# --------------------------------------------- - -dummy: ../Make.Rules all - -# --------------------------------------------- - -CFLAGS += $(DYNAMIC) $(STATIC) $(MOREFLAGS) \ - -DLIBPAM_VERSION_MAJOR=$(MAJOR_REL) \ - -DLIBPAM_VERSION_MINOR=$(MINOR_REL) - -# dynamic library names - -LIBPAM = $(LIBNAME).$(DYNTYPE) -LIBPAMNAME = $(LIBPAM)$(VERSION) -LIBPAMFULL = $(LIBPAMNAME)$(MODIFICATION) - -# static library name - -LIBPAMSTATIC = $(LIBNAME).a - -ifdef STATIC -@echo Did you mean to set STATIC\? -MODULES = $(shell cat ../modules/_static_module_objects) -STATICOBJ = pam_static.o -else -MODULES = -endif - -ifdef MEMORY_DEBUG -EXTRAS += pam_malloc.o -endif - -LIBOBJECTS = pam_item.o pam_strerror.o pam_end.o pam_start.o pam_data.o \ - pam_delay.o pam_dispatch.o pam_handlers.o pam_misc.o \ - pam_account.o pam_auth.o pam_session.o pam_password.o \ - pam_env.o pam_log.o $(EXTRAS) - -ifeq ($(DYNAMIC_LIBPAM),yes) -# libpam.so needs -ldl, too. -DLIBOBJECTS = $(addprefix dynamic/,$(LIBOBJECTS) $(STATICOBJ)) -ifeq ($(STATICOBJ),yes) -dynamic/pam_static.o: pam_static.c ../modules/_static_module_objects - $(CC) $(CFLAGS) -c pam_static.c -o $@ -endif -endif - -ifeq ($(STATIC_LIBPAM),yes) -SLIBOBJECTS = $(addprefix static/,$(LIBOBJECTS) $(STATICOBJ)) -ifdef STATICOBJ -static/pam_static.o: pam_static.c ../modules/_static_module_objects - $(CC) $(CFLAGS) -c pam_static.c -o $@ -endif -endif - -# --------------------------------------------- -## rules - -all: dirs $(LIBPAM) $(LIBPAMSTATIC) ../Make.Rules - -dirs: -ifeq ($(DYNAMIC_LIBPAM),yes) - $(MKDIR) dynamic -endif -ifeq ($(STATIC_LIBPAM),yes) - $(MKDIR) static -endif - -dynamic/%.o : %.c - $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ - -static/%.o : %.c - $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ - -$(LIBPAM): $(DLIBOBJECTS) -ifeq ($(DYNAMIC_LIBPAM),yes) - ifeq ($(USESONAME),yes) - $(LD_L) $(SOSWITCH) $(LIBPAMNAME) -o $@ $(DLIBOBJECTS) \ - $(MODULES) $(LINKLIBS) - else - $(LD_L) -o $@ $(DLIBOBJECTS) $(MODULES) $(LINKLIBS) - endif - ifeq ($(NEEDSONAME),yes) - rm -f $(LIBPAMFULL) - ln -sf $(LIBPAM) $(LIBPAMFULL) - rm -f $(LIBPAMNAME) - ln -sf $(LIBPAM) $(LIBPAMNAME) - endif -endif - -$(LIBPAMSTATIC): $(SLIBOBJECTS) -ifeq ($(STATIC_LIBPAM),yes) - ar cr $@ $(SLIBOBJECTS) $(MODULES) - $(RANLIB) $@ -endif - -install: all - $(MKDIR) $(FAKEROOT)$(INCLUDED) $(FAKEROOT)$(libdir) - $(INSTALL) -m 644 include/security/pam_appl.h $(FAKEROOT)$(INCLUDED) - $(INSTALL) -m 644 include/security/pam_modules.h $(FAKEROOT)$(INCLUDED) - $(INSTALL) -m 644 include/security/_pam_macros.h $(FAKEROOT)$(INCLUDED) - $(INSTALL) -m 644 include/security/_pam_types.h $(FAKEROOT)$(INCLUDED) - $(INSTALL) -m 644 include/security/_pam_compat.h $(FAKEROOT)$(INCLUDED) -ifdef MEMORY_DEBUG - $(INSTALL) -m 644 include/security/pam_malloc.h $(FAKEROOT)$(INCLUDED) -endif -ifeq ($(DYNAMIC_LIBPAM),yes) - $(INSTALL) -m $(SHLIBMODE) $(LIBPAM) $(FAKEROOT)$(libdir)/$(LIBPAMFULL) - $(LDCONFIG) - ifneq ($(DYNTYPE),"sl") - ( cd $(FAKEROOT)$(libdir) ; rm -f $(LIBPAM) ; \ - ln -sf $(LIBPAMNAME) $(LIBPAM) ) - endif -endif -ifeq ($(STATIC_LIBPAM),yes) - $(INSTALL) -m 644 $(LIBPAMSTATIC) $(FAKEROOT)$(libdir) -endif - -remove: - rm -f $(FAKEROOT)$(INCLUDED)/_pam_types.h - rm -f $(FAKEROOT)$(INCLUDED)/_pam_macros.h - rm -f $(FAKEROOT)$(INCLUDED)/pam_appl.h - rm -f $(FAKEROOT)$(INCLUDED)/pam_modules.h - rm -f $(FAKEROOT)$(INCLUDED)/pam_malloc.h - rm -f $(FAKEROOT)$(libdir)/$(LIBPAM).* - rm -f $(FAKEROOT)$(libdir)/$(LIBPAM) - $(LDCONFIG) - rm -f $(FAKEROOT)$(libdir)/$(LIBPAMSTATIC) - -clean: - rm -f a.out core *~ static/*.o dynamic/*.o - rm -f *.a *.o *.so ./include/security/*~ - if [ -d dynamic ]; then rmdir dynamic ; fi - if [ -d static ]; then rmdir static ; fi diff --git a/contrib/libpam/libpam/include/security/_pam_compat.h b/contrib/libpam/libpam/include/security/_pam_compat.h deleted file mode 100644 index 33520a6..0000000 --- a/contrib/libpam/libpam/include/security/_pam_compat.h +++ /dev/null @@ -1,122 +0,0 @@ -#ifndef _PAM_COMPAT_H -#define _PAM_COMPAT_H - -/* - * $Id: _pam_compat.h,v 1.1.1.1 2000/06/20 22:11:21 agmorgan Exp $ - * - * This file was contributed by Derrick J Brashear <shadow@dementia.org> - * slight modification by Brad M. Garcia <bgarcia@fore.com> - * - * A number of operating systems have started to implement PAM. - * unfortunately, they have a different set of numeric values for - * certain constants. This file is included for compatibility's sake. - */ - -/* Solaris uses different constants. We redefine to those here */ -#if defined(solaris) || (defined(__SVR4) && defined(sun)) - -#ifndef _SECURITY__PAM_TYPES_H - -# ifdef _SECURITY_PAM_MODULES_H - -/* flags for pam_chauthtok() */ -# undef PAM_PRELIM_CHECK -# define PAM_PRELIM_CHECK 0x1 - -# undef PAM_UPDATE_AUTHTOK -# define PAM_UPDATE_AUTHTOK 0x2 - -# endif /* _SECURITY_PAM_MODULES_H */ - -#else /* _SECURITY__PAM_TYPES_H */ - -/* generic for pam_* functions */ -# undef PAM_SILENT -# define PAM_SILENT 0x80000000 - -/* flags for pam_setcred() */ -# undef PAM_ESTABLISH_CRED -# define PAM_ESTABLISH_CRED 0x1 - -# undef PAM_DELETE_CRED -# define PAM_DELETE_CRED 0x2 - -# undef PAM_REINITIALIZE_CRED -# define PAM_REINITIALIZE_CRED 0x4 - -# undef PAM_REFRESH_CRED -# define PAM_REFRESH_CRED 0x8 - -/* another binary incompatibility comes from the return codes! */ - -# undef PAM_CONV_ERR -# define PAM_CONV_ERR 6 - -# undef PAM_PERM_DENIED -# define PAM_PERM_DENIED 7 - -# undef PAM_MAXTRIES -# define PAM_MAXTRIES 8 - -# undef PAM_AUTH_ERR -# define PAM_AUTH_ERR 9 - -# undef PAM_NEW_AUTHTOK_REQD -# define PAM_NEW_AUTHTOK_REQD 10 - -# undef PAM_CRED_INSUFFICIENT -# define PAM_CRED_INSUFFICIENT 11 - -# undef PAM_AUTHINFO_UNAVAIL -# define PAM_AUTHINFO_UNAVAIL 12 - -# undef PAM_USER_UNKNOWN -# define PAM_USER_UNKNOWN 13 - -# undef PAM_CRED_UNAVAIL -# define PAM_CRED_UNAVAIL 14 - -# undef PAM_CRED_EXPIRED -# define PAM_CRED_EXPIRED 15 - -# undef PAM_CRED_ERR -# define PAM_CRED_ERR 16 - -# undef PAM_ACCT_EXPIRED -# define PAM_ACCT_EXPIRED 17 - -# undef PAM_AUTHTOK_EXPIRED -# define PAM_AUTHTOK_EXPIRED 18 - -# undef PAM_SESSION_ERR -# define PAM_SESSION_ERR 19 - -# undef PAM_AUTHTOK_ERR -# define PAM_AUTHTOK_ERR 20 - -# undef PAM_AUTHTOK_RECOVERY_ERR -# define PAM_AUTHTOK_RECOVERY_ERR 21 - -# undef PAM_AUTHTOK_LOCK_BUSY -# define PAM_AUTHTOK_LOCK_BUSY 22 - -# undef PAM_AUTHTOK_DISABLE_AGING -# define PAM_AUTHTOK_DISABLE_AGING 23 - -# undef PAM_NO_MODULE_DATA -# define PAM_NO_MODULE_DATA 24 - -# undef PAM_IGNORE -# define PAM_IGNORE 25 - -# undef PAM_ABORT -# define PAM_ABORT 26 - -# undef PAM_TRY_AGAIN -# define PAM_TRY_AGAIN 27 - -#endif /* _SECURITY__PAM_TYPES_H */ - -#endif /* defined(solaris) || (defined(__SVR4) && defined(sun)) */ - -#endif /* _PAM_COMPAT_H */ diff --git a/contrib/libpam/libpam/include/security/_pam_macros.h b/contrib/libpam/libpam/include/security/_pam_macros.h deleted file mode 100644 index 2827fab..0000000 --- a/contrib/libpam/libpam/include/security/_pam_macros.h +++ /dev/null @@ -1,187 +0,0 @@ -#ifndef PAM_MACROS_H -#define PAM_MACROS_H - -/* - * All kind of macros used by PAM, but usable in some other - * programs too. - * Organized by Cristian Gafton <gafton@redhat.com> - */ - -/* a 'safe' version of strdup */ - -#include <string.h> -#include <stdlib.h> - -#define x_strdup(s) ( (s) ? strdup(s):NULL ) - -/* Good policy to strike out passwords with some characters not just - free the memory */ - -#define _pam_overwrite(x) \ -do { \ - register char *__xx__; \ - if ((__xx__=(x))) \ - while (*__xx__) \ - *__xx__++ = '\0'; \ -} while (0) - -/* - * Don't just free it, forget it too. - */ - -#define _pam_drop(X) \ -do { \ - if (X) { \ - free(X); \ - X=NULL; \ - } \ -} while (0) - -#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \ -do { \ - int reply_i; \ - \ - for (reply_i=0; reply_i<replies; ++reply_i) { \ - if (reply[reply_i].resp) { \ - _pam_overwrite(reply[reply_i].resp); \ - free(reply[reply_i].resp); \ - } \ - } \ - if (reply) \ - free(reply); \ -} while (0) - -/* some debugging code */ - -#ifdef DEBUG - -/* - * This provides the necessary function to do debugging in PAM. - * Cristian Gafton <gafton@redhat.com> - */ - -#include <stdio.h> -#include <sys/types.h> -#include <stdarg.h> -#include <errno.h> -#include <sys/stat.h> -#include <fcntl.h> -#include <unistd.h> - -/* - * This is for debugging purposes ONLY. DO NOT use on live systems !!! - * You have been warned :-) - CG - * - * to get automated debugging to the log file, it must be created manually. - * _PAM_LOGFILE must exist, mode 666 - */ - -#ifndef _PAM_LOGFILE -#define _PAM_LOGFILE "/tmp/pam-debug.log" -#endif - -static void _pam_output_debug_info(const char *file, const char *fn - , const int line) -{ - FILE *logfile; - int must_close = 1, fd; - -#ifdef O_NOFOLLOW - if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) { -#else - if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) { -#endif - if (!(logfile = fdopen(fd,"a"))) { - logfile = stderr; - must_close = 0; - close(fd); - } - } else { - logfile = stderr; - must_close = 0; - } - fprintf(logfile,"[%s:%s(%d)] ",file, fn, line); - fflush(logfile); - if (must_close) - fclose(logfile); -} - -static void _pam_output_debug(const char *format, ...) -{ - va_list args; - FILE *logfile; - int must_close = 1, fd; - - va_start(args, format); - -#ifdef O_NOFOLLOW - if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) { -#else - if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) { -#endif - if (!(logfile = fdopen(fd,"a"))) { - logfile = stderr; - must_close = 0; - close(fd); - } - } else { - logfile = stderr; - must_close = 0; - } - vfprintf(logfile, format, args); - fprintf(logfile, "\n"); - fflush(logfile); - if (must_close) - fclose(logfile); - - va_end(args); -} - -#define D(x) do { \ - _pam_output_debug_info(__FILE__, __FUNCTION__, __LINE__); \ - _pam_output_debug x ; \ -} while (0) - -#define _pam_show_mem(X,XS) do { \ - int i; \ - register unsigned char *x; \ - x = (unsigned char *)X; \ - fprintf(stderr, " <start at %p>\n", X); \ - for (i = 0; i < XS ; ++x, ++i) { \ - fprintf(stderr, " %02X. <%p:%02X>\n", i, x, *x); \ - } \ - fprintf(stderr, " <end for %p after %d bytes>\n", X, XS); \ -} while (0) - -#define _pam_show_reply(/* struct pam_response * */reply, /* int */replies) \ -do { \ - int reply_i; \ - setbuf(stderr, NULL); \ - fprintf(stderr, "array at %p of size %d\n",reply,replies); \ - fflush(stderr); \ - if (reply) { \ - for (reply_i = 0; reply_i < replies; reply_i++) { \ - fprintf(stderr, " elem# %d at %p: resp = %p, retcode = %d\n", \ - reply_i, reply+reply_i, reply[reply_i].resp, \ - reply[reply_i].resp, _retcode); \ - fflush(stderr); \ - if (reply[reply_i].resp) { \ - fprintf(stderr, " resp[%d] = '%s'\n", \ - strlen(reply[reply_i].resp), reply[reply_i].resp); \ - fflush(stderr); \ - } \ - } \ - } \ - fprintf(stderr, "done here\n"); \ - fflush(stderr); \ -} while (0) - -#else - -#define D(x) do { } while (0) -#define _pam_show_mem(X,XS) do { } while (0) -#define _pam_show_reply(reply, replies) do { } while (0) - -#endif /* DEBUG */ - -#endif /* PAM_MACROS_H */ diff --git a/contrib/libpam/libpam/include/security/_pam_types.h b/contrib/libpam/libpam/include/security/_pam_types.h deleted file mode 100644 index d0e4d6a..0000000 --- a/contrib/libpam/libpam/include/security/_pam_types.h +++ /dev/null @@ -1,326 +0,0 @@ -/* - * <security/_pam_types.h> - * - * $Id: _pam_types.h,v 1.4 2001/01/22 06:07:29 agmorgan Exp $ - * - * This file defines all of the types common to the Linux-PAM library - * applications and modules. - * - * Note, the copyright+license information is at end of file. - * - * Created: 1996/3/5 by AGM - * - * $FreeBSD$ - */ - -#ifndef _SECURITY__PAM_TYPES_H -#define _SECURITY__PAM_TYPES_H - -#ifndef __LIBPAM_VERSION -# define __LIBPAM_VERSION __libpam_version -#endif -extern unsigned int __libpam_version; - -/* - * include local definition for POSIX - NULL - */ - -#include <locale.h> - -/* This is a blind structure; users aren't allowed to see inside a - * pam_handle_t, so we don't define struct pam_handle here. This is - * defined in a file private to the PAM library. (i.e., it's private - * to PAM service modules, too!) */ - -typedef struct pam_handle pam_handle_t; - -/* ----------------- The Linux-PAM return values ------------------ */ - -#define PAM_SUCCESS 0 /* Successful function return */ -#define PAM_OPEN_ERR 1 /* dlopen() failure when dynamically */ - /* loading a service module */ -#define PAM_SYMBOL_ERR 2 /* Symbol not found */ -#define PAM_SERVICE_ERR 3 /* Error in service module */ -#define PAM_SYSTEM_ERR 4 /* System error */ -#define PAM_BUF_ERR 5 /* Memory buffer error */ -#define PAM_PERM_DENIED 6 /* Permission denied */ -#define PAM_AUTH_ERR 7 /* Authentication failure */ -#define PAM_CRED_INSUFFICIENT 8 /* Can not access authentication data */ - /* due to insufficient credentials */ -#define PAM_AUTHINFO_UNAVAIL 9 /* Underlying authentication service */ - /* can not retrieve authenticaiton */ - /* information */ -#define PAM_USER_UNKNOWN 10 /* User not known to the underlying */ - /* authenticaiton module */ -#define PAM_MAXTRIES 11 /* An authentication service has */ - /* maintained a retry count which has */ - /* been reached. No further retries */ - /* should be attempted */ -#define PAM_NEW_AUTHTOK_REQD 12 /* New authentication token required. */ - /* This is normally returned if the */ - /* machine security policies require */ - /* that the password should be changed */ - /* beccause the password is NULL or it */ - /* has aged */ -#define PAM_ACCT_EXPIRED 13 /* User account has expired */ -#define PAM_SESSION_ERR 14 /* Can not make/remove an entry for */ - /* the specified session */ -#define PAM_CRED_UNAVAIL 15 /* Underlying authentication service */ - /* can not retrieve user credentials */ - /* unavailable */ -#define PAM_CRED_EXPIRED 16 /* User credentials expired */ -#define PAM_CRED_ERR 17 /* Failure setting user credentials */ -#define PAM_NO_MODULE_DATA 18 /* No module specific data is present */ -#define PAM_CONV_ERR 19 /* Conversation error */ -#define PAM_AUTHTOK_ERR 20 /* Authentication token manipulation error */ -#define PAM_AUTHTOK_RECOVER_ERR 21 /* Authentication information */ - /* cannot be recovered */ -#define PAM_AUTHTOK_LOCK_BUSY 22 /* Authentication token lock busy */ -#define PAM_AUTHTOK_DISABLE_AGING 23 /* Authentication token aging disabled */ -#define PAM_TRY_AGAIN 24 /* Preliminary check by password service */ -#define PAM_IGNORE 25 /* Ingore underlying account module */ - /* regardless of whether the control */ - /* flag is required, optional, or sufficient */ -#define PAM_ABORT 26 /* Critical error (?module fail now request) */ -#define PAM_AUTHTOK_EXPIRED 27 /* user's authentication token has expired */ -#define PAM_MODULE_UNKNOWN 28 /* module is not known */ - -#define PAM_BAD_ITEM 29 /* Bad item passed to pam_*_item() */ -#define PAM_CONV_AGAIN 30 /* conversation function is event driven - and data is not available yet */ -#define PAM_INCOMPLETE 31 /* please call this function again to - complete authentication stack. Before - calling again, verify that conversation - is completed */ - -/* - * Add new #define's here - take care to also extend the libpam code: - * pam_strerror() and "libpam/pam_tokens.h" . - */ - -#define _PAM_RETURN_VALUES 32 /* this is the number of return values */ - - -/* ---------------------- The Linux-PAM flags -------------------- */ - -/* Authentication service should not generate any messages */ -#define PAM_SILENT 0x8000U - -/* Note: these flags are used by pam_authenticate{,_secondary}() */ - -/* The authentication service should return PAM_AUTH_ERROR if the - * user has a null authentication token */ -#define PAM_DISALLOW_NULL_AUTHTOK 0x0001U - -/* Note: these flags are used for pam_setcred() */ - -/* Set user credentials for an authentication service */ -#define PAM_ESTABLISH_CRED 0x0002U - -/* Delete user credentials associated with an authentication service */ -#define PAM_DELETE_CRED 0x0004U - -/* Reinitialize user credentials */ -#define PAM_REINITIALIZE_CRED 0x0008U - -/* Extend lifetime of user credentials */ -#define PAM_REFRESH_CRED 0x0010U - -/* Note: these flags are used by pam_chauthtok */ - -/* The password service should only update those passwords that have - * aged. If this flag is not passed, the password service should - * update all passwords. */ -#define PAM_CHANGE_EXPIRED_AUTHTOK 0x0020U - -/* ------------------ The Linux-PAM item types ------------------- */ - -/* these defines are used by pam_set_item() and pam_get_item() */ - -#define PAM_SERVICE 1 /* The service name */ -#define PAM_USER 2 /* The user name */ -#define PAM_TTY 3 /* The tty name */ -#define PAM_RHOST 4 /* The remote host name */ -#define PAM_CONV 5 /* The pam_conv structure */ - -/* missing entries found in <security/pam_modules.h> for modules only! */ - -#define PAM_RUSER 8 /* The remote user name */ -#define PAM_USER_PROMPT 9 /* the prompt for getting a username */ -#define PAM_FAIL_DELAY 10 /* app supplied function to override failure - delays */ - -/* ---------- Common Linux-PAM application/module PI ----------- */ - -extern int pam_set_item(pam_handle_t *_pamh, int _item_type, const void *_item); -extern int pam_get_item(const pam_handle_t *_pamh, int _item_type, - const void **_item); -extern const char *pam_strerror(pam_handle_t *_pamh, int _errnum); - -extern int pam_putenv(pam_handle_t *_pamh, const char *_name_value); -extern const char *pam_getenv(pam_handle_t *_pamh, const char *_name); -extern char **pam_getenvlist(pam_handle_t *_pamh); - -/* ---------- Common Linux-PAM application/module PI ----------- */ - -/* - * here are some proposed error status definitions for the - * 'error_status' argument used by the cleanup function associated - * with data items they should be logically OR'd with the error_status - * of the latest return from libpam -- new with .52 and positive - * impression from Sun although not official as of 1996/9/4 - * [generally the other flags are to be found in pam_modules.h] - */ - -#define PAM_DATA_SILENT 0x40000000 /* used to suppress messages... */ - -/* - * here we define an externally (by apps or modules) callable function - * that primes the libpam library to delay when a stacked set of - * modules results in a failure. In the case of PAM_SUCCESS this delay - * is ignored. - * - * Note, the pam_[gs]et_item(... PAM_FAIL_DELAY ...) can be used to set - * a function pointer which can override the default fail-delay behavior. - * This item was added to accommodate event driven programs that need to - * manage delays more carefully. The function prototype for this data - * item is - * void (*fail_delay)(int status, unsigned int delay, void *appdata_ptr); - */ - -#define HAVE_PAM_FAIL_DELAY -extern int pam_fail_delay(pam_handle_t *_pamh, unsigned int _musec_delay); - -#include <syslog.h> -#ifndef LOG_AUTHPRIV -# ifdef LOG_PRIV -# define LOG_AUTHPRIV LOG_PRIV -# endif /* LOG_PRIV */ -#endif /* !LOG_AUTHPRIV */ - -#ifdef MEMORY_DEBUG -/* - * this defines some macros that keep track of what memory has been - * allocated and indicates leakage etc... It should not be included in - * production application/modules. - */ -#include <security/pam_malloc.h> -#endif - -/* ------------ The Linux-PAM conversation structures ------------ */ - -/* Message styles */ - -#define PAM_PROMPT_ECHO_OFF 1 -#define PAM_PROMPT_ECHO_ON 2 -#define PAM_ERROR_MSG 3 -#define PAM_TEXT_INFO 4 - -/* Linux-PAM specific types */ - -#define PAM_RADIO_TYPE 5 /* yes/no/maybe conditionals */ - -/* This is for server client non-human interaction.. these are NOT - part of the X/Open PAM specification. */ - -#define PAM_BINARY_PROMPT 7 - -/* maximum size of messages/responses etc.. (these are mostly - arbitrary so Linux-PAM should handle longer values). */ - -#define PAM_MAX_NUM_MSG 32 -#define PAM_MAX_MSG_SIZE 512 -#define PAM_MAX_RESP_SIZE 512 - -/* Used to pass prompting text, error messages, or other informatory - * text to the user. This structure is allocated and freed by the PAM - * library (or loaded module). */ - -struct pam_message { - int msg_style; - const char *msg; -}; - -/* if the pam_message.msg_style = PAM_BINARY_PROMPT - the 'pam_message.msg' is a pointer to a 'const *' for the following - pseudo-structure. When used with a PAM_BINARY_PROMPT, the returned - pam_response.resp pointer points to an object with the following - structure: - - struct { - u32 length; # network byte order - unsigned char type; - unsigned char data[length-5]; - }; - - The 'libpamc' library is designed around this flavor of - message and should be used to handle this flavor of msg_style. - */ - -/* Used to return the user's response to the PAM library. This - structure is allocated by the application program, and free()'d by - the Linux-PAM library (or calling module). */ - -struct pam_response { - char *resp; - int resp_retcode; /* currently un-used, zero expected */ -}; - -/* The actual conversation structure itself */ - -struct pam_conv { - int (*conv)(int num_msg, const struct pam_message **msg, - struct pam_response **resp, void *appdata_ptr); - void *appdata_ptr; -}; - -#ifndef LINUX_PAM -/* - * the following few lines represent a hack. They are there to make - * the Linux-PAM headers more compatible with the Sun ones, which have a - * less strictly separated notion of module specific and application - * specific definitions. - */ -#include <security/pam_appl.h> -#include <security/pam_modules.h> -#endif - - -/* ... adapted from the pam_appl.h file created by Theodore Ts'o and - * - * Copyright Theodore Ts'o, 1996. All rights reserved. - * Copyright (c) Andrew G. Morgan <morgan@linux.kernel.org>, 1996-8 - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#endif /* _SECURITY__PAM_TYPES_H */ - diff --git a/contrib/libpam/libpam/include/security/pam_appl.h b/contrib/libpam/libpam/include/security/pam_appl.h deleted file mode 100644 index d2aef6c..0000000 --- a/contrib/libpam/libpam/include/security/pam_appl.h +++ /dev/null @@ -1,93 +0,0 @@ -/* - * <security/pam_appl.h> - * - * This header file collects definitions for the PAM API --- that is, - * public interface between the PAM library and an application program - * that wishes to use it. - * - * Note, the copyright information is at end of file. - * - * Created: 15-Jan-96 by TYT - * Last modified: 1996/3/5 by AGM - * - * $Id: pam_appl.h,v 1.3 2000/11/19 23:54:02 agmorgan Exp $ - * $FreeBSD$ - */ - -#ifndef _SECURITY_PAM_APPL_H -#define _SECURITY_PAM_APPL_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <security/_pam_types.h> /* Linux-PAM common defined types */ - -/* -------------- The Linux-PAM Framework layer API ------------- */ - -extern int pam_start(const char *_service_name, const char *_user, - const struct pam_conv *_pam_conversation, - pam_handle_t **_pamh); -extern int pam_end(pam_handle_t *_pamh, int _pam_status); - -/* Authentication API's */ - -extern int pam_authenticate(pam_handle_t *_pamh, int _flags); -extern int pam_setcred(pam_handle_t *_pamh, int _flags); - -/* Account Management API's */ - -extern int pam_acct_mgmt(pam_handle_t *_pamh, int _flags); - -/* Session Management API's */ - -extern int pam_open_session(pam_handle_t *_pamh, int _flags); -extern int pam_close_session(pam_handle_t *_pamh, int _flags); - -/* Password Management API's */ - -extern int pam_chauthtok(pam_handle_t *_pamh, int _flags); - -#ifdef __cplusplus -} -#endif - -/* take care of any compatibility issues */ -#include <security/_pam_compat.h> - -/* - * Copyright Theodore Ts'o, 1996. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#endif /* _SECURITY_PAM_APPL_H */ diff --git a/contrib/libpam/libpam/include/security/pam_malloc.h b/contrib/libpam/libpam/include/security/pam_malloc.h deleted file mode 100644 index 1dd380c..0000000 --- a/contrib/libpam/libpam/include/security/pam_malloc.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * $Id: pam_malloc.h,v 1.2 2000/12/04 19:02:34 baggins Exp $ - * $FreeBSD$ - */ - -/* - * This file (via the use of macros) defines a wrapper for the malloc - * family of calls. It logs where the memory was requested and also - * where it was free()'d and keeps a list of currently requested memory. - * - * It is hoped that it will provide some help in locating memory leaks. - */ - -#ifndef PAM_MALLOC_H -#define PAM_MALLOC_H - -/* these are the macro definitions for the stdlib.h memory functions */ - -#define malloc(s) pam_malloc(s,__FILE__,__FUNCTION__,__LINE__) -#define calloc(n,s) pam_calloc(n,s,__FILE__,__FUNCTION__,__LINE__) -#define free(x) pam_free(x,__FILE__,__FUNCTION__,__LINE__) -/* #define memalign(a,s) pam_memalign(a,s,__FILE__,__FUNCTION__,__LINE__) */ -#define realloc(x,s) pam_realloc(x,s,__FILE__,__FUNCTION__,__LINE__) -/* #define valloc(s) pam_valloc(s,__FILE__,__FUNCTION__,__LINE__) */ -/* #define alloca(s) pam_alloca(s,__FILE__,__FUNCTION__,__LINE__) */ -#define exit(i) pam_exit(i,__FILE__,__FUNCTION__,__LINE__) - -/* these are the prototypes for the wrapper functions */ - -#include <sys/types.h> - -extern void *pam_malloc(size_t ,const char *,const char *,const int); -extern void *pam_calloc(size_t ,size_t ,const char *,const char *,const int); -extern void pam_free(void *,const char *,const char *,const int); -extern void *pam_memalign(size_t ,size_t - ,const char *,const char *,const int); -extern void *pam_realloc(void *,size_t ,const char *,const char *,const int); -extern void *pam_valloc(size_t ,const char *,const char *,const int); -extern void *pam_alloca(size_t ,const char *,const char *,const int); -extern void pam_exit(int ,const char *,const char *,const int); - -/* these are the flags used to turn on and off diagnostics */ - -#define PAM_MALLOC_LEAKED 01 -#define PAM_MALLOC_REQUEST 02 -#define PAM_MALLOC_FREE 04 -#define PAM_MALLOC_EXCH (PAM_MALLOC_FREED|PAM_MALLOC_EXCH) -#define PAM_MALLOC_RESIZE 010 -#define PAM_MALLOC_FAIL 020 -#define PAM_MALLOC_NULL 040 -#define PAM_MALLOC_VERIFY 0100 -#define PAM_MALLOC_FUNC 0200 -#define PAM_MALLOC_PAUSE 0400 -#define PAM_MALLOC_STOP 01000 - -#define PAM_MALLOC_ALL 0777 - -#define PAM_MALLOC_DEFAULT \ - (PAM_MALLOC_LEAKED|PAM_MALLOC_PAUSE|PAM_MALLOC_FAIL) - -#include <stdio.h> - -extern FILE *pam_malloc_outfile; /* defaults to stdout */ - -/* how much output do you want? */ - -extern int pam_malloc_flags; -extern int pam_malloc_delay_length; /* how long to pause on errors */ - -#endif /* PAM_MALLOC_H */ diff --git a/contrib/libpam/libpam/include/security/pam_modules.h b/contrib/libpam/libpam/include/security/pam_modules.h deleted file mode 100644 index 6852cf5..0000000 --- a/contrib/libpam/libpam/include/security/pam_modules.h +++ /dev/null @@ -1,226 +0,0 @@ -/* - * <security/pam_modules.h> - * - * $Id: pam_modules.h,v 1.3 2001/02/05 06:50:41 agmorgan Exp $ - * $FreeBSD$ - * - */ - -#ifndef _SECURITY_PAM_MODULES_H -#define _SECURITY_PAM_MODULES_H - -/* - * Define either PAM_STATIC or PAM_DYNAMIC, based on whether PIC - * compilation is being used. - */ -#if !defined(PIC) && !defined(PAM_STATIC) -#define PAM_STATIC -#endif -#ifndef PAM_STATIC -#define PAM_DYNAMIC -#endif - -#ifdef PAM_STATIC -#include <linker_set.h> -#endif - -#include <security/_pam_types.h> /* Linux-PAM common defined types */ - -/* these defines are used by pam_set_item() and pam_get_item() and are - * in addition to those found in <security/_pam_types.h> */ - -#define PAM_AUTHTOK 6 /* The authentication token (password) */ -#define PAM_OLDAUTHTOK 7 /* The old authentication token */ - -/* -------------- The Linux-PAM Module PI ------------- */ - -extern int pam_set_data(pam_handle_t *_pamh, const char *_module_data_name, - void *_data, - void (*cleanup)(pam_handle_t *_pamh, void *_data, - int _error_status)); -extern int pam_get_data(const pam_handle_t *_pamh, - const char *_module_data_name, const void **_data); - -extern int pam_get_user(pam_handle_t *_pamh, const char **_user - , const char *_prompt); - -#ifdef PAM_STATIC - -#define PAM_EXTERN static - -struct pam_module { - const char *name; /* Name of the module */ - - /* These are function pointers to the module's key functions. */ - - int (*pam_sm_authenticate)(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); - int (*pam_sm_setcred)(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); - int (*pam_sm_acct_mgmt)(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); - int (*pam_sm_open_session)(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); - int (*pam_sm_close_session)(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); - int (*pam_sm_chauthtok)(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); -}; - -#ifdef PAM_SM_AUTH -#define PAM_SM_AUTH_ENTRY pam_sm_authenticate -#define PAM_SM_SETCRED_ENTRY pam_sm_setcred -#else -#define PAM_SM_AUTH_ENTRY NULL -#define PAM_SM_SETCRED_ENTRY NULL -#endif - -#ifdef PAM_SM_ACCOUNT -#define PAM_SM_ACCOUNT_ENTRY pam_sm_acct_mgmt -#else -#define PAM_SM_ACCOUNT_ENTRY NULL -#endif - -#ifdef PAM_SM_SESSION -#define PAM_SM_OPEN_SESSION_ENTRY pam_sm_open_session -#define PAM_SM_CLOSE_SESSION_ENTRY pam_sm_close_session -#else -#define PAM_SM_OPEN_SESSION_ENTRY NULL -#define PAM_SM_CLOSE_SESSION_ENTRY NULL -#endif - -#ifdef PAM_SM_PASSWORD -#define PAM_SM_PASSWORD_ENTRY pam_sm_chauthtok -#else -#define PAM_SM_PASSWORD_ENTRY NULL -#endif - -#define PAM_MODULE_ENTRY(name) \ - static struct pam_module _pam_modstruct = { \ - name, \ - PAM_SM_AUTH_ENTRY, \ - PAM_SM_SETCRED_ENTRY, \ - PAM_SM_ACCOUNT_ENTRY, \ - PAM_SM_OPEN_SESSION_ENTRY, \ - PAM_SM_CLOSE_SESSION_ENTRY, \ - PAM_SM_PASSWORD_ENTRY \ - }; \ - DATA_SET(_pam_static_modules, _pam_modstruct) - -#else /* !PAM_STATIC */ - -#define PAM_EXTERN extern -#define PAM_MODULE_ENTRY(name) - -#endif /* PAM_STATIC */ - -/* Lots of files include pam_modules.h that don't need these - * declared. However, when they are declared static, they - * need to be defined later. So we have to protect C files - * that include these without wanting these functions defined.. */ - -#if (defined(PAM_STATIC) && defined(PAM_SM_AUTH)) || !defined(PAM_STATIC) - -/* Authentication API's */ -PAM_EXTERN int pam_sm_authenticate(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); -PAM_EXTERN int pam_sm_setcred(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); - -#endif /*(defined(PAM_STATIC) && defined(PAM_SM_AUTH)) - || !defined(PAM_STATIC)*/ - -#if (defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT)) || !defined(PAM_STATIC) - -/* Account Management API's */ -PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); - -#endif /*(defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT)) - || !defined(PAM_STATIC)*/ - -#if (defined(PAM_STATIC) && defined(PAM_SM_SESSION)) || !defined(PAM_STATIC) - -/* Session Management API's */ -PAM_EXTERN int pam_sm_open_session(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); - -PAM_EXTERN int pam_sm_close_session(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); - -#endif /*(defined(PAM_STATIC) && defined(PAM_SM_SESSION)) - || !defined(PAM_STATIC)*/ - -#if (defined(PAM_STATIC) && defined(PAM_SM_PASSWORD)) || !defined(PAM_STATIC) - -/* Password Management API's */ -PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *_pamh, int _flags, - int _argc, const char **_argv); - -#endif /*(defined(PAM_STATIC) && defined(PAM_SM_PASSWORD)) - || !defined(PAM_STATIC)*/ - -/* The following two flags are for use across the Linux-PAM/module - * interface only. The Application is not permitted to use these - * tokens. - * - * The password service should only perform preliminary checks. No - * passwords should be updated. */ -#define PAM_PRELIM_CHECK 0x4000 - -/* The password service should update passwords Note: PAM_PRELIM_CHECK - * and PAM_UPDATE_AUTHTOK cannot both be set simultaneously! */ -#define PAM_UPDATE_AUTHTOK 0x2000 - - -/* - * here are some proposed error status definitions for the - * 'error_status' argument used by the cleanup function associated - * with data items they should be logically OR'd with the error_status - * of the latest return from libpam -- new with .52 and positive - * impression from Sun although not official as of 1996/9/4 there are - * others in _pam_types.h -- they are for common module/app use. - */ - -#define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */ - -/* take care of any compatibility issues */ -#include <security/_pam_compat.h> - -/* Copyright (C) Theodore Ts'o, 1996. - * Copyright (C) Andrew Morgan, 1996-8. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU General Public License, in which case the provisions of the - * GNU GPL are required INSTEAD OF the above restrictions. (This - * clause is necessary due to a potential bad interaction between the - * GNU GPL and the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#endif /* _SECURITY_PAM_MODULES_H */ - diff --git a/contrib/libpam/libpam/pam_account.c b/contrib/libpam/libpam/pam_account.c deleted file mode 100644 index 71e04f1..0000000 --- a/contrib/libpam/libpam/pam_account.c +++ /dev/null @@ -1,23 +0,0 @@ -/* pam_account.c - PAM Account Management */ - -#include <stdio.h> - -#include "pam_private.h" - -int pam_acct_mgmt(pam_handle_t *pamh, int flags) -{ - int retval; - - D(("called")); - - IF_NO_PAMH("pam_acct_mgmt", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_MODULE(pamh)) { - D(("called from module!?")); - return PAM_SYSTEM_ERR; - } - - retval = _pam_dispatch(pamh, flags, PAM_ACCOUNT); - - return retval; -} diff --git a/contrib/libpam/libpam/pam_auth.c b/contrib/libpam/libpam/pam_auth.c deleted file mode 100644 index 2645d8a..0000000 --- a/contrib/libpam/libpam/pam_auth.c +++ /dev/null @@ -1,68 +0,0 @@ -/* - * pam_auth.c -- PAM authentication - * - * $Id: pam_auth.c,v 1.3 2001/01/22 06:07:28 agmorgan Exp $ - * - */ - -#include <stdio.h> -#include <stdlib.h> - -#include "pam_private.h" - -int pam_authenticate(pam_handle_t *pamh, int flags) -{ - int retval; - - D(("pam_authenticate called")); - - IF_NO_PAMH("pam_authenticate", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_MODULE(pamh)) { - D(("called from module!?")); - return PAM_SYSTEM_ERR; - } - - if (pamh->former.choice == PAM_NOT_STACKED) { - _pam_sanitize(pamh); - _pam_start_timer(pamh); /* we try to make the time for a failure - independent of the time it takes to - fail */ - } - - retval = _pam_dispatch(pamh, flags, PAM_AUTHENTICATE); - - if (retval != PAM_INCOMPLETE) { - _pam_sanitize(pamh); - _pam_await_timer(pamh, retval); /* if unsuccessful then wait now */ - D(("pam_authenticate exit")); - } else { - D(("will resume when ready")); - } - - return retval; -} - -int pam_setcred(pam_handle_t *pamh, int flags) -{ - int retval; - - D(("pam_setcred called")); - - IF_NO_PAMH("pam_setcred", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_MODULE(pamh)) { - D(("called from module!?")); - return PAM_SYSTEM_ERR; - } - - if (! flags) { - flags = PAM_ESTABLISH_CRED; - } - - retval = _pam_dispatch(pamh, flags, PAM_SETCRED); - - D(("pam_setcred exit")); - - return retval; -} diff --git a/contrib/libpam/libpam/pam_data.c b/contrib/libpam/libpam/pam_data.c deleted file mode 100644 index 07bcd30..0000000 --- a/contrib/libpam/libpam/pam_data.c +++ /dev/null @@ -1,123 +0,0 @@ -/* pam_data.c */ - -/* - * $Id: pam_data.c,v 1.2 2001/01/22 06:07:28 agmorgan Exp $ - */ - -#include <stdlib.h> -#include <string.h> - -#include "pam_private.h" - -static struct pam_data *_pam_locate_data(const pam_handle_t *pamh, - const char *name) -{ - struct pam_data *data; - - D(("called")); - - IF_NO_PAMH("_pam_locate_data", pamh, NULL); - - data = pamh->data; - - while (data) { - if (!strcmp(data->name, name)) { - return data; - } - data = data->next; - } - - return NULL; -} - -int pam_set_data( - pam_handle_t *pamh, - const char *module_data_name, - void *data, - void (*cleanup)(pam_handle_t *pamh, void *data, int error_status)) -{ - struct pam_data *data_entry; - - D(("called")); - - IF_NO_PAMH("pam_set_data", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_APP(pamh)) { - D(("called from application!?")); - return PAM_SYSTEM_ERR; - } - - /* first check if there is some data already. If so clean it up */ - - if ((data_entry = _pam_locate_data(pamh, module_data_name))) { - if (data_entry->cleanup) { - data_entry->cleanup(pamh, data_entry->data, - PAM_DATA_REPLACE | PAM_SUCCESS ); - } - } else if ((data_entry = malloc(sizeof(*data_entry)))) { - char *tname; - - if ((tname = _pam_strdup(module_data_name)) == NULL) { - _pam_system_log(LOG_CRIT, "pam_set_data: no memory for data name"); - _pam_drop(data_entry); - return PAM_BUF_ERR; - } - data_entry->next = pamh->data; - pamh->data = data_entry; - data_entry->name = tname; - } else { - _pam_system_log(LOG_CRIT, "pam_set_data: cannot allocate data entry"); - return PAM_BUF_ERR; - } - - data_entry->data = data; /* note this could be NULL */ - data_entry->cleanup = cleanup; - - return PAM_SUCCESS; -} - -int pam_get_data( - const pam_handle_t *pamh, - const char *module_data_name, - const void **datap) -{ - struct pam_data *data; - - D(("called")); - - IF_NO_PAMH("pam_get_data", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_APP(pamh)) { - D(("called from application!?")); - return PAM_SYSTEM_ERR; - } - - data = _pam_locate_data(pamh, module_data_name); - if (data) { - *datap = data->data; - return PAM_SUCCESS; - } - - return PAM_NO_MODULE_DATA; -} - -void _pam_free_data(pam_handle_t *pamh, int status) -{ - struct pam_data *last; - struct pam_data *data; - - D(("called")); - - IF_NO_PAMH("_pam_free_data", pamh, /* no return value for void fn */); - data = pamh->data; - - while (data) { - last = data; - data = data->next; - if (last->cleanup) { - last->cleanup(pamh, last->data, status); - } - _pam_drop(last->name); - _pam_drop(last); - } -} diff --git a/contrib/libpam/libpam/pam_delay.c b/contrib/libpam/libpam/pam_delay.c deleted file mode 100644 index ba1634b..0000000 --- a/contrib/libpam/libpam/pam_delay.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - * pam_delay.c - * - * Copyright (c) Andrew G. Morgan <morgan@kernel.org> 1996-9 - * All rights reserved. - * - * $Id: pam_delay.c,v 1.3 2001/01/22 06:07:28 agmorgan Exp $ - * $FreeBSD$ - * - */ - -/* - * This is a simple implementation of a delay on failure mechanism; an - * attempt to overcome authentication-time attacks in a simple manner. - */ - -#include <unistd.h> -#include "pam_private.h" - -/* ********************************************************************** - * initialize the time as unset, this is set on the return from the - * authenticating pair of of the libpam pam_XXX calls. - */ - -void _pam_reset_timer(pam_handle_t *pamh) -{ - D(("setting pamh->fail_delay.set to FALSE")); - pamh->fail_delay.set = PAM_FALSE; -} - -/* ********************************************************************** - * this function sets the start time for possible delayed failing. - * - * Eventually, it may set the timer so libpam knows how long the program - * has already been executing. Currently, this value is used to seed - * a pseudo-random number generator... - */ - -void _pam_start_timer(pam_handle_t *pamh) -{ - pamh->fail_delay.begin = time(NULL); - D(("starting timer...")); -} - -/* ******************************************************************* - * Compute a pseudo random time. The value is base*(1 +/- 1/5) where - * the distribution is pseudo gausian (the sum of three evenly - * distributed random numbers -- central limit theorem and all ;^) The - * linear random numbers are based on a formulae given in Knuth's - * Seminumerical recipies that was reproduced in `Numerical Recipies - * in C'. It is *not* a cryptographically strong generator, but it is - * probably "good enough" for our purposes here. - * - * /dev/random might be a better place to look for some numbers... - */ - -static unsigned int _pam_rand(unsigned int seed) -{ -#define N1 1664525 -#define N2 1013904223 - return N1*seed + N2; -} - -static unsigned int _pam_compute_delay(unsigned int seed, unsigned int base) -{ - int i; - double sum; - unsigned int ans; - - for (sum=i=0; i<3; ++i) { - seed = _pam_rand(seed); - sum += (double) ((seed / 10) % 1000000); - } - sum = (sum/3.)/1e6 - .5; /* rescale */ - ans = (unsigned int) ( base*(1.