Merge sync of head

author: sjg <sjg@FreeBSD.org> 2015-05-27 01:19:58 +0000
committer: sjg <sjg@FreeBSD.org> 2015-05-27 01:19:58 +0000
commit: 65145fa4c81da358fcbc3b650156dab705dfa34e (patch)
tree: 55c065b6730aaac2afb6c29933ee6ec5fa4c4249 /lib/libpam/modules
parent: 60ff4eb0dff94a04d75d0d52a3957aaaf5f8c693 (diff)
parent: e6b664c390af88d4a87208bc042ce503da664c3b (diff)
download: FreeBSD-src-65145fa4c81da358fcbc3b650156dab705dfa34e.zip
FreeBSD-src-65145fa4c81da358fcbc3b650156dab705dfa34e.tar.gz
14 files changed, 33 insertions, 38 deletions
diff --git a/lib/libpam/modules/Makefile.inc b/lib/libpam/modules/Makefile.inc
index 085ab58..2da5a7b 100644
--- a/lib/libpam/modules/Makefile.inc
+++ b/lib/libpam/modules/Makefile.inc
@@ -14,8 +14,7 @@ CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam
 NO_PIC=
 .else
 SHLIB_NAME?=	${LIB}.so.${SHLIB_MAJOR}
-DPADD+=		${LIBPAM}
-LDADD+=		-lpam
+LIBADD+=	pam
 .endif
 
 .include "../Makefile.inc"
diff --git a/lib/libpam/modules/modules.inc b/lib/libpam/modules/modules.inc
index 66fc63c..02debf7 100644
--- a/lib/libpam/modules/modules.inc
+++ b/lib/libpam/modules/modules.inc
@@ -21,7 +21,9 @@ MODULES		+= pam_opie
 MODULES		+= pam_opieaccess
 MODULES		+= pam_passwdqc
 MODULES		+= pam_permit
+.if ${MK_RADIUS_SUPPORT} != "no"
 MODULES		+= pam_radius
+.endif
 MODULES		+= pam_rhosts
 MODULES		+= pam_rootok
 MODULES		+= pam_securetty
diff --git a/lib/libpam/modules/pam_guest/pam_guest.8 b/lib/libpam/modules/pam_guest/pam_guest.8
index 0bd1755..0b858d6 100644
--- a/lib/libpam/modules/pam_guest/pam_guest.8
+++ b/lib/libpam/modules/pam_guest/pam_guest.8
@@ -82,8 +82,8 @@ password.
 Requires the guest user to type in the guest account name as password.
 .El
 .Sh SEE ALSO
-.Xr pam_getenv 3 ,
 .Xr pam_get_item 3 ,
+.Xr pam_getenv 3 ,
 .Xr pam.conf 5 ,
 .Xr pam 8
 .Sh AUTHORS
diff --git a/lib/libpam/modules/pam_krb5/Makefile b/lib/libpam/modules/pam_krb5/Makefile
index 85f3421..97fd490 100644
--- a/lib/libpam/modules/pam_krb5/Makefile
+++ b/lib/libpam/modules/pam_krb5/Makefile
@@ -32,7 +32,6 @@ CFLAGS+=-D_FREEFALL_CONFIG
 WARNS?=	3
 .endif
 
-DPADD=	${LIBKRB5} ${LIBHX509} ${LIBASN1} ${LIBROKEN} ${LIBCOM_ERR} ${LIBCRYPT} ${LIBCRYPTO}
-LDADD=	-lkrb5 -lhx509 -lasn1 -lroken -lcom_err -lcrypt -lcrypto
+LIBADD+=	krb5
 
 .include <bsd.lib.mk>
diff --git a