+sum) ); - D(("random number: base=%u -> ans=%u\n", base, ans)); - - return ans; -} - -/* ********************************************************************** - * the following function sleeps for a random time. The actual time - * slept is computed above.. It is based on the requested time but will - * differ by up to +/- 25%. - */ - -void _pam_await_timer(pam_handle_t *pamh, int status) -{ - unsigned int delay; - D(("waiting?...")); - - delay = _pam_compute_delay(pamh->fail_delay.begin, - pamh->fail_delay.delay); - if (pamh->fail_delay.delay_fn_ptr) { - union { - const void *value; - void (*fn)(int, unsigned, void *); - } hack_fn_u; - void *appdata_ptr; - - if (pamh->pam_conversation) { - appdata_ptr = pamh->pam_conversation->appdata_ptr; - } else { - appdata_ptr = NULL; - } - - /* always call the applications delay function, even if - the delay is zero - indicate status */ - hack_fn_u.value = pamh->fail_delay.delay_fn_ptr; - hack_fn_u.fn(status, delay, appdata_ptr); - - } else if (status != PAM_SUCCESS && pamh->fail_delay.set) { - - D(("will wait %u usec", delay)); - - if (delay > 0) { - struct timeval tval; - - tval.tv_sec = delay / 1000000; - tval.tv_usec = delay % 1000000; - select(0, NULL, NULL, NULL, &tval); - } - } - - _pam_reset_timer(pamh); - D(("waiting done")); -} - -/* ********************************************************************** - * this function is known to both the module and the application, it - * keeps a running score of the largest-requested delay so far, as - * specified by either modules or an application. - */ - -int pam_fail_delay(pam_handle_t *pamh, unsigned int usec) -{ - unsigned int largest; - - IF_NO_PAMH("pam_fail_delay", pamh, PAM_SYSTEM_ERR); - - D(("setting delay to %u",usec)); - - if (pamh->fail_delay.set) { - largest = pamh->fail_delay.delay; - } else { - pamh->fail_delay.set = PAM_TRUE; - largest = 0; - } - - D(("largest = %u",largest)); - - if (largest < usec) { - D(("resetting largest delay")); - pamh->fail_delay.delay = usec; - } - - return PAM_SUCCESS; -} - diff --git a/contrib/libpam/libpam/pam_dispatch.c b/contrib/libpam/libpam/pam_dispatch.c deleted file mode 100644 index 470cf95..0000000 --- a/contrib/libpam/libpam/pam_dispatch.c +++ /dev/null @@ -1,300 +0,0 @@ -/* pam_dispatch.c - handles module function dispatch */ - -/* - * Copyright (c) 1998 Andrew G. Morgan <morgan@kernel.org> - * - * $Id: pam_dispatch.c,v 1.3 2001/02/05 06:50:41 agmorgan Exp $ - * - * $FreeBSD$ - */ - -#include <stdlib.h> -#include <stdio.h> - -#include "pam_private.h" - -/* - * this is the return code we return when a function pointer is NULL - * or, the handler structure indicates a broken module config line - */ -#define PAM_MUST_FAIL_CODE PAM_PERM_DENIED - -/* impression codes - this gives some sense to the logical choices */ -#define _PAM_UNDEF 0 -#define _PAM_POSITIVE +1 -#define _PAM_NEGATIVE -1 - -/* - * walk a stack of modules. Interpret the administrator's instructions - * when combining the return code of each module. - */ - -static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h, - _pam_boolean resumed, int ignore_sufficient) -{ - int depth, impression, status, skip_depth; - - IF_NO_PAMH("_pam_dispatch_aux", pamh, PAM_SYSTEM_ERR); - - if (h == NULL) { - const char *service=NULL; - - (void) pam_get_item(pamh, PAM_SERVICE, (const void **)&service); - _pam_system_log(LOG_ERR, "no modules loaded for `%s' service", - service ? service:"<unknown>" ); - service = NULL; - return PAM_MUST_FAIL_CODE; - } - - /* if we are recalling this module stack because a former call did - not complete, we restore the state of play from pamh. */ - if (resumed) { - skip_depth = pamh->former.depth; - status = pamh->former.status; - impression = pamh->former.impression; - /* forget all that */ - pamh->former.impression = _PAM_UNDEF; - pamh->former.status = PAM_MUST_FAIL_CODE; - pamh->former.depth = 0; - } else { - skip_depth = 0; - impression = _PAM_UNDEF; - status = PAM_MUST_FAIL_CODE; - } - - /* Loop through module logic stack */ - for (depth=0 ; h != NULL ; h = h->next, ++depth) { - int retval, action; - - /* skip leading modules if they have already returned */ - if (depth < skip_depth) { - continue; - } - - /* attempt to call the module */ - if (h->func == NULL) { - D(("module function is not defined, indicating failure")); - retval = PAM_MODULE_UNKNOWN; - } else { - D(("passing control to module...")); - retval = h->func(pamh, flags, h->argc, h->argv); - D(("module returned: %s", pam_strerror(pamh, retval))); - if (h->must_fail) { - D(("module poorly listed in PAM config; forcing failure")); - retval = PAM_MUST_FAIL_CODE; - } - } - - /* - * PAM_INCOMPLETE return is special. It indicates that the - * module wants to wait for the application before continuing. - * In order to return this, the module will have saved its - * state so it can resume from an equivalent position when it - * is called next time. (This was added as of 0.65) - */ - if (retval == PAM_INCOMPLETE) { - pamh->former.impression = impression; - pamh->former.status = status; - pamh->former.depth = depth; - - D(("module %d returned PAM_INCOMPLETE", depth)); - return retval; - } - - /* verify that the return value is a valid one */ - if ((retval < PAM_SUCCESS) || (retval >= _PAM_RETURN_VALUES)) { - retval = PAM_MUST_FAIL_CODE; - action = _PAM_ACTION_BAD; - } else { - action = h->actions[retval]; - } - - /* decide what to do */ - switch (action) { - case _PAM_ACTION_RESET: - - impression = _PAM_UNDEF; - status = PAM_MUST_FAIL_CODE; - break; - - case _PAM_ACTION_OK: - case _PAM_ACTION_DONE: - - if ( impression == _PAM_UNDEF - || (impression == _PAM_POSITIVE && status == PAM_SUCCESS) ) { - impression = _PAM_POSITIVE; - status = retval; - } - if ( impression == _PAM_POSITIVE && action == _PAM_ACTION_DONE - && !ignore_sufficient ) { - goto decision_made; - } - break; - - case _PAM_ACTION_BAD: - case _PAM_ACTION_DIE: -#ifdef PAM_FAIL_NOW_ON - if ( cached_retval == PAM_ABORT ) { - impression = _PAM_NEGATIVE; - status = PAM_PERM_DENIED; - goto decision_made; - } -#endif /* PAM_FAIL_NOW_ON */ - if ( impression != _PAM_NEGATIVE ) { - impression = _PAM_NEGATIVE; - status = retval; - } - if ( action == _PAM_ACTION_DIE ) { - goto decision_made; - } - break; - - case _PAM_ACTION_IGNORE: - break; - - /* if we get here, we expect action is a positive number -- - this is what the ...JUMP macro checks. */ - - default: - if ( _PAM_ACTION_IS_JUMP(action) ) { - - /* this means that we need to skip #action stacked modules */ - do { - h = h->next; - } while ( --action > 0 && h != NULL ); - - /* note if we try to skip too many modules action is - still non-zero and we snag the next if. */ - } - - /* this case is a syntax error: we can't succeed */ - if (action) { - D(("action syntax error")); - impression = _PAM_NEGATIVE; - status = PAM_MUST_FAIL_CODE; - } - } - } - -decision_made: /* by getting here we have made a decision */ - - /* Sanity check */ - if ( status == PAM_SUCCESS && impression != _PAM_POSITIVE ) { - D(("caught on sanity check -- this is probably a config error!")); - status = PAM_MUST_FAIL_CODE; - } - - /* We have made a decision about the modules executed */ - return status; -} - -/* - * This function translates the module dispatch request into a pointer - * to the stack of modules that will actually be run. the - * _pam_dispatch_aux() function (above) is responsible for walking the - * module stack. - */ - -int _pam_dispatch(pam_handle_t *pamh, int flags, int choice) -{ - struct handler *h = NULL; - int retval, ignore_sufficient; - _pam_boolean resumed; - - IF_NO_PAMH("_pam_dispatch", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_MODULE(pamh)) { - D(("called from a module!?")); - return PAM_SYSTEM_ERR; - } - - /* Load all modules, resolve all symbols */ - - if ((retval = _pam_init_handlers(pamh)) != PAM_SUCCESS) { - _pam_system_log(LOG_ERR, "unable to dispatch function"); - return retval; - } - - ignore_sufficient = 0; /* default to setting h->cached_retval */ - - switch (choice) { - case PAM_AUTHENTICATE: - h = pamh->handlers.conf.authenticate; - break; - case PAM_SETCRED: - h = pamh->handlers.conf.setcred; - ignore_sufficient = 1; - break; - case PAM_ACCOUNT: - h = pamh->handlers.conf.acct_mgmt; - break; - case PAM_OPEN_SESSION: - h = pamh->handlers.conf.open_session; - break; - case PAM_CLOSE_SESSION: - h = pamh->handlers.conf.close_session; - break; - case PAM_CHAUTHTOK: - h = pamh->handlers.conf.chauthtok; - break; - default: - _pam_system_log(LOG_ERR, "undefined fn choice; %d", choice); - return PAM_ABORT; - } - - if (h == NULL) { /* there was no handlers.conf... entry; will use - * handlers.other... */ - switch (choice) { - case PAM_AUTHENTICATE: - h = pamh->handlers.other.authenticate; - break; - case PAM_SETCRED: - h = pamh->handlers.other.setcred; - break; - case PAM_ACCOUNT: - h = pamh->handlers.other.acct_mgmt; - break; - case PAM_OPEN_SESSION: - h = pamh->handlers.other.open_session; - break; - case PAM_CLOSE_SESSION: - h = pamh->handlers.other.close_session; - break; - case PAM_CHAUTHTOK: - h = pamh->handlers.other.chauthtok; - break; - } - } - - /* Did a module return an "incomplete state" last time? */ - if (pamh->former.choice != PAM_NOT_STACKED) { - if (pamh->former.choice != choice) { - _pam_system_log(LOG_ERR, - "application failed to re-exec stack [%d:%d]", - pamh->former.choice, choice); - return PAM_ABORT; - } - resumed = PAM_TRUE; - } else { - resumed = PAM_FALSE; - } - - __PAM_TO_MODULE(pamh); - - /* call the list of module functions */ - retval = _pam_dispatch_aux(pamh, flags, h, resumed, ignore_sufficient); - resumed = PAM_FALSE; - - __PAM_TO_APP(pamh); - - /* Should we recall where to resume next time? */ - if (retval == PAM_INCOMPLETE) { - D(("module [%d] returned PAM_INCOMPLETE")); - pamh->former.choice = choice; - } else { - pamh->former.choice = PAM_NOT_STACKED; - } - - return retval; -} - diff --git a/contrib/libpam/libpam/pam_end.c b/contrib/libpam/libpam/pam_end.c deleted file mode 100644 index 53e346c..0000000 --- a/contrib/libpam/libpam/pam_end.c +++ /dev/null @@ -1,77 +0,0 @@ -/* pam_end.c */ - -/* - * $Id: pam_end.c,v 1.2 2001/01/22 06:07:28 agmorgan Exp $ - */ - -#include <stdlib.h> - -#include "pam_private.h" - -int pam_end(pam_handle_t *pamh, int pam_status) -{ - int ret; - - D(("entering pam_end()")); - - IF_NO_PAMH("pam_end", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_MODULE(pamh)) { - D(("called from module!?")); - return PAM_SYSTEM_ERR; - } - - /* first liberate the modules (it is not inconcevible that the - modules may need to use the service_name etc. to clean up) */ - - _pam_free_data(pamh, pam_status); - - /* now drop all modules */ - - if ((ret = _pam_free_handlers(pamh)) != PAM_SUCCESS) { - return ret; /* error occurred */ - } - - /* from this point we cannot call the modules any more. Free the remaining - memory used by the Linux-PAM interface */ - - _pam_drop_env(pamh); /* purge the environment */ - - _pam_overwrite(pamh->authtok); /* blank out old token */ - _pam_drop(pamh->authtok); - - _pam_overwrite(pamh->oldauthtok); /* blank out old token */ - _pam_drop(pamh->oldauthtok); - - _pam_overwrite(pamh->former.prompt); - _pam_drop(pamh->former.prompt); /* drop saved prompt */ - - _pam_overwrite(pamh->service_name); - _pam_drop(pamh->service_name); - - _pam_overwrite(pamh->user); - _pam_drop(pamh->user); - - _pam_overwrite(pamh->prompt); - _pam_drop(pamh->prompt); /* prompt for pam_get_user() */ - - _pam_overwrite(pamh->tty); - _pam_drop(pamh->tty); - - _pam_overwrite(pamh->rhost); - _pam_drop(pamh->rhost); - - _pam_overwrite(pamh->ruser); - _pam_drop(pamh->ruser); - - _pam_drop(pamh->pam_conversation); - pamh->fail_delay.delay_fn_ptr = NULL; - - /* and finally liberate the memory for the pam_handle structure */ - - _pam_drop(pamh); - - D(("exiting pam_end() successfully")); - - return PAM_SUCCESS; -} diff --git a/contrib/libpam/libpam/pam_env.c b/contrib/libpam/libpam/pam_env.c deleted file mode 100644 index a2b212a..0000000 --- a/contrib/libpam/libpam/pam_env.c +++ /dev/null @@ -1,390 +0,0 @@ -/* - * pam_env.c - * - * Copyright (c) Andrew G. Morgan <morgan@parc.power.net> 1996,1997 - * All rights reserved. - * - * This file was written from a "hint" provided by the people at SUN. - * and the X/Open XSSO draft of March 1997. - * - * $Id: pam_env.c,v 1.2 2001/01/22 06:07:28 agmorgan Exp $ - */ - -#include <string.h> -#include <stdlib.h> -#ifdef sunos -#define memmove(x,y,z) bcopy(y,x,z) -#endif - -#include "pam_private.h" - -/* helper functions */ - -#ifdef DEBUG -static void _pam_dump_env(pam_handle_t *pamh) -{ - int i; - - D(("Listing environment of pamh=%p", pamh)); - D(("pamh->env = %p", pamh->env)); - D(("environment entries used = %d [of %d allocated]" - , pamh->env->requested, pamh->env->entries)); - - for (i=0; i<pamh->env->requested; ++i) { - _pam_output_debug(">%-3d [%9p]:[%s]" - , i, pamh->env->list[i], pamh->env->list[i]); - } - _pam_output_debug("*NOTE* the last item should be (nil)"); -} -#else -#define _pam_dump_env(x) -#endif - -/* - * Create the environment - */ - -int _pam_make_env(pam_handle_t *pamh) -{ - D(("called.")); - - IF_NO_PAMH("_pam_make_env", pamh, PAM_ABORT); - - /* - * get structure memory - */ - - pamh->env = (struct pam_environ *) malloc(sizeof(struct pam_environ)); - if (pamh->env == NULL) { - _pam_system_log(LOG_CRIT, "_pam_make_env: out of memory"); - return PAM_BUF_ERR; - } - - /* - * get list memory - */ - - pamh->env->list = (char **)calloc( PAM_ENV_CHUNK, sizeof(char *) ); - if (pamh->env->list == NULL) { - _pam_system_log(LOG_CRIT, "_pam_make_env: no memory for list"); - _pam_drop(pamh->env); - return PAM_BUF_ERR; - } - - /* - * fill entries in pamh->env - */ - - pamh->env->entries = PAM_ENV_CHUNK; - pamh->env->requested = 1; - pamh->env->list[0] = NULL; - - _pam_dump_env(pamh); /* only active when debugging */ - - return PAM_SUCCESS; -} - -/* - * purge the environment - */ - -void _pam_drop_env(pam_handle_t *pamh) -{ - D(("called.")); - IF_NO_PAMH("_pam_make_env", pamh, /* nothing to return */); - - if (pamh->env != NULL) { - int i; - /* we will only purge the pamh->env->requested number of elements */ - - for (i=pamh->env->requested-1; i-- > 0; ) { - D(("dropping #%3d>%s<", i, pamh->env->list[i])); - _pam_overwrite(pamh->env->list[i]); /* clean */ - _pam_drop(pamh->env->list[i]); /* forget */ - } - pamh->env->requested = 0; - pamh->env->entries = 0; - _pam_drop(pamh->env->list); /* forget */ - _pam_drop(pamh->env); /* forget */ - } else { - D(("no environment present in pamh?")); - } -} - -/* - * Return the item number of the given variable = first 'length' chars - * of 'name_value'. Since this is a static function, it is safe to - * assume its supplied arguments are well defined. - */ - -static int _pam_search_env(const struct pam_environ *env - , const char *name_value, int length) -{ - int i; - - for (i=env->requested-1; i-- > 0; ) { - if (strncmp(name_value,env->list[i],length) == 0 - && env->list[i][length] == '=') { - - return i; /* Got it! */ - - } - } - - return -1; /* no luck */ -} - -/* - * externally visible functions - */ - -/* - * pam_putenv(): Add/replace/delete a PAM-environment variable. - * - * Add/replace: - * name_value = "NAME=VALUE" or "NAME=" (for empty value="\0") - * - * delete: - * name_value = "NAME" - */ - -int pam_putenv(pam_handle_t *pamh, const char *name_value) -{ - int l2eq, item, retval; - - D(("called.")); - IF_NO_PAMH("pam_putenv", pamh, PAM_ABORT); - - if (name_value == NULL) { - _pam_system_log(LOG_ERR, "pam_putenv: no variable indicated"); - return PAM_PERM_DENIED; - } - - /* - * establish if we are setting or deleting; scan for '=' - */ - - for (l2eq=0; name_value[l2eq] && name_value[l2eq] != '='; ++l2eq); - if (l2eq <= 0) { - _pam_system_log(LOG_ERR, "pam_putenv: bad variable"); - return PAM_BAD_ITEM; - } - - /* - * Look first for environment. - */ - - if (pamh->env == NULL || pamh->env->list == NULL) { - _pam_system_log(LOG_ERR, "pam_putenv: no env%s found", - pamh->env == NULL ? "":"-list"); - return PAM_ABORT; - } - - /* find the item to replace */ - - item = _pam_search_env(pamh->env, name_value, l2eq); - - if (name_value[l2eq]) { /* (re)setting */ - - if (item == -1) { /* new variable */ - D(("adding item: %s", name_value)); - /* enough space? */ - if (pamh->env->entries <= pamh->env->requested) { - register int i; - register char **tmp; - - /* get some new space */ - tmp = calloc( pamh->env->entries + PAM_ENV_CHUNK - , sizeof(char *) ); - if (tmp == NULL) { - /* nothing has changed - old env intact */ - _pam_system_log(LOG_CRIT, - "pam_putenv: cannot grow environment"); - return PAM_BUF_ERR; - } - - /* copy old env-item pointers/forget old */ - for (i=0; i<pamh->env->requested; ++i) { - tmp[i] = pamh->env->list[i]; - pamh->env->list[i] = NULL; - } - - /* drop old list and replace with new */ - _pam_drop(pamh->env->list); - pamh->env->list = tmp; - pamh->env->entries += PAM_ENV_CHUNK; - - D(("resized env list")); - _pam_dump_env(pamh); /* only when debugging */ - } - - item = pamh->env->requested-1; /* old last item (NULL) */ - - /* add a new NULL entry at end; increase counter */ - pamh->env->list[pamh->env->requested++] = NULL; - - } else { /* replace old */ - D(("replacing item: %s\n with: %s" - , pamh->env->list[item], name_value)); - _pam_overwrite(pamh->env->list[item]); - _pam_drop(pamh->env->list[item]); - } - - /* - * now we have a place to put the new env-item, insert at 'item' - */ - - pamh->env->list[item] = _pam_strdup(name_value); - if (pamh->env->list[item] != NULL) { - _pam_dump_env(pamh); /* only when debugging */ - return PAM_SUCCESS; - } - - /* something went wrong; we should delete the item - fall through */ - - retval = PAM_BUF_ERR; /* an error occurred */ - } else { - retval = PAM_SUCCESS; /* we requested delete */ - } - - /* getting to here implies we are deleting an item */ - - if (item < 0) { - _pam_system_log(LOG_ERR, "pam_putenv: delete non-existent entry; %s", - name_value); - return PAM_BAD_ITEM; - } - - /* - * remove item: purge memory; reset counter; resize [; display-env] - */ - - D(("deleting: env#%3d:[%s]", item, pamh->env->list[item])); - _pam_overwrite(pamh->env->list[item]); - _pam_drop(pamh->env->list[item]); - --(pamh->env->requested); - D(("mmove: item[%d]+%d -> item[%d]" - , item+1, ( pamh->env->requested - item ), item)); - (void) memmove(&pamh->env->list[item], &pamh->env->list[item+1] - , ( pamh->env->requested - item )*sizeof(char *) ); - - _pam_dump_env(pamh); /* only when debugging */ - - /* - * deleted. - */ - - return retval; -} - -/* - * Return the value of the requested environment variable - */ - -const char *pam_getenv(pam_handle_t *pamh, const char *name) -{ - int item; - - D(("called.")); - IF_NO_PAMH("pam_getenv", pamh, NULL); - - if (name == NULL) { - _pam_system_log(LOG_ERR, "pam_getenv: no variable indicated"); - return NULL; - } - - if (pamh->env == NULL || pamh->env->list == NULL) { - _pam_system_log(LOG_ERR, "pam_getenv: no env%s found", - pamh->env == NULL ? "":"-list" ); - return NULL; - } - - /* find the requested item */ - - item = _pam_search_env(pamh->env, name, strlen(name)); - if (item != -1) { - - D(("env-item: %s, found!", name)); - return (pamh->env->list[item] + 1 + strlen(name)); - - } else { - - D(("env-item: %s, not found", name)); - return NULL; - - } -} - -static char **_copy_env(pam_handle_t *pamh) -{ - char **dump; - int i = pamh->env->requested; /* reckon size of environment */ - char *const *env = pamh->env->list; - - D(("now get some memory for dump")); - - /* allocate some memory for this (plus the null tail-pointer) */ - dump = (char **) calloc(i, sizeof(char *)); - D(("dump = %p", dump)); - if (dump == NULL) { - return NULL; - } - - /* now run through entries and copy the variables over */ - dump[--i] = NULL; - while (i-- > 0) { - D(("env[%d]=`%s'", i,env[i])); - dump[i] = _pam_strdup(env[i]); - D(("->dump[%d]=`%s'", i,dump[i])); - if (dump[i] == NULL) { - /* out of memory */ - - while (dump[++i]) { - _pam_overwrite(dump[i]); - _pam_drop(dump[i]); - } - return NULL; - } - } - - env = NULL; /* forget now */ - - /* return transcribed environment */ - return dump; -} - -char **pam_getenvlist(pam_handle_t *pamh) -{ - int i; - - D(("called.")); - IF_NO_PAMH("pam_getenvlist", pamh, NULL); - - if (pamh->env == NULL || pamh->env->list == NULL) { - _pam_system_log(LOG_ERR, "pam_getenvlist: no env%s found", - pamh->env == NULL ? "":"-list" ); - return NULL; - } - - /* some quick checks */ - - if (pamh->env->requested > pamh->env->entries) { - _pam_system_log(LOG_ERR, "pam_getenvlist: environment corruption"); - _pam_dump_env(pamh); /* only active when debugging */ - return NULL; - } - - for (i=pamh->env->requested-1; i-- > 0; ) { - if (pamh->env->list[i] == NULL) { - _pam_system_log(LOG_ERR, "pam_getenvlist: environment broken"); - _pam_dump_env(pamh); /* only active when debugging */ - return NULL; /* somehow we've broken the environment!? */ - } - } - - /* Seems fine; copy environment */ - - _pam_dump_env(pamh); /* only active when debugging */ - - return _copy_env(pamh); -} diff --git a/contrib/libpam/libpam/pam_handlers.c b/contrib/libpam/libpam/pam_handlers.c deleted file mode 100644 index 568ab4b..0000000 --- a/contrib/libpam/libpam/pam_handlers.c +++ /dev/null @@ -1,937 +0,0 @@ -/* pam_handlers.c -- pam config file parsing and module loading */ - -/* - * created by Marc Ewing. - * Currently maintained by Andrew G. Morgan <morgan@linux.kernel.org> - * - * $Id: pam_handlers.c,v 1.3 2001/02/05 06:50:41 agmorgan Exp $ - * - */ - -/*- - * Copyright (c) 2001 Networks Associates Technologies, Inc. - * All rights reserved. - * - * Portions of this software was developed for the FreeBSD Project by - * ThinkSec AS and NAI Labs, the Security Research Division of Network - * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 - * ("CBOSS"), as part of the DARPA CHATS research program. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - * - */ - -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <fcntl.h> -#include <unistd.h> - -#include "pam_private.h" - -#ifdef PAM_DYNAMIC -# ifdef PAM_SHL -# include <dl.h> -# else /* PAM_SHL */ -# include <dlfcn.h> -# endif /* PAM_SHL */ -#endif /* PAM_DYNAMIC */ - -/* If not required, define as nothing */ -#ifndef SHLIB_SYM_PREFIX -# define SHLIB_SYM_PREFIX "" -#endif - -#define BUF_SIZE 1024 -#define MODULE_CHUNK 4 -#define UNKNOWN_MODULE_PATH "<*unknown module path*>" - -static int _pam_assemble_line(FILE *f, char *buf, int buf_len); - -static void _pam_free_handlers_aux(struct handler **hp); - -static int _pam_add_handler(pam_handle_t *pamh - , int must_fail, int other, int type - , int *actions, const char *mod_path - , int argc, char **argv, int argvlen); - -/* Values for module type */ - -#define PAM_T_AUTH 1 -#define PAM_T_SESS 2 -#define PAM_T_ACCT 4 -#define PAM_T_PASS 8 - -static int _pam_parse_conf_file(pam_handle_t *pamh, FILE *f - , const char *known_service /* specific file */ - , int not_other - ) -{ - char buf[BUF_SIZE]; - int x; /* read a line from the FILE *f ? */ - /* - * read a line from the configuration (FILE *) f - */ - while ((x = _pam_assemble_line(f, buf, BUF_SIZE)) > 0) { - char *tok, *nexttok=NULL; - const char *this_service; - const char *mod_path; - int module_type, actions[_PAM_RETURN_VALUES]; - int other; /* set if module is for PAM_DEFAULT_SERVICE */ - int res; /* module added successfully? */ - int must_fail=0; /* a badly formatted line must fail when used */ - int argc; - char **argv; - int argvlen; - - D(("_pam_init_handler: LINE: %s", buf)); - if (known_service != NULL) { - nexttok = buf; - /* No service field: all lines are for the known service. */ - this_service = known_service; - } else { - this_service = tok = _pam_StrTok(buf, " \n\t", &nexttok); - } - - if (not_other) - other = 0; - else - other = !_pam_strCMP(this_service, PAM_DEFAULT_SERVICE); - - /* accept "service name" or PAM_DEFAULT_SERVICE modules */ - if (!_pam_strCMP(this_service, pamh->service_name) || other) { - /* This is a service we are looking for */ - D(("_pam_init_handlers: Found PAM config entry for: %s" - , this_service)); - - tok = _pam_StrTok(NULL, " \n\t", &nexttok); - if (!_pam_strCMP("auth", tok)) { - module_type = PAM_T_AUTH; - } else if (!_pam_strCMP("session", tok)) { - module_type = PAM_T_SESS; - } else if (!_pam_strCMP("account", tok)) { - module_type = PAM_T_ACCT; - } else if (!_pam_strCMP("password", tok)) { - module_type = PAM_T_PASS; - } else { - /* Illegal module type */ - D(("_pam_init_handlers: bad module type: %s", tok)); - _pam_system_log(LOG_ERR, "(%s) illegal module type: %s", - this_service, tok); - module_type = PAM_T_AUTH; /* most sensitive */ - must_fail = 1; /* install as normal but fail when dispatched */ - } - D(("Using %s config entry: %s", must_fail?"BAD ":"", tok)); - - /* reset the actions to .._UNDEF's -- this is so that - we can work out which entries are not yet set (for default). */ - { - int i; - for (i=0; i<_PAM_RETURN_VALUES; - actions[i++] = _PAM_ACTION_UNDEF); - } - tok = _pam_StrTok(NULL, " \n\t", &nexttok); - if (!_pam_strCMP("required", tok)) { - D(("*PAM_F_REQUIRED*")); - actions[PAM_SUCCESS] = _PAM_ACTION_OK; - actions[PAM_NEW_AUTHTOK_REQD] = _PAM_ACTION_OK; - actions[PAM_IGNORE] = _PAM_ACTION_IGNORE; - _pam_set_default_control(actions, _PAM_ACTION_BAD); - } else if (!_pam_strCMP("requisite", tok)) { - D(("*PAM_F_REQUISITE*")); - actions[PAM_SUCCESS] = _PAM_ACTION_OK; - actions[PAM_NEW_AUTHTOK_REQD] = _PAM_ACTION_OK; - actions[PAM_IGNORE] = _PAM_ACTION_IGNORE; - _pam_set_default_control(actions, _PAM_ACTION_DIE); - } else if (!_pam_strCMP("optional", tok)) { - D(("*PAM_F_OPTIONAL*")); - actions[PAM_SUCCESS] = _PAM_ACTION_OK; - actions[PAM_NEW_AUTHTOK_REQD] = _PAM_ACTION_OK; - _pam_set_default_control(actions, _PAM_ACTION_IGNORE); - } else if (!_pam_strCMP("sufficient", tok)) { - D(("*PAM_F_SUFFICIENT*")); - actions[PAM_SUCCESS] = _PAM_ACTION_DONE; - actions[PAM_NEW_AUTHTOK_REQD] = _PAM_ACTION_DONE; - _pam_set_default_control(actions, _PAM_ACTION_IGNORE); - } else { - D(("will need to parse %s", tok)); - _pam_parse_control(actions, tok); - /* by default the default is to treat as failure */ - _pam_set_default_control(actions, _PAM_ACTION_BAD); - } - - tok = _pam_StrTok(NULL, " \n\t", &nexttok); - if (tok != NULL) { - mod_path = tok; - D(("mod_path = %s",mod_path)); - } else { - /* no module name given */ - D(("_pam_init_handlers: no module name supplied")); - _pam_system_log(LOG_ERR, - "(%s) no module name supplied", this_service); - mod_path = NULL; - must_fail = 1; - } - - /* nexttok points to remaining arguments... */ - - if (nexttok != NULL) { - D(("list: %s",nexttok)); - argvlen = _pam_mkargv(nexttok, &argv, &argc); - D(("argvlen = %d",argvlen)); - } else { /* there are no arguments so fix by hand */ - D(("_pam_init_handlers: empty argument list")); - argvlen = argc = 0; - argv = NULL; - } - -#ifdef DEBUG - { - int y; - - D(("CONF%s: %s%s %d %s %d" - , must_fail?"<*will fail*>":"" - , this_service, other ? "(backup)":"" - , module_type - , mod_path, argc)); - for (y = 0; y < argc; y++) { - D(("CONF: %s", argv[y])); - } - for (y = 0; y<_PAM_RETURN_VALUES; ++y) { - D(("RETURN %s(%d) -> %d %s", - _pam_token_returns[y], y, actions[y], - actions[y]>0 ? "jump": - _pam_token_actions[-actions[y]])); - } - } -#endif - - res = _pam_add_handler(pamh, must_fail, other - , module_type, actions, mod_path - , argc, argv, argvlen); - if (res != PAM_SUCCESS) { - _pam_system_log(LOG_ERR, "error loading %s", mod_path); - D(("failed to load module - aborting")); - return PAM_ABORT; - } - } - } - - return ( (x < 0) ? PAM_ABORT:PAM_SUCCESS ); -} - -/* Parse config file, allocate handler structures, dlopen() */ -int _pam_init_handlers(pam_handle_t *pamh) -{ - char *filename; - FILE *f; - int retval; - int read_something; - - D(("_pam_init_handlers called")); - IF_NO_PAMH("_pam_init_handlers",pamh,PAM_SYSTEM_ERR); - - /* Return immediately if everything is already loaded */ - if (pamh->handlers.handlers_loaded) { - return PAM_SUCCESS; - } - - D(("_pam_init_handlers: initializing")); - - /* First clean the service structure */ - - _pam_free_handlers(pamh); - if (! pamh->handlers.module) { - if ((pamh->handlers.module = - malloc(MODULE_CHUNK * sizeof(struct loaded_module))) == NULL) { - _pam_system_log(LOG_CRIT, - "_pam_init_handlers: no memory loading module"); - return PAM_BUF_ERR; - } - pamh->handlers.modules_allocated = MODULE_CHUNK; - pamh->handlers.modules_used = 0; - } - - if (pamh->service_name == NULL) { - return PAM_BAD_ITEM; /* XXX - better error? */ - } - -#ifdef PAM_LOCKING - /* Is the PAM subsystem locked? */ - { - int fd_tmp; - - if ((fd_tmp = open( PAM_LOCK_FILE, O_RDONLY )) != -1) { - _pam_system_log(LOG_ERR, "_pam_init_handlers: PAM lockfile (" - PAM_LOCK_FILE ") exists - aborting"); - (void) close(fd_tmp); - /* - * to avoid swamping the system with requests - */ - _pam_start_timer(pamh); - pam_fail_delay(pamh, 5000000); - _pam_await_timer(pamh, PAM_ABORT); - - return PAM_ABORT; - } - } -#endif /* PAM_LOCKING */ - - /* - * Now parse the config file(s) and add handlers - */ - - /* - * 1. Try /etc/pam.d/service - */ - asprintf(&filename, PAM_CONFIG_DF, pamh->service_name); - if (filename == NULL) { - _pam_system_log(LOG_ERR, - "_pam_init_handlers: no memory; service %s", - pamh->service_name); - return PAM_BUF_ERR; - } - D(("opening %s", filename)); - f = fopen(filename, "r"); - if (f != NULL) { - /* would test magic here? */ - retval = _pam_parse_conf_file(pamh, f, pamh->service_name, 1); - fclose(f); - if (retval != PAM_SUCCESS) { - _pam_system_log(LOG_ERR, - "_pam_init_handlers: error reading %s", - filename); - _pam_system_log(LOG_ERR, "_pam_init_handlers: [%s]", - pam_strerror(pamh, retval)); - } else { - read_something = 1; - free(filename); -#ifndef PAM_READ_BOTH_CONFS - goto other; -#endif /* PAM_READ_BOTH_CONFS */ - } - } else { - D(("unable to open %s", filename)); - free(filename); - } - - /* - * 2. Try /etc/pam.conf, looking for service - */ - D(("checking %s", PAM_CONFIG)); - if ((f = fopen(PAM_CONFIG,"r")) != NULL) { - retval = _pam_parse_conf_file(pamh, f, NULL, 1); - fclose(f); - if (retval != PAM_SUCCESS) { - _pam_system_log(LOG_ERR, "_pam_init_handlers: " - "error reading %s", PAM_CONFIG); - _pam_system_log(LOG_ERR, "_pam_init_handlers: [%s]", - pam_strerror(pamh, retval)); - } else { - read_something = 1; - } - } else { - _pam_system_log(LOG_ERR, "_pam_init_handlers: " - "could not open " PAM_CONFIG); - } - - other: - /* - * 3. Try /etc/pam.d/other to fill the gaps - */ - asprintf(&filename, PAM_CONFIG_DF, PAM_DEFAULT_SERVICE); - if (filename == NULL) { - _pam_system_log(LOG_ERR, - "_pam_init_handlers: no memory; service %s", - pamh->service_name); - return PAM_BUF_ERR; - } - D(("opening %s", filename)); - f = fopen(filename, "r"); - if (f != NULL) { - /* would test magic here? */ - retval = _pam_parse_conf_file(pamh, f, PAM_DEFAULT_SERVICE, 0); - fclose(f); - if (retval != PAM_SUCCESS) { - _pam_system_log(LOG_ERR, - "_pam_init_handlers: error reading %s", - filename); - _pam_system_log(LOG_ERR, "_pam_init_handlers: [%s]", - pam_strerror(pamh, retval)); - } else { - read_something = 1; - free(filename); -#ifndef PAM_READ_BOTH_CONFS - goto success; -#endif /* PAM_READ_BOTH_CONFS */ - } - } else { - D(("unable to open %s", filename)); - free(filename); - } - - /* - * 4. Try /etc/pam.conf, looking for other - */ - D(("checking %s", PAM_CONFIG)); - if ((f = fopen(PAM_CONFIG,"r")) != NULL) { - retval = _pam_parse_conf_file(pamh, f, NULL, 0); - fclose(f); - if (retval != PAM_SUCCESS) { - _pam_system_log(LOG_ERR, "_pam_init_handlers: " - "error reading %s", PAM_CONFIG); - _pam_system_log(LOG_ERR, "_pam_init_handlers: [%s]", - pam_strerror(pamh, retval)); - } else { - read_something = 1; - } - } else { - _pam_system_log(LOG_ERR, "_pam_init_handlers: " - "could not open " PAM_CONFIG); - } - - if (read_something) - goto success; - - /* Read error */ - _pam_system_log(LOG_ERR, "error reading PAM configuration file"); - return PAM_ABORT; - - success: - pamh->handlers.handlers_loaded = 1; - - D(("_pam_init_handlers exiting")); - return PAM_SUCCESS; -} - -/* - * This is where we read a line of the PAM config file. The line may be - * preceeded by lines of comments and also extended with "\\\n" - */ - -static int _pam_assemble_line(FILE *f, char *buffer, int buf_len) -{ - char *p = buffer; - char *s, *os; - int used = 0; - - /* loop broken with a 'break' when a non-'\\n' ended line is read */ - - D(("called.")); - for (;;) { - if (used >= buf_len) { - /* Overflow */ - D(("_pam_assemble_line: overflow")); - return -1; - } - if (fgets(p, buf_len - used, f) == NULL) { - if (used) { - /* Incomplete read */ - return -1; - } else { - /* EOF */ - return 0; - } - } - - /* skip leading spaces --- line may be blank */ - - s = p + strspn(p, " \n\t"); - if (*s && (*s != '#')) { - os = s; - - /* - * we are only interested in characters before the first '#' - * character - */ - - while (*s && *s != '#') - ++s; - if (*s == '#') { - *s = '\0'; - used += strlen(os); - break; /* the line has been read */ - } - - s = os; - - /* - * Check for backslash by scanning back from the end of - * the entered line, the '\n' has been included since - * normally a line is terminated with this - * character. fgets() should only return one though! - */ - - s += strlen(s); - while (s > os && ((*--s == ' ') || (*s == '\t') - || (*s == '\n'))); - - /* check if it ends with a backslash */ - if (*s == '\\') { - *s++ = ' '; /* replace backslash with ' ' */ - *s = '\0'; /* truncate the line here */ - used += strlen(os); - p = s; /* there is more ... */ - } else { - /* End of the line! */ - used += strlen(os); - break; /* this is the complete line */ - } - - } else { - /* Nothing in this line */ - /* Don't move p */ - } - } - - return used; -} - -typedef int (*servicefn)(pam_handle_t *, int, int, char **); - -int _pam_add_handler(pam_handle_t *pamh - , int must_fail, int other, int type - , int *actions, const char *mod_path - , int argc, char **argv, int argvlen) -{ - struct loaded_module *mod; - int x = 0; - struct handler **handler_p; - struct handler **handler_p2; - struct handlers *the_handlers; - const char *sym, *sym2; -#ifdef PAM_SHL - const char *_sym, *_sym2; -#endif - char *mod_full_path=NULL; - servicefn func, func2; - int success; - - D(("called.")); - IF_NO_PAMH("_pam_add_handler",pamh,PAM_SYSTEM_ERR); - - /* if NULL set to something that can be searched for */ - switch (mod_path != NULL) { - default: - if (mod_path[0] == '/') { - break; - } - mod_full_path = malloc(sizeof(DEFAULT_MODULE_PATH)+strlen(mod_path)); - if (mod_full_path) { - sprintf(mod_full_path, DEFAULT_MODULE_PATH "%s", mod_path); - mod_path = mod_full_path; - break; - } - _pam_system_log(LOG_CRIT, "cannot malloc full mod path"); - case 0: - mod_path = UNKNOWN_MODULE_PATH; - } - - D(("_pam_add_handler: adding type %d, module `%s'",type,mod_path)); - mod = pamh->handlers.module; - - /* First, ensure the module is loaded */ - while (x < pamh->handlers.modules_used) { - if (!strcmp(mod[x].name, mod_path)) { /* case sensitive ! */ - break; - } - x++; - } - if (x == pamh->handlers.modules_used) { - /* Not found */ - if (pamh->handlers.modules_allocated == pamh->handlers.modules_used) { - /* will need more memory */ - void *tmp = realloc(pamh->handlers.module, - (pamh->handlers.modules_allocated+MODULE_CHUNK) - *sizeof(struct loaded_module)); - if (tmp == NULL) { - D(("cannot enlarge module pointer memory")); - _pam_system_log(LOG_ERR, - "realloc returned NULL in _pam_add_handler"); - _pam_drop(mod_full_path); - return PAM_ABORT; - } - pamh->handlers.module = tmp; - pamh->handlers.modules_allocated += MODULE_CHUNK; - } - mod = &(pamh->handlers.module[x]); - /* Be pessimistic... */ - success = PAM_ABORT; - -#ifdef PAM_DYNAMIC - D(("_pam_add_handler: dlopen(%s) -> %lx", mod_path, &mod->dl_handle)); - mod->dl_handle = -# ifdef PAM_SHL - shl_load(mod_path, BIND_IMMEDIATE, 0L); -# else /* PAM_SHL */ - dlopen(mod_path, RTLD_NOW); -# endif /* PAM_SHL */ - D(("_pam_add_handler: dlopen'ed")); - if (mod->dl_handle == NULL) { - D(("_pam_add_handler: dlopen(%s) failed", mod_path)); - _pam_system_log(LOG_ERR, "unable to dlopen(%s)", mod_path); -# ifndef PAM_SHL - _pam_system_log(LOG_ERR, "[dlerror: %s]", dlerror()); -# endif /* PAM_SHL */ - /* Don't abort yet; static code may be able to find function. - * But defaults to abort if nothing found below... */ - } else { - D(("module added successfully")); - success = PAM_SUCCESS; - mod->type = PAM_MT_DYNAMIC_MOD; - pamh->handlers.modules_used++; - } -#endif -#ifdef PAM_STATIC - /* Only load static function if function was not found dynamically. - * This code should work even if no dynamic loading is available. */ - if (success != PAM_SUCCESS) { - D(("_pam_add_handler: open static handler %s", mod_path)); - mod->dl_handle = _pam_open_static_handler(mod_path); - if (mod->dl_handle == NULL) { - D(("_pam_add_handler: unable to find static handler %s", - mod_path)); - _pam_system_log(LOG_ERR, - "unable to open static handler %s", mod_path); - /* Didn't find module in dynamic or static..will mark bad */ - } else { - D(("static module added successfully")); - success = PAM_SUCCESS; - mod->type = PAM_MT_STATIC_MOD; - pamh->handlers.modules_used++; - } - } -#endif - - if (success != PAM_SUCCESS) { /* add a malformed module */ - mod->dl_handle = NULL; - mod->type = PAM_MT_FAULTY_MOD; - pamh->handlers.modules_used++; - _pam_system_log(LOG_ERR, "adding faulty module: %s", mod_path); - success = PAM_SUCCESS; /* We have successfully added a module */ - } - - /* indicate its name - later we will search for it by this */ - if ((mod->name = _pam_strdup(mod_path)) == NULL) { - D(("_pam_handler: couldn't get memory for mod_path")); - _pam_system_log(LOG_ERR, "no memory for module path", mod_path); - success = PAM_ABORT; - } - - } else { /* x != pamh->handlers.modules_used */ - mod += x; /* the located module */ - success = PAM_SUCCESS; - } - - _pam_drop(mod_full_path); - mod_path = NULL; /* no longer needed or trusted */ - - /* Now return error if necessary after trying all possible ways... */ - if (success != PAM_SUCCESS) - return(success); - - /* - * At this point 'mod' points to the stored/loaded module. If its - * dl_handle is unknown, then we must be able to indicate dispatch - * failure with 'must_fail' - */ - - /* Now define the handler(s) based on mod->dlhandle and type */ - - /* decide which list of handlers to use */ - the_handlers = (other) ? &pamh->handlers.other : &pamh->handlers.conf; - - handler_p = handler_p2 = NULL; - func = func2 = NULL; -#ifdef PAM_SHL - _sym2 = -#endif /* PAM_SHL */ - sym2 = NULL; - - /* point handler_p's at the root addresses of the function stacks */ - switch (type) { - case PAM_T_AUTH: - handler_p = &the_handlers->authenticate; - sym = SHLIB_SYM_PREFIX "pam_sm_authenticate"; - handler_p2 = &the_handlers->setcred; - sym2 = SHLIB_SYM_PREFIX "pam_sm_setcred"; -#ifdef PAM_SHL - _sym = "_pam_sm_authenticate"; - _sym2 = "_pam_sm_setcred"; -#endif - break; - case PAM_T_SESS: - handler_p = &the_handlers->open_session; - sym = SHLIB_SYM_PREFIX "pam_sm_open_session"; - handler_p2 = &the_handlers->close_session; - sym2 = SHLIB_SYM_PREFIX "pam_sm_close_session"; -#ifdef PAM_SHL - _sym = "_pam_sm_open_session"; - _sym2 = "_pam_sm_close_session"; -#endif - break; - case PAM_T_ACCT: - handler_p = &the_handlers->acct_mgmt; - sym = SHLIB_SYM_PREFIX "pam_sm_acct_mgmt"; -#ifdef PAM_SHL - _sym = "_pam_sm_acct_mgmt"; -#endif - break; - case PAM_T_PASS: - handler_p = &the_handlers->chauthtok; - sym = SHLIB_SYM_PREFIX "pam_sm_chauthtok"; -#ifdef PAM_SHL - _sym = "_pam_sm_chauthtok"; -#endif - break; - default: - /* Illegal module type */ - D(("_pam_add_handler: illegal module type %d", type)); - return PAM_ABORT; - } - - /* are the modules reliable? */ - if ( -#ifdef PAM_DYNAMIC - mod->type != PAM_MT_DYNAMIC_MOD - && -#endif /* PAM_DYNAMIC */ -#ifdef PAM_STATIC - mod->type != PAM_MT_STATIC_MOD - && -#endif /* PAM_STATIC */ - mod->type != PAM_MT_FAULTY_MOD - ) { - D(("_pam_add_handlers: illegal module library type; %d", mod->type)); - _pam_system_log(LOG_ERR, - "internal error: module library type not known: %s;%d", - sym, mod->type); - return PAM_ABORT; - } - - /* now identify this module's functions - for non-faulty modules */ - -#ifdef PAM_DYNAMIC - if ((mod->type == PAM_MT_DYNAMIC_MOD) && -# ifdef PAM_SHL - (shl_findsym(&mod->dl_handle, sym, (short) TYPE_PROCEDURE, &func) && - shl_findsym(&mod->dl_handle, _sym, (short) TYPE_PROCEDURE, &func)) -# else /* PAM_SHL */ - (func = (servicefn) dlsym(mod->dl_handle, sym)) == NULL -# endif /* PAM_SHL */ - ) { - _pam_system_log(LOG_ERR, "unable to resolve symbol: %s", sym); - } -#endif -#ifdef PAM_STATIC - if ((mod->type == PAM_MT_STATIC_MOD) && - (func = (servicefn)_pam_get_static_sym(mod->dl_handle, sym)) == NULL) { - _pam_system_log(LOG_ERR, "unable to resolve static symbol: %s", sym); - } -#endif - if (sym2) { -#ifdef PAM_DYNAMIC - if ((mod->type == PAM_MT_DYNAMIC_MOD) && -# ifdef PAM_SHL - (shl_findsym(&mod->dl_handle,sym2,(short)TYPE_PROCEDURE, &func2)&& - shl_findsym(&mod->dl_handle,_sym2,(short)TYPE_PROCEDURE, &func2)) -# else /* PAM_SHL */ - (func2 = (servicefn) dlsym(mod->dl_handle, sym2)) == NULL -# endif /* PAM_SHL */ - ) { - _pam_system_log(LOG_ERR, "unable to resolve symbol: %s", sym2); - } -#endif -#ifdef PAM_STATIC - if ((mod->type == PAM_MT_STATIC_MOD) && - (func2 = (servicefn)_pam_get_static_sym(mod->dl_handle, sym2)) - == NULL) { - _pam_system_log(LOG_ERR, "unable to resolve symbol: %s", sym2); - } -#endif - } - - /* here func (and perhaps func2) point to the appropriate functions */ - - /* add new handler to end of existing list */ - while (*handler_p != NULL) { - handler_p = &((*handler_p)->next); - } - - if ((*handler_p = malloc(sizeof(struct handler))) == NULL) { - _pam_system_log(LOG_CRIT, "cannot malloc struct handler #1"); - return (PAM_ABORT); - } - - (*handler_p)->must_fail = must_fail; /* failure forced? */ - (*handler_p)->func = func; - memcpy((*handler_p)->actions,actions,sizeof((*handler_p)->actions)); - (*handler_p)->cached_retval = -1; /* error */ - (*handler_p)->cached_retval_p = &((*handler_p)->cached_retval); - (*handler_p)->argc = argc; - (*handler_p)->argv = argv; /* not a copy */ - (*handler_p)->next = NULL; - - /* some of the modules have a second calling function */ - if (handler_p2) { - /* add new handler to end of existing list */ - while (*handler_p2) { - handler_p2 = &((*handler_p2)->next); - } - - if ((*handler_p2 = malloc(sizeof(struct handler))) == NULL) { - _pam_system_log(LOG_CRIT, "cannot malloc struct handler #2"); - return (PAM_ABORT); - } - - (*handler_p2)->must_fail = must_fail; /* failure forced? */ - (*handler_p2)->func = func2; - memcpy((*handler_p2)->actions,actions,sizeof((*handler_p2)->actions)); - (*handler_p2)->cached_retval = -1; /* ignored */ - /* Note, this next entry points to the handler_p value! */ - (*handler_p2)->cached_retval_p = &((*handler_p)->cached_retval); - (*handler_p2)->argc = argc; - if (argv) { - if (((*handler_p2)->argv = malloc(argvlen)) == NULL) { - _pam_system_log(LOG_CRIT, "cannot malloc argv for handler #2"); - return (PAM_ABORT); - } - memcpy((*handler_p2)->argv, argv, argvlen); - } else { - (*handler_p2)->argv = NULL; /* no arguments */ - } - (*handler_p2)->next = NULL; - } - - D(("_pam_add_handler: returning successfully")); - - return PAM_SUCCESS; -} - -/* Free various allocated structures and dlclose() the libs */ -int _pam_free_handlers(pam_handle_t *pamh) -{ - struct loaded_module *mod; - - D(("called.")); - IF_NO_PAMH("_pam_free_handlers",pamh,PAM_SYSTEM_ERR); - - mod = pamh->handlers.module; - - /* Close all loaded modules */ - - while (pamh->handlers.modules_used) { - D(("_pam_free_handlers: dlclose(%s)", mod->name)); - free(mod->name); -#ifdef PAM_DYNAMIC - if (mod->type == PAM_MT_DYNAMIC_MOD) { -# ifdef PAM_SHL - shl_unload(mod->dl_handle); -# else - dlclose(mod->dl_handle); -# endif - } -#endif - mod++; - pamh->handlers.modules_used--; - } - - /* Free all the handlers */ - - _pam_free_handlers_aux(&(pamh->handlers.conf.authenticate)); - _pam_free_handlers_aux(&(pamh->handlers.conf.setcred)); - _pam_free_handlers_aux(&(pamh->handlers.conf.acct_mgmt)); - _pam_free_handlers_aux(&(pamh->handlers.conf.open_session)); - _pam_free_handlers_aux(&(pamh->handlers.conf.close_session)); - _pam_free_handlers_aux(&(pamh->handlers.conf.chauthtok)); - - _pam_free_handlers_aux(&(pamh->handlers.other.authenticate)); - _pam_free_handlers_aux(&(pamh->handlers.other.setcred)); - _pam_free_handlers_aux(&(pamh->handlers.other.acct_mgmt)); - _pam_free_handlers_aux(&(pamh->handlers.other.open_session)); - _pam_free_handlers_aux(&(pamh->handlers.other.close_session)); - _pam_free_handlers_aux(&(pamh->handlers.other.chauthtok)); - - /* no more loaded modules */ - - _pam_drop(pamh->handlers.module); - - /* Indicate that handlers are not initialized for this pamh */ - - pamh->handlers.handlers_loaded = 0; - - return PAM_SUCCESS; -} - -void _pam_start_handlers(pam_handle_t *pamh) -{ - D(("called.")); - /* NB. There is no check for a NULL pamh here, since no return - * value to communicate the fact! */ - - /* Indicate that handlers are not initialized for this pamh */ - pamh->handlers.handlers_loaded = 0; - - pamh->handlers.modules_allocated = 0; - pamh->handlers.modules_used = 0; - pamh->handlers.module = NULL; - - /* initialize the .conf and .other entries */ - - pamh->handlers.conf.authenticate = NULL; - pamh->handlers.conf.setcred = NULL; - pamh->handlers.conf.acct_mgmt = NULL; - pamh->handlers.conf.open_session = NULL; - pamh->handlers.conf.close_session = NULL; - pamh->handlers.conf.chauthtok = NULL; - - pamh->handlers.other.authenticate = NULL; - pamh->handlers.other.setcred = NULL; - pamh->handlers.other.acct_mgmt = NULL; - pamh->handlers.other.open_session = NULL; - pamh->handlers.other.close_session = NULL; - pamh->handlers.other.chauthtok = NULL; -} - -void _pam_free_handlers_aux(struct handler **hp) -{ - struct handler *h = *hp; - struct handler *last; - - D(("called.")); - while (h) { - last = h; - _pam_drop(h->argv); /* This is all alocated in a single chunk */ - h = h->next; - memset(last, 0, sizeof(*last)); - free(last); - } - - *hp = NULL; -} diff --git a/contrib/libpam/libpam/pam_item.c b/contrib/libpam/libpam/pam_item.c deleted file mode 100644 index 3d3db63..0000000 --- a/contrib/libpam/libpam/pam_item.c +++ /dev/null @@ -1,334 +0,0 @@ -/* pam_item.c */ - -/* - * $Id: pam_item.c,v 1.3 2001/01/22 06:07:28 agmorgan Exp $ - * $FreeBSD$ - */ - -#include <ctype.h> -#include <stdlib.h> -#include <string.h> -#include <syslog.h> - -#include "pam_private.h" - -#define RESET(X, Y) \ -{ \ - char *_TMP_ = (X); \ - if (_TMP_ != (Y)) { \ - (X) = (Y) ? _pam_strdup(Y) : NULL; \ - if (_TMP_) \ - free(_TMP_); \ - } \ -} - -/* handy version id */ - -unsigned int __libpam_version = LIBPAM_VERSION; - -/* functions */ - -int pam_set_item (pam_handle_t *pamh, int item_type, const void *item) -{ - int retval; - - D(("called")); - - IF_NO_PAMH("pam_set_item", pamh, PAM_SYSTEM_ERR); - - retval = PAM_SUCCESS; - - switch (item_type) { - - case PAM_SERVICE: - /* Setting handlers_loaded to 0 will cause the handlers - * to be reloaded on the next call to a service module. - */ - pamh->handlers.handlers_loaded = 0; - RESET(pamh->service_name, item); - { - char *tmp; - for (tmp=pamh->service_name; *tmp; ++tmp) - *tmp = tolower(*tmp); /* require lower case */ - } - break; - - case PAM_USER: - RESET(pamh->user, item); - break; - - case PAM_USER_PROMPT: - RESET(pamh->prompt, item); - break; - - case PAM_TTY: - D(("setting tty to %s", item)); - RESET(pamh->tty, item); - break; - - case PAM_RUSER: - RESET(pamh->ruser, item); - break; - - case PAM_RHOST: - RESET(pamh->rhost, item); - break; - - case PAM_AUTHTOK: - /* - * PAM_AUTHTOK and PAM_OLDAUTHTOK are only accessible from - * modules. - */ - if (__PAM_FROM_MODULE(pamh)) { - char *_TMP_ = pamh->authtok; - if (_TMP_ == item) /* not changed so leave alone */ - break; - pamh->authtok = (item) ? _pam_strdup(item) : NULL; - if (_TMP_) { - _pam_overwrite(_TMP_); - free(_TMP_); - } - } else { - retval = PAM_BAD_ITEM; - } - - break; - - case PAM_OLDAUTHTOK: - /* - * PAM_AUTHTOK and PAM_OLDAUTHTOK are only accessible from - * modules. - */ - if (__PAM_FROM_MODULE(pamh)) { - char *_TMP_ = pamh->oldauthtok; - if (_TMP_ == item) /* not changed so leave alone */ - break; - pamh->oldauthtok = (item) ? _pam_strdup(item) : NULL; - if (_TMP_) { - _pam_overwrite(_TMP_); - free(_TMP_); - } - } else { - retval = PAM_BAD_ITEM; - } - - break; - - case PAM_CONV: /* want to change the conversation function */ - if (item == NULL) { - _pam_system_log(LOG_ERR, - "pam_set_item: attempt to set conv() to NULL"); - retval = PAM_PERM_DENIED; - } else { - struct pam_conv *tconv; - - if ((tconv= - (struct pam_conv *) malloc(sizeof(struct pam_conv)) - ) == NULL) { - _pam_system_log(LOG_CRIT, - "pam_set_item: malloc failed for pam_conv"); - retval = PAM_BUF_ERR; - } else { - memcpy(tconv, item, sizeof(struct pam_conv)); - _pam_drop(pamh->pam_conversation); - pamh->pam_conversation = tconv; - } - } - break; - - case PAM_FAIL_DELAY: - pamh->fail_delay.delay_fn_ptr = item; - break; - - default: - retval = PAM_BAD_ITEM; - } - - return retval; -} - -int pam_get_item (const pam_handle_t *pamh, int item_type, const void **item) -{ - int retval = PAM_SUCCESS; - - D(("called.")); - IF_NO_PAMH("pam_get_item", pamh, PAM_SYSTEM_ERR); - - if (item == NULL) { - _pam_system_log(LOG_ERR, - "pam_get_item: nowhere to place requested item"); - return PAM_BUF_ERR; - } - - switch (item_type) { - case PAM_SERVICE: - *item = pamh->service_name; - break; - - case PAM_USER: - D(("returning user=%s", pamh->user)); - *item = pamh->user; - break; - - case PAM_USER_PROMPT: - D(("returning userprompt=%s", pamh->user)); - *item = pamh->prompt; - break; - - case PAM_TTY: - D(("returning tty=%s", pamh->tty)); - *item = pamh->tty; - break; - - case PAM_RUSER: - *item = pamh->ruser; - break; - - case PAM_RHOST: - *item = pamh->rhost; - break; - - case PAM_AUTHTOK: - /* - * PAM_AUTHTOK and PAM_OLDAUTHTOK are only accessible from - * modules. - */ - if (__PAM_FROM_MODULE(pamh)) { - *item = pamh->authtok; - } else { - retval = PAM_BAD_ITEM; - } - break; - - case PAM_OLDAUTHTOK: - /* - * PAM_AUTHTOK and PAM_OLDAUTHTOK are only accessible from - * modules. - */ - if (__PAM_FROM_MODULE(pamh)) { - *item = pamh->oldauthtok; - } else { - retval = PAM_BAD_ITEM; - } - break; - - case PAM_CONV: - *item = pamh->pam_conversation; - break; - - case PAM_FAIL_DELAY: - *item = pamh->fail_delay.delay_fn_ptr; - break; - - default: - retval = PAM_BAD_ITEM; - } - - return retval; -} - -/* - * This function is the 'preferred method to obtain the username'. - */ - -int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt) -{ - const char *use_prompt; - int retval; - struct pam_message msg,*pmsg; - struct pam_response *resp; - - D(("called.")); - IF_NO_PAMH("pam_get_user", pamh, PAM_SYSTEM_ERR); - - if (pamh->pam_conversation == NULL) { - _pam_system_log(LOG_ERR, "pam_get_user: no conv element in pamh"); - return PAM_SERVICE_ERR; - } - - if (user == NULL) { /* ensure the the module has suplied a destination */ - _pam_system_log(LOG_ERR, "pam_get_user: nowhere to record username"); - return PAM_PERM_DENIED; - } else - *user = NULL; - - if (pamh->user) { /* have one so return it */ - *user = pamh->user; - return PAM_SUCCESS; - } - - /* will need a prompt */ - use_prompt = prompt; - if (use_prompt == NULL) { - use_prompt = pamh->prompt; - if (use_prompt == NULL) { - use_prompt = PAM_DEFAULT_PROMPT; - } - } - - /* If we are resuming an old conversation, we verify that the prompt - is the same. Anything else is an error. */ - if (pamh->former.want_user) { - /* must have a prompt to resume with */ - if (! pamh->former.prompt) { - _pam_system_log(LOG_ERR, - "pam_get_user: failed to resume with prompt" - ); - return PAM_ABORT; - } - - /* must be the same prompt as last time */ - if (strcmp(pamh->former.prompt, use_prompt)) { - _pam_system_log(LOG_ERR, - "pam_get_user: resumed with different prompt"); - return PAM_ABORT; - } - - /* ok, we can resume where we left off last time */ - pamh->former.want_user = PAM_FALSE; - _pam_overwrite(pamh->former.prompt); - _pam_drop(pamh->former.prompt); - } - - /* converse with application -- prompt user for a username */ - pmsg = &msg; - msg.msg_style = PAM_PROMPT_ECHO_ON; - msg.msg = use_prompt; - resp = NULL; - - retval = pamh->pam_conversation-> - conv(1, (const struct pam_message **) &pmsg, &resp, - pamh->pam_conversation->appdata_ptr); - - if (retval == PAM_CONV_AGAIN) { - /* conversation function is waiting for an event - save state */ - D(("conversation function is not ready yet")); - pamh->former.want_user = PAM_TRUE; - pamh->former.prompt = _pam_strdup(use_prompt); - } else if (resp == NULL) { - /* - * conversation should have given a response - */ - D(("pam_get_user: no response provided")); - retval = PAM_CONV_ERR; - } else if (retval == PAM_SUCCESS) { /* copy the username */ - /* - * now we set the PAM_USER item -- this was missing from pre.53 - * releases. However, reading the Sun manual, it is part of - * the standard API. - */ - RESET(pamh->user, resp->resp); - *user = pamh->user; - } - - if (resp) { - /* - * note 'resp' is allocated by the application and is - * correctly free()'d here - */ - _pam_drop_reply(resp, 1); - } - - D(("completed")); - return retval; /* pass on any error from conversation */ -} diff --git a/contrib/libpam/libpam/pam_log.c b/contrib/libpam/libpam/pam_log.c deleted file mode 100644 index 99f7e8f..0000000 --- a/contrib/libpam/libpam/pam_log.c +++ /dev/null @@ -1,376 +0,0 @@ -/* - * pam_log.c -- PAM system logging - * - * $Id: pam_log.c,v 1.2 2000/11/19 23:54:02 agmorgan Exp $ - * $FreeBSD$ - * - */ - -#include "pam_private.h" - -#include <stdio.h> -#include <stdlib.h> -#include <stdarg.h> - -#ifdef __hpux -# include <stdio.h> -# include <syslog.h> -# ifdef __STDC__ -# ifndef __P -# define __P(p) p -# endif /* __P */ -# include <stdarg.h> -# define VA_LOCAL_DECL va_list ap; -# define VA_START(f) va_start(ap, f) -# define VA_END va_end(ap) -# else /* __STDC__ */ -# ifndef __P -# define __P(p) () -# endif /* __P */ -# include <varargs.h> -# define VA_LOCAL_DECL va_list ap; -# define VA_START(f) va_start(ap) -# define VA_END va_end(ap) -# endif /* __STDC__ */ -/************************************************************** - * Patrick Powell Tue Apr 11 09:48:21 PDT 1995 - * A bombproof version of doprnt (dopr) included. - * Sigh. This sort of thing is always nasty do deal with. Note that - * the version here does not include floating point... - * - * snprintf() is used instead of sprintf() as it does limit checks - * for string length. This covers a nasty loophole. - * - * The other functions are there to prevent NULL pointers from - * causing nast effects. - **************************************************************/ - -static void dopr(); -static char *end; -# ifndef _SCO_DS -/* VARARGS3 */ -int -# ifdef __STDC__ -snprintf(char *str, size_t count, const char *fmt, ...) -# else /* __STDC__ */ -snprintf(str, count, fmt, va_alist) - char *str; - size_t count; - const char *fmt; - va_dcl -# endif /* __STDC__ */ -{ - int len; - VA_LOCAL_DECL - - VA_START(fmt); - len = vsnprintf(str, count, fmt, ap); - VA_END; - return len; -} -# endif /* _SCO_DS */ - -int -# ifdef __STDC__ -vsnprintf(char *str, size_t count, const char *fmt, va_list args) -# else /* __STDC__ */ -vsnprintf(str, count, fmt, args) - char *str; - int count; - char *fmt; - va_list args; -# endif /* __STDC__ */ -{ - str[0] = 0; - end = str + count - 1; - dopr( str, fmt, args ); - if (count > 0) - end[0] = 0; - return strlen(str); -} - -/* - * dopr(): poor man's version of doprintf - */ - -static void fmtstr __P((char *value, int ljust, int len, int zpad, - int maxwidth)); -static void fmtnum __P((long value, int base, int dosign, int ljust, int len, - int zpad)); -static void dostr __P(( char * , int )); -static char *output; -static void dopr_outch __P(( int c )); - -static void -# ifdef __STDC__ -dopr(char * buffer, const char * format, va_list args ) -# else /* __STDC__ */ -dopr( buffer, format, args ) - char *buffer; - char *format; - va_list args; -# endif /* __STDC__ */ -{ - int ch; - long value; - int longflag = 0; - int pointflag = 0; - int maxwidth = 0; - char *strvalue; - int ljust; - int len; - int zpad; - - output = buffer; - while( (ch = *format++) ){ - switch( ch ){ - case '%': - ljust = len = zpad = maxwidth = 0; - longflag = pointflag = 0; - nextch: - ch = *format++; - switch( ch ){ - case 0: - dostr( "**end of format**" , 0); - return; - case '-': ljust = 1; goto nextch; - case '0': /* set zero padding if len not set */ - if(len==0 && !pointflag) zpad = '0'; - case '1': case '2': case '3': - case '4': case '5': case '6': - case '7': case '8': case '9': - if (pointflag) - maxwidth = maxwidth*10 + ch - '0'; - else - len = len*10 + ch - '0'; - goto nextch; - case '*': - if (pointflag) - maxwidth = va_arg( args, int ); - else - len = va_arg( args, int ); - goto nextch; - case '.': pointflag = 1; goto nextch; - case 'l': longflag = 1; goto nextch; - case 'u': case 'U': - /*fmtnum(value,base,dosign,ljust,len,zpad) */ - if( longflag ){ - value = va_arg( args, long ); - } else { - value = va_arg( args, int ); - } - fmtnum( value, 10,0, ljust, len, zpad ); break; - case 'o': case 'O': - /*fmtnum(value,base,dosign,ljust,len,zpad) */ - if( longflag ){ - value = va_arg( args, long ); - } else { - value = va_arg( args, int ); - } - fmtnum( value, 8,0, ljust, len, zpad ); break; - case 'd': case 'D': - if( longflag ){ - value = va_arg( args, long ); - } else { - value = va_arg( args, int ); - } - fmtnum( value, 10,1, ljust, len, zpad ); break; - case 'x': - if( longflag ){ - value = va_arg( args, long ); - } else { - value = va_arg( args, int ); - } - fmtnum( value, 16,0, ljust, len, zpad ); break; - case 'X': - if( longflag ){ - value = va_arg( args, long ); - } else { - value = va_arg( args, int ); - } - fmtnum( value,-16,0, ljust, len, zpad ); break; - case 's': - strvalue = va_arg( args, char *); - if (maxwidth > 0 || !pointflag) { - if (pointflag && len > maxwidth) - len = maxwidth; /* Adjust padding */ - fmtstr( strvalue,ljust,len,zpad, maxwidth); - } - break; - case 'c': - ch = va_arg( args, int ); - dopr_outch( ch ); break; - case '%': dopr_outch( ch ); continue; - default: - dostr( "???????" , 0); - } - break; - default: - dopr_outch( ch ); - break; - } - } - *output = 0; -} - -static void -fmtstr( value, ljust, len, zpad, maxwidth ) - char *value; - int ljust, len, zpad, maxwidth; -{ - int padlen, strlen; /* amount to pad */ - - if( value == 0 ){ - value = "<NULL>"; - } - for( strlen = 0; value[strlen]; ++ strlen ); /* strlen */ - if (strlen > maxwidth && maxwidth) - strlen = maxwidth; - padlen = len - strlen; - if( padlen < 0 ) padlen = 0; - if( ljust ) padlen = -padlen; - while( padlen > 0 ) { - dopr_outch( ' ' ); - --padlen; - } - dostr( value, maxwidth ); - while( padlen < 0 ) { - dopr_outch( ' ' ); - ++padlen; - } -} - -static void -fmtnum( value, base, dosign, ljust, len, zpad ) - long value; - int base, dosign, ljust, len, zpad; -{ - int signvalue = 0; - unsigned long uvalue; - char convert[20]; - int place = 0; - int padlen = 0; /* amount to pad */ - int caps = 0; - - /* DEBUGP(("value 0x%x, base %d, dosign %d, ljust %d, len %d, zpad %d\n", - value, base, dosign, ljust, len, zpad )); */ - uvalue = value; - if( dosign ){ - if( value < 0 ) { - signvalue = '-'; - uvalue = -value; - } - } - if( base < 0 ){ - caps = 1; - base = -base; - } - do{ - convert[place++] = - (caps? "0123456789ABCDEF":"0123456789abcdef") - [uvalue % (unsigned)base ]; - uvalue = (uvalue / (unsigned)base ); - }while(uvalue); - convert[place] = 0; - padlen = len - place; - if( padlen < 0 ) padlen = 0; - if( ljust ) padlen = -padlen; - /* DEBUGP(( "str '%s', place %d, sign %c, padlen %d\n", - convert,place,signvalue,padlen)); */ - if( zpad && padlen > 0 ){ - if( signvalue ){ - dopr_outch( signvalue ); - --padlen; - signvalue = 0; - } - while( padlen > 0 ){ - dopr_outch( zpad ); - --padlen; - } - } - while( padlen > 0 ) { - dopr_outch( ' ' ); - --padlen; - } - if( signvalue ) dopr_outch( signvalue ); - while( place > 0 ) dopr_outch( convert[--place] ); - while( padlen < 0 ){ - dopr_outch( ' ' ); - ++padlen; - } -} - -static void -dostr( str , cut) - char *str; - int cut; -{ - if (cut) { - while(*str && cut-- > 0) dopr_outch(*str++); - } else { - while(*str) dopr_outch(*str++); - } -} - -static void -dopr_outch( c ) - int c; -{ - if( end == 0 || output < end ) - *output++ = c; -} - -int -# ifdef __STDC__ -vsyslog(int priority, const char *fmt, ...) -# else /* __STDC__ */ -vsyslog(priority, fmt, va_alist) - int priority; - const char *fmt; - va_dcl -# endif /* __STDC__ */ -{ - VA_LOCAL_DECL - char logbuf[BUFSIZ]; - - VA_START(fmt); - - vsnprintf(logbuf, BUFSIZ, fmt, ap); - syslog(priority, "%s", logbuf); - - VA_END; -} -#endif /* __hpux */ - -/* internal logging function */ - -void _pam_system_log(int priority, const char *format, ... ) -{ - va_list args; - char *eformat; - - D(("pam_system_log called")); - - if (format == NULL) { - D(("NULL format to _pam_system_log() call")); - return; - } - - va_start(args, format); - - eformat = malloc(sizeof(_PAM_SYSTEM_LOG_PREFIX)+strlen(format)); - if (eformat != NULL) { - strcpy(eformat, _PAM_SYSTEM_LOG_PREFIX); - strcpy(eformat + sizeof(_PAM_SYSTEM_LOG_PREFIX) - 1, format); - vsyslog(priority, eformat, args); - _pam_overwrite(eformat); - _pam_drop(eformat); - } else { - vsyslog(priority, format, args); - } - - va_end(args); - - D(("done.")); -} - diff --git a/contrib/libpam/libpam/pam_malloc.c b/contrib/libpam/libpam/pam_malloc.c deleted file mode 100644 index d08a456..0000000 --- a/contrib/libpam/libpam/pam_malloc.c +++ /dev/null @@ -1,395 +0,0 @@ -/* - * $Id: pam_malloc.c,v 1.3 2000/12/04 19:02:34 baggins Exp $ - */ - -/* - * This pair of files helps to locate memory leaks. It is a wrapper for - * the malloc family of calls. (Actutally, it currently only deals - * with calloc, malloc, realloc, free and exit) - * - * To use these functions the header "pam_malloc.h" must be included - * in all parts of the code (that use the malloc functions) and this - * file must be linked with the result. The pam_malloc_flags can be - * set from another function and determine the level of logging. - * - * The output is via the macros defined in _pam_macros.h - * - * It is a debugging tool and should be turned off in released code. - * - * This suite was written by Andrew Morgan <morgan@parc.power.net> for - * Linux-PAM. - */ - -#ifndef DEBUG -#define DEBUG -#endif - -#include "pam_private.h" - -#include <security/pam_malloc.h> -#include <security/_pam_macros.h> - -/* this must be done to stop infinite recursion! */ -#undef malloc -#undef calloc -#undef free -#undef realloc -#undef exit - -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> - -/* - * default debugging level - */ - -int pam_malloc_flags = PAM_MALLOC_ALL; -int pam_malloc_delay_length = 4; - -#define on(x) ((pam_malloc_flags&(x))==(x)) - -/* - * the implementation - */ - -static const char *last_fn=NULL; -static const char *last_file=NULL; -static const char *last_call=NULL; -static int last_line = 1; - -#define err(x) { _pam_output_xdebug_info(); _pam_output_debug x ; } - -static void set_last_(const char *x, const char *f - , const char *fn, const int l) -{ - last_fn = x ? x : "error-in-pam_malloc.."; - last_file = f ? f : "*bad-file*"; - last_call = fn ? fn: "*bad-fn*"; - last_line = l; -} - -static void _pam_output_xdebug_info(void) -{ - FILE *logfile; - int must_close = 1, fd; - -#ifdef O_NOFOLLOW - if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) { -#else - if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) { -#endif - if (!(logfile = fdopen(fd,"a"))) { - logfile = stderr; - must_close = 0; - close(fd); - } - } else { - logfile = stderr; - must_close = 0; - } - fprintf(logfile, "[%s:%s(%d)->%s()] ", - last_file, last_call, last_line, last_fn); - fflush(logfile); - if (must_close) - fclose(logfile); -} - -static void hinder(void) -{ - if (on(PAM_MALLOC_PAUSE)) { - if (on(0)) err(("pause requested")); - sleep(pam_malloc_delay_length); - } - - if (on(PAM_MALLOC_STOP)) { - if (on(0)) err(("stop requested")); - exit(1); - } -} - -/* - * here are the memory pointer registering functions.. these actually - * use malloc(!) but that's ok! ;^) - */ - -struct reference { - void *ptr; /* pointer */ - int nelements; /* number of elements */ - int size; /* - each of this size */ - char *file; /* where it was requested - filename */ - char *function; /* - function */ - int line; /* - line number */ -/* - * linking info - */ - struct reference *next; -}; - -static void _dump(const char *say, const struct reference *ref) -{ - _pam_output_debug(" <%s: %p (#%d of %d) req. by %s(); %s line %d>\n" - , say - , ref->ptr,ref->nelements,ref->size - , ref->function,ref->file,ref->line); -} - -static struct reference *root=NULL; - -static char *_strdup(const char *x) -{ - char *s; - - s = (char *)malloc(strlen(x)+1); - if (s == NULL) { - if (on(0)) err(("_strdup failed")); - exit(1); - } - - strcpy(s,x); - return s; -} - -static void add_new_ref(void *new, int n, int size) -{ - struct reference *ref=NULL; - - ref = (struct reference *) malloc( sizeof(struct reference) ); - if (new == NULL || ref == NULL) { - if (on(0)) err(("internal error {add_new_ref}")); - exit(1); - } - - ref->ptr = new; - ref->nelements = n; - ref->size = size; - - ref->file = _strdup(last_file); - ref->function = _strdup(last_call); - ref->line = last_line; - - ref->next = root; - - if (on(PAM_MALLOC_REQUEST)) { - _dump("new_ptr", ref); - } - - root = ref; -} - -static void del_old_ref(void *old) -{ - struct reference *this,*last; - - if (old == NULL) { - if (on(0)) err(("internal error {del_old_ref}")); - exit(1); - } - - /* locate old pointer */ - - last = NULL; - this = root; - while (this) { - if (this->ptr == old) - break; - last = this; - this = this->next; - } - - /* Did we find a reference ? */ - - if (this) { - if (on(PAM_MALLOC_FREE)) { - _dump("free old_ptr", this); - } - if (last == NULL) { - root = this->next; - } else { - last->next = this->next; - } - free(this->file); - free(this->function); - free(this); - } else { - if (on(0)) err(("ERROR!: bad memory")); - hinder(); - } -} - -static void verify_old_ref(void *old) -{ - struct reference *this; - - if (old == NULL) { - if (on(0)) err(("internal error {verify_old_ref}")); - exit(1); - } - - /* locate old pointer */ - - this = root; - while (this) { - if (this->ptr == old) - break; - this = this->next; - } - - /* Did we find a reference ? */ - - if (this) { - if (on(PAM_MALLOC_VERIFY)) { - _dump("verify_ptr", this); - } - } else { - if (on(0)) err(("ERROR!: bad request")); - hinder(); - } -} - -static void dump_memory_list(const char *dump) -{ - struct reference *this; - - this = root; - if (this) { - if (on(0)) err(("un-free()'d memory")); - while (this) { - _dump(dump, this); - this = this->next; - } - } else { - if (on(0)) err(("no memory allocated")); - } -} - -/* now for the wrappers */ - -#define _fn(x) set_last_(x,file,fn,line) - -void *pam_malloc(size_t size, const char *file, const char *fn, const int line) -{ - void *new; - - _fn("malloc"); - - if (on(PAM_MALLOC_FUNC)) err(("request for %d", size)); - - new = malloc(size); - if (new == NULL) { - if (on(PAM_MALLOC_FAIL)) err(("returned NULL")); - } else { - if (on(PAM_MALLOC_REQUEST)) err(("request new")); - add_new_ref(new, 1, size); - } - - return new; -} - -void *pam_calloc(size_t nelm, size_t size - , const char *file, const char *fn, const int line) -{ - void *new; - - _fn("calloc"); - - if (on(PAM_MALLOC_FUNC)) err(("request for %d of %d", nelm, size)); - - new = calloc(nelm,size); - if (new == NULL) { - if (on(PAM_MALLOC_FAIL)) err(("returned NULL")); - } else { - if (on(PAM_MALLOC_REQUEST)) err(("request new")); - add_new_ref(new, nelm, size); - } - - return new; -} - -void pam_free(void *ptr - , const char *file, const char *fn, const int line) -{ - _fn("free"); - - if (on(PAM_MALLOC_FUNC)) err(("request to free %p", ptr)); - - if (ptr == NULL) { - if (on(PAM_MALLOC_NULL)) err(("passed NULL pointer")); - } else { - if (on(PAM_MALLOC_FREE)) err(("deleted old")); - del_old_ref(ptr); - free(ptr); - } -} - -void *pam_memalign(size_t ali, size_t size - , const char *file, const char *fn, const int line) -{ - _fn("memalign"); - if (on(0)) err(("not implemented currently (Sorry)")); - exit(1); -} - -void *pam_realloc(void *ptr, size_t size - , const char *file, const char *fn, const int line) -{ - void *new; - - _fn("realloc"); - - if (on(PAM_MALLOC_FUNC)) err(("resize %p to %d", ptr, size)); - - if (ptr == NULL) { - if (on(PAM_MALLOC_NULL)) err(("passed NULL pointer")); - } else { - verify_old_ref(ptr); - } - - new = realloc(ptr, size); - if (new == NULL) { - if (on(PAM_MALLOC_FAIL)) err(("returned NULL")); - } else { - if (ptr) { - if (on(PAM_MALLOC_FREE)) err(("deleted old")); - del_old_ref(ptr); - } else { - if (on(PAM_MALLOC_NULL)) err(("old is NULL")); - } - if (on(PAM_MALLOC_REQUEST)) err(("request new")); - add_new_ref(new, 1, size); - } - - return new; -} - -void *pam_valloc(size_t size - , const char *file, const char *fn, const int line) -{ - _fn("valloc"); - if (on(0)) err(("not implemented currently (Sorry)")); - exit(1); -} - -#include <alloca.h> - -void *pam_alloca(size_t size - , const char *file, const char *fn, const int line) -{ - _fn("alloca"); - if (on(0)) err(("not implemented currently (Sorry)")); - exit(1); -} - -void pam_exit(int i - , const char *file, const char *fn, const int line) -{ - _fn("exit"); - - if (on(0)) err(("passed (%d)", i)); - if (on(PAM_MALLOC_LEAKED)) { - dump_memory_list("leaked"); - } - exit(i); -} - -/* end of file */ diff --git a/contrib/libpam/libpam/pam_map.c b/contrib/libpam/libpam/pam_map.c deleted file mode 100644 index 86b1657..0000000 --- a/contrib/libpam/libpam/pam_map.c +++ /dev/null @@ -1,78 +0,0 @@ -/* pam_map.c - PAM mapping interface - * - * $Id: pam_map.c,v 1.2 2000/12/04 19:02:34 baggins Exp $ - * - * This is based on the X/Open XSSO specification of March 1997. - * It is not implemented as it is going to change... after 1997/9/25. - * - */ - -#include <stdio.h> - -#include "pam_private.h" - -/* p 54 */ - -int pam_get_mapped_authtok(pam_handle_t *pamh, - const char *target_module_username, - const char *target_module_type, - const char *target_authn_domain, - size_t *target_authtok_len - unsigned char **target_module_authtok); -{ - D(("called")); - - IF_NO_PAMH("pam_get_mapped_authtok",pamh,PAM_SYSTEM_ERR); - - return PAM_SYSTEM_ERROR; -} - -/* p 68 */ - -int pam_set_mapped_authtok(pam_handle_t *pamh, - char *target_module_username, - size_t *target_authtok_len, - unsigned char *target_module_authtok, - char *target_module_type, - char *target_authn_domain) -{ - D(("called")); - - IF_NO_PAMH("pam_set_mapped_authtok",pamh,PAM_SYSTEM_ERR); - - return PAM_SYSTEM_ERROR; -} - -/* p 56 */ - -int pam_get_mapped_username(pam_handle_t *pamh, - const char *src_username, - const char *src_module_type, - const char *src_authn_domain, - const char *target_module_type, - const char *target_authn_domain, - char **target_module_username) -{ - D(("called")); - - IF_NO_PAMH("pam_get_mapped_username",pamh,PAM_SYSTEM_ERR); - - return PAM_SYSTEM_ERROR; -} - -/* p 70 */ - -int pam_set_mapped_username(pam_handle_t *pamh, - char *src_username, - char *src_module_type, - char *src_authn_domain, - char *target_module_username, - char *target_module_type, - char *target_authn_domain) -{ - D(("called")); - - IF_NO_PAMH("pam_set_mapped_username",pamh,PAM_SYSTEM_ERR); - - return PAM_SYSTEM_ERROR; -} diff --git a/contrib/libpam/libpam/pam_misc.c b/contrib/libpam/libpam/pam_misc.c deleted file mode 100644 index 6c1d5d6..0000000 --- a/contrib/libpam/libpam/pam_misc.c +++ /dev/null @@ -1,309 +0,0 @@ -/* pam_misc.c -- This is random stuff */ - -/* - * $Id: pam_misc.c,v 1.2 2001/01/22 06:07:29 agmorgan Exp $ - */ - -#include <stdarg.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <syslog.h> -#include <ctype.h> - -#include "pam_private.h" - -/* caseless string comparison: POSIX does not define this.. */ -int _pam_strCMP(const char *s, const char *t) -{ - int cf; - - do { - cf = tolower(*s) - tolower(*t); - ++t; - } while (!cf && *s++); - - return cf; -} - -char *_pam_StrTok(char *from, const char *format, char **next) -/* - * this function is a variant of the standard strtok, it differs in that - * it takes an additional argument and doesn't nul terminate tokens until - * they are actually reached. - */ -{ - char table[256], *end; - int i; - - if (from == NULL && (from = *next) == NULL) - return from; - - /* initialize table */ - for (i=1; i<256; table[i++] = '\0'); - for (i=0; format[i] ; table[(int)format[i++]] = 'y'); - - /* look for first non-blank char */ - while (*from && table[(int)*from]) { - ++from; - } - - if (*from == '[') { - /* - * special case, "[...]" is considered to be a single - * object. Note, however, if one of the format[] chars is - * '[' this single string will not be read correctly. - */ - for (end=++from; *end && *end != ']'; ++end) { - if (*end == '\\' && end[1] == ']') - ++end; - } - /* note, this string is stripped of its edges: "..." is what - remains */ - } else if (*from) { - /* simply look for next blank char */ - for (end=from; *end && !table[(int)*end]; ++end); - } else { - return (*next = NULL); /* no tokens left */ - } - - /* now terminate what we have */ - if (*end) - *end++ = '\0'; - - /* indicate what it left */ - if (*end) { - *next = end; - } else { - *next = NULL; /* have found last token */ - } - - /* return what we have */ - return from; -} - -/* - * Safe duplication of character strings. "Paranoid"; don't leave - * evidence of old token around for later stack analysis. - */ - -char *_pam_strdup(const char *x) -{ - register char *new=NULL; - - if (x != NULL) { - register int i; - - for (i=0; x[i]; ++i); /* length of string */ - if ((new = malloc(++i)) == NULL) { - i = 0; - _pam_system_log(LOG_CRIT, "_pam_strdup: failed to get memory"); - } else { - while (i-- > 0) { - new[i] = x[i]; - } - } - x = NULL; - } - - return new; /* return the duplicate or NULL on error */ -} - -/* Generate argv, argc from s */ -/* caller must free(argv) */ - -int _pam_mkargv(char *s, char ***argv, int *argc) -{ - int l; - int argvlen = 0; - char *sbuf, *sbuf_start; - char **our_argv = NULL; - char **argvbuf; - char *argvbufp; -#ifdef DEBUG - int count=0; -#endif - - D(("_pam_mkargv called: %s",s)); - - *argc = 0; - - l = strlen(s); - if (l) { - if ((sbuf = sbuf_start = _pam_strdup(s)) == NULL) { - _pam_system_log(LOG_CRIT, - "pam_mkargv: null returned by _pam_strdup"); - D(("arg NULL")); - } else { - /* Overkill on the malloc, but not large */ - argvlen = (l + 1) * ((sizeof(char)) + sizeof(char *)); - if ((our_argv = argvbuf = malloc(argvlen)) == NULL) { - _pam_system_log(LOG_CRIT, - "pam_mkargv: null returned by malloc"); - } else { - char *tmp=NULL; - - argvbufp = (char *) argvbuf + (l * sizeof(char *)); - D(("[%s]",sbuf)); - while ((sbuf = _pam_StrTok(sbuf, " \n\t", &tmp))) { - D(("arg #%d",++count)); - D(("->[%s]",sbuf)); - strcpy(argvbufp, sbuf); - D(("copied token")); - *argvbuf = argvbufp; - argvbufp += strlen(argvbufp) + 1; - D(("stepped in argvbufp")); - (*argc)++; - argvbuf++; - sbuf = NULL; - D(("loop again?")); - } - _pam_drop(sbuf_start); - } - } - } - - *argv = our_argv; - - D(("_pam_mkargv returned")); - - return(argvlen); -} - -/* - * this function is used to protect the modules from accidental or - * semi-mallicious harm that an application may do to confuse the API. - */ - -void _pam_sanitize(pam_handle_t *pamh) -{ - int old_caller_is = pamh->caller_is; - - /* - * this is for security. We reset the auth-tokens here. - */ - __PAM_TO_MODULE(pamh); - pam_set_item(pamh, PAM_AUTHTOK, NULL); - pam_set_item(pamh, PAM_OLDAUTHTOK, NULL); - pamh->caller_is = old_caller_is; -} - -/* - * This function scans the array and replaces the _PAM_ACTION_UNDEF - * entries with the default action. - */ - -void _pam_set_default_control(int *control_array, int default_action) -{ - int i; - - for (i=0; i<_PAM_RETURN_VALUES; ++i) { - if (control_array[i] == _PAM_ACTION_UNDEF) { - control_array[i] = default_action; - } - } -} - -/* - * This function is used to parse a control string. This string is a - * series of tokens of the following form: - * - * "[ ]*return_code[ ]*=[ ]*action/[ ]". - */ - -#include "pam_tokens.h" - -void _pam_parse_control(int *control_array, char *tok) -{ - const char *error; - int ret; - - while (*tok) { - int act, len; - - /* skip leading space */ - while (isspace((int)*tok) && *++tok); - if (!*tok) - break; - - /* identify return code */ - for (ret=0; ret<=_PAM_RETURN_VALUES; ++ret) { - len = strlen(_pam_token_returns[ret]); - if (!strncmp(_pam_token_returns[ret], tok, len)) { - break; - } - } - if (ret > _PAM_RETURN_VALUES || !*(tok += len)) { - error = "expecting return value"; - goto parse_error; - } - - /* observe '=' */ - while (isspace((int)*tok) && *++tok); - if (!*tok || *tok++ != '=') { - error = "expecting '='"; - goto parse_error; - } - - /* skip leading space */ - while (isspace((int)*tok) && *++tok); - if (!*tok) { - error = "expecting action"; - goto parse_error; - } - - /* observe action type */ - for (act=0; act < (-(_PAM_ACTION_UNDEF)); ++act) { - len = strlen(_pam_token_actions[act]); - if (!strncmp(_pam_token_actions[act], tok, len)) { - act *= -1; - tok += len; - break; - } - } - if (act > 0) { - /* - * Either we have a number or we have hit an error. In - * principle, there is nothing to stop us accepting - * negative offsets. (Although we would have to think of - * another way of encoding the tokens.) However, I really - * think this would be both hard to administer and easily - * cause looping problems. So, for now, we will just - * allow forward jumps. (AGM 1998/1/7) - */ - if (!isdigit((int)*tok)) { - error = "expecting jump number"; - goto parse_error; - } - /* parse a number */ - act = 0; - do { - act *= 10; - act += *tok - '0'; /* XXX - this assumes ascii behavior */ - } while (*++tok && isdigit((int)*tok)); - if (! act) { - /* we do not allow 0 jumps. There is a token ('ignore') - for that */ - error = "expecting non-zero"; - goto parse_error; - } - } - - /* set control_array element */ - if (ret != _PAM_RETURN_VALUES) { - control_array[ret] = act; - } else { - /* set the default to 'act' */ - _pam_set_default_control(control_array, act); - } - } - - /* that was a success */ - return; - -parse_error: - /* treat everything as bad */ - _pam_system_log(LOG_ERR, "pam_parse: %s; [...%s]", error, tok); - for (ret=0; ret<_PAM_RETURN_VALUES; control_array[ret++]=_PAM_ACTION_BAD); - -} diff --git a/contrib/libpam/libpam/pam_password.c b/contrib/libpam/libpam/pam_password.c deleted file mode 100644 index c247b12..0000000 --- a/contrib/libpam/libpam/pam_password.c +++ /dev/null @@ -1,57 +0,0 @@ -/* pam_password.c - PAM Password Management */ - -/* - * $Id: pam_password.c,v 1.2 2001/01/22 06:07:29 agmorgan Exp $ - */ - -#include <stdio.h> -#include <stdlib.h> - -/* #define DEBUG */ - -#include "pam_private.h" - -int pam_chauthtok(pam_handle_t *pamh, int flags) -{ - int retval; - - D(("called.")); - - IF_NO_PAMH("pam_chauthtok", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_MODULE(pamh)) { - D(("called from module!?")); - return PAM_SYSTEM_ERR; - } - - if (pamh->former.choice == PAM_NOT_STACKED) { - _pam_start_timer(pamh); /* we try to make the time for a failure - independent of the time it takes to - fail */ - _pam_sanitize(pamh); - pamh->former.update = PAM_FALSE; - } - - /* first call to check if there will be a problem */ - if (pamh->former.update || - (retval = _pam_dispatch(pamh, flags|PAM_PRELIM_CHECK, - PAM_CHAUTHTOK)) == PAM_SUCCESS) { - D(("completed check ok: former=%d", pamh->former.update)); - pamh->former.update = PAM_TRUE; - retval = _pam_dispatch(pamh, flags|PAM_UPDATE_AUTHTOK, - PAM_CHAUTHTOK); - } - - /* if we completed we should clean up */ - if (retval != PAM_INCOMPLETE) { - _pam_sanitize(pamh); - pamh->former.update = PAM_FALSE; - _pam_await_timer(pamh, retval); /* if unsuccessful then wait now */ - D(("pam_chauthtok exit %d - %d", retval, pamh->former.choice)); - } else { - D(("will resume when ready", retval)); - } - - return retval; -} - diff --git a/contrib/libpam/libpam/pam_private.h b/contrib/libpam/libpam/pam_private.h deleted file mode 100644 index 9683c56..0000000 --- a/contrib/libpam/libpam/pam_private.h +++ /dev/null @@ -1,329 +0,0 @@ -/* - * pam_private.h - * - * $Id: pam_private.h,v 1.4 2001/02/05 06:50:41 agmorgan Exp $ - * - * This is the Linux-PAM Library Private Header. It contains things - * internal to the Linux-PAM library. Things not needed by either an - * application or module. - * - * Please see end of file for copyright. - * - * Creator: Marc Ewing. - * Maintained: CVS - * - * $FreeBSD$ - */ - -#ifndef _PAM_PRIVATE_H -#define _PAM_PRIVATE_H - -#include <security/_pam_aconf.h> - -/* this is not used at the moment --- AGM */ -#define LIBPAM_VERSION (LIBPAM_VERSION_MAJOR*0x100 + LIBPAM_VERSION_MINOR) - -#include <security/pam_appl.h> -#include <security/pam_modules.h> - -/* the Linux-PAM configuration file */ - -#define PAM_CONFIG "/etc/pam.conf" -#define PAM_CONFIG_D "/etc/pam.d" -#define PAM_CONFIG_DF "/etc/pam.d/%s" - -#define PAM_DEFAULT_SERVICE "other" /* lower case */ -#define PAM_DEFAULT_SERVICE_FILE PAM_CONFIG_D "/" PAM_DEFAULT_SERVICE - -#ifdef PAM_LOCKING -/* - * the Linux-PAM lock file. If it exists Linux-PAM will abort. Use it - * to block access to libpam - */ -#define PAM_LOCK_FILE "/var/lock/subsys/PAM" -#endif - -/* components of the pam_handle structure */ - -struct handler { - int must_fail; - int (*func)(pam_handle_t *_pamh, int _flags, int _argc, char **_argv); - int actions[_PAM_RETURN_VALUES]; - /* set by authenticate, open_session, chauthtok(1st) - consumed by setcred, close_session, chauthtok(2nd) */ - int cached_retval; int *cached_retval_p; - int argc; - char **argv; - struct handler *next; -}; - -struct loaded_module { - char *name; - int type; /* PAM_STATIC_MOD or PAM_DYNAMIC_MOD */ - void *dl_handle; -}; - -#define PAM_MT_DYNAMIC_MOD 0 -#define PAM_MT_STATIC_MOD 1 -#define PAM_MT_FAULTY_MOD 2 - -struct handlers { - struct handler *authenticate; - struct handler *setcred; - struct handler *acct_mgmt; - struct handler *open_session; - struct handler *close_session; - struct handler *chauthtok; -}; - -struct service { - struct loaded_module *module; /* Only used for dynamic loading */ - int modules_allocated; - int modules_used; - int handlers_loaded; - - struct handlers conf; /* the configured handlers */ - struct handlers other; /* the default handlers */ -}; - -/* - * Environment helper functions - */ - -#define PAM_ENV_CHUNK 10 /* chunks of memory calloc()'d * - * at once */ - -struct pam_environ { - int entries; /* the number of pointers available */ - int requested; /* the number of pointers used: * - * 1 <= requested <= entries */ - char **list; /* the environment storage (a list * - * of pointers to malloc() memory) */ -}; - -#include <sys/time.h> - -typedef enum { PAM_FALSE, PAM_TRUE } _pam_boolean; - -struct _pam_fail_delay { - _pam_boolean set; - unsigned int delay; - time_t begin; - const void *delay_fn_ptr; -}; - -struct _pam_former_state { -/* this is known and set by _pam_dispatch() */ - int choice; /* which flavor of module function did we call? */ - -/* state info for the _pam_dispatch_aux() function */ - int depth; /* how deep in the stack were we? */ - int impression; /* the impression at that time */ - int status; /* the status before returning incomplete */ - -/* state info used by pam_get_user() function */ - int want_user; - char *prompt; /* saved prompt information */ - -/* state info for the pam_chauthtok() function */ - _pam_boolean update; -}; - -struct pam_handle { - char *authtok; - unsigned caller_is; - struct pam_conv *pam_conversation; - char *oldauthtok; - char *prompt; /* for use by pam_get_user() */ - char *service_name; - char *user; - char *rhost; - char *ruser; - char *tty; - struct pam_data *data; - struct pam_environ *env; /* structure to maintain environment list */ - struct _pam_fail_delay fail_delay; /* helper function for easy delays */ - struct service handlers; - struct _pam_former_state former; /* library state - support for - event driven applications */ -}; - -/* Values for select arg to _pam_dispatch() */ -#define PAM_NOT_STACKED 0 -#define PAM_AUTHENTICATE 1 -#define PAM_SETCRED 2 -#define PAM_ACCOUNT 3 -#define PAM_OPEN_SESSION 4 -#define PAM_CLOSE_SESSION 5 -#define PAM_CHAUTHTOK 6 - -#define _PAM_ACTION_IS_JUMP(x) ((x) > 0) -#define _PAM_ACTION_IGNORE 0 -#define _PAM_ACTION_OK -1 -#define _PAM_ACTION_DONE -2 -#define _PAM_ACTION_BAD -3 -#define _PAM_ACTION_DIE -4 -#define _PAM_ACTION_RESET -5 -/* Add any new entries here. Will need to change ..._UNDEF and then - * need to change pam_tokens.h */ -#define _PAM_ACTION_UNDEF -6 /* this is treated as an error - ( = _PAM_ACTION_BAD) */ - -/* character tables for parsing config files */ -extern const char * const _pam_token_actions[-_PAM_ACTION_UNDEF]; -extern const char * const _pam_token_returns[_PAM_RETURN_VALUES+1]; - -/* - * internally defined functions --- these should not be directly - * called by applications or modules - */ -int _pam_dispatch(pam_handle_t *_pamh, int _flags, int _choice); - -/* Free various allocated structures and dlclose() the libs */ -int _pam_free_handlers(pam_handle_t *_pamh); - -/* Parse config file, allocate handler structures, dlopen() */ -int _pam_init_handlers(pam_handle_t *_pamh); - -/* Set all hander stuff to 0/NULL - called once from pam_start() */ -void _pam_start_handlers(pam_handle_t *_pamh); - -/* environment helper functions */ - -/* create the environment structure */ -int _pam_make_env(pam_handle_t *_pamh); - -/* delete the environment structure */ -void _pam_drop_env(pam_handle_t *_pamh); - -/* these functions deal with failure delays as required by the - authentication modules and application. Their *interface* is likely - to remain the same although their function is hopefully going to - improve */ - -/* reset the timer to no-delay */ -void _pam_reset_timer(pam_handle_t *_pamh); - -/* this sets the clock ticking */ -void _pam_start_timer(pam_handle_t *_pamh); - -/* this waits for the clock to stop ticking if status != PAM_SUCCESS */ -void _pam_await_timer(pam_handle_t *_pamh, int _status); - -typedef void (*voidfunc(void))(void); -#ifdef PAM_STATIC - -/* The next two in ../modules/_pam_static/pam_static.c */ - -/* Return pointer to data structure used to define a static module */ -struct pam_module * _pam_open_static_handler(const char *_path); - -/* Return pointer to function requested from static module */ - -voidfunc *_pam_get_static_sym(struct pam_module *_mod, const char *_symname); - -#endif - -/* For now we just use a stack and linear search for module data. */ -/* If it becomes apparent that there is a lot of data, it should */ -/* changed to either a sorted list or a hash table. */ - -struct pam_data { - char *name; - void *data; - void (*cleanup)(pam_handle_t *_pamh, void *_data, int _error_status); - struct pam_data *next; -}; - -void _pam_free_data(pam_handle_t *_pamh, int _status); - -int _pam_strCMP(const char *_s, const char *_t); -char *_pam_StrTok(char *_from, const char *_format, char **_next); - -char *_pam_strdup(const char *_s); - -int _pam_mkargv(char *_s, char ***_argv, int *_argc); - -void _pam_sanitize(pam_handle_t *_pamh); - -void _pam_set_default_control(int *_control_array, int _default_action); - -void _pam_parse_control(int *_control_array, char *_tok); - -void _pam_system_log(int _priority, const char *_format, ... ); -#define _PAM_SYSTEM_LOG_PREFIX "PAM " - -int pam_authenticate_secondary(pam_handle_t *pamh, char *target_username, char *target_module_type, char *target_authn_domain, char *target_supp_data, unsigned char *target_module_authtok, int flags); -/* - * XXX - Take care with this. It could confuse the logic of a trailing - * else - */ - -#define IF_NO_PAMH(X,pamh,ERR) \ -if ((pamh) == NULL) { \ - _pam_system_log(LOG_ERR, X ": NULL pam handle passed"); \ - return ERR; \ -} - -/* Definition for the default username prompt used by pam_get_user() */ - -#define PAM_DEFAULT_PROMPT "Please enter username: " - -/* - * include some helpful macros - */ - -#include <security/_pam_macros.h> - -/* used to work out where control currently resides (in an application - or in a module) */ - -#define _PAM_CALLED_FROM_MODULE 1 -#define _PAM_CALLED_FROM_APP 2 - -#define __PAM_FROM_MODULE(pamh) ((pamh)->caller_is == _PAM_CALLED_FROM_MODULE) -#define __PAM_FROM_APP(pamh) ((pamh)->caller_is == _PAM_CALLED_FROM_APP) -#define __PAM_TO_MODULE(pamh) \ - do { (pamh)->caller_is = _PAM_CALLED_FROM_MODULE; } while (0) -#define __PAM_TO_APP(pamh) \ - do { (pamh)->caller_is = _PAM_CALLED_FROM_APP; } while (0) - -/* - * Copyright (C) 1995 by Red Hat Software, Marc Ewing - * Copyright (c) 1996-8,2001 by Andrew G. Morgan <morgan@kernel.org> - * - * All rights reserved - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#endif /* _PAM_PRIVATE_H_ */ diff --git a/contrib/libpam/libpam/pam_second.c b/contrib/libpam/libpam/pam_second.c deleted file mode 100644 index f7c17ba..0000000 --- a/contrib/libpam/libpam/pam_second.c +++ /dev/null @@ -1,40 +0,0 @@ -/* - * pam_second.c -- PAM secondary authentication - * (based on XSSO draft spec of March 1997) - * - * $Id: pam_second.c,v 1.2 2000/12/04 19:02:34 baggins Exp $ - * $FreeBSD$ - * - */ - -#include <stdio.h> -#include <stdlib.h> - -#include "pam_private.h" - -/* p 42 */ - -int pam_authenticate_secondary(pam_handle_t *pamh, - char *target_username __unused, - char *target_module_type __unused, - char *target_authn_domain __unused, - char *target_supp_data __unused, - unsigned char *target_module_authtok __unused, - int flags __unused) -{ - int retval=PAM_SYSTEM_ERR; - - D(("called")); - - _pam_start_timer(pamh); /* we try to make the time for a failure - independent of the time it takes to - fail */ - - IF_NO_PAMH("pam_authenticate_secondary",pamh,PAM_SYSTEM_ERR); - - _pam_await_timer(pamh, retval); /* if unsuccessful then wait now */ - - D(("pam_authenticate_secondary exit")); - - return retval; -} diff --git a/contrib/libpam/libpam/pam_session.c b/contrib/libpam/libpam/pam_session.c deleted file mode 100644 index 3709f62..0000000 --- a/contrib/libpam/libpam/pam_session.c +++ /dev/null @@ -1,37 +0,0 @@ -/* pam_session.c - PAM Session Management */ - -/* - * $Id: pam_session.c,v 1.3 2001/01/22 06:07:29 agmorgan Exp $ - */ - -#include <stdio.h> - -#include "pam_private.h" - -int pam_open_session(pam_handle_t *pamh, int flags) -{ - D(("called")); - - IF_NO_PAMH("pam_open_session", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_MODULE(pamh)) { - D(("called from module!?")); - return PAM_SYSTEM_ERR; - } - - return _pam_dispatch(pamh, flags, PAM_OPEN_SESSION); -} - -int pam_close_session(pam_handle_t *pamh, int flags) -{ - D(("called")); - - IF_NO_PAMH("pam_close_session", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_MODULE(pamh)) { - D(("called from module!?")); - return PAM_SYSTEM_ERR; - } - - return _pam_dispatch(pamh, flags, PAM_CLOSE_SESSION); -} diff --git a/contrib/libpam/libpam/pam_start.c b/contrib/libpam/libpam/pam_start.c deleted file mode 100644 index 2296c9a..0000000 --- a/contrib/libpam/libpam/pam_start.c +++ /dev/null @@ -1,112 +0,0 @@ -/* pam_start.c */ - -/* Creator Marc Ewing - * Maintained by AGM - * - * $Id: pam_start.c,v 1.2 2001/01/22 06:07:29 agmorgan Exp $ - * - */ - -#include <ctype.h> -#include <stdlib.h> -#include <unistd.h> -#include <string.h> -#include <syslog.h> - -#include "pam_private.h" - -int pam_start ( - const char *service_name, - const char *user, - const struct pam_conv *pam_conversation, - pam_handle_t **pamh) -{ - D(("called pam_start: [%s] [%s] [%p] [%p]" - ,service_name, user, pam_conversation, pamh)); - - if ((*pamh = calloc(1, sizeof(**pamh))) == NULL) { - _pam_system_log(LOG_CRIT, "pam_start: calloc failed for *pamh"); - return (PAM_BUF_ERR); - } - - /* Mark the caller as the application - permission to do certain - things is limited to a module or an application */ - - __PAM_TO_APP(*pamh); - - if (service_name) { - char *tmp; - - if (((*pamh)->service_name = _pam_strdup(service_name)) == NULL) { - _pam_system_log(LOG_CRIT, - "pam_start: _pam_strdup failed for service name"); - _pam_drop(*pamh); - return (PAM_BUF_ERR); - } - for (tmp=(*pamh)->service_name; *tmp; ++tmp) - *tmp = tolower(*tmp); /* require lower case */ - } else - (*pamh)->service_name = NULL; - - if (user) { - if (((*pamh)->user = _pam_strdup(user)) == NULL) { - _pam_system_log(LOG_CRIT, - "pam_start: _pam_strdup failed for user"); - _pam_drop((*pamh)->service_name); - _pam_drop(*pamh); - return (PAM_BUF_ERR); - } - } else - (*pamh)->user = NULL; - - (*pamh)->tty = NULL; - (*pamh)->prompt = NULL; /* prompt for pam_get_user() */ - (*pamh)->ruser = NULL; - (*pamh)->rhost = NULL; - (*pamh)->authtok = NULL; - (*pamh)->oldauthtok = NULL; - (*pamh)->fail_delay.delay_fn_ptr = NULL; - (*pamh)->former.choice = PAM_NOT_STACKED; - - if (pam_conversation == NULL - || ((*pamh)->pam_conversation = (struct pam_conv *) - malloc(sizeof(struct pam_conv))) == NULL) { - _pam_system_log(LOG_CRIT, "pam_start: malloc failed for pam_conv"); - _pam_drop((*pamh)->service_name); - _pam_drop((*pamh)->user); - _pam_drop(*pamh); - return (PAM_BUF_ERR); - } else { - memcpy((*pamh)->pam_conversation, pam_conversation, - sizeof(struct pam_conv)); - } - - (*pamh)->data = NULL; - if ( _pam_make_env(*pamh) != PAM_SUCCESS ) { - _pam_system_log(LOG_ERR,"pam_start: failed to initialize environment"); - _pam_drop((*pamh)->service_name); - _pam_drop((*pamh)->user); - _pam_drop(*pamh); - return PAM_ABORT; - } - - _pam_reset_timer(*pamh); /* initialize timer support */ - - _pam_start_handlers(*pamh); /* cannot fail */ - - /* According to the SunOS man pages, loading modules and resolving - * symbols happens on the first call from the application. */ - - if ( _pam_init_handlers(*pamh) != PAM_SUCCESS ) { - _pam_system_log(LOG_ERR, "pam_start: failed to initialize handlers"); - _pam_drop_env(*pamh); /* purge the environment */ - _pam_drop((*pamh)->service_name); - _pam_drop((*pamh)->user); - _pam_drop(*pamh); - return PAM_ABORT; - } - - D(("exiting pam_start successfully")); - - return PAM_SUCCESS; -} diff --git a/contrib/libpam/libpam/pam_static.c b/contrib/libpam/libpam/pam_static.c deleted file mode 100644 index f3a4707..0000000 --- a/contrib/libpam/libpam/pam_static.c +++ /dev/null @@ -1,117 +0,0 @@ -/* pam_static.c -- static module loading helper functions */ - -/* created by Michael K. Johnson, johnsonm@redhat.com - * - * $Id: pam_static.c,v 1.1.1.1 2000/06/20 22:11:21 agmorgan Exp $ - * $FreeBSD$ - */ - -#include <stdlib.h> -#include <stdio.h> -#include <string.h> - -#include "pam_private.h" - -/* This whole file is only used for PAM_STATIC */ - -#ifdef PAM_STATIC - -SET_DECLARE(_pam_static_modules, struct pam_module); - -/* Return pointer to data structure used to define a static module */ -struct pam_module * _pam_open_static_handler(const char *path) -{ - const char *clpath = path; - char *lpath, *end; - struct pam_module **static_module; - - if (strchr(clpath, '/')) { - /* ignore path and leading "/" */ - clpath = strrchr(clpath, '/') + 1; - } - /* create copy to muck with (must free before return) */ - lpath = _pam_strdup(clpath); - /* chop .so off copy if it exists (or other extension on other - platform...) */ - end = strstr(lpath, ".so"); - if (end) { - *end = '\0'; - } - - /* now go find the module */ - SET_FOREACH(static_module, _pam_static_modules) { - D(("%s=?%s\n", lpath, (*static_module)->name)); - if ((*static_module)->name && - ! strcmp((*static_module)->name, lpath)) { - free(lpath); - return (*static_module); - } - } - - free(lpath); - return (NULL); -} - -/* Return pointer to function requested from static module - * Can't just return void *, because ANSI C disallows casting a - * pointer to a function to a void *... - * This definition means: - * _pam_get_static_sym is a function taking two arguments and - * returning a pointer to a function which takes no arguments - * and returns void... */ -voidfunc *_pam_get_static_sym(struct pam_module *mod, const char *symname) { - - if (! strcmp(symname, "pam_sm_authenticate")) { - return ((voidfunc *)mod->pam_sm_authenticate); - } else if (! strcmp(symname, "pam_sm_setcred")) { - return ((voidfunc *)mod->pam_sm_setcred); - } else if (! strcmp(symname, "pam_sm_acct_mgmt")) { - return ((voidfunc *)mod->pam_sm_acct_mgmt); - } else if (! strcmp(symname, "pam_sm_open_session")) { - return ((voidfunc *)mod->pam_sm_open_session); - } else if (! strcmp(symname, "pam_sm_close_session")) { - return ((voidfunc *)mod->pam_sm_close_session); - } else if (! strcmp(symname, "pam_sm_chauthtok")) { - return ((voidfunc *)mod->pam_sm_chauthtok); - } - /* getting to this point is an error */ - return ((voidfunc *)NULL); -} - -#endif /* PAM_STATIC */ - -/* - * Copyright (C) 1995 by Red Hat Software, Michael K. Johnson - * All rights reserved - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ diff --git a/contrib/libpam/libpam/pam_strerror.c b/contrib/libpam/libpam/pam_strerror.c deleted file mode 100644 index 3f112e2..0000000 --- a/contrib/libpam/libpam/pam_strerror.c +++ /dev/null @@ -1,94 +0,0 @@ -/* pam_strerror.c */ - -/* - * $Id: pam_strerror.c,v 1.2 2000/12/04 19:02:34 baggins Exp $ - * $FreeBSD$ - */ - -#include "pam_private.h" - -const char *pam_strerror(pam_handle_t *pamh __unused, int errnum) -{ -#ifdef UGLY_HACK_FOR_PRIOR_BEHAVIOR_SUPPORT /* will be removed from v 1.0 */ - - int possible_error; - - possible_error = (int) pamh; - if (!(possible_error >= 0 && possible_error <= PAM_BAD_ITEM)) { - possible_error = errnum; - } - -/* mask standard behavior to use possible_error variable. */ -#define errnum possible_error - -#endif /* UGLY_HACK_FOR_PRIOR_BEHAVIOR_SUPPORT */ - - switch (errnum) { - case PAM_SUCCESS: - return "Success"; - case PAM_ABORT: - return "Critical error - immediate abort"; - case PAM_OPEN_ERR: - return "dlopen() failure"; - case PAM_SYMBOL_ERR: - return "Symbol not found"; - case PAM_SERVICE_ERR: - return "Error in service module"; - case PAM_SYSTEM_ERR: - return "System error"; - case PAM_BUF_ERR: - return "Memory buffer error"; - case PAM_PERM_DENIED: - return "Permission denied"; - case PAM_AUTH_ERR: - return "Authentication failure"; - case PAM_CRED_INSUFFICIENT: - return "Insufficient credentials to access authentication data"; - case PAM_AUTHINFO_UNAVAIL: - return "Authentication service cannot retrieve authentication info."; - case PAM_USER_UNKNOWN: - return "User not known to the underlying authentication module"; - case PAM_MAXTRIES: - return "Have exhasted maximum number of retries for service."; - case PAM_NEW_AUTHTOK_REQD: - return "Authentication token is no longer valid; new one required."; - case PAM_ACCT_EXPIRED: - return "User account has expired"; - case PAM_SESSION_ERR: - return "Cannot make/remove an entry for the specified session"; - case PAM_CRED_UNAVAIL: - return "Authentication service cannot retrieve user credentials"; - case PAM_CRED_EXPIRED: - return "User credentials expired"; - case PAM_CRED_ERR: - return "Failure setting user credentials"; - case PAM_NO_MODULE_DATA: - return "No module specific data is present"; - case PAM_BAD_ITEM: - return "Bad item passed to pam_*_item()"; - case PAM_CONV_ERR: - return "Conversation error"; - case PAM_AUTHTOK_ERR: - return "Authentication token manipulation error"; - case PAM_AUTHTOK_RECOVER_ERR: - return "Authentication information cannot be recovered"; - case PAM_AUTHTOK_LOCK_BUSY: - return "Authentication token lock busy"; - case PAM_AUTHTOK_DISABLE_AGING: - return "Authentication token aging disabled"; - case PAM_TRY_AGAIN: - return "Failed preliminary check by password service"; - case PAM_IGNORE: - return "Please ignore underlying account module"; - case PAM_MODULE_UNKNOWN: - return "Module is unknown"; - case PAM_AUTHTOK_EXPIRED: - return "Authentication token expired"; - case PAM_CONV_AGAIN: - return "Conversation is waiting for event"; - case PAM_INCOMPLETE: - return "Application needs to call libpam again"; - } - - return "Unknown Linux-PAM error (need to upgrde libpam?)"; -} diff --git a/contrib/libpam/libpam/pam_tokens.h b/contrib/libpam/libpam/pam_tokens.h deleted file mode 100644 index 69e7948..0000000 --- a/contrib/libpam/libpam/pam_tokens.h +++ /dev/null @@ -1,106 +0,0 @@ -/* - * pam_tokens.h - * - * $Id: pam_tokens.h,v 1.3 2001/01/22 06:07:29 agmorgan Exp $ - * - * This is a Linux-PAM Library Private Header file. It contains tokens - * that are used when we parse the configuration file(s). - * - * Please see end of file for copyright. - * - * Creator: Andrew Morgan. - * - */ - -#ifndef _PAM_TOKENS_H -#define _PAM_TOKENS_H - -/* an array of actions */ - -const char * const _pam_token_actions[-_PAM_ACTION_UNDEF] = { - "ignore", /* 0 */ - "ok", /* -1 */ - "done", /* -2 */ - "bad", /* -3 */ - "die", /* -4 */ - "reset", /* -5 */ -}; - -/* an array of possible return values */ - -const char * const _pam_token_returns[_PAM_RETURN_VALUES+1] = { - "success", /* 0 */ - "open_err", /* 1 */ - "symbol_err", /* 2 */ - "service_err", /* 3 */ - "system_err", /* 4 */ - "buf_err", /* 5 */ - "perm_denied", /* 6 */ - "auth_err", /* 7 */ - "cred_insufficient", /* 8 */ - "authinfo_unavail", /* 9 */ - "user_unknown", /* 10 */ - "maxtries", /* 11 */ - "new_authtok_reqd", /* 12 */ - "acct_expired", /* 13 */ - "session_err", /* 14 */ - "cred_unavail", /* 15 */ - "cred_expired", /* 16 */ - "cred_err", /* 17 */ - "no_module_data", /* 18 */ - "conv_err", /* 19 */ - "authtok_err", /* 20 */ - "authtok_recover_err", /* 21 */ - "authtok_lock_busy", /* 22 */ - "authtok_disable_aging", /* 23 */ - "try_again", /* 24 */ - "ignore", /* 25 */ - "abort", /* 26 */ - "authtok_expired", /* 27 */ - "module_unknown", /* 28 */ - "bad_item", /* 29 */ - "conv_again", /* 30 */ - "incomplete", /* 31 */ -/* add new return codes here */ - "default" /* this is _PAM_RETURN_VALUES and indicates - the default return action */ -}; - -/* - * Copyright (C) 1998,2001 Andrew G. Morgan <morgan@kernel.org> - * - * All rights reserved - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#endif /* _PAM_PRIVATE_H_ */ diff --git a/contrib/libpam/libpam_misc/Makefile b/contrib/libpam/libpam_misc/Makefile deleted file mode 100644 index b7ff178..0000000 --- a/contrib/libpam/libpam_misc/Makefile +++ /dev/null @@ -1,106 +0,0 @@ -# -# $Id: Makefile,v 1.3 2001/02/10 07:17:53 agmorgan Exp $ -# - -# lots of debugging information goes to /tmp/pam-debug.log -#MOREFLAGS += -D"DEBUG" - -include ../Make.Rules - -ifeq ($(WITH_LIBDEBUG),yes) - LIBNAME=libpam_miscd -else - LIBNAME=libpam_misc -endif -VERSION=.$(MAJOR_REL) -MODIFICATION=.$(MINOR_REL) - -CFLAGS += $(MOREFLAGS) $(DYNAMIC) $(STATIC) - -# dynamic library names - -LIBNAMED = $(LIBNAME).$(DYNTYPE) -LIBNAMEDNAME = $(LIBNAMED)$(VERSION) -LIBNAMEDFULL = $(LIBNAMEDNAME)$(MODIFICATION) - -# static library name - -LIBNAMEDSTATIC = $(LIBNAME).a - -LIBOBJECTS = help_env.o misc_conv.o - -ifeq ($(DYNAMIC_LIBPAM),yes) -DLIBOBJECTS = $(addprefix dynamic/,$(LIBOBJECTS)) -endif - -ifeq ($(STATIC_LIBPAM),yes) -SLIBOBJECTS = $(addprefix static/,$(LIBOBJECTS)) -endif - -# --------------------------------------------- -## rules - -all: dirs $(LIBNAMED) $(LIBNAMEDSTATIC) - -dirs: -ifeq ($(DYNAMIC_LIBPAM),yes) - $(MKDIR) dynamic -endif -ifeq ($(STATIC_LIBPAM),yes) - $(MKDIR) static -endif - -dynamic/%.o : %.c - $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ - -static/%.o : %.c - $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ - -$(LIBNAMED): $(DLIBOBJECTS) -ifeq ($(DYNAMIC_LIBPAM),yes) - ifeq ($(USESONAME),yes) - $(LD_L) $(SOSWITCH) $(LIBNAMEDNAME) -o $@ $(DLIBOBJECTS) $(MODULES) $(LINKLIBS) - else - $(LD_L) -o $@ $(DLIBOBJECTS) $(MODULES) - endif - ifeq ($(NEEDSONAME),yes) - rm -f $(LIBNAMEDFULL) - ln -s $(LIBNAMED) $(LIBNAMEDFULL) - rm -f $(LIBNAMEDNAME) - ln -s $(LIBNAMED) $(LIBNAMEDNAME) - endif -endif - -$(LIBNAMEDSTATIC): $(SLIBOBJECTS) -ifeq ($(STATIC_LIBPAM),yes) - $(AR) rc $@ $(SLIBOBJECTS) $(MODULES) - $(RANLIB) $@ -endif - -install: all - $(MKDIR) $(FAKEROOT)$(INCLUDED) - $(INSTALL) -m 644 include/security/pam_misc.h $(FAKEROOT)$(INCLUDED) -ifeq ($(DYNAMIC_LIBPAM),yes) - $(MKDIR) $(FAKEROOT)$(libdir) - $(INSTALL) -m $(SHLIBMODE) $(LIBNAMED) $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL) - $(LDCONFIG) - ifneq ($(DYNTYPE),"sl") - ( cd $(FAKEROOT)$(libdir) ; rm -f $(LIBNAMED) ; ln -s $(LIBNAMEDNAME) $(LIBNAMED) ) - endif -endif -ifeq ($(STATIC_LIBPAM),yes) - $(INSTALL) -m 644 $(LIBNAMEDSTATIC) $(FAKEROOT)$(libdir) -endif - -remove: - rm -f $(FAKEROOT)$(INCLUDED)/pam_misc.h - rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL) - rm -f $(FAKEROOT)$(libdir)/$(LIBNAMED) - $(LDCONFIG) - rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDSTATIC) - -clean: - rm -f a.out core *~ static/*.o dynamic/*.o - rm -f *.a *.out *.o *.so ./include/security/*~ - if [ -d dynamic ]; then rmdir dynamic ; fi - if [ -d static ]; then rmdir static ; fi diff --git a/contrib/libpam/libpam_misc/help_env.c b/contrib/libpam/libpam_misc/help_env.c deleted file mode 100644 index e139098..0000000 --- a/contrib/libpam/libpam_misc/help_env.c +++ /dev/null @@ -1,105 +0,0 @@ -/* - * $Id: help_env.c,v 1.2 2000/12/04 19:02:34 baggins Exp $ - * - * This file was written by Andrew G. Morgan <morgan@parc.power.net> - * - */ - -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <security/pam_misc.h> - -/* - * This is a useful function for dumping the Linux-PAM environment - * into some local memory, prior to it all getting lost when pam_end() - * is called. - * - * Initially it was assumed that libpam did not do this part correctly - * (based on a loose email definition). The X/Open XSSO spec makes it - * clear that this function is a duplicate of the one already in - * libpam and therefore unnecessary. IT WILL BE COMPLETELY REMOVED - * IN libpam_misc 1.0 */ - -char **pam_misc_copy_env(pam_handle_t *pamh); -char **pam_misc_copy_env(pam_handle_t *pamh) -{ - return pam_getenvlist(pamh); -} - -/* - * This function should be used to carefully dispose of the copied - * environment. - * - * usage: env = pam_misc_drop_env(env); - */ - -char **pam_misc_drop_env(char **dump) -{ - int i; - - for (i=0; dump[i] != NULL; ++i) { - D(("dump[%d]=`%s'", i, dump[i])); - _pam_overwrite(dump[i]); - _pam_drop(dump[i]); - } - _pam_drop(dump); - - return NULL; -} - -/* - * This function takes the supplied environment and uploads it to be - * the PAM one. - */ - -int pam_misc_paste_env(pam_handle_t *pamh, const char * const * user_env) -{ - for (; user_env && *user_env; ++user_env) { - int retval; - - D(("uploading: %s", *user_env)); - retval = pam_putenv(pamh, *user_env); - if (retval != PAM_SUCCESS) { - D(("error setting %s: %s", *user_env, pam_strerror(pamh,retval))); - return retval; - } - } - D(("done.")); - return PAM_SUCCESS; -} - -/* - * This is a wrapper to make pam behave in the way that setenv() does. - */ - -int pam_misc_setenv(pam_handle_t *pamh, const char *name - , const char *value, int readonly) -{ - char *tmp; - int retval; - - if (readonly) { - const char *etmp; - - /* we check if the variable is there already */ - etmp = pam_getenv(pamh, name); - if (etmp != NULL) { - D(("failed to set readonly variable: %s", name)); - return PAM_PERM_DENIED; /* not allowed to overwrite */ - } - } - tmp = malloc(2+strlen(name)+strlen(value)); - if (tmp != NULL) { - sprintf(tmp,"%s=%s",name,value); - D(("pam_putt()ing: %s", tmp)); - retval = pam_putenv(pamh, tmp); - _pam_overwrite(tmp); /* purge */ - _pam_drop(tmp); /* forget */ - } else { - D(("malloc failure")); - retval = PAM_BUF_ERR; - } - - return retval; -} diff --git a/contrib/libpam/libpam_misc/include/security/pam_misc.h b/contrib/libpam/libpam_misc/include/security/pam_misc.h deleted file mode 100644 index 0e68f64a..0000000 --- a/contrib/libpam/libpam_misc/include/security/pam_misc.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - * $Id: pam_misc.h,v 1.3 2001/01/20 22:29:47 agmorgan Exp $ - * $FreeBSD$ - */ - -#ifndef __PAMMISC_H -#define __PAMMISC_H - -#include <security/pam_appl.h> -#include <security/pam_client.h> - -/* include some useful macros */ - -#include <security/_pam_macros.h> - -/* functions defined in pam_misc.* libraries */ - -extern int misc_conv(int _num_msg, const struct pam_message **_msgm, - struct pam_response **_response, void *_appdata_ptr); - -#include <time.h> - -extern time_t pam_misc_conv_warn_time; /* time that we should warn user */ -extern time_t pam_misc_conv_die_time; /* cut-off time for input */ -extern const char *pam_misc_conv_warn_line; /* warning notice */ -extern const char *pam_misc_conv_die_line; /* cut-off remark */ -extern int pam_misc_conv_died; /* 1 = cut-off time reached (0 not) */ -extern int (*pam_binary_handler_fn)(void *_appdata, pamc_bp_t *_prompt_p); -extern void (*pam_binary_handler_free)(void *_appdata, pamc_bp_t *_prompt_p); -/* - * Environment helper functions - */ - -/* transcribe given environment (to pam) */ -extern int pam_misc_paste_env(pam_handle_t *_pamh - , const char * const *_user_env); - -/* char **pam_misc_copy_env(pam_handle_t *pamh); - - This is no longer defined as a prototype because the X/Open XSSO - spec makes it clear that PAM's pam_getenvlist() does exactly - what this was needed for. - - A wrapper is still provided in the pam_misc library - so that - legacy applications will still work. But _BE_WARNED_ it will - disappear by the release of libpam 1.0 . */ - -/* delete environment as obtained from (pam_getenvlist) */ -extern char **pam_misc_drop_env(char **env); - -/* provide something like the POSIX setenv function for the (Linux-)PAM - * environment. */ - -extern int pam_misc_setenv(pam_handle_t *pamh, const char *name - , const char *value, int readonly); - -char *xstrdup(const char *x); - -#endif diff --git a/contrib/libpam/libpam_misc/misc_conv.c b/contrib/libpam/libpam_misc/misc_conv.c deleted file mode 100644 index 06be5d3..0000000 --- a/contrib/libpam/libpam_misc/misc_conv.c +++ /dev/null @@ -1,349 +0,0 @@ -/* - * $Id: misc_conv.c,v 1.3 2001/01/20 22:29:47 agmorgan Exp $ - * $FreeBSD$ - * - * A generic conversation function for text based applications - * - * Written by Andrew Morgan <morgan@linux.kernel.org> - */ - -#include <security/_pam_aconf.h> - -#include <signal.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <sys/types.h> -#include <termios.h> -#include <time.h> -#include <unistd.h> - -#include <security/pam_appl.h> -#include <security/pam_client.h> -#include <security/pam_misc.h> - -#define INPUTSIZE PAM_MAX_MSG_SIZE /* maximum length of input+1 */ -#define CONV_ECHO_ON 1 /* types of echo state */ -#define CONV_ECHO_OFF 0 - -/* - * external timeout definitions - these can be overriden by the - * application. - */ - -time_t pam_misc_conv_warn_time = 0; /* time when we warn */ -time_t pam_misc_conv_die_time = 0; /* time when we timeout */ - -const char *pam_misc_conv_warn_line = "..\a.Time is running out...\n"; -const char *pam_misc_conv_die_line = "..\a.Sorry, your time is up!\n"; - -int pam_misc_conv_died=0; /* application can probe this for timeout */ - -/* - * These functions are for binary prompt manipulation. - * The manner in which a binary prompt is processed is application - * specific, so these function pointers are provided and can be - * initialized by the application prior to the conversation function - * being used. - */ - -static void pam_misc_conv_delete_binary(void *appdata __unused, - pamc_bp_t *delete_me) -{ - PAM_BP_RENEW(delete_me, 0, 0); -} - -int (*pam_binary_handler_fn)(void *appdata, pamc_bp_t *prompt_p) = NULL; -void (*pam_binary_handler_free)(void *appdata, pamc_bp_t *prompt_p) - = pam_misc_conv_delete_binary; - -/* the following code is used to get text input */ - -static volatile int expired=0; - -/* return to the previous signal handling */ -static void reset_alarm(struct sigaction *o_ptr) -{ - (void) alarm(0); /* stop alarm clock - if still ticking */ - (void) sigaction(SIGALRM, o_ptr, NULL); -} - -/* this is where we intercept the alarm signal */ -static void time_is_up(int ignore __unused) -{ - expired = 1; -} - -/* set the new alarm to hit the time_is_up() function */ -static int set_alarm(int delay, struct sigaction *o_ptr) -{ - struct sigaction new_sig; - - sigemptyset(&new_sig.sa_mask); - new_sig.sa_flags = 0; - new_sig.sa_handler = time_is_up; - if ( sigaction(SIGALRM, &new_sig, o_ptr) ) { - return 1; /* setting signal failed */ - } - if ( alarm(delay) ) { - (void) sigaction(SIGALRM, o_ptr, NULL); - return 1; /* failed to set alarm */ - } - return 0; /* all seems to have worked */ -} - -/* return the number of seconds to next alarm. 0 = no delay, -1 = expired */ -static int get_delay(void) -{ - time_t now; - - expired = 0; /* reset flag */ - (void) time(&now); - - /* has the quit time past? */ - if (pam_misc_conv_die_time && now >= pam_misc_conv_die_time) { - fprintf(stderr,"%s",pam_misc_conv_die_line); - - pam_misc_conv_died = 1; /* note we do not reset the die_time */ - return -1; /* time is up */ - } - - /* has the warning time past? */ - if (pam_misc_conv_warn_time && now >= pam_misc_conv_warn_time) { - fprintf(stderr, "%s", pam_misc_conv_warn_line); - pam_misc_conv_warn_time = 0; /* reset warn_time */ - - /* indicate remaining delay - if any */ - - return (pam_misc_conv_die_time ? pam_misc_conv_die_time - now:0 ); - } - - /* indicate possible warning delay */ - - if (pam_misc_conv_warn_time) - return (pam_misc_conv_warn_time - now); - else if (pam_misc_conv_die_time) - return (pam_misc_conv_die_time - now); - else - return 0; -} - -/* read a line of input string, giving prompt when appropriate */ -static char *read_string(int echo, const char *prompt) -{ - struct termios term_before, term_tmp; - char *input; - char line[INPUTSIZE]; - struct sigaction old_sig; - int delay, nc, have_term=0; - sigset_t oset, nset; - - D(("called with echo='%s', prompt='%s'.", echo ? "ON":"OFF" , prompt)); - - if (isatty(STDIN_FILENO)) { /* terminal state */ - - /* is a terminal so record settings and flush it */ - if ( tcgetattr(STDIN_FILENO, &term_before) != 0 ) { - D(("<error: failed to get terminal settings>")); - return NULL; - } - memcpy(&term_tmp, &term_before, sizeof(term_tmp)); - if (!echo) { - term_tmp.c_lflag &= ~(ECHO); - } - have_term = 1; - /* - * note - blocking signals isn't necessarily the - * right thing, but we leave it for now. - */ - sigemptyset(&nset); - sigaddset(&nset, SIGINT); - sigaddset(&nset, SIGTSTP); - (void)sigprocmask(SIG_BLOCK, &nset, &oset); - - } else if (!echo) { - D(("<warning: cannot turn echo off>")); - } - - /* set up the signal handling */ - delay = get_delay(); - - /* reading the line */ - while (delay >= 0) { - - fprintf(stderr, "%s", prompt); - /* this may, or may not set echo off -- drop pending input */ - if (have_term) - (void) tcsetattr(STDIN_FILENO, TCSAFLUSH, &term_tmp); - - if ( delay > 0 && set_alarm(delay, &old_sig) ) { - D(("<failed to set alarm>")); - break; - } else { - nc = read(STDIN_FILENO, line, INPUTSIZE-1); - if (have_term) { - (void) tcsetattr(STDIN_FILENO, TCSADRAIN, &term_before); - if (!echo || expired) /* do we need a newline? */ - fprintf(stderr,"\n"); - } - if ( delay > 0 ) { - reset_alarm(&old_sig); - } - if (expired) { - delay = get_delay(); - } else if (nc > 0) { /* we got some user input */ - if (nc > 0 && line[nc-1] == '\n') { /* <NUL> terminate */ - line[--nc] = '\0'; - } else { - line[nc] = '\0'; - } - input = x_strdup(line); - _pam_overwrite(line); - - goto cleanexit; /* return malloc()ed string */ - } else if (nc == 0) { /* Ctrl-D */ - D(("user did not want to type anything")); - input = x_strdup(""); - goto cleanexit; /* return malloc()ed string */ - } - } - } - - /* getting here implies that the timer expired */ - memset(line, 0, INPUTSIZE); /* clean up */ - input = NULL; - -cleanexit: - if (have_term) { - (void)sigprocmask(SIG_SETMASK, &oset, NULL); - (void) tcsetattr(STDIN_FILENO, TCSADRAIN, &term_before); - } - return input; -} - -/* end of read_string functions */ - -int misc_conv(int num_msg, const struct pam_message **msgm, - struct pam_response **response, void *appdata_ptr) -{ - int count=0; - struct pam_response *reply; - - if (num_msg <= 0) - return PAM_CONV_ERR; - - D(("allocating empty response structure array.")); - - reply = (struct pam_response *) calloc(num_msg, - sizeof(struct pam_response)); - if (reply == NULL) { - D(("no memory for responses")); - return PAM_CONV_ERR; - } - - D(("entering conversation function.")); - - for (count=0; count < num_msg; ++count) { - char *string=NULL; - - switch (msgm[count]->msg_style) { - case PAM_PROMPT_ECHO_OFF: - string = read_string(CONV_ECHO_OFF,msgm[count]->msg); - if (string == NULL) { - goto failed_conversation; - } - break; - case PAM_PROMPT_ECHO_ON: - string = read_string(CONV_ECHO_ON,msgm[count]->msg); - if (string == NULL) { - goto failed_conversation; - } - break; - case PAM_ERROR_MSG: - if (fprintf(stderr,"%s\n",msgm[count]->msg) < 0) { - goto failed_conversation; - } - break; - case PAM_TEXT_INFO: - if (fprintf(stdout,"%s\n",msgm[count]->msg) < 0) { - goto failed_conversation; - } - break; - case PAM_BINARY_PROMPT: - { - pamc_bp_t binary_prompt = NULL; - - if (!msgm[count]->msg || !pam_binary_handler_fn) { - goto failed_conversation; - } - - PAM_BP_RENEW(&binary_prompt, - PAM_BP_RCONTROL(msgm[count]->msg), - PAM_BP_LENGTH(msgm[count]->msg)); - PAM_BP_FILL(binary_prompt, 0, PAM_BP_LENGTH(msgm[count]->msg), - PAM_BP_RDATA(msgm[count]->msg)); - - if (pam_binary_handler_fn(appdata_ptr, - &binary_prompt) != PAM_SUCCESS - || (binary_prompt == NULL)) { - goto failed_conversation; - } - string = (char *) binary_prompt; - binary_prompt = NULL; - - break; - } - default: - fprintf(stderr, "erroneous conversation (%d)\n" - ,msgm[count]->msg_style); - goto failed_conversation; - } - - if (string) { /* must add to reply array */ - /* add string to list of responses */ - - reply[count].resp_retcode = 0; - reply[count].resp = string; - string = NULL; - } - } - - /* New (0.59+) behavior is to always have a reply - this is - compatable with the X/Open (March 1997) spec. */ - *response = reply; - reply = NULL; - - return PAM_SUCCESS; - -failed_conversation: - - if (reply) { - for (count=0; count<num_msg; ++count) { - if (reply[count].resp == NULL) { - continue; - } - switch (msgm[count]->msg_style) { - case PAM_PROMPT_ECHO_ON: - case PAM_PROMPT_ECHO_OFF: - _pam_overwrite(reply[count].resp); - free(reply[count].resp); - break; - case PAM_BINARY_PROMPT: - pam_binary_handler_free(appdata_ptr, - (pamc_bp_t *) &reply[count].resp); - break; - case PAM_ERROR_MSG: - case PAM_TEXT_INFO: - /* should not actually be able to get here... */ - free(reply[count].resp); - } - reply[count].resp = NULL; - } - /* forget reply too */ - free(reply); - reply = NULL; - } - - return PAM_CONV_ERR; -} - diff --git a/contrib/libpam/libpam_misc/xstrdup.c b/contrib/libpam/libpam_misc/xstrdup.c deleted file mode 100644 index f3d1f2e..0000000 --- a/contrib/libpam/libpam_misc/xstrdup.c +++ /dev/null @@ -1,31 +0,0 @@ -/* $Id: xstrdup.c,v 1.1.1.1 2000/06/20 22:11:25 agmorgan Exp $ */ -/* $FreeBSD$ */ - -#include <stdlib.h> -#include <security/pam_misc.h> - -/* - * Safe duplication of character strings. "Paranoid"; don't leave - * evidence of old token around for later stack analysis. - */ - -char *xstrdup(const char *x) -{ - register char *new=NULL; - - if (x != NULL) { - register int i; - - for (i=0; x[i]; ++i); /* length of string */ - if ((new = malloc(++i)) == NULL) { - i = 0; - } else { - while (i-- > 0) { - new[i] = x[i]; - } - } - x = NULL; - } - - return new; /* return the duplicate or NULL on error */ -} diff --git a/contrib/libpam/libpamc/License b/contrib/libpam/libpamc/License deleted file mode 100644 index 9010695..0000000 --- a/contrib/libpam/libpamc/License +++ /dev/null @@ -1,42 +0,0 @@ -Unless otherwise *explicitly* stated the following text describes the -licensed conditions under which the contents of this libpamc release -may be distributed: - -------------------------------------------------------------------------- -Redistribution and use in source and binary forms of libpamc, -with or without modification, are permitted provided that the -following conditions are met: - -1. Redistributions of source code must retain any existing copyright - notice, and this entire permission notice in its entirety, - including the disclaimer of warranties. - -2. Redistributions in binary form must reproduce all prior and current - copyright notices, this list of conditions, and the following - disclaimer in the documentation and/or other materials provided - with the distribution. - -3. The name of any author may not be used to endorse or promote - products derived from this software without their specific prior - written permission. - -ALTERNATIVELY, this product may be distributed under the terms of the -GNU Library General Public License (LGPL), in which case the -provisions of the GNU LGPL are required INSTEAD OF the above -restrictions. (This clause is necessary due to a potential conflict -between the GNU LGPL and the restrictions contained in a BSD-style -copyright.) - -THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS -OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR -TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -DAMAGE. -------------------------------------------------------------------------- - diff --git a/contrib/libpam/libpamc/Makefile b/contrib/libpam/libpamc/Makefile deleted file mode 100644 index 1869cfe..0000000 --- a/contrib/libpam/libpamc/Makefile +++ /dev/null @@ -1,107 +0,0 @@ -# -# $Id: Makefile,v 1.3 2001/02/10 07:17:53 agmorgan Exp $ -# - -# lots of debugging information goes to /tmp/pam-debug.log -#MOREFLAGS += -D"DEBUG" - -include ../Make.Rules - -ifeq ($(DEBUG_REL),yes) - LIBNAME=libpamcd -else - LIBNAME=libpamc -endif -VERSION=.$(MAJOR_REL) -MODIFICATION=.$(MINOR_REL) - -CFLAGS += $(MOREFLAGS) $(DYNAMIC) $(STATIC) - -# dynamic library names - -LIBNAMED = $(LIBNAME).$(DYNTYPE) -LIBNAMEDNAME = $(LIBNAMED)$(VERSION) -LIBNAMEDFULL = $(LIBNAMEDNAME)$(MODIFICATION) - -# static library name - -LIBNAMEDSTATIC = $(LIBNAME).a - -LIBOBJECTS = pamc_client.o pamc_converse.o pamc_load.o - -ifeq ($(DYNAMIC_LIBPAM),yes) -DLIBOBJECTS = $(addprefix dynamic/,$(LIBOBJECTS)) -endif - -ifeq ($(STATIC_LIBPAM),yes) -SLIBOBJECTS = $(addprefix static/,$(LIBOBJECTS)) -endif - -# --------------------------------------------- -## rules - -all: dirs $(LIBNAMED) $(LIBNAMEDSTATIC) - -dirs: -ifeq ($(DYNAMIC_LIBPAM),yes) - $(MKDIR) dynamic -endif -ifeq ($(STATIC_LIBPAM),yes) - $(MKDIR) static -endif - -dynamic/%.o : %.c - $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ - -static/%.o : %.c - $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ - -$(LIBNAMED): $(DLIBOBJECTS) -ifeq ($(DYNAMIC_LIBPAM),yes) - ifeq ($(USESONAME),yes) - $(LD_L) $(SOSWITCH) $(LIBNAMEDNAME) -o $@ $(DLIBOBJECTS) $(MODULES) $(LINKLIBS) - else - $(LD_L) -o $@ $(DLIBOBJECTS) $(MODULES) - endif - ifeq ($(NEEDSONAME),yes) - rm -f $(LIBNAMEDFULL) - ln -s $(LIBNAMED) $(LIBNAMEDFULL) - rm -f $(LIBNAMEDNAME) - ln -s $(LIBNAMED) $(LIBNAMEDNAME) - endif -endif - -$(LIBNAMEDSTATIC): $(SLIBOBJECTS) -ifeq ($(STATIC_LIBPAM),yes) - $(AR) rc $@ $(SLIBOBJECTS) $(MODULES) - $(RANLIB) $@ -endif - -install: all - $(MKDIR) $(FAKEROOT)$(INCLUDED) - $(INSTALL) -m 644 include/security/pam_client.h $(FAKEROOT)$(INCLUDED) -ifeq ($(DYNAMIC_LIBPAM),yes) - $(MKDIR) $(FAKEROOT)$(libdir) - $(INSTALL) -m $(SHLIBMODE) $(LIBNAMED) $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL) - $(LDCONFIG) - ifneq ($(DYNTYPE),"sl") - ( cd $(FAKEROOT)$(libdir) ; rm -f $(LIBNAMED) ; ln -s $(LIBNAMEDNAME) $(LIBNAMED) ) - endif -endif -ifeq ($(STATIC_LIBPAM),yes) - $(INSTALL) -m 644 $(LIBNAMEDSTATIC) $(FAKEROOT)$(libdir) -endif - -remove: - rm -f $(FAKEROOT)$(INCLUDED)/pam_client.h - rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDFULL) - rm -f $(FAKEROOT)$(libdir)/$(LIBNAMED) - $(LDCONFIG) - rm -f $(FAKEROOT)$(libdir)/$(LIBNAMEDSTATIC) - -clean: - rm -f a.out core *~ static/*.o dynamic/*.o - rm -f *.a *.out *.o *.so ./include/security/*~ - if [ -d dynamic ]; then rmdir dynamic ; fi - if [ -d static ]; then rmdir static ; fi - diff --git a/contrib/libpam/libpamc/include/security/pam_client.h b/contrib/libpam/libpamc/include/security/pam_client.h deleted file mode 100644 index 4446e18..0000000 --- a/contrib/libpam/libpamc/include/security/pam_client.h +++ /dev/null @@ -1,191 +0,0 @@ -/* - * $Id: pam_client.h,v 1.4 2001/01/20 22:29:47 agmorgan Exp $ - * $FreeBSD$ - * - * Copyright (c) 1999 Andrew G. Morgan <morgan@linux.kernel.org> - * - * This header file provides the prototypes for the PAM client API - */ - -#ifndef PAM_CLIENT_H -#define PAM_CLIENT_H - -#include <unistd.h> -#include <string.h> -#include <stdio.h> - -/* opaque agent handling structure */ - -typedef struct pamc_handle_s *pamc_handle_t; - -/* binary prompt structure pointer */ -#ifndef __u32 -# define __u32 unsigned int -#endif -#ifndef __u8 -# define __u8 unsigned char -#endif -typedef struct { __u32 length; __u8 control; } *pamc_bp_t; - -/* - * functions provided by libpamc - */ - -/* - * Initialize the agent abstraction library - */ - -pamc_handle_t pamc_start(void); - -/* - * Terminate the authentication process - */ - -int pamc_end(pamc_handle_t *pch); - -/* - * force the loading of a specified agent - */ - -int pamc_load(pamc_handle_t pch, const char *agent_id); - -/* - * Single conversation interface for binary prompts - */ - -int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p); - -/* - * disable an agent - */ - -int pamc_disable(pamc_handle_t pch, const char *agent_id); - -/* - * obtain a list of available agents - */ - -char **pamc_list_agents(pamc_handle_t pch); - -/* - * PAM_BP_ MACROS for creating, destroying and manipulating binary prompts - */ - -#include <stdlib.h> -#include <stdio.h> -#include <unistd.h> - -#ifndef PAM_BP_ASSERT -# define PAM_BP_ASSERT(x) do { printf(__FILE__ "(%d): %s\n", \ - __LINE__, x) ; exit(1); } while (0) -#endif /* PAM_BP_ASSERT */ - -#ifndef PAM_BP_CALLOC -# define PAM_BP_CALLOC calloc -#endif /* PAM_BP_CALLOC */ - -#ifndef PAM_BP_FREE -# define PAM_BP_FREE free -#endif /* PAM_BP_FREE */ - -#define __PAM_BP_WOCTET(x,y) (*((y) + (__u8 *)(x))) -#define __PAM_BP_ROCTET(x,y) (*((y) + (const __u8 *)(x))) - -#define PAM_BP_MIN_SIZE (sizeof(__u32) + sizeof(__u8)) -#define PAM_BP_MAX_LENGTH 0x20000 /* an advisory limit */ -#define PAM_BP_WCONTROL(x) (__PAM_BP_WOCTET(x,4)) -#define PAM_BP_RCONTROL(x) (__PAM_BP_ROCTET(x,4)) -#define PAM_BP_SIZE(x) ((__PAM_BP_ROCTET(x,0)<<24)+ \ - (__PAM_BP_ROCTET(x,1)<<16)+ \ - (__PAM_BP_ROCTET(x,2)<< 8)+ \ - (__PAM_BP_ROCTET(x,3) )) -#define PAM_BP_LENGTH(x) (PAM_BP_SIZE(x) - PAM_BP_MIN_SIZE) -#define PAM_BP_WDATA(x) (PAM_BP_MIN_SIZE + (__u8 *) (x)) -#define PAM_BP_RDATA(x) (PAM_BP_MIN_SIZE + (const __u8 *) (x)) - -/* Note, this macro always '\0' terminates renewed packets */ - -#define PAM_BP_RENEW(old_p, cntrl, data_length) \ -do { \ - if (old_p) { \ - if (*(old_p)) { \ - __u32 __size; \ - __size = PAM_BP_SIZE(*(old_p)); \ - memset(*(old_p), 0, __size); \ - PAM_BP_FREE(*(old_p)); \ - } \ - if (cntrl) { \ - __u32 __size; \ - \ - __size = PAM_BP_MIN_SIZE + data_length; \ - if ((*(old_p) = PAM_BP_CALLOC(1, 1+__size))) { \ - __PAM_BP_WOCTET(*(old_p), 3) = __size & 0xFF; \ - __PAM_BP_WOCTET(*(old_p), 2) = (__size>>=8) & 0xFF; \ - __PAM_BP_WOCTET(*(old_p), 1) = (__size>>=8) & 0xFF; \ - __PAM_BP_WOCTET(*(old_p), 0) = (__size>>=8) & 0xFF; \ - (*(old_p))->control = cntrl; \ - } else { \ - PAM_BP_ASSERT("out of memory for binary prompt"); \ - } \ - } else { \ - *old_p = NULL; \ - } \ - } else { \ - PAM_BP_ASSERT("programming error, invalid binary prompt pointer"); \ - } \ -} while (0) - -#define PAM_BP_FILL(prmpt, offset, length, data) \ -do { \ - size_t bp_length; \ - __u8 *prompt = (__u8 *) (prmpt); \ - bp_length = PAM_BP_LENGTH(prompt); \ - if (bp_length < ((length)+(offset))) { \ - PAM_BP_ASSERT("attempt to write over end of prompt"); \ - } \ - memcpy((offset) + PAM_BP_WDATA(prompt), (data), (length)); \ -} while (0) - -#define PAM_BP_EXTRACT(prmpt, offset, length, data) \ -do { \ - size_t __bp_length; \ - const __u8 *__prompt = (const __u8 *) (prmpt); \ - __bp_length = PAM_BP_LENGTH(__prompt); \ - if (((offset) < 0) || (__bp_length < ((length)+(offset))) \ - || ((length) < 0)) { \ - PAM_BP_ASSERT("invalid extraction from prompt"); \ - } \ - memcpy((data), (offset) + PAM_BP_RDATA(__prompt), (length)); \ -} while (0) - - -/* Control types */ - -#define PAM_BPC_FALSE 0 -#define PAM_BPC_TRUE 1 - -#define PAM_BPC_OK 0x01 /* continuation packet */ -#define PAM_BPC_SELECT 0x02 /* initialization packet */ -#define PAM_BPC_DONE 0x03 /* termination packet */ -#define PAM_BPC_FAIL 0x04 /* unable to execute */ - -/* The following control characters are only legal for echanges - between an agent and a client (it is the responsibility of the - client to enforce this rule in the face of a rogue server): */ - -#define PAM_BPC_GETENV 0x41 /* obtain client env.var */ -#define PAM_BPC_PUTENV 0x42 /* set client env.var */ -#define PAM_BPC_TEXT 0x43 /* display message */ -#define PAM_BPC_ERROR 0x44 /* display error message */ -#define PAM_BPC_PROMPT 0x45 /* echo'd text prompt */ -#define PAM_BPC_PASS 0x46 /* non-echo'd text prompt*/ - -/* quick check for prompts that are legal for the client (by - implication the server too) to send to libpamc */ - -#define PAM_BPC_FOR_CLIENT(/* pamc_bp_t */ prompt) \ - (((prompt)->control <= PAM_BPC_FAIL && (prompt)->control >= PAM_BPC_OK) \ - ? PAM_BPC_TRUE:PAM_BPC_FALSE) - - -#endif /* PAM_CLIENT_H */ diff --git a/contrib/libpam/libpamc/libpamc.h b/contrib/libpam/libpamc/libpamc.h deleted file mode 100644 index 1c9397c..0000000 --- a/contrib/libpam/libpamc/libpamc.h +++ /dev/null @@ -1,63 +0,0 @@ -/* - * $Id: libpamc.h,v 1.2 2000/11/19 23:54:03 agmorgan Exp $ - * - * Copyright (c) Andrew G. Morgan <morgan@ftp.kernel.org> - * - */ - -#ifndef LIBPAMC_H -#define LIBPAMC_H - -#include <security/pam_client.h> -#include <security/_pam_macros.h> - -#include <sys/stat.h> -#include <unistd.h> -#include <sys/types.h> -#include <dirent.h> -#include <sys/wait.h> -#include <stdlib.h> -#include <errno.h> -#include <ctype.h> - -#define _PAMC_DEFAULT_TOP_FD 10 - -struct pamc_handle_s { - struct pamc_agent_s *current; - struct pamc_agent_s *chain; - struct pamc_blocked_s *blocked_agents; - int max_path; - char **agent_paths; - int combined_status; - int highest_fd_to_close; -}; - -typedef struct pamc_blocked_s { - char *id; /* <NUL> terminated */ - struct pamc_blocked_s *next; -} pamc_blocked_t; - -typedef struct pamc_agent_s { - char *id; - int id_length; - struct pamc_agent_s *next; - int writer; /* write to agent */ - int reader; /* read from agent */ - pid_t pid; /* agent process id */ -} pamc_agent_t; - -/* used to build a tree of unique, sorted agent ids */ - -typedef struct pamc_id_node { - struct pamc_id_node *left, *right; - int child_count; - char *agent_id; -} pamc_id_node_t; - -/* internal function */ -int __pamc_valid_agent_id(int id_length, const char *id); - -#define PAMC_SYSTEM_AGENT_PATH "/lib/pamc:/usr/lib/pamc" -#define PAMC_SYSTEM_AGENT_SEPARATOR ':' - -#endif /* LIBPAMC_H */ diff --git a/contrib/libpam/libpamc/pamc_client.c b/contrib/libpam/libpamc/pamc_client.c deleted file mode 100644 index 19eff42..0000000 --- a/contrib/libpam/libpamc/pamc_client.c +++ /dev/null @@ -1,189 +0,0 @@ -/* - * $Id: pamc_client.c,v 1.1.1.1 2000/06/20 22:11:25 agmorgan Exp $ - * - * Copyright (c) Andrew G. Morgan <morgan@ftp.kernel.org> - * - * pamc_start and pamc_end - */ - -#include "libpamc.h" - -/* - * liberate path list - */ - -static void __pamc_delete_path_list(pamc_handle_t pch) -{ - int i; - - for (i=0; pch->agent_paths[i]; ++i) { - free(pch->agent_paths[i]); - pch->agent_paths[i] = NULL; - } - - free(pch->agent_paths); - pch->agent_paths = NULL; -} - -/* - * open the pamc library - */ - -pamc_handle_t pamc_start(void) -{ - int i, count, last, this; - const char *default_path; - pamc_handle_t pch; - - pch = calloc(1, sizeof(struct pamc_handle_s)); - if (pch == NULL) { - D(("no memory for *pch")); - return NULL; - } - - pch->highest_fd_to_close = _PAMC_DEFAULT_TOP_FD; - - default_path = getenv("PAMC_AGENT_PATH"); - if (default_path == NULL) { - default_path = PAMC_SYSTEM_AGENT_PATH; - } - - /* number of individual paths */ - for (count=1, i=0; default_path[i]; ++i) { - if (default_path[i] == PAMC_SYSTEM_AGENT_SEPARATOR) { - ++count; - } - } - - pch->agent_paths = calloc(count+1, sizeof(char *)); - if (pch->agent_paths == NULL) { - D(("no memory for path list")); - goto drop_pch; - } - - this = last = i = 0; - while ( default_path[i] || (i != last) ) { - if ( default_path[i] == PAMC_SYSTEM_AGENT_SEPARATOR - || !default_path[i] ) { - int length; - - pch->agent_paths[this] = malloc(length = 1+i-last); - - if (pch->agent_paths[this] == NULL) { - D(("no memory for next path")); - goto drop_list; - } - - memcpy(pch->agent_paths[this], default_path + last, i-last); - pch->agent_paths[this][i-last] = '\0'; - if (length > pch->max_path) { - pch->max_path = length; - } - - if (++this == count) { - break; - } - - last = ++i; - } else { - ++i; - } - } - - return pch; - -drop_list: - __pamc_delete_path_list(pch); - -drop_pch: - free(pch); - - return NULL; -} - -/* - * shutdown each of the loaded agents and - */ - -static int __pamc_shutdown_agents(pamc_handle_t pch) -{ - int retval = PAM_BPC_TRUE; - - D(("called")); - - while (pch->chain) { - pid_t pid; - int status; - pamc_agent_t *this; - - this = pch->chain; - D(("cleaning up agent %p", this)); - pch->chain = pch->chain->next; - this->next = NULL; - D(("cleaning up agent: %s", this->id)); - - /* close off contact with agent and wait for it to shutdown */ - - close(this->writer); - this->writer = -1; - close(this->reader); - this->reader = -1; - - pid = waitpid(this->pid, &status, 0); - if (pid == this->pid) { - - D(("is exit:%d, exit val:%d", - WIFEXITED(status), WEXITSTATUS(status))); - - if (!(WIFEXITED(status) && (WEXITSTATUS(status) == 0))) { - retval = PAM_BPC_FALSE; - } - } else { - D(("problem shutting down agent (%s): pid(%d) != waitpid(%d)!?", - this->id, this->pid, pid)); - retval = PAM_BPC_FALSE; - } - pid = this->pid = 0; - - memset(this->id, 0, this->id_length); - free(this->id); - this->id = NULL; - this->id_length = 0; - - free(this); - this = NULL; - } - - return retval; -} - -/* - * close the pamc library - */ - -int pamc_end(pamc_handle_t *pch_p) -{ - int retval; - - if (pch_p == NULL) { - D(("called with no pch_p")); - return PAM_BPC_FALSE; - } - - if (*pch_p == NULL) { - D(("called with no *pch_p")); - return PAM_BPC_FALSE; - } - - D(("removing path_list")); - __pamc_delete_path_list(*pch_p); - - D(("shutting down agents")); - retval = __pamc_shutdown_agents(*pch_p); - - D(("freeing *pch_p")); - free(*pch_p); - *pch_p = NULL; - - return retval; -} diff --git a/contrib/libpam/libpamc/pamc_converse.c b/contrib/libpam/libpamc/pamc_converse.c deleted file mode 100644 index 131789f..0000000 --- a/contrib/libpam/libpamc/pamc_converse.c +++ /dev/null @@ -1,211 +0,0 @@ -/* - * $Id: pamc_converse.c,v 1.2 2001/01/20 22:29:47 agmorgan Exp $ - * - * Copyright (c) Andrew G. Morgan <morgan@ftp.kernel.org> - * - * pamc_converse - */ - -#include "libpamc.h" - -/* - * select agent - */ - -static int __pamc_select_agent(pamc_handle_t pch, char *agent_id) -{ - pamc_agent_t *agent; - - for (agent = pch->chain; agent; agent = agent->next) { - if (!strcmp(agent->id, agent_id)) { - pch->current = agent; - return PAM_BPC_TRUE; - } - } - - D(("failed to locate agent")); - pch->current = NULL; - return PAM_BPC_FALSE; -} - -/* - * pass a binary prompt to the active agent and wait for a reply prompt - */ - -int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p) -{ - __u32 size, offset=0; - __u8 control, raw[PAM_BP_MIN_SIZE]; - - D(("called")); - - if (pch == NULL) { - D(("null pch")); - goto pamc_converse_failure; - } - - if (prompt_p == NULL) { - D(("null prompt_p")); - goto pamc_converse_failure; - } - - if (*prompt_p == NULL) { - D(("null *prompt_p")); - goto pamc_converse_failure; - } - - /* from here on, failures are interoperability problems.. */ - - size = PAM_BP_SIZE(*prompt_p); - if (size < PAM_BP_MIN_SIZE) { - D(("problem with size being too short (%u)", size)); - goto pamc_unknown_prompt; - } - - if (PAM_BPC_FOR_CLIENT(*prompt_p) != PAM_BPC_TRUE) { - D(("*prompt_p is not legal for the client to use")); - goto pamc_unknown_prompt; - } - - /* do we need to select the agent? */ - if ((*prompt_p)->control == PAM_BPC_SELECT) { - char *rawh; - int i, retval; - - D(("selecting a specified agent")); - - rawh = (char *) *prompt_p; - for (i = PAM_BP_MIN_SIZE; i<size; ++i) { - if (rawh[i] == '/') { - break; - } - } - - if ( (i >= size) - || !__pamc_valid_agent_id(i-PAM_BP_MIN_SIZE, - rawh + PAM_BP_MIN_SIZE) ) { - goto pamc_unknown_prompt; - } - - rawh[i] = '\0'; - retval = pamc_load(pch, PAM_BP_MIN_SIZE + rawh); - if (retval == PAM_BPC_TRUE) { - retval = __pamc_select_agent(pch, PAM_BP_MIN_SIZE + rawh); - } - rawh[i] = '/'; - - if (retval != PAM_BPC_TRUE) { - goto pamc_unknown_prompt; - } - - D(("agent is loaded")); - } - - if (pch->current == NULL) { - D(("unable to address agent")); - goto pamc_unknown_prompt; - } - - /* pump all of the prompt into the agent */ - do { - int rval = write(pch->current->writer, - offset + (const __u8 *) (*prompt_p), - size - offset); - if (rval == -1) { - switch (errno) { - case EINTR: - break; - default: - D(("problem writing to agent: %s", strerror(errno))); - goto pamc_unknown_prompt; - } - } else { - offset += rval; - } - } while (offset < size); - - D(("whole prompt sent to agent")); - - /* read size and control for response prompt */ - - offset = 0; - memset(raw, 0, sizeof(raw)); - do { - int rval; - - rval = read(pch->current->reader, raw + offset, - PAM_BP_MIN_SIZE - offset); - - if (rval == -1) { - switch (errno) { - case EINTR: - break; - default: - D(("problem reading from agent: %s", strerror(errno))); - goto pamc_unknown_prompt; - } - } else if (rval) { - offset += rval; - } else { - D(("agent has closed its output pipe - nothing more to read")); - goto pamc_converse_failure; - } - } while (offset < PAM_BP_MIN_SIZE); - - /* construct the whole reply prompt */ - - size = PAM_BP_SIZE(raw); - control = PAM_BP_RCONTROL(raw); - memset(raw, 0, sizeof(raw)); - - D(("agent replied with prompt of size %d and control %u", - size, control)); - - PAM_BP_RENEW(prompt_p, control, size - PAM_BP_MIN_SIZE); - if (*prompt_p == NULL) { - D(("problem making a new prompt for reply")); - goto pamc_unknown_prompt; - } - - /* read the rest of the reply prompt -- note offset has the correct - value from the previous loop */ - - while (offset < size) { - int rval = read(pch->current->reader, offset + (__u8 *) *prompt_p, - size-offset); - - if (rval == -1) { - switch (errno) { - case EINTR: - break; - default: - D(("problem reading from agent: %s", strerror(errno))); - goto pamc_unknown_prompt; - } - } else if (rval) { - offset += rval; - } else { - D(("problem reading prompt (%d) with %d to go", - size, size-offset)); - goto pamc_converse_failure; - } - } - - D(("returning success")); - - return PAM_BPC_TRUE; - -pamc_converse_failure: - - D(("conversation failure")); - PAM_BP_RENEW(prompt_p, 0, 0); - return PAM_BPC_FALSE; - -pamc_unknown_prompt: - - /* the server is trying something that the client does not support */ - D(("unknown prompt")); - PAM_BP_RENEW(prompt_p, PAM_BPC_FAIL, 0); - return PAM_BPC_TRUE; -} - diff --git a/contrib/libpam/libpamc/pamc_load.c b/contrib/libpam/libpamc/pamc_load.c deleted file mode 100644 index 01304cc..0000000 --- a/contrib/libpam/libpamc/pamc_load.c +++ /dev/null @@ -1,477 +0,0 @@ -/* - * $Id: pamc_load.c,v 1.1.1.1 2000/06/20 22:11:26 agmorgan Exp $ - * - * Copyright (c) 1999 Andrew G. Morgan <morgan@ftp.kernel.org> - * - * pamc_load - */ - -#include "libpamc.h" - -static int __pamc_exec_agent(pamc_handle_t pch, pamc_agent_t *agent) -{ - char *full_path; - int found_agent, length, reset_length, to_agent[2], from_agent[2]; - int return_code = PAM_BPC_FAIL; - - if (agent->id[agent->id_length] != '\0') { - PAM_BP_ASSERT("libpamc: internal error agent_id not terminated"); - } - - for (length=0; (length < agent->id_length); ++length) { - switch (agent->id[length]) { - case '/': - D(("ill formed agent id")); - return PAM_BPC_FAIL; - } - } - - /* enough memory for any path + this agent */ - reset_length = 3 + pch->max_path + agent->id_length; - D(("reset_length = %d (3+%d+%d)", - reset_length, pch->max_path, agent->id_length)); - full_path = malloc(reset_length); - if (full_path == NULL) { - D(("no memory for agent path")); - return PAM_BPC_FAIL; - } - - found_agent = 0; - for (length=0; pch->agent_paths[length]; ++length) { - struct stat buf; - - D(("path: [%s]", pch->agent_paths[length])); - D(("agent id: [%s]", agent->id)); - - sprintf(full_path, "%s/%s", pch->agent_paths[length], agent->id); - - D(("looking for agent here: [%s]\n", full_path)); - if (stat(full_path, &buf) == 0) { - D(("file existis")); - found_agent = 1; - break; - } - } - - if (! found_agent) { - D(("no agent was found")); - goto free_and_return; - } - - if (pipe(to_agent)) { - D(("failed to open pipe to agent")); - goto free_and_return; - } - - if (pipe(from_agent)) { - D(("failed to open pipe from agent")); - goto close_the_agent; - } - - agent->pid = fork(); - if (agent->pid == -1) { - - D(("failed to fork for agent")); - goto close_both_pipes; - - } else if (agent->pid == 0) { - - int i; - - dup2(from_agent[1], STDOUT_FILENO); - dup2(to_agent[0], STDIN_FILENO); - - /* we close all of the files that have filedescriptors lower - and equal to twice the highest we have seen, The idea is - that we don't want to leak filedescriptors to agents from a - privileged client application. - - XXX - this is a heuristic at this point. There is a growing - need for an extra 'set param' libpamc function, that could - be used to supply info like the highest fd to close etc.. - */ - - if (from_agent[1] > pch->highest_fd_to_close) { - pch->highest_fd_to_close = 2*from_agent[1]; - } - - for (i=0; i <= pch->highest_fd_to_close; ++i) { - switch (i) { - case STDOUT_FILENO: - case STDERR_FILENO: - case STDIN_FILENO: - /* only these three remain open */ - break; - default: - (void) close(i); /* don't care if its not open */ - } - } - - /* we make no attempt to drop other privileges - this library - has no idea how that would be done in the general case. It - is up to the client application (when calling - pamc_converse) to make sure no privilege will leak into an - (untrusted) agent. */ - - /* we propogate no environment - future versions of this - library may have the ability to audit all agent - transactions. */ - - D(("exec'ing agent %s", full_path)); - execle(full_path, "pam-agent", NULL, NULL); - - D(("exec failed")); - exit(1); - - } - - close(to_agent[0]); - close(from_agent[1]); - - agent->writer = to_agent[1]; - agent->reader = from_agent[0]; - - return_code = PAM_BPC_TRUE; - goto free_and_return; - -close_both_pipes: - close(from_agent[0]); - close(from_agent[1]); - -close_the_agent: - close(to_agent[0]); - close(to_agent[1]); - -free_and_return: - memset(full_path, 0, reset_length); - free(full_path); - - D(("returning %d", return_code)); - - return return_code; -} - -/* - * has the named agent been loaded? - */ - -static int __pamc_agent_is_enabled(pamc_handle_t pch, const char *agent_id) -{ - pamc_agent_t *agent; - - for (agent = pch->chain; agent; agent = agent->next) { - if (!strcmp(agent->id, agent_id)) { - D(("agent already loaded")); - return PAM_BPC_TRUE; - } - } - - D(("agent is not loaded")); - return PAM_BPC_FALSE; -} - -/* - * has the named agent been disabled? - */ - -static int __pamc_agent_is_disabled(pamc_handle_t pch, const char *agent_id) -{ - pamc_blocked_t *blocked; - - for (blocked=pch->blocked_agents; blocked; blocked = blocked->next) { - if (!strcmp(agent_id, blocked->id)) { - D(("agent is disabled")); - return PAM_BPC_TRUE; - } - } - - D(("agent is not disabled")); - return PAM_BPC_FALSE; -} - -/* - * disable an agent - */ - -int pamc_disable(pamc_handle_t pch, const char *agent_id) -{ - pamc_blocked_t *block; - - if (pch == NULL) { - D(("pch is NULL")); - return PAM_BPC_FALSE; - } - - if (agent_id == NULL) { - D(("agent_id is NULL")); - return PAM_BPC_FALSE; - } - - if (__pamc_agent_is_enabled(pch, agent_id) != PAM_BPC_FALSE) { - D(("agent is already loaded")); - return PAM_BPC_FALSE; - } - - if (__pamc_agent_is_disabled(pch, agent_id) != PAM_BPC_FALSE) { - D(("agent is already disabled")); - return PAM_BPC_TRUE; - } - - block = calloc(1, sizeof(pamc_blocked_t)); - if (block == NULL) { - D(("no memory for new blocking structure")); - return PAM_BPC_FALSE; - } - - block->id = malloc(1 + strlen(agent_id)); - if (block->id == NULL) { - D(("no memory for agent id")); - free(block); - return PAM_BPC_FALSE; - } - - strcpy(block->id, agent_id); - block->next = pch->blocked_agents; - pch->blocked_agents = block; - - return PAM_BPC_TRUE; -} - -/* - * force the loading of a particular agent - */ - -int pamc_load(pamc_handle_t pch, const char *agent_id) -{ - pamc_agent_t *agent; - int length; - - /* santity checking */ - - if (pch == NULL) { - D(("pch is NULL")); - return PAM_BPC_FALSE; - } - - if (agent_id == NULL) { - D(("agent_id is NULL")); - return PAM_BPC_FALSE; - } - - if (__pamc_agent_is_disabled(pch, agent_id) != PAM_BPC_FALSE) { - D(("sorry agent is disabled")); - return PAM_BPC_FALSE; - } - - length = strlen(agent_id); - - /* scan list to see if agent is loaded */ - - if (__pamc_agent_is_enabled(pch, agent_id) == PAM_BPC_TRUE) { - D(("no need to load an already loaded agent (%s)", agent_id)); - return PAM_BPC_TRUE; - } - - /* not in the list, so we need to load it and add it to the head - of the chain */ - - agent = calloc(1, sizeof(pamc_agent_t)); - if (agent == NULL) { - D(("no memory for new agent")); - return PAM_BPC_FALSE; - } - agent->id = calloc(1, 1+length); - if (agent->id == NULL) { - D(("no memory for new agent's id")); - goto fail_free_agent; - } - memcpy(agent->id, agent_id, length); - agent->id[length] = '\0'; - agent->id_length = length; - - if (__pamc_exec_agent(pch, agent) != PAM_BPC_TRUE) { - D(("unable to exec agent")); - goto fail_free_agent_id; - } - - agent->next = pch->chain; - pch->chain = agent; - - return PAM_BPC_TRUE; - -fail_free_agent_id: - - memset(agent->id, 0, agent->id_length); - free(agent->id); - - memset(agent, 0, sizeof(*agent)); - -fail_free_agent: - - free(agent); - return PAM_BPC_FALSE; -} - -/* - * what's a valid agent name? - */ - -int __pamc_valid_agent_id(int id_length, const char *id) -{ - int post, i; - - for (i=post=0 ; i < id_length; ++i) { - int ch = id[i++]; - - if (isalpha(ch) || isdigit(ch) || (ch == '_')) { - continue; - } else if (post && (ch == '.')) { - continue; - } else if ((i > 1) && (!post) && (ch == '@')) { - post = 1; - } else { - D(("id=%s contains '%c' which is illegal", id, ch)); - return 0; - } - } - - if (!i) { - D(("length of id is 0")); - return 0; - } else { - return 1; /* id is valid */ - } -} - -/* - * building a tree of available agent names - */ - -static pamc_id_node_t *__pamc_add_node(pamc_id_node_t *root, const char *id, - int *counter) -{ - if (root) { - - int cmp; - - if ((cmp = strcmp(id, root->agent_id))) { - if (cmp > 0) { - root->right = __pamc_add_node(root->right, id, - &(root->child_count)); - } else { - root->left = __pamc_add_node(root->left, id, - &(root->child_count)); - } - } - - return root; - - } else { - - pamc_id_node_t *node = calloc(1, sizeof(pamc_id_node_t)); - - if (node) { - node->agent_id = malloc(1+strlen(id)); - if (node->agent_id) { - strcpy(node->agent_id, id); - } else { - free(node); - node = NULL; - } - } - - (*counter)++; - return node; - } -} - -/* - * drop all of the tree and any remaining ids - */ - -static pamc_id_node_t *__pamc_liberate_nodes(pamc_id_node_t *tree) -{ - if (tree) { - if (tree->agent_id) { - free(tree->agent_id); - tree->agent_id = NULL; - } - - tree->left = __pamc_liberate_nodes(tree->left); - tree->right = __pamc_liberate_nodes(tree->right); - - tree->child_count = 0; - free(tree); - } - - return NULL; -} - -/* - * fill a list with the contents of the tree (in ascii order) - */ - -static void __pamc_fill_list_from_tree(pamc_id_node_t *tree, char **agent_list, - int *counter) -{ - if (tree) { - __pamc_fill_list_from_tree(tree->left, agent_list, counter); - agent_list[(*counter)++] = tree->agent_id; - tree->agent_id = NULL; - __pamc_fill_list_from_tree(tree->right, agent_list, counter); - } -} - -/* - * get a list of the available agents - */ - -char **pamc_list_agents(pamc_handle_t pch) -{ - int i, total_agent_count=0; - pamc_id_node_t *tree = NULL; - char **agent_list; - - /* loop over agent paths */ - - for (i=0; pch->agent_paths[i]; ++i) { - DIR *dir; - - dir = opendir(pch->agent_paths[i]); - if (dir) { - struct dirent *item; - - while ((item = readdir(dir))) { - - /* this is a cheat on recognizing agent_ids */ - if (!__pamc_valid_agent_id(strlen(item->d_name), - item->d_name)) { - continue; - } - - tree = __pamc_add_node(tree, item->d_name, &total_agent_count); - } - - closedir(dir); - } - } - - /* now, we build a list of ids */ - D(("total of %d available agents\n", total_agent_count)); - - agent_list = calloc(total_agent_count+1, sizeof(char *)); - if (agent_list) { - int counter=0; - - __pamc_fill_list_from_tree(tree, agent_list, &counter); - if (counter != total_agent_count) { - PAM_BP_ASSERT("libpamc: internal error transcribing tree"); - } - } else { - D(("no memory for agent list")); - } - - __pamc_liberate_nodes(tree); - - return agent_list; -} diff --git a/contrib/libpam/libpamc/test/agents/secret@here b/contrib/libpam/libpamc/test/agents/secret@here deleted file mode 100755 index afdcbaa..0000000 --- a/contrib/libpam/libpamc/test/agents/secret@here +++ /dev/null @@ -1,308 +0,0 @@ -#!/usr/bin/perl -# -# This is a simple example PAM authentication agent, it implements a -# simple shared secret authentication scheme. The PAM module pam_secret.so -# is its counter part. Both the agent and the remote server are able to -# authenticate one another, but the server is given the opportunity to -# ignore a failed authentication. -# - -$^W = 1; -use strict; -use IPC::Open2; -$| = 1; - -# display extra information to STDERR -my $debug = 0; -if (scalar @ARGV) { - $debug = 1; -} - -# Globals - -my %state; -my $default_key; - -my $next_key = $$; - -# loop over binary prompts -for (;;) { - my ($control, $data) = ReadBinaryPrompt(); - my ($reply_control, $reply_data); - - if ($control == 0) { - if ($debug) { - print STDERR "agent: no packet to read\n"; - } - last; - } elsif ($control == 0x02) { - ($reply_control, $reply_data) = HandleAgentSelection($data); - } elsif ($control == 0x01) { - ($reply_control, $reply_data) = HandleContinuation($data); - } else { - if ($debug) { - print STDERR - "agent: unrecognized packet $control {$data} to read\n"; - } - ($reply_control, $reply_data) = (0x04, ""); - } - - WriteBinaryPrompt($reply_control, $reply_data); -} - -# Only willing to exit well if we've completed our authentication exchange - -if (scalar keys %state) { - if ($debug) { - print STDERR "The following sessions are still active:\n "; - print STDERR join ', ', keys %state; - print STDERR "\n"; - } - exit 1; -} else { - exit 0; -} - -sub HandleAgentSelection ($) { - my ($data) = @_; - - unless ( $data =~ /^([a-zA-Z0-9_]+\@?[a-zA-Z0-9_.]*)\/(.*)$/ ) { - return (0x04, ""); - } - - my ($agent_name, $payload) = ($1, $2); - if ($debug) { - print STDERR "agent: ". "agent=$agent_name, payload=$payload\n"; - } - - # this agent has a defined name - if ($agent_name ne "secret\@here") { - if ($debug) { - print STDERR "bad agent name: [$agent_name]\n"; - } - return (0x04, ""); - } - - # the selection request is acompanied with a hexadecimal cookie - my @tokens = split '\|', $payload; - - unless ((scalar @tokens) == 2) { - if ($debug) { - print STDERR "bad payload\n"; - } - return (0x04, ""); - } - - unless ($tokens[1] =~ /^[a-z0-9]+$/) { - if ($debug) { - print STDERR "bad server cookie\n"; - } - return (0x04, ""); - } - - my $shared_secret = IdentifyLocalSecret($tokens[0]); - - unless (defined $shared_secret) { - # make a secret up - if ($debug) { - print STDERR "agent: cannot authenticate user\n"; - } - $shared_secret = GetRandom(); - } - - my $local_cookie = GetRandom(); - $default_key = $next_key++; - - $state{$default_key} = $local_cookie ."|". $tokens[1] ."|". $shared_secret; - - if ($debug) { - print STDERR "agent: \$state{$default_key} = $state{$default_key}\n"; - } - - return (0x01, $default_key ."|". $local_cookie); -} - -sub HandleContinuation ($) { - my ($data) = @_; - - my ($key, $server_digest) = split '\|', $data; - - unless (defined $state{$key}) { - # retries and out of sequence prompts are not permitted - return (0x04, ""); - } - - my $expected_digest = CreateDigest($state{$key}); - my ($local_cookie, $remote_cookie, $shared_secret) - = split '\|', $state{$key}; - delete $state{$key}; - - unless ($expected_digest eq $server_digest) { - if ($debug) { - print STDERR "agent: don't trust server - faking reply\n"; - print STDERR "agent: got ($server_digest)\n"; - print STDERR "agent: expected ($expected_digest)\n"; - } - - ## FIXME: Agent should exchange a prompt with the client warning - ## that the server is faking us out. - - return (0x03, CreateDigest($expected_digest . $data . GetRandom())); - } - - if ($debug) { - print STDERR "agent: server appears to know the secret\n"; - } - - my $session_authenticated_ticket = - CreateDigest($remote_cookie."|".$shared_secret."|".$local_cookie); - - # FIXME: Agent should set a derived session key environment - # variable (available for the client (and its children) to sign - # future data exchanges. - - if ($debug) { - print STDERR "agent: should putenv(" - ."\"AUTH_SESSION_TICKET=$session_authenticated_ticket\")\n"; - } - - # return agent's authenticating digest - return (0x03, CreateDigest($shared_secret."|".$remote_cookie - ."|".$local_cookie)); -} - -sub ReadBinaryPrompt { - my $buffer = " "; - my $count = read(STDIN, $buffer, 5); - if ($count == 0) { - # no more packets to read - return (0, ""); - } - - if ($count != 5) { - # broken packet header - return (-1, ""); - } - - my ($length, $control) = unpack("N C", $buffer); - if ($length < 5) { - # broken packet length - return (-1, ""); - } - - my $data = ""; - $length -= 5; - while ($count = read(STDIN, $buffer, $length)) { - $data .= $buffer; - if ($count != $length) { - $length -= $count; - next; - } - - if ($debug) { - print STDERR "agent: ". "data is [$data]\n"; - } - - return ($control, $data); - } - - # broken packet data - return (-1, ""); -} - -sub WriteBinaryPrompt ($$) { - my ($control, $data) = @_; - - my $length = 5 + length($data); - if ($debug) { - printf STDERR "agent: ". "{%d|0x%.2x|%s}\n", $length, $control, $data; - } - my $bp = pack("N C a*", $length, $control, $data); - print STDOUT $bp; - if ($debug) { - printf STDERR "agent: ". "agent has replied\n"; - } -} - -## -## Here is where we parse the simple secret file -## The format of this file is a list of lines of the following form: -## -## user@client0.host.name secret_string1 -## user@client1.host.name secret_string2 -## user@client2.host.name secret_string3 -## - -sub IdentifyLocalSecret ($) { - my ($identifier) = @_; - my $secret; - - if (open SECRETS, "< ". (getpwuid($<))[7] ."/.secret\@here") { - my $line; - while (defined ($line = <SECRETS>)) { - my ($id, $sec) = split /[\s]+/, $line; - if ((defined $id) && ($id eq $identifier)) { - $secret = $sec; - last; - } - } - close SECRETS; - } - - return $secret; -} - -## Here is where we generate a message digest - -sub CreateDigest ($) { - my ($data) = @_; - - my $pid = open2(\*MD5out, \*MD5in, "/usr/bin/md5sum -") - or die "you'll need /usr/bin/md5sum installed"; - - my $oldfd = select MD5in; $|=1; select $oldfd; - if ($debug) { - print STDERR "agent: ". "telling md5: <$data>\n"; - } - print MD5in "$data"; - close MD5in; - my $reply = <MD5out>; - ($reply) = split /\s/, $reply; - if ($debug) { - print STDERR "agent: ". "md5 said: <$reply>\n"; - } - close MD5out; - - return $reply; -} - -## get a random number - -sub GetRandom { - - if ( -r "/dev/urandom" ) { - open RANDOM, "< /dev/urandom" or die "crazy"; - - my $i; - my $reply = ""; - - for ($i=0; $i<4; ++$i) { - my $buffer = " "; - while (read(RANDOM, $buffer, 4) != 4) { - ; - } - $reply .= sprintf "%.8x", unpack("N", $buffer); - if ($debug) { - print STDERR "growing reply: [$reply]\n"; - } - } - close RANDOM; - - return $reply; - } else { - print STDERR "agent: ". "[got linux?]\n"; - return "%.8x%.8x%.8x%.8x", time, time, time, time; - } - -} - diff --git a/contrib/libpam/libpamc/test/modules/Makefile b/contrib/libpam/libpamc/test/modules/Makefile deleted file mode 100644 index 4806546..0000000 --- a/contrib/libpam/libpamc/test/modules/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -CFLAGS = -g -fPIC -I"../../include" - -pam_secret.so: pam_secret.o - ld -x --shared -o pam_secret.so pam_secret.o -lc - -.o.c: - -clean: - rm -f *.so *.o diff --git a/contrib/libpam/libpamc/test/modules/pam_secret.c b/contrib/libpam/libpamc/test/modules/pam_secret.c deleted file mode 100644 index f59e53a..0000000 --- a/contrib/libpam/libpamc/test/modules/pam_secret.c +++ /dev/null @@ -1,670 +0,0 @@ -/* - * $Id: pam_secret.c,v 1.2 2001/01/20 22:29:47 agmorgan Exp $ - * - * Copyright (c) 1999 Andrew G. Morgan <morgan@linux.kernel.org> - */ - -/* - * WARNING: AS WRITTEN THIS CODE IS NOT SECURE. THE MD5 IMPLEMENTATION - * NEEDS TO BE INTEGRATED MORE NATIVELY. - */ - -/* #define DEBUG */ - -#include <fcntl.h> -#include <pwd.h> -#include <stdio.h> -#include <string.h> -#include <sys/types.h> -#include <sys/stat.h> - -#include <security/pam_modules.h> -#include <security/pam_client.h> -#include <security/_pam_macros.h> - -/* - * This is a sample module that demonstrates the use of binary prompts - * and how they can be used to implement sophisticated authentication - * schemes. - */ - -struct ps_state_s { - int retval; /* last retval returned by the authentication fn */ - int state; /* what state the module was in when it - returned incomplete */ - - char *username; /* the name of the local user */ - - char server_cookie[33]; /* storage for 32 bytes of server cookie */ - char client_cookie[33]; /* storage for 32 bytes of client cookie */ - - char *secret_data; /* pointer to <NUL> terminated secret_data */ - int invalid_secret; /* indication of whether the secret is valid */ - - pamc_bp_t current_prompt; /* place to store the current prompt */ - pamc_bp_t current_reply; /* place to receive the reply prompt */ -}; - -#define PS_STATE_ID "PAM_SECRET__STATE" -#define PS_AGENT_ID "secret@here" -#define PS_STATE_DEAD 0 -#define PS_STATE_INIT 1 -#define PS_STATE_PROMPT1 2 -#define PS_STATE_PROMPT2 3 - -#define MAX_LEN_HOSTNAME 512 -#define MAX_FILE_LINE_LEN 1024 - -/* - * Routine for generating 16*8 bits of random data represented in ASCII hex - */ - -static int generate_cookie(unsigned char *buffer_33) -{ - static const char hexarray[] = "0123456789abcdef"; - int i, fd; - - /* fill buffer_33 with 32 hex characters (lower case) + '\0' */ - fd = open("/dev/urandom", O_RDONLY); - if (fd < 0) { - D(("failed to open /dev/urandom")); - return 0; - } - read(fd, buffer_33 + 16, 16); - close(fd); - - /* expand top 16 bytes into 32 nibbles */ - for (i=0; i<16; ++i) { - buffer_33[2*i ] = hexarray[(buffer_33[16+i] & 0xf0)>>4]; - buffer_33[2*i+1] = hexarray[(buffer_33[16+i] & 0x0f)]; - } - - buffer_33[32] = '\0'; - - return 1; -} - -/* - * XXX - This is a hack, and is fundamentally insecure. Its subject to - * all sorts of attacks not to mention the fact that all our secrets - * will be displayed on the command line for someone doing 'ps' to - * see. This is just for programming convenience in this instance, it - * needs to be replaced with the md5 code. Although I am loath to - * add yet another instance of md5 code to the Linux-PAM source code. - * [Need to think of a cleaner way to do this for the distribution as - * a whole...] - */ - -#define COMMAND_FORMAT "/bin/echo -n '%s|%s|%s'|/usr/bin/md5sum -" - -int create_digest(const char *d1, const char *d2, const char *d3, - char *buffer_33) -{ - int length; - char *buffer; - FILE *pipe; - - length = strlen(d1)+strlen(d2)+strlen(d3)+sizeof(COMMAND_FORMAT); - buffer = malloc(length); - if (buffer == NULL) { - D(("out of memory")); - return 0; - } - - sprintf(buffer, COMMAND_FORMAT, d1,d2,d3); - - D(("executing pipe [%s]", buffer)); - pipe = popen(buffer, "r"); - memset(buffer, 0, length); - free(buffer); - - if (pipe == NULL) { - D(("failed to launch pipe")); - return 0; - } - - if (fgets(buffer_33, 33, pipe) == NULL) { - D(("failed to read digest")); - return 0; - } - - if (strlen(buffer_33) != 32) { - D(("digest was not 32 chars")); - return 0; - } - - fclose(pipe); - - D(("done [%s]", buffer_33)); - - return 1; -} - -/* - * method to attempt to instruct the application's conversation function - */ - -static int converse(pam_handle_t *pamh, struct ps_state_s *new) -{ - int retval; - struct pam_conv *conv; - - D(("called")); - - retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv); - if (retval == PAM_SUCCESS) { - struct pam_message msg; - struct pam_response *single_reply; - const struct pam_message *msg_ptr; - - memset(&msg, 0, sizeof(msg)); - msg.msg_style = PAM_BINARY_PROMPT; - msg.msg = (const char *) new->current_prompt; - msg_ptr = &msg; - - single_reply = NULL; - retval = conv->conv(1, &msg_ptr, &single_reply, conv->appdata_ptr); - if (retval == PAM_SUCCESS) { - if ((single_reply == NULL) || (single_reply->resp == NULL)) { - retval == PAM_CONV_ERR; - } else { - new->current_reply = (pamc_bp_t) single_reply->resp; - single_reply->resp = NULL; - } - } - - if (single_reply) { - free(single_reply); - } - } - -#ifdef DEBUG - if (retval == PAM_SUCCESS) { - D(("reply has length=%d and control=%u", - PAM_BP_LENGTH(new->current_reply), - PAM_BP_CONTROL(new->current_reply))); - } - D(("returning %s", pam_strerror(pamh, retval))); -#endif - - return retval; -} - -/* - * identify the secret in question - */ - -#define SECRET_FILE_FORMAT "%s/.secret@here" - -char *identify_secret(char *identity, const char *user) -{ - struct passwd *pwd; - char *temp; - FILE *secrets; - int length_id; - - pwd = getpwnam(user); - if ((pwd == NULL) || (pwd->pw_dir == NULL)) { - D(("user [%s] is not known", user)); - } - - length_id = strlen(pwd->pw_dir) + sizeof(SECRET_FILE_FORMAT); - temp = malloc(length_id); - if (temp == NULL) { - D(("out of memory")); - pwd = NULL; - return NULL; - } - - sprintf(temp, SECRET_FILE_FORMAT, pwd->pw_dir); - pwd = NULL; - - D(("opening key file [%s]", temp)); - secrets = fopen(temp, "r"); - memset(temp, 0, length_id); - - if (secrets == NULL) { - D(("failed to open key file")); - return NULL; - } - - length_id = strlen(identity); - temp = malloc(MAX_FILE_LINE_LEN); - - for (;;) { - char *secret = NULL; - - if (fgets(temp, MAX_FILE_LINE_LEN, secrets) == NULL) { - fclose(secrets); - return NULL; - } - - D(("cf[%s][%s]", identity, temp)); - if (memcmp(temp, identity, length_id)) { - continue; - } - - D(("found entry")); - fclose(secrets); - - for (secret=temp+length_id; *secret; ++secret) { - if (!(*secret == ' ' || *secret == '\n' || *secret == '\t')) { - break; - } - } - - memmove(temp, secret, MAX_FILE_LINE_LEN-(secret-(temp+length_id))); - secret = temp; - - for (; *secret; ++secret) { - if (*secret == ' ' || *secret == '\n' || *secret == '\t') { - break; - } - } - - if (*secret) { - *secret = '\0'; - } - - D(("secret found [%s]", temp)); - - return temp; - } - - /* NOT REACHED */ -} - -/* - * function to perform the two message authentication process - * (with support for event driven conversation functions) - */ - -static int auth_sequence(pam_handle_t *pamh, - const struct ps_state_s *old, struct ps_state_s *new) -{ - const char *rhostname; - const char *rusername; - int retval; - - retval = pam_get_item(pamh, PAM_RUSER, (const void **) &rusername); - if ((retval != PAM_SUCCESS) || (rusername == NULL)) { - D(("failed to obtain an rusername")); - new->state = PS_STATE_DEAD; - return PAM_AUTH_ERR; - } - - retval = pam_get_item(pamh, PAM_RHOST, (const void **) &rhostname); - if ((retval != PAM_SUCCESS) || (rhostname == NULL)) { - D(("failed to identify local hostname: ", pam_strerror(pamh, retval))); - new->state = PS_STATE_DEAD; - return PAM_AUTH_ERR; - } - - D(("switch on new->state=%d [%s@%s]", new->state, rusername, rhostname)); - switch (new->state) { - - case PS_STATE_INIT: - { - const char *user = NULL; - - retval = pam_get_user(pamh, &user, NULL); - - if ((retval == PAM_SUCCESS) && (user == NULL)) { - D(("success but no username?")); - new->state = PS_STATE_DEAD; - retval = PAM_USER_UNKNOWN; - } - - if (retval != PAM_SUCCESS) { - if (retval == PAM_CONV_AGAIN) { - retval = PAM_INCOMPLETE; - } else { - new->state = PS_STATE_DEAD; - } - D(("state init failed: %s", pam_strerror(pamh, retval))); - return retval; - } - - /* nothing else in this 'case' can be retried */ - - new->username = strdup(user); - if (new->username == NULL) { - D(("out of memory")); - new->state = PS_STATE_DEAD; - return PAM_BUF_ERR; - } - - if (! generate_cookie(new->server_cookie)) { - D(("problem generating server cookie")); - new->state = PS_STATE_DEAD; - return PAM_ABORT; - } - - new->current_prompt = NULL; - PAM_BP_RENEW(&new->current_prompt, PAM_BPC_SELECT, - sizeof(PS_AGENT_ID) + strlen(rusername) + 1 - + strlen(rhostname) + 1 + 32); - sprintf(PAM_BP_WDATA(new->current_prompt), - PS_AGENT_ID "/%s@%s|%.32s", rusername, rhostname, - new->server_cookie); - - /* note, the BP is guaranteed by the spec to be <NUL> terminated */ - D(("initialization packet [%s]", PAM_BP_DATA(new->current_prompt))); - - /* fall through */ - new->state = PS_STATE_PROMPT1; - - D(("fall through to state_prompt1")); - } - - case PS_STATE_PROMPT1: - { - int i, length; - - /* send {secret@here/jdoe@client.host|<s_cookie>} */ - retval = converse(pamh, new); - if (retval != PAM_SUCCESS) { - if (retval == PAM_CONV_AGAIN) { - D(("conversation failed to complete")); - return PAM_INCOMPLETE; - } else { - new->state = PS_STATE_DEAD; - return retval; - } - } - - if (retval != PAM_SUCCESS) { - D(("failed to read ruser@rhost")); - new->state = PS_STATE_DEAD; - return PAM_AUTH_ERR; - } - - /* expect to receive the following {<seqid>|<a_cookie>} */ - if (new->current_reply == NULL) { - D(("converstation returned [%s] but gave no reply", - pam_strerror(pamh, retval))); - new->state = PS_STATE_DEAD; - return PAM_CONV_ERR; - } - - /* find | */ - length = PAM_BP_LENGTH(new->current_reply); - for (i=0; i<length; ++i) { - if (PAM_BP_RDATA(new->current_reply)[i] == '|') { - break; - } - } - if (i >= length) { - D(("malformed response (no |) of length %d", length)); - new->state = PS_STATE_DEAD; - return PAM_CONV_ERR; - } - if ((length - ++i) != 32) { - D(("cookie is incorrect length (%d,%d) %d != 32", - length, i, length-i)); - new->state = PS_STATE_DEAD; - return PAM_CONV_ERR; - } - - /* copy client cookie */ - memcpy(new->client_cookie, PAM_BP_RDATA(new->current_reply)+i, 32); - - /* generate a prompt that is length(seqid) + length(|) + 32 long */ - PAM_BP_RENEW(&new->current_prompt, PAM_BPC_OK, i+32); - /* copy the head of the response prompt */ - memcpy(PAM_BP_WDATA(new->current_prompt), - PAM_BP_RDATA(new->current_reply), i); - PAM_BP_RENEW(&new->current_reply, 0, 0); - - /* look up the secret */ - new->invalid_secret = 0; - - if (new->secret_data == NULL) { - char *ruser_rhost; - - ruser_rhost = malloc(strlen(rusername)+2+strlen(rhostname)); - if (ruser_rhost == NULL) { - D(("out of memory")); - new->state = PS_STATE_DEAD; - return PAM_BUF_ERR; - } - sprintf(ruser_rhost, "%s@%s", rusername, rhostname); - new->secret_data = identify_secret(ruser_rhost, new->username); - - memset(ruser_rhost, 0, strlen(ruser_rhost)); - free(ruser_rhost); - } - - if (new->secret_data == NULL) { - D(("secret not found for user")); - new->invalid_secret = 1; - - /* need to make up a secret */ - new->secret_data = malloc(32 + 1); - if (new->secret_data == NULL) { - D(("out of memory")); - new->state = PS_STATE_DEAD; - return PAM_BUF_ERR; - } - if (! generate_cookie(new->secret_data)) { - D(("what's up - no fake cookie generated?")); - new->state = PS_STATE_DEAD; - return PAM_ABORT; - } - } - - /* construct md5[<client_cookie>|<server_cookie>|<secret_data>] */ - if (! create_digest(new->client_cookie, new->server_cookie, - new->secret_data, - PAM_BP_WDATA(new->current_prompt)+i)) { - D(("md5 digesting failed")); - new->state = PS_STATE_DEAD; - return PAM_ABORT; - } - - /* prompt2 is now constructed - fall through to send it */ - } - - case PS_STATE_PROMPT2: - { - /* send {<seqid>|md5[<client_cookie>|<server_cookie>|<secret_data>]} */ - retval = converse(pamh, new); - if (retval != PAM_SUCCESS) { - if (retval == PAM_CONV_AGAIN) { - D(("conversation failed to complete")); - return PAM_INCOMPLETE; - } else { - new->state = PS_STATE_DEAD; - return retval; - } - } - - /* After we complete this section, we should not be able to - recall this authentication function. So, we force all - future calls into the weeds. */ - - new->state = PS_STATE_DEAD; - - /* expect reply:{md5[<secret_data>|<server_cookie>|<client_cookie>]} */ - - { - int cf; - char expectation[33]; - - if (!create_digest(new->secret_data, new->server_cookie, - new->client_cookie, expectation)) { - new->state = PS_STATE_DEAD; - return PAM_ABORT; - } - - cf = strcmp(expectation, PAM_BP_RDATA(new->current_reply)); - memset(expectation, 0, sizeof(expectation)); - if (cf || new->invalid_secret) { - D(("failed to authenticate")); - return PAM_AUTH_ERR; - } - } - - D(("correctly authenticated :)")); - return PAM_SUCCESS; - } - - default: - new->state = PS_STATE_DEAD; - - case PS_STATE_DEAD: - - D(("state is currently dead/unknown")); - return PAM_AUTH_ERR; - } - - fprintf(stderr, "pam_secret: this should not be reached\n"); - return PAM_ABORT; -} - -static void clean_data(pam_handle_t *pamh, void *datum, int error_status) -{ - struct ps_state_s *data = datum; - - D(("liberating datum=%p", datum)); - - if (data) { - D(("renew prompt")); - PAM_BP_RENEW(&data->current_prompt, 0, 0); - D(("renew reply")); - PAM_BP_RENEW(&data->current_reply, 0, 0); - D(("overwrite datum")); - memset(data, 0, sizeof(struct ps_state_s)); - D(("liberate datum")); - free(data); - } - - D(("done.")); -} - -/* - * front end for the authentication function - */ - -int pam_sm_authenticate(pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - int retval; - struct ps_state_s *new_data; - const struct ps_state_s *old_data; - - D(("called")); - - new_data = calloc(1, sizeof(struct ps_state_s)); - if (new_data == NULL) { - D(("out of memory")); - return PAM_BUF_ERR; - } - new_data->retval = PAM_SUCCESS; - - retval = pam_get_data(pamh, PS_STATE_ID, (const void **) &old_data); - if (retval == PAM_SUCCESS) { - new_data->state = old_data->state; - memcpy(new_data->server_cookie, old_data->server_cookie, 32); - memcpy(new_data->client_cookie, old_data->client_cookie, 32); - if (old_data->username) { - new_data->username = strdup(old_data->username); - } - if (old_data->secret_data) { - new_data->secret_data = strdup(old_data->secret_data); - } - if (old_data->current_prompt) { - int length; - - length = PAM_BP_LENGTH(old_data->current_prompt); - PAM_BP_RENEW(&new_data->current_prompt, - PAM_BP_CONTROL(old_data->current_prompt), length); - PAM_BP_FILL(new_data->current_prompt, 0, length, - PAM_BP_RDATA(old_data->current_prompt)); - } - /* don't need to duplicate current_reply */ - } else { - old_data = NULL; - new_data->state = PS_STATE_INIT; - } - - D(("call auth_sequence")); - new_data->retval = auth_sequence(pamh, old_data, new_data); - D(("returned from auth_sequence")); - - retval = pam_set_data(pamh, PS_STATE_ID, new_data, clean_data); - if (retval != PAM_SUCCESS) { - D(("unable to store new_data")); - } else { - retval = new_data->retval; - } - - old_data = new_data = NULL; - - D(("done (%d)", retval)); - return retval; -} - -/* - * front end for the credential setting function - */ - -#define AUTH_SESSION_TICKET_ENV_FORMAT "AUTH_SESSION_TICKET=" - -int pam_sm_setcred(pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - int retval; - const struct ps_state_s *old_data; - - D(("called")); - - /* XXX - need to pay attention to the various flavors of call */ - - /* XXX - need provide an option to turn this feature on/off: if - other modules want to supply an AUTH_SESSION_TICKET, we should - leave it up to the admin which module dominiates. */ - - retval = pam_get_data(pamh, PS_STATE_ID, (const void **) &old_data); - if (retval != PAM_SUCCESS) { - D(("no data to base decision on")); - return PAM_AUTH_ERR; - } - - /* - * If ok, export a derived shared secret session ticket to the - * client's PAM environment - the ticket has the form - * - * AUTH_SESSION_TICKET = - * md5[<server_cookie>|<secret_data>|<client_cookie>] - * - * This is a precursor to supporting a spoof resistant trusted - * path mechanism. This shared secret ticket can be used to add - * a hard-to-guess checksum to further authentication data. - */ - - retval = old_data->retval; - if (retval == PAM_SUCCESS) { - char envticket[sizeof(AUTH_SESSION_TICKET_ENV_FORMAT)+32]; - - memcpy(envticket, AUTH_SESSION_TICKET_ENV_FORMAT, - sizeof(AUTH_SESSION_TICKET_ENV_FORMAT)); - - if (! create_digest(old_data->server_cookie, old_data->secret_data, - old_data->client_cookie, - envticket+sizeof(AUTH_SESSION_TICKET_ENV_FORMAT)-1 - )) { - D(("unable to generate a digest for session ticket")); - return PAM_ABORT; - } - - D(("putenv[%s]", envticket)); - retval = pam_putenv(pamh, envticket); - memset(envticket, 0, sizeof(envticket)); - } - - old_data = NULL; - D(("done (%d)", retval)); - - return retval; -} diff --git a/contrib/libpam/libpamc/test/regress/Makefile b/contrib/libpam/libpamc/test/regress/Makefile deleted file mode 100644 index ff63e5f..0000000 --- a/contrib/libpam/libpamc/test/regress/Makefile +++ /dev/null @@ -1,7 +0,0 @@ -CFLAGS = -g -I ../../include - -test.libpamc: test.libpamc.o - $(CC) -o $@ $< -L ../.. -lpamc - -clean: - rm -f test.libpamc test.libpamc.o diff --git a/contrib/libpam/libpamc/test/regress/run_test.sh b/contrib/libpam/libpamc/test/regress/run_test.sh deleted file mode 100755 index a1bf010..0000000 --- a/contrib/libpam/libpamc/test/regress/run_test.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -export LD_LIBRARY_PATH=../.. -export PAMC_AGENT_PATH="../agents" - -./test.libpamc diff --git a/contrib/libpam/libpamc/test/regress/test.libpamc.c b/contrib/libpam/libpamc/test/regress/test.libpamc.c deleted file mode 100644 index b7bc4e4..0000000 --- a/contrib/libpam/libpamc/test/regress/test.libpamc.c +++ /dev/null @@ -1,342 +0,0 @@ -/* - * This is a small test program for testing libpamc against the - * secret@here agent. It does the same as the test.secret@here perl - * script in this directory, but via the libpamc API. - */ - -#include <stdio.h> -#include <string.h> -#include <security/pam_client.h> -#include <ctype.h> - -struct internal_packet { - int length; - int at; - char *buffer; -}; - - -void append_data(struct internal_packet *packet, int extra, const char *data) -{ - if ((extra + packet->at) >= packet->length) { - if (packet->length == 0) { - packet->length = 1000; - } - /* make sure we have at least a char extra space available */ - while (packet->length <= (extra + packet->at)) { - packet->length <<= 1; - } - packet->buffer = realloc(packet->buffer, packet->length); - if (packet->buffer == NULL) { - fprintf(stderr, "out of memory\n"); - exit(1); - } - } - - if (data != NULL) { - memcpy(packet->at + packet->buffer, data, extra); - } - packet->at += extra; - - /* assisting string manipulation */ - packet->buffer[packet->at] = '\0'; -} - -void append_string(struct internal_packet *packet, const char *string, - int with_nul) -{ - append_data(packet, strlen(string) + (with_nul ? 1:0), string); -} - -char *identify_secret(char *identity) -{ - struct internal_packet temp_packet; - FILE *secrets; - int length_id; - - temp_packet.length = temp_packet.at = 0; - temp_packet.buffer = NULL; - - append_string(&temp_packet, "/home/", 0); - append_string(&temp_packet, getlogin(), 0); - append_string(&temp_packet, "/.secret@here", 1); - - secrets = fopen(temp_packet.buffer, "r"); - if (secrets == NULL) { - fprintf(stderr, "server: failed to open\n [%s]\n", - temp_packet.buffer); - exit(1); - } - - length_id = strlen(identity); - for (;;) { - char *secret = NULL; - temp_packet.at = 0; - - if (fgets(temp_packet.buffer, temp_packet.length, secrets) == NULL) { - fclose(secrets); - return NULL; - } - - if (memcmp(temp_packet.buffer, identity, length_id)) { - continue; - } - - fclose(secrets); - for (secret=temp_packet.buffer; *secret; ++secret) { - if (*secret == ' ' || *secret == '\n' || *secret == '\t') { - break; - } - } - for (; *secret; ++secret) { - if (!(*secret == ' ' || *secret == '\n' || *secret == '\t')) { - break; - } - } - - for (temp_packet.buffer=secret; *temp_packet.buffer; - ++temp_packet.buffer) { - if (*temp_packet.buffer == ' ' || *temp_packet.buffer == '\n' - || *temp_packet.buffer == '\t') { - break; - } - } - if (*temp_packet.buffer) { - *temp_packet.buffer = '\0'; - } - - return secret; - } - - /* NOT REACHED */ -} - -/* - * This is a hack, and is fundamentally insecure. All our secrets will be - * displayed on the command line for someone doing 'ps' to see. This - * is just for programming convenience in this instance, since this - * program is simply a regression test. The pam_secret module should - * not do this, but make use of md5 routines directly. - */ - -char *create_digest(int length, const char *raw) -{ - struct internal_packet temp_packet; - FILE *pipe; - - temp_packet.length = temp_packet.at = 0; - temp_packet.buffer = NULL; - - append_string(&temp_packet, "echo -n '", 0); - append_string(&temp_packet, raw, 0); - append_string(&temp_packet, "'|/usr/bin/md5sum -", 1); - - fprintf(stderr, "am attempting to run [%s]\n", temp_packet.buffer); - - pipe = popen(temp_packet.buffer, "r"); - if (pipe == NULL) { - fprintf(stderr, "server: failed to run\n [%s]\n", temp_packet.buffer); - exit(1); - } - - temp_packet.at = 0; - append_data(&temp_packet, 32, NULL); - - if (fgets(temp_packet.buffer, 33, pipe) == NULL) { - fprintf(stderr, "server: failed to read digest\n"); - exit(1); - } - if (strlen(temp_packet.buffer) != 32) { - fprintf(stderr, "server: digest was not 32 chars?? [%s]\n", - temp_packet.buffer); - exit(1); - } - - fclose(pipe); - - return temp_packet.buffer; -} - -void packet_to_prompt(pamc_bp_t *prompt_p, __u8 control, - struct internal_packet *packet) -{ - PAM_BP_RENEW(prompt_p, control, packet->at); - PAM_BP_FILL(*prompt_p, 0, packet->at, packet->buffer); - packet->at = 0; -} - -void prompt_to_packet(pamc_bp_t prompt, struct internal_packet *packet) -{ - int data_length; - - data_length = PAM_BP_LENGTH(prompt); - packet->at = 0; - append_data(packet, data_length, NULL); - - PAM_BP_EXTRACT(prompt, 0, data_length, packet->buffer); - - fprintf(stderr, "server received[%d]: {%d|0x%.2x|%s}\n", - data_length, - PAM_BP_SIZE(prompt), PAM_BP_RCONTROL(prompt), - PAM_BP_RDATA(prompt)); -} - -int main(int argc, char **argv) -{ - pamc_handle_t pch; - pamc_bp_t prompt = NULL; - struct internal_packet packet_data, *packet; - char *temp_string, *secret, *user, *a_cookie, *seqid, *digest; - const char *cookie = "123451234512345"; - int retval; - - packet = &packet_data; - packet->length = 0; - packet->at = 0; - packet->buffer = NULL; - - pch = pamc_start(); - if (pch == NULL) { - fprintf(stderr, "server: unable to get a handle from libpamc\n"); - exit(1); - } - - temp_string = getlogin(); - if (temp_string == NULL) { - fprintf(stderr, "server: who are you?\n"); - exit(1); - } -#define DOMAIN "@local.host" - user = malloc(1+strlen(temp_string)+strlen(DOMAIN)); - if (user == NULL) { - fprintf(stderr, "server: out of memory for user id\n"); - exit(1); - } - sprintf(user, "%s%s", temp_string, DOMAIN); - - append_string(packet, "secret@here/", 0); - append_string(packet, user, 0); - append_string(packet, "|", 0); - append_string(packet, cookie, 0); - packet_to_prompt(&prompt, PAM_BPC_SELECT, packet); - - /* get the library to accept the first packet (which should load - the secret@here agent) */ - - retval = pamc_converse(pch, &prompt); - fprintf(stderr, "server: after conversation\n"); - if (PAM_BP_RCONTROL(prompt) != PAM_BPC_OK) { - fprintf(stderr, "server: prompt had unexpected control type: %u\n", - PAM_BP_RCONTROL(prompt)); - exit(1); - } - - fprintf(stderr, "server: got a prompt back\n"); - - prompt_to_packet(prompt, packet); - - temp_string = strtok(packet->buffer, "|"); - if (temp_string == NULL) { - fprintf(stderr, "server: prompt does not contain anything"); - exit(1); - } - seqid = strdup(temp_string); - if (seqid == NULL) { - fprintf(stderr, "server: unable to store sequence id\n"); - } - - temp_string = strtok(NULL, "|"); - if (temp_string == NULL) { - fprintf(stderr, "server: no cookie from agent\n"); - exit(1); - } - a_cookie = strdup(temp_string); - if (a_cookie == NULL) { - fprintf(stderr, "server: no memory to store agent cookie\n"); - exit(1); - } - - fprintf(stderr, "server: agent responded with {%s|%s}\n", seqid, a_cookie); - secret = identify_secret(user); - fprintf(stderr, "server: secret=%s\n", secret); - - /* now, we construct the response */ - packet->at = 0; - append_string(packet, a_cookie, 0); - append_string(packet, "|", 0); - append_string(packet, cookie, 0); - append_string(packet, "|", 0); - append_string(packet, secret, 0); - - fprintf(stderr, "server: get digest of %s\n", packet->buffer); - - digest = create_digest(packet->at, packet->buffer); - - fprintf(stderr, "server: secret=%s, digest=%s\n", secret, digest); - - packet->at = 0; - append_string(packet, seqid, 0); - append_string(packet, "|", 0); - append_string(packet, digest, 0); - packet_to_prompt(&prompt, PAM_BPC_OK, packet); - - retval = pamc_converse(pch, &prompt); - fprintf(stderr, "server: after 2nd conversation\n"); - if (PAM_BP_RCONTROL(prompt) != PAM_BPC_DONE) { - fprintf(stderr, "server: 2nd prompt had unexpected control type: %u\n", - PAM_BP_RCONTROL(prompt)); - exit(1); - } - - prompt_to_packet(prompt, packet); - PAM_BP_RENEW(&prompt, 0, 0); - - temp_string = strtok(packet->buffer, "|"); - if (temp_string == NULL) { - fprintf(stderr, "no digest from agent\n"); - exit(1); - } - temp_string = strdup(temp_string); - - packet->at = 0; - append_string(packet, secret, 0); - append_string(packet, "|", 0); - append_string(packet, cookie, 0); - append_string(packet, "|", 0); - append_string(packet, a_cookie, 0); - - fprintf(stderr, "server: get digest of %s\n", packet->buffer); - - digest = create_digest(packet->at, packet->buffer); - - fprintf(stderr, "server: digest=%s\n", digest); - - if (strcmp(digest, temp_string)) { - fprintf(stderr, "server: agent doesn't know the secret\n"); - fprintf(stderr, "server: agent says: [%s]\n" - "server: server says: [%s]\n", temp_string, digest); - exit(1); - } else { - fprintf(stderr, "server: agent seems to know the secret\n"); - - packet->at = 0; - append_string(packet, cookie, 0); - append_string(packet, "|", 0); - append_string(packet, secret, 0); - append_string(packet, "|", 0); - append_string(packet, a_cookie, 0); - - digest = create_digest(packet->at, packet->buffer); - - fprintf(stderr, "server: putenv(\"AUTH_SESSION_TICKET=%s\")\n", - digest); - } - - - retval = pamc_end(&pch); - - fprintf(stderr, "server: agent(s) were %shappy to terminate\n", - retval == PAM_BPC_TRUE ? "":"un"); - - exit(!retval); -} diff --git a/contrib/libpam/libpamc/test/regress/test.secret@here b/contrib/libpam/libpamc/test/regress/test.secret@here deleted file mode 100755 index 2e0b9b9..0000000 --- a/contrib/libpam/libpamc/test/regress/test.secret@here +++ /dev/null @@ -1,152 +0,0 @@ -#!/usr/bin/perl - -## -## this is a test script for regressing changes to the secret@here PAM -## agent -## - -$^W = 1; -use strict; -use IPC::Open2; - -$| = 1; - -my $whoami = `/usr/bin/whoami`; chomp $whoami; -my $cookie = "12345"; -my $user_domain = "$whoami\@local.host"; - -my $pid = open2(\*Reader, \*Writer, "../agents/secret\@here blah") - or die "failed to load secret\@here agent"; - -unless (-f (getpwuid($<))[7]."/.secret\@here") { - print STDERR "server: ". "no " .(getpwuid($<))[7]. "/.secret\@here file\n"; - die "no config file"; -} - -WriteBinaryPrompt(\*Writer, 0x02, "secret\@here/$user_domain|$cookie"); - -my ($control, $data) = ReadBinaryPrompt(\*Reader); - -print STDERR "server: ". "reply: control=$control, data=$data\n"; -if ($control != 1) { - die "expected 1 (OK) for the first agent reply; got $control"; -} -my ($seqid, $a_cookie) = split '\|', $data; - -# server needs to convince agent that it knows the secret before -# agent will give a valid response -my $secret = IdentifyLocalSecret($user_domain); -my $digest = CreateDigest($a_cookie."|".$cookie."|".$secret); - -print STDERR "server: ". "digest = $digest\n"; -WriteBinaryPrompt(\*Writer, 0x01, "$seqid|$digest"); - -# The agent will authenticate us and then reply with its -# authenticating digest. we check that before we're done. - -($control, $data) = ReadBinaryPrompt(\*Reader); -if ($control != 0x03) { - die "server: agent did not reply with a 'done' prompt ($control)\n"; -} - -unless ($data eq CreateDigest($secret."|".$cookie."|".$a_cookie)) { - die "server: agent is not authenticated\n"; -} - -print STDERR "server: agent appears to know secret\n"; - -my $session_authenticated_ticket - = CreateDigest($cookie."|".$secret."|".$a_cookie); - -print STDERR "server: should putenv(" - ."\"AUTH_SESSION_TICKET=$session_authenticated_ticket\")\n"; - -exit 0; - -sub CreateDigest ($) { - my ($data) = @_; - - my $pid = open2(\*MD5out, \*MD5in, "/usr/bin/md5sum -") - or die "you'll need /usr/bin/md5sum installed"; - - my $oldfd = select MD5in; $|=1; select $oldfd; - print MD5in "$data"; - close MD5in; - my $reply = <MD5out>; - ($reply) = split /\s/, $reply; - print STDERR "server: ". "md5 said: <$reply>\n"; - close MD5out; - - return $reply; -} - -sub ReadBinaryPrompt ($) { - my ($fd) = @_; - - my $buffer = " "; - my $count = read($fd, $buffer, 5); - if ($count == 0) { - # no more packets to read - return (0, ""); - } - - if ($count != 5) { - # broken packet header - return (-1, ""); - } - - my ($length, $control) = unpack("N C", $buffer); - if ($length < 5) { - # broken packet length - return (-1, ""); - } - - my $data = ""; - $length -= 5; - while ($count = read($fd, $buffer, $length)) { - $data .= $buffer; - if ($count != $length) { - $length -= $count; - next; - } - - print STDERR "server: ". "data is [$data]\n"; - - return ($control, $data); - } - - # broken packet data - return (-1, ""); -} - -sub WriteBinaryPrompt ($$$) { - my ($fd, $control, $data) = @_; - - my $length = 5 + length($data); - printf STDERR "server: ". "{%d|0x%.2x|%s}\n", $length, $control, $data; - my $bp = pack("N C a*", $length, $control, $data); - print $fd $bp; - - print STDERR "server: ". "control passed to agent\@here\n"; -} - -sub IdentifyLocalSecret ($) { - my ($identifier) = @_; - my $secret; - - my $whoami = `/usr/bin/whoami` ; chomp $whoami; - if (open SECRETS, "< " .(getpwuid($<))[7]. "/.secret\@here") { - my $line; - while (defined ($line = <SECRETS>)) { - my ($id, $sec) = split /[\s]/, $line; - if ((defined $id) && ($id eq $identifier)) { - $secret = $sec; - last; - } - } - close SECRETS; - } - - return $secret; -} - diff --git a/contrib/libpam/modules/Simple.Rules b/contrib/libpam/modules/Simple.Rules deleted file mode 100644 index 954641c..0000000 --- a/contrib/libpam/modules/Simple.Rules +++ /dev/null @@ -1,92 +0,0 @@ -# $Id: Simple.Rules,v 1.3 2001/02/22 04:55:41 agmorgan Exp $ -# -# For simple modules with no significant dependencies, set $(TITLE) -# and include this file. -# -# There are a few ways to customize this set of rules. Namely, define -# -# $(MODULE_SIMPLE_EXTRACLEAN) -# $(MODULE_SIMPLE_CLEAN) -# $(MODULE_SIMPLE_REMOVE) -# $(MODULE_SIMPLE_INSTALL) -# $(MODULE_SIMPLE_EXTRALIBS) - other things to link with the module -# $(MODULE_SIMPLE_EXTRAFILES) - other files to build (no .c suffix) -# - -LIBFILES = $(TITLE) $(MODULE_SIMPLE_EXTRAFILES) -LIBSRC = $(addsuffix .c,$(LIBFILES)) -LIBOBJ = $(addsuffix .o,$(LIBFILES)) -LIBOBJD = $(addprefix dynamic/,$(LIBOBJ)) -LIBOBJS = $(addprefix static/,$(LIBOBJ)) - -ifdef DYNAMIC -LIBSHARED = $(TITLE).so -endif - -ifdef STATIC -LIBSTATIC = lib$(TITLE).o -endif - -####################### don't edit below ####################### - -all: dirs $(LIBSHARED) $(LIBSTATIC) register - -dynamic/%.o : %.c - $(CC) $(CFLAGS) $(DYNAMIC) $(TARGET_ARCH) -c $< -o $@ - -static/%.o : %.c - $(CC) $(CFLAGS) $(STATIC) $(TARGET_ARCH) -c $< -o $@ - -dirs: -ifdef DYNAMIC - $(MKDIR) ./dynamic -endif -ifdef STATIC - $(MKDIR) ./static -endif - -register: -ifdef STATIC - ( cd .. ; ./register_static $(TITLE) $(TITLE)/$(LIBSTATIC) ) -endif - -ifdef DYNAMIC -$(LIBOBJD): $(LIBSRC) -endif - -ifdef DYNAMIC -$(LIBSHARED): $(LIBOBJD) - $(LD_D) -o $@ $(LIBOBJD) $(MODULE_SIMPLE_EXTRALIBS) $(NEED_LINK_LIB_C) - -endif - -ifdef STATIC -$(LIBOBJS): $(LIBSRC) -endif - -ifdef STATIC -$(LIBSTATIC): $(LIBOBJS) - $(LD) -r -o $@ $(LIBOBJS) $(MODULE_SIMPLE_EXTRALIBS) -endif - -install: all - $(MKDIR) $(FAKEROOT)$(SECUREDIR) -ifdef DYNAMIC - $(INSTALL) -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR) -endif - $(MODULE_SIMPLE_INSTALL) - -remove: - rm -f $(FAKEROOT)$(SECUREDIR)/$(TITLE).so - $(MODULE_SIMPLE_REMOVE) - -clean: - rm -f $(LIBOBJD) $(LIBOBJS) core *~ - $(MODULE_SIMPLE_CLEAN) - rm -f *.a *.o *.so *.bak - rm -rf dynamic static - $(MODULE_SIMPLE_EXTRACLEAN) - -.c.o: - $(CC) $(CFLAGS) -c $< - diff --git a/contrib/libpam/modules/download-all b/contrib/libpam/modules/download-all deleted file mode 100755 index 9b6cf65..0000000 --- a/contrib/libpam/modules/download-all +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/sh -# -# $Id: download-all,v 1.1.1.1 2000/06/20 22:11:29 agmorgan Exp $ -# -cat <<EOT -For a number of reasons it is not practical for Linux-PAM to be -distributed with every module out there. However, this shell script -is intended as a convenient way for users to download modules from the -'net in some semiautomated fashion. - -Please feel free to send (pam-list@redhat.com) snippets of code that -will help others to download and unpack your favorite module into the -Linux-PAM source tree. Especially welcome are snippets of the -following form: - -ncftp ftp://my.ftpsite.org/pub/fluff/pam_fluff.tar.gz -rm -fr pam_fluff -tar zvfx pam_fluff.tar.gz - -Cheers - -Andrew -morgan@linux.kernel.org -EOT - -# --- insert your snippets below --- - -# --- insert your snippets above --- - -exit 0 diff --git a/contrib/libpam/modules/install_conf b/contrib/libpam/modules/install_conf deleted file mode 100755 index 80f6be2..0000000 --- a/contrib/libpam/modules/install_conf +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash - -FAKEROOT=$1 -CONFD=$1$2 -CONFILE=$1$3 -MODULE=$4 -CONF=$5 - -IGNORE_AGE=./.ignore_age -QUIET_INSTALL=../../.quiet_install - -echo - -if [ -f "$QUIET_INSTALL" ]; then - if [ ! -f "$CONFILE" ]; then - yes="y" - else - yes="skip" - fi -elif [ -f "$IGNORE_AGE" ]; then - echo "you don't want to be bothered with the age of your $CONFILE file" - yes="n" -elif [ ! -f "$CONFILE" ] || [ "$CONF" -nt "$CONFILE" ]; then - if [ -f "$CONFILE" ]; then - echo "An older $MODULE configuration file already exists ($CONFILE)" - echo "Do you wish to copy the $CONF file in this distribution" - echo "to $CONFILE ? (y/n) [skip] " - read yes - else - yes="y" - fi -else - yes="skip" -fi - -if [ "$yes" = "y" ]; then - mkdir -p $CONFD - echo " copying $CONF to $CONFILE" - cp $CONF $CONFILE -else - echo " Skipping $CONF installation" - if [ "$yes" = "n" ]; then - touch "$IGNORE_AGE" - fi -fi - -echo - -exit 0 diff --git a/contrib/libpam/modules/pam_deny/Makefile b/contrib/libpam/modules/pam_deny/Makefile deleted file mode 100644 index 03fd546..0000000 --- a/contrib/libpam/modules/pam_deny/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:03 agmorgan Exp $ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# $FreeBSD$ -# - -include ../../Make.Rules - -TITLE=pam_deny - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_deny/README b/contrib/libpam/modules/pam_deny/README deleted file mode 100644 index 4f7f6de..0000000 --- a/contrib/libpam/modules/pam_deny/README +++ /dev/null @@ -1,4 +0,0 @@ -# $Id: README,v 1.1 1996/03/16 18:11:12 morgan Exp $ -# - -this module always fails, it ignores all options. diff --git a/contrib/libpam/modules/pam_deny/pam_deny.c b/contrib/libpam/modules/pam_deny/pam_deny.c deleted file mode 100644 index bbd9b2c..0000000 --- a/contrib/libpam/modules/pam_deny/pam_deny.c +++ /dev/null @@ -1,71 +0,0 @@ -/* pam_deny module */ - -/* - * $Id: pam_deny.c,v 1.2 2000/12/04 19:02:34 baggins Exp $ - * $FreeBSD$ - * - * Written by Andrew Morgan <morgan@parc.power.net> 1996/3/11 - * - */ - -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - -#include <security/pam_modules.h> - -/* --- authentication management functions --- */ - -PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_AUTH_ERR; -} - -PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_CRED_UNAVAIL; -} - -/* --- account management functions --- */ - -PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_ACCT_EXPIRED; -} - -/* --- password management --- */ - -PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_AUTHTOK_ERR; -} - -/* --- session management --- */ - -PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SYSTEM_ERR; -} - -PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SYSTEM_ERR; -} - -/* end of module definition */ - -PAM_MODULE_ENTRY("pam_deny"); diff --git a/contrib/libpam/modules/pam_ftp/Makefile b/contrib/libpam/modules/pam_ftp/Makefile deleted file mode 100644 index 4ea360d..0000000 --- a/contrib/libpam/modules/pam_ftp/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:03 agmorgan Exp $ -# $FreeBSD$ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_ftp - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_ftp/README b/contrib/libpam/modules/pam_ftp/README deleted file mode 100644 index 0e9315e..0000000 --- a/contrib/libpam/modules/pam_ftp/README +++ /dev/null @@ -1,19 +0,0 @@ -$FreeBSD$ -This is the README for pam_ftp ------------------------------- - -This module is an authentication module that does simple ftp -authentication. - -Recognized arguments: - - "debug" print debug messages - "users=" comma separated list of users which - could login only with email adress - "ignore" allow invalid email adresses - -Options for: -auth: for authentication it provides pam_authenticate() and - pam_setcred() hooks. - -Thorsten Kukuk <kukuk@suse.de>, 17. June 1999 diff --git a/contrib/libpam/modules/pam_ftp/pam_ftp.c b/contrib/libpam/modules/pam_ftp/pam_ftp.c deleted file mode 100644 index df10a03..0000000 --- a/contrib/libpam/modules/pam_ftp/pam_ftp.c +++ /dev/null @@ -1,298 +0,0 @@ -/* pam_ftp module */ - -/* - * $Id: pam_ftp.c,v 1.2 2000/11/19 23:54:03 agmorgan Exp $ - * $FreeBSD$ - * - * Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11 - * - */ - -#define PLEASE_ENTER_PASSWORD "Password required for %s." -#define GUEST_LOGIN_PROMPT "Guest login ok, " \ -"send your complete e-mail address as password." - -/* the following is a password that "can't be correct" */ -#define BLOCK_PASSWORD "\177BAD PASSWPRD\177" - -#include <security/_pam_aconf.h> - -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> -#include <syslog.h> -#include <stdarg.h> -#include <string.h> - -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH - -#include <security/pam_modules.h> -#include <security/_pam_macros.h> - -/* some syslogging */ - -static void _pam_log(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog("PAM-ftp", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - -static int converse(pam_handle_t *pamh, int nargs - , struct pam_message **message - , struct pam_response **response) -{ - int retval; - struct pam_conv *conv; - - D(("begin to converse\n")); - - retval = pam_get_item( pamh, PAM_CONV, (const void **) &conv ) ; - if ( retval == PAM_SUCCESS ) { - - retval = conv->conv(nargs, ( const struct pam_message ** ) message - , response, conv->appdata_ptr); - - D(("returned from application's conversation function\n")); - - if ((retval != PAM_SUCCESS) && (retval != PAM_CONV_AGAIN)) { - _pam_log(LOG_DEBUG, "conversation failure [%s]" - , pam_strerror(pamh, retval)); - } - - } else { - _pam_log(LOG_ERR, "couldn't obtain coversation function [%s]" - , pam_strerror(pamh, retval)); - } - - D(("ready to return from module conversation\n")); - - return retval; /* propagate error status */ -} - -/* argument parsing */ - -#define PAM_DEBUG_ARG 01 -#define PAM_IGNORE_EMAIL 02 -#define PAM_NO_ANON 04 - -static int _pam_parse(int argc, const char **argv, char **users) -{ - int ctrl=0; - - /* step through arguments */ - for (ctrl=0; argc-- > 0; ++argv) { - - /* generic options */ - - if (!strcmp(*argv,"debug")) - ctrl |= PAM_DEBUG_ARG; - else if (!strncmp(*argv,"users=",6)) { - *users = x_strdup(6+*argv); - if (*users == NULL) { - ctrl |= PAM_NO_ANON; - _pam_log(LOG_CRIT, "failed to duplicate user list - anon off"); - } - } else if (!strcmp(*argv,"ignore")) { - ctrl |= PAM_IGNORE_EMAIL; - } else { - _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv); - } - } - - return ctrl; -} - -/* - * check if name is in list or default list. place users name in *_user - * return 1 if listed 0 if not. - */ - -static int lookup(const char *name, char *list, const char **_user) -{ - int anon = 0; - - *_user = name; /* this is the default */ - if (list) { - const char *l; - char *x; - - x = list; - while ((l = strtok(x, ","))) { - x = NULL; - if (!strcmp(name, l)) { - *_user = list; - anon = 1; - } - } - } else { -#define MAX_L 2 - static const char *l[MAX_L] = { "ftp", "anonymous" }; - int i; - - for (i=0; i<MAX_L; ++i) { - if (!strcmp(l[i], name)) { - *_user = l[0]; - anon = 1; - break; - } - } - } - - return anon; -} - -/* --- authentication management functions (only) --- */ - -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - int retval, anon=0, ctrl; - const char *user; - char *users=NULL; - - /* - * this module checks if the user name is ftp or annonymous. If - * this is the case, it can set the PAM_RUSER to the entered email - * address and SUCCEEDS, otherwise it FAILS. - */ - - ctrl = _pam_parse(argc, argv, &users); - - retval = pam_get_user(pamh, &user, NULL); - if (retval != PAM_SUCCESS || user == NULL) { - _pam_log(LOG_ERR, "no user specified"); - return PAM_USER_UNKNOWN; - } - - if (!(ctrl & PAM_NO_ANON)) { - anon = lookup(user, users, &user); - } - - if (anon) { - retval = pam_set_item(pamh, PAM_USER, (const void *)user); - if (retval != PAM_SUCCESS || user == NULL) { - _pam_log(LOG_ERR, "user resetting failed"); - return PAM_USER_UNKNOWN; - } - } - - /* - * OK. we require an email address for user or the user's password. - * - build conversation and get their input. - */ - - { - struct pam_message msg[1], *mesg[1]; - struct pam_response *resp=NULL; - const char *token; - char *prompt=NULL; - int i=0; - - if (!anon) { - prompt = malloc(strlen(PLEASE_ENTER_PASSWORD) + strlen(user)); - if (prompt == NULL) { - D(("out of memory!?")); - return PAM_BUF_ERR; - } else { - sprintf(prompt, PLEASE_ENTER_PASSWORD, user); - msg[i].msg = prompt; - } - } else { - msg[i].msg = GUEST_LOGIN_PROMPT; - } - - msg[i].msg_style = PAM_PROMPT_ECHO_OFF; - mesg[i] = &msg[i]; - - retval = converse(pamh, ++i, mesg, &resp); - if (prompt) { - _pam_overwrite(prompt); - _pam_drop(prompt); - } - - if (retval != PAM_SUCCESS) { - if (resp != NULL) - _pam_drop_reply(resp,i); - return ((retval == PAM_CONV_AGAIN) - ? PAM_INCOMPLETE:PAM_AUTHINFO_UNAVAIL); - } - - if (anon) { - /* XXX: Some effort should be made to verify this email address! */ - - if (!(ctrl & PAM_IGNORE_EMAIL)) { - token = strtok(resp->resp, "@"); - retval = pam_set_item(pamh, PAM_RUSER, token); - - if ((token) && (retval == PAM_SUCCESS)) { - token = strtok(NULL, "@"); - retval = pam_set_item(pamh, PAM_RHOST, token); - } - } - - /* we are happy to grant annonymous access to the user */ - retval = PAM_SUCCESS; - - } else { - /* - * we have a password so set AUTHTOK - */ - - (void) pam_set_item(pamh, PAM_AUTHTOK, resp->resp); - - /* - * this module failed, but the next one might succeed with - * this password. - */ - - retval = PAM_AUTH_ERR; - } - - if (resp) { /* clean up */ - _pam_drop_reply(resp, i); - } - - /* success or failure */ - - return retval; - } -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_IGNORE; -} - - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_ftp_modstruct = { - "pam_ftp", - pam_sm_authenticate, - pam_sm_setcred, - NULL, - NULL, - NULL, - NULL, -}; - -#endif - -/* end of module definition */ diff --git a/contrib/libpam/modules/pam_issue/Makefile b/contrib/libpam/modules/pam_issue/Makefile deleted file mode 100644 index 1bd2be2..0000000 --- a/contrib/libpam/modules/pam_issue/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:04 agmorgan Exp $ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_issue - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_issue/pam_issue.c b/contrib/libpam/modules/pam_issue/pam_issue.c deleted file mode 100644 index 2cb54be..0000000 --- a/contrib/libpam/modules/pam_issue/pam_issue.c +++ /dev/null @@ -1,266 +0,0 @@ -/* pam_issue module - a simple /etc/issue parser to set PAM_USER_PROMPT - * - * Copyright 1999 by Ben Collins <bcollins@debian.org> - * - * Needs to be called before any other auth modules so we can setup the - * user prompt before it's first used. Allows one argument option, which - * is the full path to a file to be used for issue (uses /etc/issue as a - * default) such as "issue=/etc/issue.telnet". - * - * We can also parse escapes within the the issue file (enabled by - * default, but can be disabled with the "noesc" option). It's the exact - * same parsing as util-linux's agetty program performs. - * - * Released under the GNU LGPL version 2 or later - */ - -#define _GNU_SOURCE -#define _BSD_SOURCE - -#include <string.h> -#include <stdio.h> -#include <stdlib.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <time.h> -#include <fcntl.h> -#include <string.h> -#include <unistd.h> -#include <sys/utsname.h> -#include <utmp.h> -#include <malloc.h> - -#include <security/_pam_macros.h> - -#define PAM_SM_AUTH - -#include <security/pam_modules.h> - -static int _user_prompt_set = 0; - -char *do_prompt (FILE *); - -/* --- authentication management functions (only) --- */ - -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, - const char **argv) -{ - int retval = PAM_SUCCESS; - FILE *fd; - int parse_esc = 1; - char *prompt_tmp = NULL, *cur_prompt = NULL; - struct stat st; - char *issue_file = NULL; - - /* If we've already set the prompt, don't set it again */ - if(_user_prompt_set) - return PAM_IGNORE; - else - /* we set this here so if we fail below, we wont get further - than this next time around (only one real failure) */ - _user_prompt_set = 1; - - for ( ; argc-- > 0 ; ++argv ) { - if (!strncmp(*argv,"issue=",6)) { - issue_file = (char *) strdup(6+*argv); - if (issue_file != NULL) { - D(("set issue_file to: %s", issue_file)); - } else { - D(("failed to strdup issue_file - ignored")); - return PAM_IGNORE; - } - } else if (!strcmp(*argv,"noesc")) { - parse_esc = 0; - D(("turning off escape parsing by request")); - } else - D(("unknown option passed: %s", *argv)); - } - - if (issue_file == NULL) - issue_file = strdup("/etc/issue"); - - if ((fd = fopen(issue_file, "r")) != NULL) { - int tot_size = 0; - - if (stat(issue_file, &st) < 0) - return PAM_IGNORE; - - retval = pam_get_item(pamh, PAM_USER_PROMPT, (const void **) &cur_prompt); - if (retval != PAM_SUCCESS) - return PAM_IGNORE; - - /* first read in the issue file */ - - if (parse_esc) - prompt_tmp = do_prompt(fd); - else { - int count = 0; - prompt_tmp = malloc(st.st_size + 1); - if (prompt_tmp == NULL) return PAM_IGNORE; - memset (prompt_tmp, '\0', st.st_size + 1); - count = fread(prompt_tmp, sizeof(char *), st.st_size, fd); - prompt_tmp[st.st_size] = '\0'; - } - - fclose(fd); - - tot_size = strlen(prompt_tmp) + strlen(cur_prompt) + 1; - - /* - * alloc some extra space for the original prompt - * and postpend it to the buffer - */ - prompt_tmp = realloc(prompt_tmp, tot_size); - strcpy(prompt_tmp+strlen(prompt_tmp), cur_prompt); - - prompt_tmp[tot_size] = '\0'; - - retval = pam_set_item(pamh, PAM_USER_PROMPT, (const char *) prompt_tmp); - - free(issue_file); - free(prompt_tmp); - } else { - D(("could not open issue_file: %s", issue_file)); - return PAM_IGNORE; - } - - return retval; -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, - const char **argv) -{ - return PAM_IGNORE; -} - -char *do_prompt(FILE *fd) -{ - int c, size = 1024; - char *issue = (char *)malloc(size); - char buf[1024]; - struct utsname uts; - - if (issue == NULL || fd == NULL) - return NULL; - - issue[0] = '\0'; /* zero this, for strcat to work on first buf */ - (void) uname(&uts); - - while ((c = getc(fd)) != EOF) { - if (c == '\\') { - c = getc(fd); - switch (c) { - case 's': - snprintf (buf, 1024, "%s", uts.sysname); - break; - case 'n': - snprintf (buf, 1024, "%s", uts.nodename); - break; - case 'r': - snprintf (buf, 1024, "%s", uts.release); - break; - case 'v': - snprintf (buf, 1024, "%s", uts.version); - break; - case 'm': - snprintf (buf, 1024, "%s", uts.machine); - break; - case 'o': - { - char domainname[256]; - - getdomainname(domainname, sizeof(domainname)); - domainname[sizeof(domainname)-1] = '\0'; - snprintf (buf, 1024, "%s", domainname); - } - break; - - case 'd': - case 't': - { - const char *weekday[] = { - "Sun", "Mon", "Tue", "Wed", "Thu", - "Fri", "Sat" }; - const char *month[] = { - "Jan", "Feb", "Mar", "Apr", "May", - "Jun", "Jul", "Aug", "Sep", "Oct", - "Nov", "Dec" }; - time_t now; - struct tm *tm; - - (void) time (&now); - tm = localtime(&now); - - if (c == 'd') - snprintf (buf, 1024, "%s %s %d %d", - weekday[tm->tm_wday], month[tm->tm_mon], - tm->tm_mday, - tm->tm_year + 1900); - else - snprintf (buf, 1024, "%02d:%02d:%02d", - tm->tm_hour, tm->tm_min, tm->tm_sec); - } - break; - case 'l': - { - char *ttyn = ttyname(1); - if (!strncmp(ttyn, "/dev/", 5)) - ttyn += 5; - snprintf (buf, 1024, "%s", ttyn); - } - break; - case 'u': - case 'U': - { - int users = 0; - struct utmp *ut; - setutent(); - while ((ut = getutent())) - if (ut->ut_type == USER_PROCESS) - users++; - endutent(); - printf ("%d ", users); - if (c == 'U') - snprintf (buf, 1024, "%s", (users == 1) ? - " user" : " users"); - break; - } - default: - buf[0] = c; buf[1] = '\0'; - } - if ((strlen(issue) + strlen(buf)) < size + 1) { - size += strlen(buf) + 1; - issue = (char *) realloc (issue, size); - } - strcat(issue, buf); - } else { - buf[0] = c; buf[1] = '\0'; - if ((strlen(issue) + strlen(buf)) < size + 1) { - size += strlen(buf) + 1; - issue = (char *) realloc (issue, size); - } - strcat(issue, buf); - } - } - return issue; -} - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_issue_modstruct = { - "pam_issue", - pam_sm_authenticate, - pam_sm_setcred, - NULL, - NULL, - NULL, - NULL, -}; - -#endif - -/* end of module definition */ diff --git a/contrib/libpam/modules/pam_mail/README b/contrib/libpam/modules/pam_mail/README deleted file mode 100644 index 155bd1d..0000000 --- a/contrib/libpam/modules/pam_mail/README +++ /dev/null @@ -1,17 +0,0 @@ -This is the README for pam_mail -------------------------------- - -This PAM module tells the User that he has new/unread email. - -Options for: -auth: for authentication it provides pam_authenticate() and - pam_setcred() hooks. - - "debug" write more information to syslog - "dir=maildir" users mailbox is maildir/<login> - "hash=count" mail directory hash depth - "close" print message also on logout - "nopen" print message not on login - "noenv" don't set the MAIL environment variable - "empty" also print message if user has no mail - diff --git a/contrib/libpam/modules/pam_mkhomedir/Makefile b/contrib/libpam/modules/pam_mkhomedir/Makefile deleted file mode 100644 index f017f4a..0000000 --- a/contrib/libpam/modules/pam_mkhomedir/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -# -# $Id: Makefile,v 1.3 2000/11/19 23:54:04 agmorgan Exp $ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_mkhomedir - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_mkhomedir/pam_mkhomedir.c b/contrib/libpam/modules/pam_mkhomedir/pam_mkhomedir.c deleted file mode 100644 index ec05993..0000000 --- a/contrib/libpam/modules/pam_mkhomedir/pam_mkhomedir.c +++ /dev/null @@ -1,370 +0,0 @@ -/* PAM Make Home Dir module - - This module will create a users home directory if it does not exist - when the session begins. This allows users to be present in central - database (such as nis, kerb or ldap) without using a distributed - file system or pre-creating a large number of directories. - - Here is a sample /etc/pam.d/login file for Debian GNU/Linux - 2.1: - - auth requisite pam_securetty.so - auth sufficient pam_ldap.so - auth required pam_pwdb.so - auth optional pam_group.so - auth optional pam_mail.so - account requisite pam_time.so - account sufficient pam_ldap.so - account required pam_pwdb.so - session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 - session required pam_pwdb.so - session optional pam_lastlog.so - password required pam_pwdb.so - - Released under the GNU LGPL version 2 or later - Originally written by Jason Gunthorpe <jgg@debian.org> Feb 1999 - Structure taken from pam_lastlogin by Andrew Morgan - <morgan@parc.power.net> 1996 - */ - -/* I want snprintf dammit */ -#define _GNU_SOURCE 1 -#include <stdarg.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <fcntl.h> -#include <unistd.h> -#include <pwd.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <dirent.h> - -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_SESSION - -#include <security/pam_modules.h> -#include <security/_pam_macros.h> - -/* argument parsing */ -#define MKHOMEDIR_DEBUG 020 /* keep quiet about things */ -#define MKHOMEDIR_QUIET 040 /* keep quiet about things */ - -static unsigned int UMask = 0022; -static char SkelDir[BUFSIZ] = "/etc/skel"; - -/* some syslogging */ -static void _log_err(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog("PAM-mkhomedir", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - -static int _pam_parse(int flags, int argc, const char **argv) -{ - int ctrl = 0; - - /* does the appliction require quiet? */ - if ((flags & PAM_SILENT) == PAM_SILENT) - ctrl |= MKHOMEDIR_QUIET; - - /* step through arguments */ - for (; argc-- > 0; ++argv) - { - if (!strcmp(*argv, "silent")) - { - ctrl |= MKHOMEDIR_QUIET; - } - else if (!strncmp(*argv,"umask=",6)) - UMask = strtol(*argv+6,0,0); - else if (!strncmp(*argv,"skel=",5)) - strcpy(SkelDir,*argv+5); - else - { - _log_err(LOG_ERR, "unknown option; %s", *argv); - } - } - - D(("ctrl = %o", ctrl)); - return ctrl; -} - -/* This common function is used to send a message to the applications - conversion function. Our only use is to ask the application to print - an informative message that we are creating a home directory */ -static int converse(pam_handle_t * pamh, int ctrl, int nargs - ,struct pam_message **message - ,struct pam_response **response) -{ - int retval; - struct pam_conv *conv; - - D(("begin to converse")); - - retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv); - if (retval == PAM_SUCCESS) - { - - retval = conv->conv(nargs, (const struct pam_message **) message - ,response, conv->appdata_ptr); - - D(("returned from application's conversation function")); - - if (retval != PAM_SUCCESS && (ctrl & MKHOMEDIR_DEBUG)) - { - _log_err(LOG_DEBUG, "conversation failure [%s]" - ,pam_strerror(pamh, retval)); - } - - } - else - { - _log_err(LOG_ERR, "couldn't obtain coversation function [%s]" - ,pam_strerror(pamh, retval)); - } - - D(("ready to return from module conversation")); - - return retval; /* propagate error status */ -} - -/* Ask the application to display a short text string for us. */ -static int make_remark(pam_handle_t * pamh, int ctrl, const char *remark) -{ - int retval; - - if ((ctrl & MKHOMEDIR_QUIET) != MKHOMEDIR_QUIET) - { - struct pam_message msg[1], *mesg[1]; - struct pam_response *resp = NULL; - - mesg[0] = &msg[0]; - msg[0].msg_style = PAM_TEXT_INFO; - msg[0].msg = remark; - - retval = converse(pamh, ctrl, 1, mesg, &resp); - - msg[0].msg = NULL; - if (resp) - { - _pam_drop_reply(resp, 1); - } - } - else - { - D(("keeping quiet")); - retval = PAM_SUCCESS; - } - - D(("returning %s", pam_strerror(pamh, retval))); - return retval; -} - -/* Do the actual work of creating a home dir */ -static int create_homedir(pam_handle_t * pamh, int ctrl, - const struct passwd *pwd) -{ - char *remark; - DIR *D; - struct dirent *Dir; - - /* Some scratch space */ - remark = malloc(BUFSIZ); - if (remark == NULL) - { - D(("no memory for last login remark")); - return PAM_BUF_ERR; - } - - /* Mention what is happening, if the notification fails that is OK */ - if (snprintf(remark,BUFSIZ,"Creating home directory '%s'.", - pwd->pw_dir) == -1) - return PAM_PERM_DENIED; - - make_remark(pamh, ctrl, remark); - - /* Crete the home directory */ - if (mkdir(pwd->pw_dir,0700) != 0) - { - free(remark); - _log_err(LOG_DEBUG, "unable to create home directory %s",pwd->pw_dir); - return PAM_PERM_DENIED; - } - if (chmod(pwd->pw_dir,0777 & (~UMask)) != 0 || - chown(pwd->pw_dir,pwd->pw_uid,pwd->pw_gid) != 0) - { - free(remark); - _log_err(LOG_DEBUG, "unable to chance perms on home directory %s",pwd->pw_dir); - return PAM_PERM_DENIED; - } - - /* See if we need to copy the skel dir over. */ - if (SkelDir[0] == 0) - { - free(remark); - return PAM_SUCCESS; - } - - /* Scan the directory */ - D = opendir(SkelDir); - if (D == 0) - { - free(remark); - _log_err(LOG_DEBUG, "unable to read directory %s",SkelDir); - return PAM_PERM_DENIED; - } - - for (Dir = readdir(D); Dir != 0; Dir = readdir(D)) - { - int SrcFd; - int DestFd; - int Res; - struct stat St; - - /* Skip some files.. */ - if (strcmp(Dir->d_name,".") == 0 || - strcmp(Dir->d_name,"..") == 0) - continue; - - /* Check if it is a directory */ - snprintf(remark,BUFSIZ,"%s/%s",SkelDir,Dir->d_name); - if (stat(remark,&St) != 0) - continue; - if (S_ISDIR(St.st_mode)) - { - snprintf(remark,BUFSIZ,"%s/%s",pwd->pw_dir,Dir->d_name); - if (mkdir(remark,(St.st_mode | 0222) & (~UMask)) != 0 || - chmod(remark,(St.st_mode | 0222) & (~UMask)) != 0 || - chown(remark,pwd->pw_uid,pwd->pw_gid) != 0) - { - free(remark); - _log_err(LOG_DEBUG, "unable to change perms on copy %s",remark); - return PAM_PERM_DENIED; - } - continue; - } - - /* Open the source file */ - if ((SrcFd = open(remark,O_RDONLY)) < 0 || fstat(SrcFd,&St) != 0) - { - free(remark); - _log_err(LOG_DEBUG, "unable to open src file %s",remark); - return PAM_PERM_DENIED; - } - stat(remark,&St); - - /* Open the dest file */ - snprintf(remark,BUFSIZ,"%s/%s",pwd->pw_dir,Dir->d_name); - if ((DestFd = open(remark,O_WRONLY | O_TRUNC | O_CREAT,0600)) < 0) - { - close(SrcFd); - free(remark); - _log_err(LOG_DEBUG, "unable to open dest file %s",remark); - return PAM_PERM_DENIED; - } - - /* Set the proper ownership and permissions for the module. We make - the file a+w and then mask it with the set mask. This preseves - execute bits */ - if (fchmod(DestFd,(St.st_mode | 0222) & (~UMask)) != 0 || - fchown(DestFd,pwd->pw_uid,pwd->pw_gid) != 0) - { - free(remark); - _log_err(LOG_DEBUG, "unable to chang perms on copy %s",remark); - return PAM_PERM_DENIED; - } - - /* Copy the file */ - do - { - Res = read(SrcFd,remark,BUFSIZ); - if (Res < 0 || write(DestFd,remark,Res) != Res) - { - close(SrcFd); - close(DestFd); - free(remark); - _log_err(LOG_DEBUG, "unable to perform IO"); - return PAM_PERM_DENIED; - } - } - while (Res != 0); - close(SrcFd); - close(DestFd); - } - - free(remark); - return PAM_SUCCESS; -} - -/* --- authentication management functions (only) --- */ - -PAM_EXTERN -int pam_sm_open_session(pam_handle_t * pamh, int flags, int argc - ,const char **argv) -{ - int retval, ctrl; - const char *user; - const struct passwd *pwd; - struct stat St; - - /* Parse the flag values */ - ctrl = _pam_parse(flags, argc, argv); - - /* Determine the user name so we can get the home directory */ - retval = pam_get_item(pamh, PAM_USER, (const void **) &user); - if (retval != PAM_SUCCESS || user == NULL || *user == '\0') - { - _log_err(LOG_NOTICE, "user unknown"); - return PAM_USER_UNKNOWN; - } - - /* Get the password entry */ - pwd = getpwnam(user); - if (pwd == NULL) - { - D(("couldn't identify user %s", user)); - return PAM_CRED_INSUFFICIENT; - } - - /* Stat the home directory, if something exists then we assume it is - correct and return a success*/ - if (stat(pwd->pw_dir,&St) == 0) - return PAM_SUCCESS; - - return create_homedir(pamh,ctrl,pwd); -} - -/* Ignore */ -PAM_EXTERN -int pam_sm_close_session(pam_handle_t * pamh, int flags, int argc - ,const char **argv) -{ - return PAM_SUCCESS; -} - -#ifdef PAM_STATIC - -/* static module data */ -struct pam_module _pam_mkhomedir_modstruct = -{ - "pam_mkhomedir", - NULL, - NULL, - NULL, - pam_sm_open_session, - pam_sm_close_session, - NULL, -}; - -#endif diff --git a/contrib/libpam/modules/pam_motd/Makefile b/contrib/libpam/modules/pam_motd/Makefile deleted file mode 100644 index fb83807..0000000 --- a/contrib/libpam/modules/pam_motd/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:04 agmorgan Exp $ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_motd - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_motd/pam_motd.c b/contrib/libpam/modules/pam_motd/pam_motd.c deleted file mode 100644 index 2434b29..0000000 --- a/contrib/libpam/modules/pam_motd/pam_motd.c +++ /dev/null @@ -1,119 +0,0 @@ -/* pam_motd module */ - -/* - * Modified for pam_motd by Ben Collins <bcollins@debian.org> - * - * Based off of: - * $Id: pam_motd.c,v 1.1.1.1 2000/06/20 22:11:46 agmorgan Exp $ - * - * Written by Michael K. Johnson <johnsonm@redhat.com> 1996/10/24 - * - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> -#include <unistd.h> -#include <fcntl.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <pwd.h> - -#include <security/_pam_macros.h> -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_SESSION -#define DEFAULT_MOTD "/etc/motd" - -#include <security/pam_modules.h> - -/* --- session management functions (only) --- */ - -PAM_EXTERN -int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, - const char **argv) -{ - return PAM_IGNORE; -} - -PAM_EXTERN -int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, - const char **argv) -{ - int retval = PAM_IGNORE; - int fd; - char *mtmp=NULL, *motd_path=NULL; - struct pam_conv *conversation; - struct pam_message message; - struct pam_message *pmessage = &message; - struct pam_response *resp = NULL; - struct stat st; - - if (flags & PAM_SILENT) { - return retval; - } - - for (; argc-- > 0; ++argv) { - if (!strncmp(*argv,"motd=",5)) { - motd_path = (char *) strdup(5+*argv); - if (motd_path != NULL) { - D(("set motd path: %s", motd_path)); - } else { - D(("failed to duplicate motd path - ignored")); - } - } - } - - if (motd_path == NULL) - motd_path = DEFAULT_MOTD; - - message.msg_style = PAM_TEXT_INFO; - - if ((fd = open(motd_path, O_RDONLY, 0)) >= 0) { - /* fill in message buffer with contents of motd */ - if ((fstat(fd, &st) < 0) || !st.st_size) - return retval; - message.msg = mtmp = malloc(st.st_size+1); - /* if malloc failed... */ - if (!message.msg) return retval; - read(fd, mtmp, st.st_size); - if (mtmp[st.st_size-1] == '\n') - mtmp[st.st_size-1] = '\0'; - else - mtmp[st.st_size] = '\0'; - close(fd); - /* Use conversation function to give user contents of motd */ - pam_get_item(pamh, PAM_CONV, (const void **)&conversation); - conversation->conv(1, (const struct pam_message **)&pmessage, - &resp, conversation->appdata_ptr); - free(mtmp); - if (resp) - _pam_drop_reply(resp, 1); - } - - return retval; -} - - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_motd_modstruct = { - "pam_motd", - NULL, - NULL, - NULL, - pam_sm_open_session, - pam_sm_close_session, - NULL, -}; - -#endif - -/* end of module definition */ diff --git a/contrib/libpam/modules/pam_nologin/Makefile b/contrib/libpam/modules/pam_nologin/Makefile deleted file mode 100644 index d6ad31b..0000000 --- a/contrib/libpam/modules/pam_nologin/Makefile +++ /dev/null @@ -1,88 +0,0 @@ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Michael K. Johnson <johnsonm@redhat.com> 1996/10/24 -# -# $FreeBSD$ -# - -TITLE=pam_nologin - -# - -LIBSRC = $(TITLE).c -LIBOBJ = $(TITLE).o -LIBOBJD = $(addprefix dynamic/,$(LIBOBJ)) -LIBOBJS = $(addprefix static/,$(LIBOBJ)) - -dynamic/%.o : %.c - $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ - -static/%.o : %.c - $(CC) $(CFLAGS) $(STATIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ - - -ifdef DYNAMIC -LIBSHARED = $(TITLE).so -endif - -ifdef STATIC -LIBSTATIC = lib$(TITLE).o -endif - -####################### don't edit below ####################### - -dummy: - - @echo "**** This is not a top-level Makefile " - exit - -all: dirs $(LIBSHARED) $(LIBSTATIC) register - -dirs: -ifdef DYNAMIC - mkdir -p ./dynamic -endif -ifdef STATIC - mkdir -p ./static -endif - -register: -ifdef STATIC - ( cd .. ; ./register_static $(TITLE) $(TITLE)/$(LIBSTATIC) ) -endif - -ifdef DYNAMIC -$(LIBOBJD): $(LIBSRC) - -$(LIBSHARED): $(LIBOBJD) - $(LD_D) -o $@ $(LIBOBJD) -endif - -ifdef STATIC -$(LIBOBJS): $(LIBSRC) - -$(LIBSTATIC): $(LIBOBJS) - $(LD) -r -o $@ $(LIBOBJS) -endif - -install: all - mkdir -p $(FAKEROOT)$(SECUREDIR) -ifdef DYNAMIC - install -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR) -endif - -remove: - rm -f $(FAKEROOT)$(SECUREDIR)/$(TITLE).so - -clean: - rm -f $(LIBOBJD) $(LIBOBJS) core *~ - -extraclean: clean - rm -f *.a *.o *.so *.bak dynamic/* static/* - -.c.o: - $(CC) $(CFLAGS) -c $< - diff --git a/contrib/libpam/modules/pam_nologin/README b/contrib/libpam/modules/pam_nologin/README deleted file mode 100644 index 14b4846..0000000 --- a/contrib/libpam/modules/pam_nologin/README +++ /dev/null @@ -1,13 +0,0 @@ -# $Id: README,v 1.1.1.1 2000/06/20 22:11:46 agmorgan Exp $ -# $FreeBSD$ -# - -This module always lets root in; it lets other users in only if the file -/etc/nologin doesn't exist. In any case, if /etc/nologin exists, it's -contents are displayed to the user. - -module services provided: - - auth _authentication and _setcred (blank) - -Michael K. Johnson diff --git a/contrib/libpam/modules/pam_nologin/pam_nologin.c b/contrib/libpam/modules/pam_nologin/pam_nologin.c deleted file mode 100644 index 6f79bfc..0000000 --- a/contrib/libpam/modules/pam_nologin/pam_nologin.c +++ /dev/null @@ -1,97 +0,0 @@ -/* pam_nologin module */ - -/* - * $Id: pam_nologin.c,v 1.2 2000/12/04 19:02:34 baggins Exp $ - * $FreeBSD$ - * - * Written by Michael K. Johnson <johnsonm@redhat.com> 1996/10/24 - * - */ - -#include <stdio.h> -#include <stdlib.h> -#include <unistd.h> -#include <fcntl.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <pwd.h> - -#include <security/_pam_macros.h> -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH - -#include <security/pam_modules.h> - -/* --- authentication management functions (only) --- */ - -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, - const char **argv) -{ - int retval = PAM_SUCCESS; - int fd; - const char *username; - char *mtmp=NULL; - struct passwd *user_pwd; - struct pam_conv *conversation; - struct pam_message message; - struct pam_message *pmessage = &message; - struct pam_response *resp = NULL; - struct stat st; - - if ((fd = open("/etc/nologin", O_RDONLY, 0)) >= 0) { - /* root can still log in; lusers cannot */ - if ((pam_get_user(pamh, &username, NULL) != PAM_SUCCESS) - || !username) { - return PAM_SERVICE_ERR; - } - user_pwd = getpwnam(username); - if (user_pwd && user_pwd->pw_uid == 0) { - message.msg_style = PAM_TEXT_INFO; - } else { - if (!user_pwd) { - retval = PAM_USER_UNKNOWN; - } else { - retval = PAM_AUTH_ERR; - } - message.msg_style = PAM_ERROR_MSG; - } - - /* fill in message buffer with contents of /etc/nologin */ - if (fstat(fd, &st) < 0) /* give up trying to display message */ - return retval; - message.msg = mtmp = malloc(st.st_size+1); - /* if malloc failed... */ - if (!message.msg) return retval; - read(fd, mtmp, st.st_size); - mtmp[st.st_size] = '\000'; - - /* Use conversation function to give user contents of /etc/nologin */ - pam_get_item(pamh, PAM_CONV, (const void **)&conversation); - conversation->conv(1, (const struct pam_message **)&pmessage, - &resp, conversation->appdata_ptr); - free(mtmp); - if (resp) - _pam_drop_reply(resp, 1); - } - - return retval; -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, - const char **argv) -{ - return PAM_SUCCESS; -} - - -/* end of module definition */ - -PAM_MODULE_ENTRY("pam_nologin"); diff --git a/contrib/libpam/modules/pam_permit/Makefile b/contrib/libpam/modules/pam_permit/Makefile deleted file mode 100644 index 7950e46..0000000 --- a/contrib/libpam/modules/pam_permit/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:04 agmorgan Exp $ -# $FreeBSD$ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_permit - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_permit/README b/contrib/libpam/modules/pam_permit/README deleted file mode 100644 index da179a3..0000000 --- a/contrib/libpam/modules/pam_permit/README +++ /dev/null @@ -1,4 +0,0 @@ -# $Id: README,v 1.1 1996/03/16 18:12:51 morgan Exp $ -# - -this module always returns PAM_SUCCESS, it ignores all options. diff --git a/contrib/libpam/modules/pam_permit/pam_permit.c b/contrib/libpam/modules/pam_permit/pam_permit.c deleted file mode 100644 index 7828cb9..0000000 --- a/contrib/libpam/modules/pam_permit/pam_permit.c +++ /dev/null @@ -1,99 +0,0 @@ -/* pam_permit module */ - -/* - * $Id: pam_permit.c,v 1.2 2000/12/04 19:02:34 baggins Exp $ - * $FreeBSD$ - * - * Written by Andrew Morgan <morgan@parc.power.net> 1996/3/11 - * - */ - -#define DEFAULT_USER "nobody" - -#include <stdio.h> - -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - -#include <security/pam_modules.h> -#include <security/_pam_macros.h> - -/* --- authentication management functions --- */ - -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - int retval; - const char *user=NULL; - - /* - * authentication requires we know who the user wants to be - */ - retval = pam_get_user(pamh, &user, NULL); - if (retval != PAM_SUCCESS) { - D(("get user returned error: %s", pam_strerror(pamh,retval))); - return retval; - } - if (user == NULL || *user == '\0') { - D(("username not known")); - pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER); - } - user = NULL; /* clean up */ - - return PAM_SUCCESS; -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SUCCESS; -} - -/* --- account management functions --- */ - -PAM_EXTERN -int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SUCCESS; -} - -/* --- password management --- */ - -PAM_EXTERN -int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SUCCESS; -} - -/* --- session management --- */ - -PAM_EXTERN -int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SUCCESS; -} - -PAM_EXTERN -int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SUCCESS; -} - -/* end of module definition */ - -PAM_MODULE_ENTRY("pam_permit"); diff --git a/contrib/libpam/modules/pam_rhosts/Makefile b/contrib/libpam/modules/pam_rhosts/Makefile deleted file mode 100644 index 0108969..0000000 --- a/contrib/libpam/modules/pam_rhosts/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:05 agmorgan Exp $ -# $FreeBSD$ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_rhosts_auth - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_rhosts/README b/contrib/libpam/modules/pam_rhosts/README deleted file mode 100644 index 8bd01aa..0000000 --- a/contrib/libpam/modules/pam_rhosts/README +++ /dev/null @@ -1,58 +0,0 @@ -$FreeBSD$ -arguments recognized: - -"no_hosts_equiv" -"no_rhosts" -"debug" -"nowarn" -"suppress" -"promiscuous" - -.rhosts/hosts.equiv format: - -There are positive entries, when one is matched authentication -succeeds and terminates. There are negative entries, when one is -matched authentication fails and terminates. Thus order is -significant. - -Entry hosts.equiv .rhosts -<host> All users on <host> are ok Same username from <host> is ok -<host> <user> <user> from <host> is ok ditto --<host> No users from <host> are ok ditto -<host> -<user> <user> from <host> is not ok ditto - -<host> can be ip (IPv4) numbers. - -Netgroups may be used in either host or user fields, and then applies -to all hosts, or users, in the netgroup. The syntax is - - +@<ng> - -The entries - - <host> +@<ng> - +@<ng> +@<ng> - +@<ng> <user> - -means exactly what you think it does. Negative entries are of the -form - - -@<ng> - -When the "promiscuous" option is given the special character + may be -used as a wildcard in any field. - - + Allow anyone from any host to connect. DANGEROUS. - + + Ditto. - + <user> Allow the user to connect from anywhere. DANGEROUS. - <host> + Allow any user from the host. Dangerous. - -These, perhaps more usefull, forms of the + form is also disallowed -unless "promiscuous" is specified: - - + -<user> Disallow the user from any host - + -@<ng> Disallow all members of the netgroup from any host - -When "promiscuous" is not specified a '+' is handled as a negative -match. - diff --git a/contrib/libpam/modules/pam_rhosts/pam_rhosts_auth.c b/contrib/libpam/modules/pam_rhosts/pam_rhosts_auth.c deleted file mode 100644 index f520fda..0000000 --- a/contrib/libpam/modules/pam_rhosts/pam_rhosts_auth.c +++ /dev/null @@ -1,787 +0,0 @@ -/*---------------------------------------------------------------------- - * Modified for Linux-PAM by Al Longyear <longyear@netcom.com> 96/5/5 - * Modifications, Cristian Gafton 97/2/8 - * Modifications, Peter Allgeyer 97/3 - * Modifications (netgroups and fixes), Nicolai Langfeldt 97/3/21 - * Security fix: 97/10/2 - gethostbyname called repeatedly without care - * Modification (added privategroup option) Andrew <morgan@transmeta.com> - *---------------------------------------------------------------------- - * Copyright (c) 1983, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * $FreeBSD$ - */ - -#define _BSD_SOURCE - -#define USER_RHOSTS_FILE "/.rhosts" /* prefixed by user's home dir */ - -#ifdef linux -#include <endian.h> -#endif - -#ifdef NEED_FSUID_H -#include <sys/fsuid.h> -#endif /* NEED_FSUID_H */ - -#include <sys/types.h> -#include <sys/uio.h> -#include <string.h> -#include <unistd.h> -#include <stdlib.h> -#include <sys/param.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> /* This is supposed(?) to contain the following */ -int innetgr(const char *, const char *, const char *,const char *); - -#include <stdio.h> -#include <errno.h> -#include <sys/time.h> -#include <arpa/inet.h> - -#ifndef MAXDNAME -#define MAXDNAME 256 -#endif - -#include <stdarg.h> -#include <ctype.h> - -#include <net/if.h> -#ifdef linux -# include <linux/sockios.h> -# ifndef __USE_MISC -# define __USE_MISC -# include <sys/fsuid.h> -# endif /* __USE_MISC */ -#endif - -#include <pwd.h> -#include <grp.h> -#include <sys/file.h> -#include <sys/signal.h> -#include <sys/stat.h> -#include <syslog.h> -#ifndef _PATH_HEQUIV -#define _PATH_HEQUIV "/etc/hosts.equiv" -#endif /* _PATH_HEQUIV */ - -#define PAM_SM_AUTH /* only defines this management group */ - -#include <security/pam_modules.h> -#include <security/_pam_macros.h> - -/* to the best of my knowledge, all modern UNIX boxes have 32 bit integers */ -#define U32 unsigned int - - -/* - * Options for this module - */ - -struct _options { - int opt_no_hosts_equiv; - int opt_hosts_equiv_rootok; - int opt_no_rhosts; - int opt_debug; - int opt_nowarn; - int opt_disallow_null_authtok; - int opt_silent; - int opt_promiscuous; - int opt_suppress; - int opt_private_group; - int opt_no_uid_check; - const char *superuser; - const char *last_error; -}; - -/* logging */ -static void _pam_log(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog("pam_rhosts_auth", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - -static void set_option (struct _options *opts, const char *arg) -{ - if (strcmp(arg, "no_hosts_equiv") == 0) { - opts->opt_no_hosts_equiv = 1; - return; - } - - if (strcmp(arg, "hosts_equiv_rootok") == 0) { - opts->opt_hosts_equiv_rootok = 1; - return; - } - - if (strcmp(arg, "no_rhosts") == 0) { - opts->opt_no_rhosts = 1; - return; - } - - if (strcmp(arg, "debug") == 0) { - D(("debugging enabled")); - opts->opt_debug = 1; - return; - } - - if (strcmp(arg, "no_warn") == 0) { - opts->opt_nowarn = 1; - return; - } - - if (strcmp(arg, "promiscuous") == 0) { - opts->opt_promiscuous = 1; /* used to permit '+' in ...hosts file */ - return; - } - - if (strcmp(arg, "suppress") == 0) { - opts->opt_suppress = 1; /* used to suppress failure warning message */ - return; - } - - if (strcmp(arg, "privategroup") == 0) { - opts->opt_private_group = 1; /* used to permit group write on .rhosts - file if group has same name as owner */ - return; - } - - if (strcmp(arg, "no_uid_check") == 0) { - opts->opt_no_uid_check = 1; /* NIS optimization */ - return; - } - - if (strcmp(arg, "superuser=") == 0) { - opts->superuser = arg+sizeof("superuser=")-1; - return; - } - /* - * All other options are ignored at the present time. - */ - _pam_log(LOG_WARNING, "unrecognized option '%s'", arg); -} - -static void set_parameters (struct _options *opts, int flags, - int argc, const char **argv) -{ - opts->opt_silent = flags & PAM_SILENT; - opts->opt_disallow_null_authtok = flags & PAM_DISALLOW_NULL_AUTHTOK; - - while (argc-- > 0) { - set_option (opts, *argv); - ++argv; - } -} - -/* - * Obtain the name of the remote host. Currently, this is simply by - * requesting the contents of the PAM_RHOST item. - */ - -static int pam_get_rhost(pam_handle_t *pamh, const char **rhost - , const char *prompt) -{ - int retval; - const char *current; - - retval = pam_get_item (pamh, PAM_RHOST, (const void **)¤t); - if (retval != PAM_SUCCESS) - return retval; - - if (current == NULL) { - return PAM_AUTH_ERR; - } - *rhost = current; - - return retval; /* pass on any error from conversation */ -} - -/* - * Obtain the name of the remote user. Currently, this is simply by - * requesting the contents of the PAM_RUSER item. - */ - -static int pam_get_ruser(pam_handle_t *pamh, const char **ruser - , const char *prompt) -{ - int retval; - const char *current; - - retval = pam_get_item (pamh, PAM_RUSER, (const void **)¤t); - if (retval != PAM_SUCCESS) - return retval; - - if (current == NULL) { - return PAM_AUTH_ERR; - } - *ruser = current; - - return retval; /* pass on any error from conversation */ -} - -/* - * Returns 1 if positive match, 0 if no match, -1 if negative match. - */ - -static int -__icheckhost (pam_handle_t *pamh, struct _options *opts, U32 raddr - , register char *lhost, const char *rhost) -{ - struct hostent *hp; - U32 laddr; - int negate=1; /* Multiply return with this to get -1 instead of 1 */ - char **pp, *user; - - /* Check nis netgroup. We assume that pam has done all needed - paranoia checking before we are handed the rhost */ - if (strncmp("+@",lhost,2) == 0) - return(innetgr(&lhost[2],rhost,NULL,NULL)); - - if (strncmp("-@",lhost,2) == 0) - return(-innetgr(&lhost[2],rhost,NULL,NULL)); - - /* -host */ - if (strncmp("-",lhost,1) == 0) { - negate=-1; - lhost++; - } else if (strcmp("+",lhost) == 0) { - (void) pam_get_item(pamh, PAM_USER, (const void **)&user); - D(("user %s has a `+' host entry", user)); - if (opts->opt_promiscuous) - return (1); /* asking for trouble, but ok.. */ - /* If not promiscuous: handle as negative */ - return (-1); - } - - /* Try for raw ip address first. */ - if (isdigit(*lhost) && (long)(laddr = inet_addr(lhost)) != -1) - return (negate*(! (raddr ^ laddr))); - - /* Better be a hostname. */ - hp = gethostbyname(lhost); - if (hp == NULL) - return (0); - - /* Spin through ip addresses. */ - for (pp = hp->h_addr_list; *pp; ++pp) - if (!memcmp (&raddr, *pp, sizeof (U32))) - return (negate); - - /* No match. */ - return (0); -} - -/* Returns 1 on positive match, 0 on no match, -1 on negative match */ - -static int __icheckuser(pam_handle_t *pamh, struct _options *opts - , const char *luser, const char *ruser - , const char *rhost) -{ - /* - luser is user entry from .rhosts/hosts.equiv file - ruser is user id on remote host - rhost is the remote host name - */ - char *user; - - /* [-+]@netgroup */ - if (strncmp("+@",luser,2) == 0) - return (innetgr(&luser[2],NULL,ruser,NULL)); - - if (strncmp("-@",luser,2) == 0) - return (-innetgr(&luser[2],NULL,ruser,NULL)); - - /* -user */ - if (strncmp("-",luser,1) == 0) - return(-(strcmp(&luser[1],ruser) == 0)); - - /* + */ - if (strcmp("+",luser) == 0) { - (void) pam_get_item(pamh, PAM_USER, (const void **)&user); - _pam_log(LOG_WARNING, "user %s has a `+' user entry", user); - if (opts->opt_promiscuous) - return(1); - /* If not promiscuous we handle it as a negative match */ - return(-1); - } - - /* simple string match */ - return (strcmp(ruser, luser) == 0); -} - -/* - * Returns 1 for blank lines (or only comment lines) and 0 otherwise - */ - -static int __isempty(char *p) -{ - while (*p && isspace(*p)) { - ++p; - } - - return (*p == '\0' || *p == '#') ? 1:0 ; -} - -/* - * Returns 0 if positive match, 1 if _not_ ok. - */ - -static int -__ivaliduser (pam_handle_t *pamh, struct _options *opts, - FILE *hostf, U32 raddr, - const char *luser, const char *ruser, const char *rhost) -{ - register const char *user; - register char *p; - int hcheck, ucheck; - char buf[MAXHOSTNAMELEN + 128]; /* host + login */ - - buf[sizeof (buf)-1] = '\0'; /* terminate line */ - - while (fgets(buf, sizeof(buf), hostf) != NULL) { /* hostf file line */ - p = buf; /* from beginning of file.. */ - - /* Skip empty or comment lines */ - if (__isempty(p)) { - continue; - } - - /* Skip lines that are too long. */ - if (strchr(p, '\n') == NULL) { - int ch = getc(hostf); - - while (ch != '\n' && ch != EOF) - ch = getc(hostf); - continue; - } - - /* - * If there is a hostname at the start of the line. Set it to - * lower case. A leading ' ' or '\t' indicates no hostname - */ - - for (;*p && !isspace(*p); ++p) { - *p = tolower(*p); - } - - /* - * next we want to find the permitted name for the remote user - */ - - if (*p == ' ' || *p == '\t') { - - /* <nul> terminate hostname and skip spaces */ - for (*p++='\0'; *p && isspace(*p); ++p); - - user = p; /* this is the user's name */ - while (*p && !isspace(*p)) - ++p; /* find end of user's name */ - } else - user = p; - - *p = '\0'; /* <nul> terminate username (+host?) */ - - /* buf -> host(?) ; user -> username(?) */ - - /* First check host part */ - hcheck=__icheckhost(pamh, opts, raddr, buf, rhost); - - if (hcheck<0) - return(1); - - if (hcheck) { - /* Then check user part */ - if (! (*user)) - user = luser; - - ucheck=__icheckuser(pamh, opts, user, ruser, rhost); - - /* Positive 'host user' match? */ - if (ucheck>0) - return(0); - - /* Negative 'host -user' match? */ - if (ucheck<0) - return(1); - - /* Neither, go on looking for match */ - } - } - - return (1); -} - -/* - * New .rhosts strategy: We are passed an ip address. We spin through - * hosts.equiv and .rhosts looking for a match. When the .rhosts only - * has ip addresses, we don't have to trust a nameserver. When it - * contains hostnames, we spin through the list of addresses the nameserver - * gives us and look for a match. - * - * Returns 0 if ok, -1 if not ok. - */ - -static int -pam_iruserok(pam_handle_t *pamh, - struct _options *opts, U32 raddr, int superuser, - const char *ruser, const char *luser, const char *rhost) -{ - const char *cp; - struct stat sbuf; - struct passwd *pwd; - FILE *hostf; - uid_t uid; - int answer; - char pbuf[MAXPATHLEN]; /* potential buffer overrun */ - - if ((!superuser||opts->opt_hosts_equiv_rootok) && !opts->opt_no_hosts_equiv ) { - - /* try to open system hosts.equiv file */ - hostf = fopen (_PATH_HEQUIV, "r"); - if (hostf) { - answer = __ivaliduser(pamh, opts, hostf, raddr, luser - , ruser, rhost); - (void) fclose(hostf); - if (answer == 0) - return 0; /* remote host is equivalent to localhost */ - } /* else { - No hosts.equiv file on system. - } */ - } - - if ( opts->opt_no_rhosts ) - return 1; - - /* - * Identify user's local .rhosts file - */ - - pwd = getpwnam(luser); - if (pwd == NULL) { - /* - * luser is assumed to be valid because of an earlier check for uid = 0 - * we don't log this error twice. However, this shouldn't happen ! - * --cristiang - */ - return(1); - } - - /* check for buffer overrun */ - if (strlen(pwd->pw_dir) + sizeof(USER_RHOSTS_FILE) + 2 >= MAXPATHLEN) { - if (opts->opt_debug) - _pam_log(LOG_DEBUG,"home directory for `%s' is too long", luser); - return 1; /* to dangerous to try */ - } - - (void) strcpy(pbuf, pwd->pw_dir); - (void) strcat(pbuf, USER_RHOSTS_FILE); - - /* - * Change effective uid while _reading_ .rhosts. (not just - * opening). If root and reading an NFS mounted file system, - * can't read files that are 0600 as .rhosts files should be. - */ - - /* We are root, this will not fail */ -#ifdef linux - /* If we are on linux the better way is setfsuid */ - uid = setfsuid(pwd->pw_uid); - hostf = fopen(pbuf, "r"); -#else - uid = geteuid(); - (void) seteuid(pwd->pw_uid); - hostf = fopen(pbuf, "r"); -#endif - - if (hostf == NULL) { - if (opts->opt_debug) - _pam_log(LOG_DEBUG,"Could not open %s file",pbuf); - answer = 1; - goto exit_function; - } - - /* - * If not a regular file, or is owned by someone other than - * user or root or if writeable by anyone but the owner, quit. - */ - - cp = NULL; - if (lstat(pbuf, &sbuf) < 0 || !S_ISREG(sbuf.st_mode)) - cp = ".rhosts not regular file"; - else if (fstat(fileno(hostf), &sbuf) < 0) - cp = ".rhosts fstat failed"; - else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) - cp = "bad .rhosts owner"; - else if (sbuf.st_mode & S_IWOTH) - cp = ".rhosts writable by other!"; - else if (sbuf.st_mode & S_IWGRP) { - - /* private group caveat */ - if (opts->opt_private_group) { - struct group *grp = getgrgid(sbuf.st_gid); - - if (NULL == grp || NULL == grp->gr_name - || strcmp(luser,grp->gr_name)) { - cp = ".rhosts writable by public group"; - } else if (grp->gr_mem) { - int gcount; - - /* require at most one member (luser) of this group */ - for (gcount=0; grp->gr_mem[gcount]; ++gcount) { - if (strcmp(grp->gr_mem[gcount], luser)) { - gcount = -1; - break; - } - } - if (gcount < 0) { - cp = ".rhosts writable by other members of group"; - } - } - } else { - cp = ".rhosts writable by group"; - } - - } /* It is _NOT_ safe to append an else here... Do so prior to - * S_IWGRP check */ - - /* If there were any problems, quit. */ - if (cp) { - opts->last_error = cp; - answer = 1; - goto exit_function; - } - - answer = __ivaliduser (pamh, opts, hostf, raddr, luser, ruser, rhost); - -exit_function: - /* - * Go here to exit after the fsuid/euid has been adjusted so that - * they are reset before we exit. - */ - -#ifdef linux - setfsuid(uid); -#else - (void)seteuid(uid); -#endif - - if (hostf != NULL) - (void) fclose(hostf); - - return answer; -} - -static int -pam_ruserok (pam_handle_t *pamh, - struct _options *opts, const char *rhost, int superuser, - const char *ruser, const char *luser) -{ - struct hostent *hp; - int answer = 1; /* default to failure */ - U32 *addrs; - int n, i; - - opts->last_error = (char *) 0; - hp = gethostbyname(rhost); /* identify host */ - - if (hp != NULL) { - /* First of all check the address length */ - if (hp->h_length != 4) { - _pam_log(LOG_ALERT, "pam_rhosts module can't work with not IPv4 " - "addresses"); - return 1; /* not allowed */ - } - - /* loop though address list */ - for (n = 0; hp->h_addr_list[n]; n++); - D(("rhosts: %d addresses", n)); - - if (n) { - addrs = calloc (n, hp->h_length); - for (i = 0; i < n; i++) - memcpy (addrs+i, hp->h_addr_list[i], hp->h_length); - - for (i = 0; i < n && answer; i++) { - D(("rhosts: address %d is %04x", i, addrs[i])); - answer = pam_iruserok(pamh, opts, addrs[i], superuser, - ruser, luser, rhost); - /* answer == 0 means success */ - } - - free (addrs); - } - } - - return answer; -} - -/* - * Internal function to do authentication - */ - -static int _pam_auth_rhosts (pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - int retval; - const char *luser; - const char *ruser,*rhost; - struct _options opts; - int as_root = 0; - /* - * Look at the options and set the flags accordingly. - */ - memset (&opts, 0, sizeof (opts)); - set_parameters (&opts, flags, argc, argv); - /* - * Obtain the parameters for the various items - */ - for (;;) { /* abuse loop to avoid goto */ - - /* get the remotehost */ - retval = pam_get_rhost(pamh, &rhost, NULL); - (void) pam_set_item(pamh, PAM_RHOST, rhost); - if (retval != PAM_SUCCESS) { - if (opts.opt_debug) { - _pam_log(LOG_DEBUG, "could not get the remote host name"); - } - break; - } - - /* get the remote user */ - retval = pam_get_ruser(pamh, &ruser, NULL); - (void) pam_set_item(pamh, PAM_RUSER, ruser); - if (retval != PAM_SUCCESS) { - if (opts.opt_debug) - _pam_log(LOG_DEBUG, "could not get the remote username"); - break; - } - - /* get the local user */ - retval = pam_get_user(pamh, &luser, NULL); - - if (retval != PAM_SUCCESS) { - if (opts.opt_debug) - _pam_log(LOG_DEBUG, "could not determine name of local user"); - break; - } - - if (opts.superuser && !strcmp(opts.superuser, luser)) { - as_root = 1; - } - - /* check if the luser uid == 0... --cristiang */ - if (! opts.opt_no_uid_check) { - struct passwd *luser_pwd; - - luser_pwd = getpwnam(luser); - if (luser_pwd == NULL) { - if (opts.opt_debug) - _pam_log(LOG_DEBUG, "user '%s' unknown to this system", - luser); - retval = PAM_AUTH_ERR; - break; - } - if (luser_pwd->pw_uid == 0) - as_root = 1; - luser_pwd = NULL; /* forget */ - } -/* - * Validate the account information. - */ - if (pam_ruserok (pamh, &opts, rhost, as_root, ruser, luser) != 0) { - if ( !opts.opt_suppress ) { - _pam_log(LOG_WARNING, "denied to %s@%s as %s: %s", - ruser, rhost, luser, (opts.last_error==NULL) ? - "access not allowed":opts.last_error); - } - retval = PAM_AUTH_ERR; - } else { - _pam_log(LOG_NOTICE, "allowed to %s@%s as %s", - ruser, rhost, luser); - } - break; - } - - return retval; -} - -/* --- authentication management functions --- */ - -PAM_EXTERN -int pam_sm_authenticate (pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - int retval; - - if (sizeof(U32) != 4) { - _pam_log (LOG_ALERT, "pam_rhosts module can\'t work on this hardware " - "(yet)"); - return PAM_AUTH_ERR; - } - sethostent(1); - retval = _pam_auth_rhosts (pamh, flags, argc, argv); - endhostent(); - return retval; -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc, - const char **argv) -{ - return PAM_SUCCESS; -} - -/* end of module definition */ - - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_rhosts_auth_modstruct = { - "pam_rhosts_auth", - pam_sm_authenticate, - pam_sm_setcred, - NULL, - NULL, - NULL, - NULL, -}; - -#endif diff --git a/contrib/libpam/modules/pam_rootok/Makefile b/contrib/libpam/modules/pam_rootok/Makefile deleted file mode 100644 index 3045b98..0000000 --- a/contrib/libpam/modules/pam_rootok/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:05 agmorgan Exp $ -# $FreeBSD$ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_rootok - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_rootok/README b/contrib/libpam/modules/pam_rootok/README deleted file mode 100644 index 5d975e6..0000000 --- a/contrib/libpam/modules/pam_rootok/README +++ /dev/null @@ -1,19 +0,0 @@ -# $Id: README,v 1.1.1.1 2000/06/20 22:11:56 agmorgan Exp $ -# $FreeBSD$ -# - -this module is an authentication module that performs one task: if the -id of the user is '0' then it returns 'PAM_SUCCESS' with the -'sufficient' /etc/pam.conf control flag it can be used to allow -password free access to some service for 'root' - -Recognized arguments: - - debug write a message to syslog indicating success or - failure. - -module services provided: - - auth _authetication and _setcred (blank) - -Andrew Morgan diff --git a/contrib/libpam/modules/pam_rootok/pam_rootok.c b/contrib/libpam/modules/pam_rootok/pam_rootok.c deleted file mode 100644 index 42e5be2..0000000 --- a/contrib/libpam/modules/pam_rootok/pam_rootok.c +++ /dev/null @@ -1,96 +0,0 @@ -/* pam_rootok module */ - -/* - * $Id: pam_rootok.c,v 1.1.1.1 2000/06/20 22:11:56 agmorgan Exp $ - * $FreeBSD$ - * - * Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11 - */ - -#define _GNU_SOURCE - -#include <stdio.h> -#include <unistd.h> -#include <syslog.h> -#include <stdarg.h> - -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH - -#include <security/pam_modules.h> - -/* some syslogging */ - -static void _pam_log(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog("PAM-rootok", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - - -/* argument parsing */ - -#define PAM_DEBUG_ARG 01 - -static int _pam_parse(int argc, const char **argv) -{ - int ctrl=0; - - /* step through arguments */ - for (ctrl=0; argc-- > 0; ++argv) { - - /* generic options */ - - if (!strcmp(*argv,"debug")) - ctrl |= PAM_DEBUG_ARG; - else { - _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv); - } - } - - return ctrl; -} - -/* --- authentication management functions (only) --- */ - -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - int ctrl; - int retval = PAM_AUTH_ERR; - - ctrl = _pam_parse(argc, argv); - if (getuid() == 0) - retval = PAM_SUCCESS; - - if (ctrl & PAM_DEBUG_ARG) { - _pam_log(LOG_DEBUG, "authetication %s" - , retval==PAM_SUCCESS ? "succeeded":"failed" ); - } - - return retval; -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SUCCESS; -} - - -/* end of module definition */ - -PAM_MODULE_ENTRY("pam_rootok"); diff --git a/contrib/libpam/modules/pam_securetty/Makefile b/contrib/libpam/modules/pam_securetty/Makefile deleted file mode 100644 index fb3bb56..0000000 --- a/contrib/libpam/modules/pam_securetty/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:05 agmorgan Exp $ -# $FreeBSD$ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_securetty - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_securetty/README b/contrib/libpam/modules/pam_securetty/README deleted file mode 100644 index fe17ce5..0000000 --- a/contrib/libpam/modules/pam_securetty/README +++ /dev/null @@ -1,10 +0,0 @@ -$FreeBSD$ -pam_securetty: - Allows root logins only if the user is logging in on a - "secure" tty, as defined by the listing in /etc/securetty - - Also checks to make sure that /etc/securetty is a plain - file and not world writable. - - - Elliot Lee <sopwith@redhat.com>, Red Hat Software. - July 25, 1996. diff --git a/contrib/libpam/modules/pam_securetty/pam_securetty.c b/contrib/libpam/modules/pam_securetty/pam_securetty.c deleted file mode 100644 index b99a2f0..0000000 --- a/contrib/libpam/modules/pam_securetty/pam_securetty.c +++ /dev/null @@ -1,192 +0,0 @@ -/* pam_securetty module */ - -#define SECURETTY_FILE "/etc/securetty" -#define TTY_PREFIX "/dev/" - -/* - * by Elliot Lee <sopwith@redhat.com>, Red Hat Software. - * July 25, 1996. - * This code shamelessly ripped from the pam_rootok module. - * Slight modifications AGM. 1996/12/3 - * $FreeBSD$ - */ - -#define _GNU_SOURCE - -#include <stdio.h> -#include <stdlib.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <unistd.h> -#include <syslog.h> -#include <stdarg.h> -#include <pwd.h> -#include <string.h> - -#define PAM_SM_AUTH - -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH - -#include <security/pam_modules.h> - -/* some syslogging */ - -static void _pam_log(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog("PAM-securetty", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - -/* argument parsing */ - -#define PAM_DEBUG_ARG 0x0001 - -static int _pam_parse(int argc, const char **argv) -{ - int ctrl=0; - - /* step through arguments */ - for (ctrl=0; argc-- > 0; ++argv) { - - /* generic options */ - - if (!strcmp(*argv,"debug")) - ctrl |= PAM_DEBUG_ARG; - else { - _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv); - } - } - - return ctrl; -} - -/* --- authentication management functions (only) --- */ - -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - int retval = PAM_AUTH_ERR; - const char *username; - char *uttyname; - char ttyfileline[256]; - struct stat ttyfileinfo; - struct passwd *user_pwd; - FILE *ttyfile; - int ctrl; - - /* parse the arguments */ - ctrl = _pam_parse(argc, argv); - - retval = pam_get_user(pamh, &username, NULL); - if (retval != PAM_SUCCESS || username == NULL) { - if (ctrl & PAM_DEBUG_ARG) { - _pam_log(LOG_WARNING, "cannot determine username"); - } - return (retval == PAM_CONV_AGAIN - ? PAM_INCOMPLETE:PAM_SERVICE_ERR); - } - - retval = pam_get_item(pamh, PAM_TTY, (const void **)&uttyname); - if (retval != PAM_SUCCESS || uttyname == NULL) { - if (ctrl & PAM_DEBUG_ARG) { - _pam_log(LOG_WARNING, "cannot determine user's tty"); - } - return PAM_SERVICE_ERR; - } - - /* The PAM_TTY item may be prefixed with "/dev/" - skip that */ - if (strncmp(TTY_PREFIX, uttyname, sizeof(TTY_PREFIX)-1) == 0) - uttyname += sizeof(TTY_PREFIX)-1; - - user_pwd = getpwnam(username); - if (user_pwd == NULL) { - return PAM_IGNORE; - } else if (user_pwd->pw_uid != 0) { /* If the user is not root, - securetty's does not apply - to them */ - return PAM_SUCCESS; - } - - if (stat(SECURETTY_FILE, &ttyfileinfo)) { - _pam_log(LOG_NOTICE, "Couldn't open " SECURETTY_FILE); - return PAM_SUCCESS; /* for compatibility with old securetty handling, - this needs to succeed. But we still log the - error. */ - } - - if ((ttyfileinfo.st_mode & S_IWOTH) - || !S_ISREG(ttyfileinfo.st_mode)) { - /* If the file is world writable or is not a - normal file, return error */ - _pam_log(LOG_ERR, SECURETTY_FILE - " is either world writable or not a normal file"); - return PAM_AUTH_ERR; - } - - ttyfile = fopen(SECURETTY_FILE,"r"); - if(ttyfile == NULL) { /* Check that we opened it successfully */ - _pam_log(LOG_ERR, - "Error opening " SECURETTY_FILE); - return PAM_SERVICE_ERR; - } - /* There should be no more errors from here on */ - retval=PAM_AUTH_ERR; - /* This loop assumes that PAM_SUCCESS == 0 - and PAM_AUTH_ERR != 0 */ - while((fgets(ttyfileline,sizeof(ttyfileline)-1, ttyfile) != NULL) - && retval) { - if(ttyfileline[strlen(ttyfileline) - 1] == '\n') - ttyfileline[strlen(ttyfileline) - 1] = '\0'; - retval = strcmp(ttyfileline,uttyname); - } - fclose(ttyfile); - if(retval) { - if (ctrl & PAM_DEBUG_ARG) - _pam_log(LOG_WARNING, "access denied: tty '%s' is not secure !", - uttyname); - retval = PAM_AUTH_ERR; - } - if ((retval == PAM_SUCCESS) && (ctrl & PAM_DEBUG_ARG)) - _pam_log(LOG_DEBUG, "access allowed for '%s' on '%s'", - username, uttyname); - return retval; -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SUCCESS; -} - - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_securetty_modstruct = { - "pam_securetty", - pam_sm_authenticate, - pam_sm_setcred, - NULL, - NULL, - NULL, - NULL, -}; - -#endif - -/* end of module definition */ diff --git a/contrib/libpam/modules/pam_shells/Makefile b/contrib/libpam/modules/pam_shells/Makefile deleted file mode 100644 index f607804..0000000 --- a/contrib/libpam/modules/pam_shells/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:05 agmorgan Exp $ -# $FreeBSD$ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_shells - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_shells/README b/contrib/libpam/modules/pam_shells/README deleted file mode 100644 index 7e358fe..0000000 --- a/contrib/libpam/modules/pam_shells/README +++ /dev/null @@ -1,11 +0,0 @@ -$FreeBSD$ -pam_shells: - Authentication is granted if the users shell is listed in - /etc/shells. If no shell is in /etc/passwd (empty), the - /bin/sh is used (following ftpd's convention). - - Also checks to make sure that /etc/shells is a plain - file and not world writable. - - - Erik Troan <ewt@redhat.com>, Red Hat Software. - August 5, 1996. diff --git a/contrib/libpam/modules/pam_shells/pam_shells.c b/contrib/libpam/modules/pam_shells/pam_shells.c deleted file mode 100644 index d83e0f2..0000000 --- a/contrib/libpam/modules/pam_shells/pam_shells.c +++ /dev/null @@ -1,134 +0,0 @@ -/* pam_shells module */ - -#define SHELL_FILE "/etc/shells" - -/* - * by Erik Troan <ewt@redhat.com>, Red Hat Software. - * August 5, 1996. - * This code shamelessly ripped from the pam_securetty module. - * $FreeBSD$ - */ - -#define _BSD_SOURCE - -#include <pwd.h> -#include <stdarg.h> -#include <stdio.h> -#include <stdlib.h> -#include <sys/stat.h> -#include <syslog.h> -#include <unistd.h> - -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH - -#include <security/pam_modules.h> - -/* some syslogging */ - -static void _pam_log(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog("PAM-shells", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - -/* --- authentication management functions (only) --- */ - -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - int retval = PAM_AUTH_ERR; - const char *userName; - char *userShell; - char shellFileLine[256]; - struct stat sb; - struct passwd * pw; - FILE * shellFile; - - retval = pam_get_user(pamh,&userName,NULL); - if(retval != PAM_SUCCESS) - return PAM_SERVICE_ERR; - - if(!userName || (strlen(userName) <= 0)) { - /* Don't let them use a NULL username... */ - pam_get_user(pamh,&userName,NULL); - if (retval != PAM_SUCCESS) - return PAM_SERVICE_ERR; - } - - pw = getpwnam(userName); - if (!pw) - return PAM_AUTH_ERR; /* user doesn't exist */ - userShell = pw->pw_shell; - - if(stat(SHELL_FILE,&sb)) { - _pam_log(LOG_ERR, - "%s cannot be stat'd (it probably does not exist)", SHELL_FILE); - return PAM_AUTH_ERR; /* must have /etc/shells */ - } - - if((sb.st_mode & S_IWOTH) || !S_ISREG(sb.st_mode)) { - _pam_log(LOG_ERR, - "%s is either world writable or not a normal file", SHELL_FILE); - return PAM_AUTH_ERR; - } - - shellFile = fopen(SHELL_FILE,"r"); - if(shellFile == NULL) { /* Check that we opened it successfully */ - _pam_log(LOG_ERR, - "Error opening %s", SHELL_FILE); - return PAM_SERVICE_ERR; - } - /* There should be no more errors from here on */ - retval=PAM_AUTH_ERR; - /* This loop assumes that PAM_SUCCESS == 0 - and PAM_AUTH_ERR != 0 */ - while((fgets(shellFileLine,255,shellFile) != NULL) - && retval) { - if (shellFileLine[strlen(shellFileLine) - 1] == '\n') - shellFileLine[strlen(shellFileLine) - 1] = '\0'; - retval = strcmp(shellFileLine, userShell); - } - fclose(shellFile); - if(retval) - retval = PAM_AUTH_ERR; - return retval; -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SUCCESS; -} - - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_shells_modstruct = { - "pam_shells", - pam_sm_authenticate, - pam_sm_setcred, - NULL, - NULL, - NULL, - NULL, -}; - -#endif - -/* end of module definition */ diff --git a/contrib/libpam/modules/pam_tally/faillog.h b/contrib/libpam/modules/pam_tally/faillog.h deleted file mode 100644 index 0f16261..0000000 --- a/contrib/libpam/modules/pam_tally/faillog.h +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright 1989 - 1994, Julianne Frances Haugh - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of Julianne F. Haugh nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * faillog.h - login failure logging file format - * - * $Id: faillog.h,v 1.1.1.1 2000/06/20 22:11:59 agmorgan Exp $ - * - * The login failure file is maintained by login(1) and faillog(8) - * Each record in the file represents a separate UID and the file - * is indexed in that fashion. - */ - -#ifndef _FAILLOG_H -#define _FAILLOG_H - -struct faillog { - short fail_cnt; /* failures since last success */ - short fail_max; /* failures before turning account off */ - char fail_line[12]; /* last failure occured here */ - time_t fail_time; /* last failure occured then */ - /* - * If nonzero, the account will be re-enabled if there are no - * failures for fail_locktime seconds since last failure. - */ - long fail_locktime; -}; - -#endif diff --git a/contrib/libpam/modules/pam_tally/pam_tally_app.c b/contrib/libpam/modules/pam_tally/pam_tally_app.c deleted file mode 100644 index 9e6e1fa..0000000 --- a/contrib/libpam/modules/pam_tally/pam_tally_app.c +++ /dev/null @@ -1,7 +0,0 @@ -/* - # This seemed like such a good idea at the time. :) - */ - -#define MAIN -#include "pam_tally.c" - diff --git a/contrib/libpam/modules/pam_unix/bigcrypt.c b/contrib/libpam/modules/pam_unix/bigcrypt.c deleted file mode 100644 index b1568d6..0000000 --- a/contrib/libpam/modules/pam_unix/bigcrypt.c +++ /dev/null @@ -1,119 +0,0 @@ -/* - * This function implements the "bigcrypt" algorithm specifically for - * Linux-PAM. - * - * This algorithm is algorithm 0 (default) shipped with the C2 secure - * implementation of Digital UNIX. - * - * Disclaimer: This work is not based on the source code to Digital - * UNIX, nor am I connected to Digital Equipment Corp, in any way - * other than as a customer. This code is based on published - * interfaces and reasonable guesswork. - * - * Description: The cleartext is divided into blocks of SEGMENT_SIZE=8 - * characters or less. Each block is encrypted using the standard UNIX - * libc crypt function. The result of the encryption for one block - * provides the salt for the suceeding block. - * - * Restrictions: The buffer used to hold the encrypted result is - * statically allocated. (see MAX_PASS_LEN below). This is necessary, - * as the returned pointer points to "static data that are overwritten - * by each call", (XPG3: XSI System Interface + Headers pg 109), and - * this is a drop in replacement for crypt(); - * - * Andy Phillips <atp@mssl.ucl.ac.uk> - */ - -#include <string.h> -#include <security/_pam_macros.h> - -char *crypt(const char *key, const char *salt); -char *bigcrypt(const char *key, const char *salt); - -/* - * Max cleartext password length in segments of 8 characters this - * function can deal with (16 segments of 8 chars= max 128 character - * password). - */ - -#define MAX_PASS_LEN 16 -#define SEGMENT_SIZE 8 -#define SALT_SIZE 2 -#define KEYBUF_SIZE ((MAX_PASS_LEN*SEGMENT_SIZE)+SALT_SIZE) -#define ESEGMENT_SIZE 11 -#define CBUF_SIZE ((MAX_PASS_LEN*ESEGMENT_SIZE)+SALT_SIZE+1) - -char *bigcrypt(const char *key, const char *salt) -{ - static char dec_c2_cryptbuf[CBUF_SIZE]; /* static storage area */ - - unsigned long int keylen, n_seg, j; - char *cipher_ptr, *plaintext_ptr, *tmp_ptr, *salt_ptr; - char keybuf[KEYBUF_SIZE + 1]; - - D(("called with key='%s', salt='%s'.", key, salt)); - - /* reset arrays */ - memset(keybuf, 0, KEYBUF_SIZE + 1); - memset(dec_c2_cryptbuf, 0, CBUF_SIZE); - - /* fill KEYBUF_SIZE with key */ - strncpy(keybuf, key, KEYBUF_SIZE); - - /* deal with case that we are doing a password check for a - conventially encrypted password: the salt will be - SALT_SIZE+ESEGMENT_SIZE long. */ - if (strlen(salt) == (SALT_SIZE + ESEGMENT_SIZE)) - keybuf[SEGMENT_SIZE] = '\0'; /* terminate password early(?) */ - - keylen = strlen(keybuf); - - if (!keylen) { - n_seg = 1; - } else { - /* work out how many segments */ - n_seg = 1 + ((keylen - 1) / SEGMENT_SIZE); - } - - if (n_seg > MAX_PASS_LEN) - n_seg = MAX_PASS_LEN; /* truncate at max length */ - - /* set up some pointers */ - cipher_ptr = dec_c2_cryptbuf; - plaintext_ptr = keybuf; - - /* do the first block with supplied salt */ - tmp_ptr = crypt(plaintext_ptr, salt); /* libc crypt() */ - - /* and place in the static area */ - strncpy(cipher_ptr, tmp_ptr, 13); - cipher_ptr += ESEGMENT_SIZE + SALT_SIZE; - plaintext_ptr += SEGMENT_SIZE; /* first block of SEGMENT_SIZE */ - - /* change the salt (1st 2 chars of previous block) - this was found - by dowsing */ - - salt_ptr = cipher_ptr - ESEGMENT_SIZE; - - /* so far this is identical to "return crypt(key, salt);", if - there is more than one block encrypt them... */ - - if (n_seg > 1) { - for (j = 2; j <= n_seg; j++) { - - tmp_ptr = crypt(plaintext_ptr, salt_ptr); - - /* skip the salt for seg!=0 */ - strncpy(cipher_ptr, (tmp_ptr + SALT_SIZE), ESEGMENT_SIZE); - - cipher_ptr += ESEGMENT_SIZE; - plaintext_ptr += SEGMENT_SIZE; - salt_ptr = cipher_ptr - ESEGMENT_SIZE; - } - } - D(("key=|%s|, salt=|%s|\nbuf=|%s|\n", key, salt, dec_c2_cryptbuf)); - - /* this is the <NUL> terminated encrypted password */ - - return dec_c2_cryptbuf; -} diff --git a/contrib/libpam/modules/pam_unix/lckpwdf.-c b/contrib/libpam/modules/pam_unix/lckpwdf.-c deleted file mode 100644 index b5ff458..0000000 --- a/contrib/libpam/modules/pam_unix/lckpwdf.-c +++ /dev/null @@ -1,117 +0,0 @@ -/* - * This is a hack, but until libc and glibc both include this function - * by default (libc only includes it if nys is not being used, at the - * moment, and glibc doesn't appear to have it at all) we need to have - * it here, too. :-( - * - * This should not become an official part of PAM. - * - * BEGIN_HACK - */ - -/* - * lckpwdf.c -- prevent simultaneous updates of password files - * - * Before modifying any of the password files, call lckpwdf(). It may block - * for up to 15 seconds trying to get the lock. Return value is 0 on success - * or -1 on failure. When you are done, call ulckpwdf() to release the lock. - * The lock is also released automatically when the process exits. Only one - * process at a time may hold the lock. - * - * These functions are supposed to be conformant with AT&T SVID Issue 3. - * - * Written by Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>, - * public domain. - */ - -#include <fcntl.h> -#include <signal.h> - -#define LOCKFILE "/etc/.pwd.lock" -#define TIMEOUT 15 - -static int lockfd = -1; - -static int set_close_on_exec(int fd) -{ - int flags = fcntl(fd, F_GETFD, 0); - if (flags == -1) - return -1; - flags |= FD_CLOEXEC; - return fcntl(fd, F_SETFD, flags); -} - -static int do_lock(int fd) -{ - struct flock fl; - - memset(&fl, 0, sizeof fl); - fl.l_type = F_WRLCK; - fl.l_whence = SEEK_SET; - return fcntl(fd, F_SETLKW, &fl); -} - -static void alarm_catch(int sig) -{ -/* does nothing, but fcntl F_SETLKW will fail with EINTR */ -} - -static int lckpwdf(void) -{ - struct sigaction act, oldact; - sigset_t set, oldset; - - if (lockfd != -1) - return -1; - - lockfd = open(LOCKFILE, O_CREAT | O_WRONLY, 0600); - if (lockfd == -1) - return -1; - if (set_close_on_exec(lockfd) == -1) - goto cleanup_fd; - - memset(&act, 0, sizeof act); - act.sa_handler = alarm_catch; - act.sa_flags = 0; - sigfillset(&act.sa_mask); - if (sigaction(SIGALRM, &act, &oldact) == -1) - goto cleanup_fd; - - sigemptyset(&set); - sigaddset(&set, SIGALRM); - if (sigprocmask(SIG_UNBLOCK, &set, &oldset) == -1) - goto cleanup_sig; - - alarm(TIMEOUT); - if (do_lock(lockfd) == -1) - goto cleanup_alarm; - alarm(0); - sigprocmask(SIG_SETMASK, &oldset, NULL); - sigaction(SIGALRM, &oldact, NULL); - return 0; - - cleanup_alarm: - alarm(0); - sigprocmask(SIG_SETMASK, &oldset, NULL); - cleanup_sig: - sigaction(SIGALRM, &oldact, NULL); - cleanup_fd: - close(lockfd); - lockfd = -1; - return -1; -} - -static int ulckpwdf(void) -{ - unlink(LOCKFILE); - if (lockfd == -1) - return -1; - - if (close(lockfd) == -1) { - lockfd = -1; - return -1; - } - lockfd = -1; - return 0; -} -/* END_HACK */ diff --git a/contrib/libpam/modules/pam_unix/md5.c b/contrib/libpam/modules/pam_unix/md5.c deleted file mode 100644 index 7ee9ed0..0000000 --- a/contrib/libpam/modules/pam_unix/md5.c +++ /dev/null @@ -1,256 +0,0 @@ -/* - * $Id: md5.c,v 1.1.1.1 2000/06/20 22:12:03 agmorgan Exp $ - * - * This code implements the MD5 message-digest algorithm. - * The algorithm is due to Ron Rivest. This code was - * written by Colin Plumb in 1993, no copyright is claimed. - * This code is in the public domain; do with it what you wish. - * - * Equivalent code is available from RSA Data Security, Inc. - * This code has been tested against that, and is equivalent, - * except that you don't need to include two pages of legalese - * with every copy. - * - * To compute the message digest of a chunk of bytes, declare an - * MD5Context structure, pass it to MD5Init, call MD5Update as - * needed on buffers full of bytes, and then call MD5Final, which - * will fill a supplied 16-byte array with the digest. - * - */ - -#include <string.h> -#include "md5.h" - -#ifndef HIGHFIRST -#define byteReverse(buf, len) /* Nothing */ -#else -static void byteReverse(unsigned char *buf, unsigned longs); - -#ifndef ASM_MD5 -/* - * Note: this code is harmless on little-endian machines. - */ -static void byteReverse(unsigned char *buf, unsigned longs) -{ - uint32 t; - do { - t = (uint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 | - ((unsigned) buf[1] << 8 | buf[0]); - *(uint32 *) buf = t; - buf += 4; - } while (--longs); -} -#endif -#endif - -/* - * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious - * initialization constants. - */ -void MD5Name(MD5Init)(struct MD5Context *ctx) -{ - ctx->buf[0] = 0x67452301U; - ctx->buf[1] = 0xefcdab89U; - ctx->buf[2] = 0x98badcfeU; - ctx->buf[3] = 0x10325476U; - - ctx->bits[0] = 0; - ctx->bits[1] = 0; -} - -/* - * Update context to reflect the concatenation of another buffer full - * of bytes. - */ -void MD5Name(MD5Update)(struct MD5Context *ctx, unsigned const char *buf, unsigned len) -{ - uint32 t; - - /* Update bitcount */ - - t = ctx->bits[0]; - if ((ctx->bits[0] = t + ((uint32) len << 3)) < t) - ctx->bits[1]++; /* Carry from low to high */ - ctx->bits[1] += len >> 29; - - t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */ - - /* Handle any leading odd-sized chunks */ - - if (t) { - unsigned char *p = (unsigned char *) ctx->in + t; - - t = 64 - t; - if (len < t) { - memcpy(p, buf, len); - return; - } - memcpy(p, buf, t); - byteReverse(ctx->in, 16); - MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in); - buf += t; - len -= t; - } - /* Process data in 64-byte chunks */ - - while (len >= 64) { - memcpy(ctx->in, buf, 64); - byteReverse(ctx->in, 16); - MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in); - buf += 64; - len -= 64; - } - - /* Handle any remaining bytes of data. */ - - memcpy(ctx->in, buf, len); -} - -/* - * Final wrapup - pad to 64-byte boundary with the bit pattern - * 1 0* (64-bit count of bits processed, MSB-first) - */ -void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx) -{ - unsigned count; - unsigned char *p; - - /* Compute number of bytes mod 64 */ - count = (ctx->bits[0] >> 3) & 0x3F; - - /* Set the first char of padding to 0x80. This is safe since there is - always at least one byte free */ - p = ctx->in + count; - *p++ = 0x80; - - /* Bytes of padding needed to make 64 bytes */ - count = 64 - 1 - count; - - /* Pad out to 56 mod 64 */ - if (count < 8) { - /* Two lots of padding: Pad the first block to 64 bytes */ - memset(p, 0, count); - byteReverse(ctx->in, 16); - MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in); - - /* Now fill the next block with 56 bytes */ - memset(ctx->in, 0, 56); - } else { - /* Pad block to 56 bytes */ - memset(p, 0, count - 8); - } - byteReverse(ctx->in, 14); - - /* Append length in bits and transform */ - ((uint32 *) ctx->in)[14] = ctx->bits[0]; - ((uint32 *) ctx->in)[15] = ctx->bits[1]; - - MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in); - byteReverse((unsigned char *) ctx->buf, 4); - memcpy(digest, ctx->buf, 16); - memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ -} - -#ifndef ASM_MD5 - -/* The four core functions - F1 is optimized somewhat */ - -/* #define F1(x, y, z) (x & y | ~x & z) */ -#define F1(x, y, z) (z ^ (x & (y ^ z))) -#define F2(x, y, z) F1(z, x, y) -#define F3(x, y, z) (x ^ y ^ z) -#define F4(x, y, z) (y ^ (x | ~z)) - -/* This is the central step in the MD5 algorithm. */ -#define MD5STEP(f, w, x, y, z, data, s) \ - ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x ) - -/* - * The core of the MD5 algorithm, this alters an existing MD5 hash to - * reflect the addition of 16 longwords of new data. MD5Update blocks - * the data and converts bytes into longwords for this routine. - */ -void MD5Name(MD5Transform)(uint32 buf[4], uint32 const in[16]) -{ - register uint32 a, b, c, d; - - a = buf[0]; - b = buf[1]; - c = buf[2]; - d = buf[3]; - - MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478U, 7); - MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756U, 12); - MD5STEP(F1, c, d, a, b, in[2] + 0x242070dbU, 17); - MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceeeU, 22); - MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0fafU, 7); - MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62aU, 12); - MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613U, 17); - MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501U, 22); - MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8U, 7); - MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7afU, 12); - MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1U, 17); - MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7beU, 22); - MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122U, 7); - MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193U, 12); - MD5STEP(F1, c, d, a, b, in[14] + 0xa679438eU, 17); - MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821U, 22); - - MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562U, 5); - MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340U, 9); - MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51U, 14); - MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aaU, 20); - MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105dU, 5); - MD5STEP(F2, d, a, b, c, in[10] + 0x02441453U, 9); - MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681U, 14); - MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8U, 20); - MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6U, 5); - MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6U, 9); - MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87U, 14); - MD5STEP(F2, b, c, d, a, in[8] + 0x455a14edU, 20); - MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905U, 5); - MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8U, 9); - MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9U, 14); - MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8aU, 20); - - MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942U, 4); - MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681U, 11); - MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122U, 16); - MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380cU, 23); - MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44U, 4); - MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9U, 11); - MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60U, 16); - MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70U, 23); - MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6U, 4); - MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127faU, 11); - MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085U, 16); - MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05U, 23); - MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039U, 4); - MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5U, 11); - MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8U, 16); - MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665U, 23); - - MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244U, 6); - MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97U, 10); - MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7U, 15); - MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039U, 21); - MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3U, 6); - MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92U, 10); - MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47dU, 15); - MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1U, 21); - MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4fU, 6); - MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0U, 10); - MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314U, 15); - MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1U, 21); - MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82U, 6); - MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235U, 10); - MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bbU, 15); - MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391U, 21); - - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; -} - -#endif diff --git a/contrib/libpam/modules/pam_unix/md5.h b/contrib/libpam/modules/pam_unix/md5.h deleted file mode 100644 index 103f168..0000000 --- a/contrib/libpam/modules/pam_unix/md5.h +++ /dev/null @@ -1,31 +0,0 @@ - -#ifndef MD5_H -#define MD5_H - -typedef unsigned int uint32; - -struct MD5Context { - uint32 buf[4]; - uint32 bits[2]; - unsigned char in[64]; -}; - -void GoodMD5Init(struct MD5Context *); -void GoodMD5Update(struct MD5Context *, unsigned const char *, unsigned); -void GoodMD5Final(unsigned char digest[16], struct MD5Context *); -void GoodMD5Transform(uint32 buf[4], uint32 const in[16]); -void BrokenMD5Init(struct MD5Context *); -void BrokenMD5Update(struct MD5Context *, unsigned const char *, unsigned); -void BrokenMD5Final(unsigned char digest[16], struct MD5Context *); -void BrokenMD5Transform(uint32 buf[4], uint32 const in[16]); - -char *Goodcrypt_md5(const char *pw, const char *salt); -char *Brokencrypt_md5(const char *pw, const char *salt); - -/* - * This is needed to make RSAREF happy on some MS-DOS compilers. - */ - -typedef struct MD5Context MD5_CTX; - -#endif /* MD5_H */ diff --git a/contrib/libpam/modules/pam_unix/md5_crypt.c b/contrib/libpam/modules/pam_unix/md5_crypt.c deleted file mode 100644 index 257e4bb..0000000 --- a/contrib/libpam/modules/pam_unix/md5_crypt.c +++ /dev/null @@ -1,149 +0,0 @@ -/* - * $Id: md5_crypt.c,v 1.1.1.1 2000/06/20 22:12:03 agmorgan Exp $ - * - * ---------------------------------------------------------------------------- - * "THE BEER-WARE LICENSE" (Revision 42): - * <phk@login.dknet.dk> wrote this file. As long as you retain this notice you - * can do whatever you want with this stuff. If we meet some day, and you think - * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp - * ---------------------------------------------------------------------------- - * - * Origin: Id: crypt.c,v 1.3 1995/05/30 05:42:22 rgrimes Exp - * - */ - -#include <string.h> -#include "md5.h" - -static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */ -"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; - -static void to64(char *s, unsigned long v, int n) -{ - while (--n >= 0) { - *s++ = itoa64[v & 0x3f]; - v >>= 6; - } -} - -/* - * UNIX password - * - * Use MD5 for what it is best at... - */ - -char *MD5Name(crypt_md5)(const char *pw, const char *salt) -{ - const char *magic = "$1$"; - /* This string is magic for this algorithm. Having - * it this way, we can get get better later on */ - static char passwd[120], *p; - static const char *sp, *ep; - unsigned char final[16]; - int sl, pl, i, j; - MD5_CTX ctx, ctx1; - unsigned long l; - - /* Refine the Salt first */ - sp = salt; - - /* If it starts with the magic string, then skip that */ - if (!strncmp(sp, magic, strlen(magic))) - sp += strlen(magic); - - /* It stops at the first '$', max 8 chars */ - for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++) - continue; - - /* get the length of the true salt */ - sl = ep - sp; - - MD5Name(MD5Init)(&ctx); - - /* The password first, since that is what is most unknown */ - MD5Name(MD5Update)(&ctx,(unsigned const char *)pw,strlen(pw)); - - /* Then our magic string */ - MD5Name(MD5Update)(&ctx,(unsigned const char *)magic,strlen(magic)); - - /* Then the raw salt */ - MD5Name(MD5Update)(&ctx,(unsigned const char *)sp,sl); - - /* Then just as many characters of the MD5(pw,salt,pw) */ - MD5Name(MD5Init)(&ctx1); - MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl); - MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - MD5Name(MD5Final)(final,&ctx1); - for (pl = strlen(pw); pl > 0; pl -= 16) - MD5Name(MD5Update)(&ctx,(unsigned const char *)final,pl>16 ? 16 : pl); - - /* Don't leave anything around in vm they could use. */ - memset(final, 0, sizeof final); - - /* Then something really weird... */ - for (j = 0, i = strlen(pw); i; i >>= 1) - if (i & 1) - MD5Name(MD5Update)(&ctx, (unsigned const char *)final+j, 1); - else - MD5Name(MD5Update)(&ctx, (unsigned const char *)pw+j, 1); - - /* Now make the output string */ - strcpy(passwd, magic); - strncat(passwd, sp, sl); - strcat(passwd, "$"); - - MD5Name(MD5Final)(final,&ctx); - - /* - * and now, just to make sure things don't run too fast - * On a 60 Mhz Pentium this takes 34 msec, so you would - * need 30 seconds to build a 1000 entry dictionary... - */ - for (i = 0; i < 1000; i++) { - MD5Name(MD5Init)(&ctx1); - if (i & 1) - MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - else - MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16); - - if (i % 3) - MD5Name(MD5Update)(&ctx1,(unsigned const char *)sp,sl); - - if (i % 7) - MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - - if (i & 1) - MD5Name(MD5Update)(&ctx1,(unsigned const char *)final,16); - else - MD5Name(MD5Update)(&ctx1,(unsigned const char *)pw,strlen(pw)); - MD5Name(MD5Final)(final,&ctx1); - } - - p = passwd + strlen(passwd); - - l = (final[0] << 16) | (final[6] << 8) | final[12]; - to64(p, l, 4); - p += 4; - l = (final[1] << 16) | (final[7] << 8) | final[13]; - to64(p, l, 4); - p += 4; - l = (final[2] << 16) | (final[8] << 8) | final[14]; - to64(p, l, 4); - p += 4; - l = (final[3] << 16) | (final[9] << 8) | final[15]; - to64(p, l, 4); - p += 4; - l = (final[4] << 16) | (final[10] << 8) | final[5]; - to64(p, l, 4); - p += 4; - l = final[11]; - to64(p, l, 2); - p += 2; - *p = '\0'; - - /* Don't leave anything around in vm they could use. */ - memset(final, 0, sizeof final); - - return passwd; -} diff --git a/contrib/libpam/modules/pam_unix/support.h b/contrib/libpam/modules/pam_unix/support.h deleted file mode 100644 index 80f0b40..0000000 --- a/contrib/libpam/modules/pam_unix/support.h +++ /dev/null @@ -1,144 +0,0 @@ -/* - * $Id: support.h,v 1.3 2000/12/20 05:15:05 vorlon Exp $ - */ - -#ifndef _PAM_UNIX_SUPPORT_H -#define _PAM_UNIX_SUPPORT_H - - -/* - * here is the string to inform the user that the new passwords they - * typed were not the same. - */ - -#define MISTYPED_PASS "Sorry, passwords do not match" - -/* type definition for the control options */ - -typedef struct { - const char *token; - unsigned int mask; /* shall assume 32 bits of flags */ - unsigned int flag; -} UNIX_Ctrls; - -/* - * macro to determine if a given flag is on - */ - -#define on(x,ctrl) (unix_args[x].flag & ctrl) - -/* - * macro to determine that a given flag is NOT on - */ - -#define off(x,ctrl) (!on(x,ctrl)) - -/* - * macro to turn on/off a ctrl flag manually - */ - -#define set(x,ctrl) (ctrl = ((ctrl)&unix_args[x].mask)|unix_args[x].flag) -#define unset(x,ctrl) (ctrl &= ~(unix_args[x].flag)) - -/* the generic mask */ - -#define _ALL_ON_ (~0U) - -/* end of macro definitions definitions for the control flags */ - -/* ****************************************************************** * - * ctrl flags proper.. - */ - -/* - * here are the various options recognized by the unix module. They - * are enumerated here and then defined below. Internal arguments are - * given NULL tokens. - */ - -#define UNIX__OLD_PASSWD 0 /* internal */ -#define UNIX__VERIFY_PASSWD 1 /* internal */ -#define UNIX__IAMROOT 2 /* internal */ - -#define UNIX_AUDIT 3 /* print more things than debug.. - some information may be sensitive */ -#define UNIX_USE_FIRST_PASS 4 -#define UNIX_TRY_FIRST_PASS 5 -#define UNIX_NOT_SET_PASS 6 /* don't set the AUTHTOK items */ - -#define UNIX__PRELIM 7 /* internal */ -#define UNIX__UPDATE 8 /* internal */ -#define UNIX__NONULL 9 /* internal */ -#define UNIX__QUIET 10 /* internal */ -#define UNIX_USE_AUTHTOK 11 /* insist on reading PAM_AUTHTOK */ -#define UNIX_SHADOW 12 /* signal shadow on */ -#define UNIX_MD5_PASS 13 /* force the use of MD5 passwords */ -#define UNIX__NULLOK 14 /* Null token ok */ -#define UNIX_DEBUG 15 /* send more info to syslog(3) */ -#define UNIX_NODELAY 16 /* admin does not want a fail-delay */ -#define UNIX_NIS 17 /* wish to use NIS for pwd */ -#define UNIX_BIGCRYPT 18 /* use DEC-C2 crypt()^x function */ -#define UNIX_LIKE_AUTH 19 /* need to auth for setcred to work */ -#define UNIX_REMEMBER_PASSWD 20 /* Remember N previous passwords */ -/* -------------- */ -#define UNIX_CTRLS_ 21 /* number of ctrl arguments defined */ - - -static const UNIX_Ctrls unix_args[UNIX_CTRLS_] = -{ -/* symbol token name ctrl mask ctrl * - * ----------------------- ------------------- --------------------- -------- */ - -/* UNIX__OLD_PASSWD */ {NULL, _ALL_ON_, 01}, -/* UNIX__VERIFY_PASSWD */ {NULL, _ALL_ON_, 02}, -/* UNIX__IAMROOT */ {NULL, _ALL_ON_, 04}, -/* UNIX_AUDIT */ {"audit", _ALL_ON_, 010}, -/* UNIX_USE_FIRST_PASS */ {"use_first_pass", _ALL_ON_^(060), 020}, -/* UNIX_TRY_FIRST_PASS */ {"try_first_pass", _ALL_ON_^(060), 040}, -/* UNIX_NOT_SET_PASS */ {"not_set_pass", _ALL_ON_, 0100}, -/* UNIX__PRELIM */ {NULL, _ALL_ON_^(0600), 0200}, -/* UNIX__UPDATE */ {NULL, _ALL_ON_^(0600), 0400}, -/* UNIX__NONULL */ {NULL, _ALL_ON_, 01000}, -/* UNIX__QUIET */ {NULL, _ALL_ON_, 02000}, -/* UNIX_USE_AUTHTOK */ {"use_authtok", _ALL_ON_, 04000}, -/* UNIX_SHADOW */ {"shadow", _ALL_ON_, 010000}, -/* UNIX_MD5_PASS */ {"md5", _ALL_ON_^(0400000), 020000}, -/* UNIX__NULLOK */ {"nullok", _ALL_ON_^(01000), 0}, -/* UNIX_DEBUG */ {"debug", _ALL_ON_, 040000}, -/* UNIX_NODELAY */ {"nodelay", _ALL_ON_, 0100000}, -/* UNIX_NIS */ {"nis", _ALL_ON_^(010000), 0200000}, -/* UNIX_BIGCRYPT */ {"bigcrypt", _ALL_ON_^(020000), 0400000}, -/* UNIX_LIKE_AUTH */ {"likeauth", _ALL_ON_, 01000000}, -/* UNIX_REMEMBER_PASSWD */ {"remember=", _ALL_ON_, 02000000}, -}; - -#define UNIX_DEFAULTS (unix_args[UNIX__NONULL].flag) - - -/* use this to free strings. ESPECIALLY password strings */ - -#define _pam_delete(xx) \ -{ \ - _pam_overwrite(xx); \ - _pam_drop(xx); \ -} - -extern char *PAM_getlogin(void); -extern void _log_err(int err, pam_handle_t *pamh, const char *format,...); -extern int _make_remark(pam_handle_t * pamh, unsigned int ctrl - ,int type, const char *text); -extern int _set_ctrl(pam_handle_t * pamh, int flags, int *remember, int argc, - const char **argv); -extern int _unix_blankpasswd(unsigned int ctrl, const char *name); -extern int _unix_verify_password(pam_handle_t * pamh, const char *name - ,const char *p, unsigned int ctrl); -extern int _unix_read_password(pam_handle_t * pamh - ,unsigned int ctrl - ,const char *comment - ,const char *prompt1 - ,const char *prompt2 - ,const char *data_name - ,const char **pass); - -#endif /* _PAM_UNIX_SUPPORT_H */ - diff --git a/contrib/libpam/modules/pam_unix/unix_chkpwd.c b/contrib/libpam/modules/pam_unix/unix_chkpwd.c deleted file mode 100644 index e232e75..0000000 --- a/contrib/libpam/modules/pam_unix/unix_chkpwd.c +++ /dev/null @@ -1,314 +0,0 @@ -/* - * $Id: unix_chkpwd.c,v 1.3 2001/02/11 06:33:53 agmorgan Exp $ - * - * This program is designed to run setuid(root) or with sufficient - * privilege to read all of the unix password databases. It is designed - * to provide a mechanism for the current user (defined by this - * process' uid) to verify their own password. - * - * The password is read from the standard input. The exit status of - * this program indicates whether the user is authenticated or not. - * - * Copyright information is located at the end of the file. - * - */ - -#include <security/_pam_aconf.h> - -#include <stdarg.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <syslog.h> -#include <unistd.h> -#include <sys/types.h> -#include <pwd.h> -#include <shadow.h> -#include <signal.h> - -#define MAXPASS 200 /* the maximum length of a password */ - -#include <security/_pam_macros.h> - -#include "md5.h" - -extern char *crypt(const char *key, const char *salt); -extern char *bigcrypt(const char *key, const char *salt); - -#define UNIX_PASSED 0 -#define UNIX_FAILED 1 - -/* syslogging function for errors and other information */ - -static void _log_err(int err, const char *format,...) -{ - va_list args; - - va_start(args, format); - openlog("unix_chkpwd", LOG_CONS | LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - -static void su_sighandler(int sig) -{ - if (sig > 0) { - _log_err(LOG_NOTICE, "caught signal %d.", sig); - exit(sig); - } -} - -static void setup_signals(void) -{ - struct sigaction action; /* posix signal structure */ - - /* - * Setup signal handlers - */ - (void) memset((void *) &action, 0, sizeof(action)); - action.sa_handler = su_sighandler; - action.sa_flags = SA_RESETHAND; - (void) sigaction(SIGILL, &action, NULL); - (void) sigaction(SIGTRAP, &action, NULL); - (void) sigaction(SIGBUS, &action, NULL); - (void) sigaction(SIGSEGV, &action, NULL); - action.sa_handler = SIG_IGN; - action.sa_flags = 0; - (void) sigaction(SIGTERM, &action, NULL); - (void) sigaction(SIGHUP, &action, NULL); - (void) sigaction(SIGINT, &action, NULL); - (void) sigaction(SIGQUIT, &action, NULL); -} - -static int _unix_verify_password(const char *name, const char *p, int opt) -{ - struct passwd *pwd = NULL; - struct spwd *spwdent = NULL; - char *salt = NULL; - char *pp = NULL; - int retval = UNIX_FAILED; - - /* UNIX passwords area */ - setpwent(); - pwd = getpwnam(name); /* Get password file entry... */ - endpwent(); - if (pwd != NULL) { - if (strcmp(pwd->pw_passwd, "x") == 0) { - /* - * ...and shadow password file entry for this user, - * if shadowing is enabled - */ - setspent(); - spwdent = getspnam(name); - endspent(); - if (spwdent != NULL) - salt = x_strdup(spwdent->sp_pwdp); - else - pwd = NULL; - } else { - if (strcmp(pwd->pw_passwd, "*NP*") == 0) { /* NIS+ */ - uid_t save_uid; - - save_uid = geteuid(); - seteuid(pwd->pw_uid); - spwdent = getspnam(name); - seteuid(save_uid); - - salt = x_strdup(spwdent->sp_pwdp); - } else { - salt = x_strdup(pwd->pw_passwd); - } - } - } - if (pwd == NULL || salt == NULL) { - _log_err(LOG_ALERT, "check pass; user unknown"); - p = NULL; - return retval; - } - - if (strlen(salt) == 0) - return (opt == 0) ? UNIX_FAILED : UNIX_PASSED; - - /* the moment of truth -- do we agree with the password? */ - retval = UNIX_FAILED; - if (!strncmp(salt, "$1$", 3)) { - pp = Goodcrypt_md5(p, salt); - if (strcmp(pp, salt) == 0) { - retval = UNIX_PASSED; - } else { - pp = Brokencrypt_md5(p, salt); - if (strcmp(pp, salt) == 0) - retval = UNIX_PASSED; - } - } else { - pp = bigcrypt(p, salt); - if (strcmp(pp, salt) == 0) { - retval = UNIX_PASSED; - } - } - p = NULL; /* no longer needed here */ - - /* clean up */ - { - char *tp = pp; - if (pp != NULL) { - while (tp && *tp) - *tp++ = '\0'; - } - pp = tp = NULL; - } - - return retval; -} - -static char *getuidname(uid_t uid) -{ - struct passwd *pw; - static char username[32]; - - pw = getpwuid(uid); - if (pw == NULL) - return NULL; - - memset(username, 0, 32); - strncpy(username, pw->pw_name, 32); - username[31] = '\0'; - - return username; -} - -int main(int argc, char *argv[]) -{ - char pass[MAXPASS + 1]; - char option[8]; - int npass, opt; - int force_failure = 0; - int retval = UNIX_FAILED; - char *user; - - /* - * Catch or ignore as many signal as possible. - */ - setup_signals(); - - /* - * we establish that this program is running with non-tty stdin. - * this is to discourage casual use. It does *NOT* prevent an - * intruder from repeatadly running this program to determine the - * password of the current user (brute force attack, but one for - * which the attacker must already have gained access to the user's - * account). - */ - - if (isatty(STDIN_FILENO)) { - - _log_err(LOG_NOTICE - ,"inappropriate use of Unix helper binary [UID=%d]" - ,getuid()); - fprintf(stderr - ,"This binary is not designed for running in this way\n" - "-- the system administrator has been informed\n"); - sleep(10); /* this should discourage/annoy the user */ - return UNIX_FAILED; - } - - /* - * determine the current user's name is - */ - user = getuidname(getuid()); - if (argc == 2) { - /* if the caller specifies the username, verify that user - matches it */ - if (strcmp(user, argv[1])) { - force_failure = 1; - } - } - - /* read the nollok/nonull option */ - - npass = read(STDIN_FILENO, option, 8); - - if (npass < 0) { - _log_err(LOG_DEBUG, "no option supplied"); - return UNIX_FAILED; - } else { - option[7] = '\0'; - if (strncmp(option, "nullok", 8) == 0) - opt = 1; - else - opt = 0; - } - - /* read the password from stdin (a pipe from the pam_unix module) */ - - npass = read(STDIN_FILENO, pass, MAXPASS); - - if (npass < 0) { /* is it a valid password? */ - - _log_err(LOG_DEBUG, "no password supplied"); - - } else if (npass >= MAXPASS) { - - _log_err(LOG_DEBUG, "password too long"); - - } else { - if (npass == 0) { - /* the password is NULL */ - - retval = _unix_verify_password(user, NULL, opt); - - } else { - /* does pass agree with the official one? */ - - pass[npass] = '\0'; /* NUL terminate */ - retval = _unix_verify_password(user, pass, opt); - - } - } - - memset(pass, '\0', MAXPASS); /* clear memory of the password */ - - /* return pass or fail */ - - if ((retval != UNIX_PASSED) || force_failure) { - return UNIX_FAILED; - } else { - return UNIX_PASSED; - } -} - -/* - * Copyright (c) Andrew G. Morgan, 1996. All rights reserved - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ diff --git a/contrib/libpam/modules/pam_unix/yppasswd.h b/contrib/libpam/modules/pam_unix/yppasswd.h deleted file mode 100644 index 6b414be..0000000 --- a/contrib/libpam/modules/pam_unix/yppasswd.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * yppasswdd - * Copyright 1994, 1995, 1996 Olaf Kirch, <okir@monad.swb.de> - * - * This program is covered by the GNU General Public License, version 2. - * It is provided in the hope that it is useful. However, the author - * disclaims ALL WARRANTIES, expressed or implied. See the GPL for details. - * - * This file was generated automatically by rpcgen from yppasswd.x, and - * editied manually. - */ - -#ifndef _YPPASSWD_H_ -#define _YPPASSWD_H_ - -#define YPPASSWDPROG ((u_long)100009) -#define YPPASSWDVERS ((u_long)1) -#define YPPASSWDPROC_UPDATE ((u_long)1) - -/* - * The password struct passed by the update call. I renamed it to - * xpasswd to avoid a type clash with the one defined in <pwd.h>. - */ -#ifndef __sgi -typedef struct xpasswd { - char *pw_name; - char *pw_passwd; - int pw_uid; - int pw_gid; - char *pw_gecos; - char *pw_dir; - char *pw_shell; -} xpasswd; - -#else -#include <pwd.h> -typedef struct xpasswd xpasswd; -#endif - -/* The updated password information, plus the old password. - */ -typedef struct yppasswd { - char *oldpass; - xpasswd newpw; -} yppasswd; - -/* XDR encoding/decoding routines */ -bool_t xdr_xpasswd(XDR * xdrs, xpasswd * objp); -bool_t xdr_yppasswd(XDR * xdrs, yppasswd * objp); - -#endif /* _YPPASSWD_H_ */ diff --git a/contrib/libpam/modules/pam_unix/yppasswd_xdr.c b/contrib/libpam/modules/pam_unix/yppasswd_xdr.c deleted file mode 100644 index b1a60b4..0000000 --- a/contrib/libpam/modules/pam_unix/yppasswd_xdr.c +++ /dev/null @@ -1,38 +0,0 @@ -/* - * yppasswdd - * Copyright 1994, 1995, 1996 Olaf Kirch, <okir@monad.swb.de> - * - * This program is covered by the GNU General Public License, version 2. - * It is provided in the hope that it is useful. However, the author - * disclaims ALL WARRANTIES, expressed or implied. See the GPL for details. - * - * This file was generated automatically by rpcgen from yppasswd.x, and - * editied manually. - */ - -#include <security/_pam_aconf.h> - -#include <rpc/rpc.h> -#include <rpcsvc/yp_prot.h> -#include <rpcsvc/ypclnt.h> -#include "yppasswd.h" - -bool_t -xdr_xpasswd(XDR * xdrs, xpasswd * objp) -{ - return xdr_string(xdrs, &objp->pw_name, ~0) - && xdr_string(xdrs, &objp->pw_passwd, ~0) - && xdr_int(xdrs, &objp->pw_uid) - && xdr_int(xdrs, &objp->pw_gid) - && xdr_string(xdrs, &objp->pw_gecos, ~0) - && xdr_string(xdrs, &objp->pw_dir, ~0) - && xdr_string(xdrs, &objp->pw_shell, ~0); -} - - -bool_t -xdr_yppasswd(XDR * xdrs, yppasswd * objp) -{ - return xdr_string(xdrs, &objp->oldpass, ~0) - && xdr_xpasswd(xdrs, &objp->newpw); -} diff --git a/contrib/libpam/modules/pam_userdb/Makefile b/contrib/libpam/modules/pam_userdb/Makefile deleted file mode 100644 index ebdcff9..0000000 --- a/contrib/libpam/modules/pam_userdb/Makefile +++ /dev/null @@ -1,35 +0,0 @@ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). - -# $Id: Makefile,v 1.4 2001/02/18 03:03:31 agmorgan Exp $ -# Created by Cristian Gafton <gafton@redhat.com> - -include ../../Make.Rules - -TITLE=pam_userdb - -ifeq ($(HAVE_NDBM_H),yes) - WHICH_DB=ndbm - MODULE_SIMPLE_EXTRALIBS = -lndbm -else -ifeq ($(HAVE_LIBDB),yes) - WHICH_DB=db - MODULE_SIMPLE_EXTRALIBS = -ldb -else - WHICH_DB=none -endif -endif - -ifeq ($(WHICH_DB),none) - -include ../dont_makefile - -else - -MODULE_SIMPLE_EXTRAFILES = conv - -include ../Simple.Rules - -endif diff --git a/contrib/libpam/modules/pam_userdb/README b/contrib/libpam/modules/pam_userdb/README deleted file mode 100644 index af78d47..0000000 --- a/contrib/libpam/modules/pam_userdb/README +++ /dev/null @@ -1,30 +0,0 @@ -pam_userdb: - Look up users in a .db database and verify their password against - what is contained in that database. - -RECOGNIZED ARGUMENTS: - debug write a message to syslog indicating success or - failure. - - db=[path] use the [path] database for performing lookup. There - is no default; the module will return PAM_IGNORE if - no database is provided. - - icase make the password verification to be case insensitive - (ie when working with registration numbers and such) - - dump dump all the entries in the database to the log (eek, - don't do this by default!) - -MODULE SERVICES PROVIDED: - auth _authetication and _setcred (blank) - -EXAMPLE USE: - auth sufficient pam_userdb.so icase db=/tmp/dbtest.db - -AUTHOR: - Cristian Gafton <gafton@redhat.com> - - - -$Id: README,v 1.1.1.1 2000/06/20 22:12:09 agmorgan Exp $ diff --git a/contrib/libpam/modules/pam_userdb/conv.c b/contrib/libpam/modules/pam_userdb/conv.c deleted file mode 100644 index 0f13d03..0000000 --- a/contrib/libpam/modules/pam_userdb/conv.c +++ /dev/null @@ -1,125 +0,0 @@ -/* - * Conversation related functions - */ - -/* $Id */ -/* Copyright at the end of the file */ - -#define _BSD_SOURCE - -#include <stdlib.h> -#include <string.h> - -#include <security/pam_modules.h> -#include <security/_pam_macros.h> - -#include "pam_userdb.h" - -/* - * dummy conversation function sending exactly one prompt - * and expecting exactly one response from the other party - */ -static int converse(pam_handle_t *pamh, - struct pam_message **message, - struct pam_response **response) -{ - int retval; - const struct pam_conv *conv; - - retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv ) ; - if (retval == PAM_SUCCESS) - retval = conv->conv(1, (const struct pam_message **)message, - response, conv->appdata_ptr); - - return retval; /* propagate error status */ -} - - -static char *_pam_delete(register char *xx) -{ - _pam_overwrite(xx); - _pam_drop(xx); - return NULL; -} - -/* - * This is a conversation function to obtain the user's password - */ -int conversation(pam_handle_t *pamh) -{ - struct pam_message msg[2],*pmsg[2]; - struct pam_response *resp; - int retval; - char * token = NULL; - - pmsg[0] = &msg[0]; - msg[0].msg_style = PAM_PROMPT_ECHO_OFF; - msg[0].msg = "Password: "; - - /* so call the conversation expecting i responses */ - resp = NULL; - retval = converse(pamh, pmsg, &resp); - - if (resp != NULL) { - const char * item; - /* interpret the response */ - if (retval == PAM_SUCCESS) { /* a good conversation */ - token = x_strdup(resp[0].resp); - if (token == NULL) { - return PAM_AUTHTOK_RECOVER_ERR; - } - } - - /* set the auth token */ - retval = pam_set_item(pamh, PAM_AUTHTOK, token); - token = _pam_delete(token); /* clean it up */ - if ( (retval != PAM_SUCCESS) || - (retval = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&item)) - != PAM_SUCCESS ) { - return retval; - } - - _pam_drop_reply(resp, 1); - } else { - retval = (retval == PAM_SUCCESS) - ? PAM_AUTHTOK_RECOVER_ERR:retval ; - } - - return retval; -} - -/* - * Copyright (c) Cristian Gafton <gafton@redhat.com>, 1999 - * All rights reserved - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED `AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ diff --git a/contrib/libpam/modules/pam_userdb/create.pl b/contrib/libpam/modules/pam_userdb/create.pl deleted file mode 100644 index 0e1687d..0000000 --- a/contrib/libpam/modules/pam_userdb/create.pl +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/bin/perl -# this program creates a database in ARGV[1] from pairs given on -# stdandard input -# -# $Id: create.pl,v 1.1.1.1 2000/06/20 22:12:09 agmorgan Exp $ - -use DB_File; - -my $database = $ARGV[0]; -die "Use: check,pl <database>\n" unless ($database); -print "Using database: $database\n"; - -my %lusers = (); - -tie %lusers, 'DB_File', $database, O_RDWR|O_CREAT, 0644, $DB_HASH ; -while (<STDIN>) { - my ($user, $pass) = split; - - $lusers{$user} = $pass; -} -untie %lusers; - - diff --git a/contrib/libpam/modules/pam_userdb/pam_userdb.c b/contrib/libpam/modules/pam_userdb/pam_userdb.c deleted file mode 100644 index 9da9370..0000000 --- a/contrib/libpam/modules/pam_userdb/pam_userdb.c +++ /dev/null @@ -1,304 +0,0 @@ -/* pam_userdb module */ - -/* - * $Id: pam_userdb.c,v 1.4 2000/12/04 15:02:16 baggins Exp $ - * Written by Cristian Gafton <gafton@redhat.com> 1996/09/10 - * See the end of the file for Copyright Information - */ - -#include <security/_pam_aconf.h> - -#include <stdlib.h> -#include <unistd.h> -#include <string.h> -#include <syslog.h> -#include <stdarg.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <fcntl.h> -#include <errno.h> - -#include "pam_userdb.h" - -#ifdef HAVE_NDBM_H -# include <ndbm.h> -#else -# ifdef HAVE_DB_H -# define DB_DBM_HSEARCH 1 /* use the dbm interface */ -# include <db.h> -# else -# error "failed to find a libdb or equivalent" -# endif -#endif - -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - -#include <security/pam_modules.h> - -/* some syslogging */ - -static void _pam_log(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog(MODULE_NAME, LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - -char * database = NULL; -static int ctrl = 0; - -static int _pam_parse(int argc, const char **argv) -{ - /* step through arguments */ - for (ctrl = 0; argc-- > 0; ++argv) { - - /* generic options */ - - if (!strcmp(*argv,"debug")) - ctrl |= PAM_DEBUG_ARG; - else if (!strcasecmp(*argv, "icase")) - ctrl |= PAM_ICASE_ARG; - else if (!strcasecmp(*argv, "dump")) - ctrl |= PAM_DUMP_ARG; - else if (!strncasecmp(*argv,"db=", 3)) { - database = strdup((*argv) + 3); - if (database == NULL) - _pam_log(LOG_ERR, "pam_parse: could not parse argument \"%s\"", - *argv); - } else { - _pam_log(LOG_ERR, "pam_parse: unknown option; %s", *argv); - } - } - - return ctrl; -} - - -/* - * Looks up an user name in a database and checks the password - * - * return values: - * 1 = User not found - * 0 = OK - * -1 = Password incorrect - * -2 = System error - */ -static int user_lookup(const char *user, const char *pass) -{ - DBM *dbm; - datum key, data; - - /* Open the DB file. */ - dbm = dbm_open(database, O_RDONLY, 0644); - if (dbm == NULL) { - _pam_log(LOG_ERR, "user_lookup: could not open database `%s'", - database); - return -2; - } - - if (ctrl &PAM_DUMP_ARG) { - _pam_log(LOG_INFO, "Database dump:"); - for (key = dbm_firstkey(dbm); key.dptr != NULL; - key = dbm_nextkey(dbm)) { - data = dbm_fetch(dbm, key); - _pam_log(LOG_INFO, "key[len=%d] = `%s', data[len=%d] = `%s'", - key.dsize, key.dptr, data.dsize, data.dptr); - } - } - /* do some more init work */ - - memset(&key, 0, sizeof(key)); - memset(&data, 0, sizeof(data)); - key.dptr = x_strdup(user); - key.dsize = strlen(user); - user = NULL; - - if (key.dptr) { - data = dbm_fetch(dbm, key); - memset(key.dptr, 0, key.dsize); - free(key.dptr); - } - - if (ctrl & PAM_DEBUG_ARG) { - _pam_log(LOG_INFO, "password in database is [%p]`%s', len is %d", - data.dptr, (char *) data.dptr, data.dsize); - } - - if (data.dptr != NULL) { - int compare = 0; - /* bingo, got it */ - if (ctrl & PAM_ICASE_ARG) - compare = strncasecmp(pass, data.dptr, data.dsize); - else - compare = strncmp(pass, data.dptr, data.dsize); - dbm_close(dbm); - if (compare == 0) - return 0; /* match */ - else - return -1; /* wrong */ - } else { - if (ctrl & PAM_DEBUG_ARG) { - _pam_log(LOG_INFO, "error returned by dbm_fetch: %s", - strerror(errno)); - } - dbm_close(dbm); - /* probably we should check dbm_error() here */ - return 1; /* not found */ - } - - /* NOT REACHED */ - return -2; -} - -/* --- authentication management functions (only) --- */ - -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - const char *username; - const char *password; - int retval = PAM_AUTH_ERR; - - /* parse arguments */ - ctrl = _pam_parse(argc, argv); - - /* Get the username */ - retval = pam_get_user(pamh, &username, NULL); - if ((retval != PAM_SUCCESS) || (!username)) { - if (ctrl & PAM_DEBUG_ARG) - _pam_log(LOG_DEBUG,"can not get the username"); - return PAM_SERVICE_ERR; - } - - /* Converse just to be sure we have the password */ - retval = conversation(pamh); - if (retval != PAM_SUCCESS) { - _pam_log(LOG_ERR, "could not obtain password for `%s'", - username); - return -2; - } - - /* Get the password */ - retval = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&password); - if (retval != PAM_SUCCESS) { - _pam_log(LOG_ERR, "Could not retrive user's password"); - return -2; - } - - if (ctrl & PAM_DEBUG_ARG) - _pam_log(LOG_INFO, "Verify user `%s' with password `%s'", - username, password); - - /* Now use the username to look up password in the database file */ - retval = user_lookup(username, password); - switch (retval) { - case -2: - /* some sort of system error. The log was already printed */ - return PAM_SERVICE_ERR; - case -1: - /* incorrect password */ - _pam_log(LOG_WARNING, - "user `%s' denied access (incorrect password)", - username); - return PAM_AUTH_ERR; - case 1: - /* the user does not exist in the database */ - if (ctrl & PAM_DEBUG_ARG) - _pam_log(LOG_NOTICE, "user `%s' not found in the database", - username); - return PAM_USER_UNKNOWN; - case 0: - /* Otherwise, the authentication looked good */ - _pam_log(LOG_NOTICE, "user '%s' granted acces", username); - return PAM_SUCCESS; - default: - /* we don't know anything about this return value */ - _pam_log(LOG_ERR, - "internal module error (retval = %d, user = `%s'", - retval, username); - return PAM_SERVICE_ERR; - } - - /* should not be reached */ - return PAM_IGNORE; -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - return PAM_SUCCESS; -} - -PAM_EXTERN -int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - return PAM_SUCCESS; -} - - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_userdb_modstruct = { - "pam_userdb", - pam_sm_authenticate, - pam_sm_setcred, - NULL, - NULL, - NULL, - NULL, -}; - -#endif - -/* - * Copyright (c) Cristian Gafton <gafton@redhat.com>, 1999 - * All rights reserved - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED `AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ diff --git a/contrib/libpam/modules/pam_userdb/pam_userdb.h b/contrib/libpam/modules/pam_userdb/pam_userdb.h deleted file mode 100644 index 542cdf5..0000000 --- a/contrib/libpam/modules/pam_userdb/pam_userdb.h +++ /dev/null @@ -1,61 +0,0 @@ - -#ifndef _PAM_USERSDB_H -#define _PAM_USERSDB_H -/* $Id: pam_userdb.h,v 1.1.1.1 2000/06/20 22:12:09 agmorgan Exp $ */ - -/* Header files */ -#include <security/pam_appl.h> - -/* argument parsing */ -#define PAM_DEBUG_ARG 0x0001 -#define PAM_ICASE_ARG 0x0002 -#define PAM_DUMP_ARG 0x0004 - -/* Useful macros */ -#define x_strdup(s) ( (s) ? strdup(s):NULL ) - -/* The name of the module we are compiling */ -#ifndef MODULE_NAME -#define MODULE_NAME "pam_userdb" -#endif /* MODULE_NAME */ - -/* function prototypes */ -int conversation(pam_handle_t *); - -#endif /* _PAM_USERSDB_H */ - -/* - * Copyright (c) Cristian Gafton <gafton@redhat.com>, 1999 - * All rights reserved - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED `AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ diff --git a/contrib/libpam/modules/pam_warn/Makefile b/contrib/libpam/modules/pam_warn/Makefile deleted file mode 100644 index 46201d0..0000000 --- a/contrib/libpam/modules/pam_warn/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:06 agmorgan Exp $ -# $FreeBSD$ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_warn - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_warn/README b/contrib/libpam/modules/pam_warn/README deleted file mode 100644 index cd8158b..0000000 --- a/contrib/libpam/modules/pam_warn/README +++ /dev/null @@ -1,26 +0,0 @@ -# $Id: README,v 1.1.1.1 2000/06/20 22:12:10 agmorgan Exp $ -# $FreeBSD$ - -This module is an authentication module that does not authenticate. -Instead it always returns PAM_IGNORE, indicating that it does not want -to affect the authentication process. - -Its purpose is to log a message to the syslog indicating the -pam_item's available at the time it was invoked. It is a diagnostic -tool. - -Recognized arguments: - - <none> - -module services provided: - - auth _authenticate and _setcred (blank) - acct _acct_mgmt [mapped to _authenticate] - session _open_session and - _close_session [mapped to _authenticate ] - password _chauthtok [mapped to _authenticate] - - -Andrew Morgan -1996/11/14 diff --git a/contrib/libpam/modules/pam_warn/pam_warn.c b/contrib/libpam/modules/pam_warn/pam_warn.c deleted file mode 100644 index ac627fb..0000000 --- a/contrib/libpam/modules/pam_warn/pam_warn.c +++ /dev/null @@ -1,133 +0,0 @@ -/* pam_warn module */ - -/* - * $Id: pam_warn.c,v 1.1.1.1 2000/06/20 22:12:10 agmorgan Exp $ - * $FreeBSD$ - * - * Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11 - */ - -#define _BSD_SOURCE - -#include <stdio.h> -#include <unistd.h> -#include <syslog.h> -#include <stdarg.h> - -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_PASSWORD - -#include <security/pam_modules.h> - -/* some syslogging */ - -static void _pam_log(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog("PAM-warn", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - -/* --- authentication management functions (only) --- */ - -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc - , const char **argv) -{ - const char *service=NULL, *user=NULL, *terminal=NULL - , *rhost=NULL, *ruser=NULL; - - (void) pam_get_item(pamh, PAM_SERVICE, (const void **)&service); - (void) pam_get_item(pamh, PAM_TTY, (const void **)&terminal); - _pam_log(LOG_NOTICE, "service: %s [on terminal: %s]" - , service ? service : "<unknown>" - , terminal ? terminal : "<unknown>" - ); - (void) pam_get_user(pamh, &user, "Who are you? "); - (void) pam_get_item(pamh, PAM_RUSER, (const void **)&ruser); - (void) pam_get_item(pamh, PAM_RHOST, (const void **)&rhost); - _pam_log(LOG_NOTICE, "user: (uid=%d) -> %s [remote: %s@%s]" - , getuid() - , user ? user : "<unknown>" - , ruser ? ruser : "?nobody" - , rhost ? rhost : "?nowhere" - ); - - /* we are just a fly on the wall */ - - return PAM_IGNORE; -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc - , const char **argv) -{ - return PAM_IGNORE; -} - -/* password updating functions */ - -PAM_EXTERN -int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc - , const char **argv) -{ - /* map to the authentication function... */ - - return pam_sm_authenticate(pamh, flags, argc, argv); -} - -PAM_EXTERN int -pam_sm_acct_mgmt (pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - /* map to the authentication function... */ - - return pam_sm_authenticate(pamh, flags, argc, argv); -} - -PAM_EXTERN int -pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, - const char **argv) -{ - /* map to the authentication function... */ - - return pam_sm_authenticate(pamh, flags, argc, argv); -} - -PAM_EXTERN int -pam_sm_close_session (pam_handle_t *pamh, int flags, int argc, - const char **argv) -{ - /* map to the authentication function... */ - - return pam_sm_authenticate(pamh, flags, argc, argv); -} - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_warn_modstruct = { - "pam_warn", - pam_sm_authenticate, - pam_sm_setcred, - pam_sm_acct_mgmt, - pam_sm_open_session, - pam_sm_close_session, - pam_sm_chauthtok, -}; - -#endif - -/* end of module definition */ diff --git a/contrib/libpam/modules/pam_wheel/Makefile b/contrib/libpam/modules/pam_wheel/Makefile deleted file mode 100644 index 540c95f..0000000 --- a/contrib/libpam/modules/pam_wheel/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:06 agmorgan Exp $ -# $FreeBSD$ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# -# Created by Andrew Morgan <morgan@linux.kernel.org> 2000/08/27 -# - -include ../../Make.Rules - -TITLE=pam_wheel - -include ../Simple.Rules diff --git a/contrib/libpam/modules/pam_wheel/README b/contrib/libpam/modules/pam_wheel/README deleted file mode 100644 index 3ef14c8..0000000 --- a/contrib/libpam/modules/pam_wheel/README +++ /dev/null @@ -1,34 +0,0 @@ -# $FreeBSD$ - -pam_wheel: - only permit root authentication too members of wheel group - -RECOGNIZED ARGUMENTS: - debug write a message to syslog indicating success or - failure. - - use_uid the check for wheel membership will be done against - the current uid instead of the original one - (useful when jumping with su from one account to - another for example) - - trust the pam_wheel module will return PAM_SUCCESS instead - of PAM_IGNORE if the user is a member of the wheel - group (thus with a little play stacking the modules - the wheel members may be able to su to root without - being prompted for a passwd). - - deny Reverse the sense of the auth operation: if the user - is trying to get UID 0 access and is a member of the - wheel group, deny access (well, kind of nonsense, but - for use in conjunction with 'group' argument... :-) - - group=xxxx Instead of checking the GID 0 group, use the xxxx - group to perform the authentification. - -MODULE SERVICES PROVIDED: - auth _authetication and _setcred (blank) - -AUTHOR: - Cristian Gafton <gafton@sorosis.ro> - diff --git a/contrib/libpam/modules/pam_wheel/pam_wheel.c b/contrib/libpam/modules/pam_wheel/pam_wheel.c deleted file mode 100644 index 79a477c..0000000 --- a/contrib/libpam/modules/pam_wheel/pam_wheel.c +++ /dev/null @@ -1,263 +0,0 @@ -/* pam_wheel module */ - -/* - * Written by Cristian Gafton <gafton@redhat.com> 1996/09/10 - * See the end of the file for Copyright Information - * - * - * 1.2 - added 'deny' and 'group=' options - * 1.1 - added 'trust' option - * 1.0 - the code is working for at least another person, so... :-) - * 0.1 - use vsyslog instead of vfprintf/syslog in _pam_log - * - return PAM_IGNORE on success (take care of sloppy sysadmins..) - * - use pam_get_user instead of pam_get_item(...,PAM_USER,...) - * - a new arg use_uid to auth the current uid instead of the - * initial (logged in) one. - * 0.0 - first release - * - * TODO: - * - try to use make_remark from pam_unix/support.c - * - consider returning on failure PAM_FAIL_NOW if the user is not - * a wheel member. - * - * $FreeBSD$ - */ - -#define _BSD_SOURCE - -#include <stdio.h> -#include <unistd.h> -#include <string.h> -#include <syslog.h> -#include <stdarg.h> -#include <sys/types.h> -#include <pwd.h> -#include <grp.h> - -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH - -#include <security/pam_modules.h> - -/* some syslogging */ - -static void _pam_log(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog("PAM-Wheel", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - -/* checks if a user is on a list of members of the GID 0 group */ - -static int is_on_list(char * const *list, const char *member) -{ - while (*list) { - if (strcmp(*list, member) == 0) - return 1; - list++; - } - return 0; -} - -/* argument parsing */ - -#define PAM_DEBUG_ARG 0x0001 -#define PAM_USE_UID_ARG 0x0002 -#define PAM_TRUST_ARG 0x0004 -#define PAM_DENY_ARG 0x0010 - -static int _pam_parse(int argc, const char **argv, char *use_group) -{ - int ctrl=0; - - /* step through arguments */ - for (ctrl=0; argc-- > 0; ++argv) { - - /* generic options */ - - if (!strcmp(*argv,"debug")) - ctrl |= PAM_DEBUG_ARG; - else if (!strcmp(*argv,"use_uid")) - ctrl |= PAM_USE_UID_ARG; - else if (!strcmp(*argv,"trust")) - ctrl |= PAM_TRUST_ARG; - else if (!strcmp(*argv,"deny")) - ctrl |= PAM_DENY_ARG; - else if (!strncmp(*argv,"group=",6)) - strcpy(use_group,*argv+6); - else { - _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv); - } - } - - return ctrl; -} - - -/* --- authentication management functions (only) --- */ - -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - int ctrl; - const char *username; - char *fromsu; - struct passwd *pwd, *tpwd; - struct group *grp; - int retval = PAM_AUTH_ERR; - char use_group[BUFSIZ]; - - /* Init the optional group */ - bzero(use_group,BUFSIZ); - - ctrl = _pam_parse(argc, argv, use_group); - retval = pam_get_user(pamh,&username,NULL); - if ((retval != PAM_SUCCESS) || (!username)) { - if (ctrl & PAM_DEBUG_ARG) - _pam_log(LOG_DEBUG,"can not get the username"); - return PAM_SERVICE_ERR; - } - - /* su to a uid 0 account ? */ - pwd = getpwnam(username); - if (!pwd) { - if (ctrl & PAM_DEBUG_ARG) - _pam_log(LOG_NOTICE,"unknown user %s",username); - return PAM_USER_UNKNOWN; - } - - /* Now we know that the username exists, pass on to other modules... - * the call to pam_get_user made this obsolete, so is commented out - * - * pam_set_item(pamh,PAM_USER,(const void *)username); - */ - - /* is this user an UID 0 account ? */ - if(pwd->pw_uid) { - /* no need to check for wheel */ - return PAM_IGNORE; - } - - if (ctrl & PAM_USE_UID_ARG) { - tpwd = getpwuid(getuid()); - if (!tpwd) { - if (ctrl & PAM_DEBUG_ARG) - _pam_log(LOG_NOTICE,"who is running me ?!"); - return PAM_SERVICE_ERR; - } - fromsu = tpwd->pw_name; - } else { - fromsu = getlogin(); - if (!fromsu) { - if (ctrl & PAM_DEBUG_ARG) - _pam_log(LOG_NOTICE,"who is running me ?!"); - return PAM_SERVICE_ERR; - } - } - - if (!use_group[0]) { - if ((grp = getgrnam("wheel")) == NULL) { - grp = getgrgid(0); - } - } else - grp = getgrnam(use_group); - - if (!grp || !grp->gr_mem) { - if (ctrl & PAM_DEBUG_ARG) { - if (!use_group[0]) - _pam_log(LOG_NOTICE,"no members in a GID 0 group"); - else - _pam_log(LOG_NOTICE,"no members in '%s' group",use_group); - } - if (ctrl & PAM_DENY_ARG) - /* if this was meant to deny access to the members - * of this group and the group does not exist, allow - * access - */ - return PAM_IGNORE; - else - return PAM_AUTH_ERR; - } - - if (is_on_list(grp->gr_mem, fromsu)) { - if (ctrl & PAM_DEBUG_ARG) - _pam_log(LOG_NOTICE,"Access %s to '%s' for '%s'", - (ctrl & PAM_DENY_ARG)?"denied":"granted", - fromsu,username); - if (ctrl & PAM_DENY_ARG) - return PAM_PERM_DENIED; - else - if (ctrl & PAM_TRUST_ARG) - return PAM_SUCCESS; - else - return PAM_IGNORE; - } - - if (ctrl & PAM_DEBUG_ARG) - _pam_log(LOG_NOTICE,"Access %s for '%s' to '%s'", - (ctrl & PAM_DENY_ARG)?"granted":"denied",fromsu,username); - if (ctrl & PAM_DENY_ARG) - return PAM_SUCCESS; - else - return PAM_PERM_DENIED; -} - -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc - ,const char **argv) -{ - return PAM_SUCCESS; -} - - -/* end of module definition */ - -PAM_MODULE_ENTRY("pam_wheel"); - -/* - * Copyright (c) Cristian Gafton <gafton@redhat.com>, 1996, 1997 - * All rights reserved - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED `AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ diff --git a/contrib/libpam/modules/register_static b/contrib/libpam/modules/register_static deleted file mode 100755 index 2067ac7..0000000 --- a/contrib/libpam/modules/register_static +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash - -if [ `basename $PWD` != "modules" ]; then - echo "$0 must be run from the .../modules directory" - exit 1 -fi - -merge_line () -{ - if [ $# != 3 ]; then - echo "usage: merge_line token filename 'new line'" - fi - if [ -f $2 ]; then -# remove any existing entry... - grep -v "$1" $2 > tmp.$2 - rm -f $2 - mv {tmp.,}$2 - fi - cat << EOT >> $2 -$3 -EOT - -} - - -if [ $# -ne 2 ]; then - - cat << EOT 2>&1 -$0: this script takes TWO arguments: - the 'alphanumeric label' of the module and the location of - its object file from the .../modules/ directory -EOT - exit 1 - -else - echo " - *> registering static module: $1 ($2) <* -" - merge_line "$1" _static_module_list "\ -extern struct pam_module _$1_modstruct;" - - merge_line "$1" _static_module_entry " &_$1_modstruct," - if [ -n "$2" ]; then - merge_line "$2" _static_module_objects "../modules/$2" - fi - -fi - -exit 0 |
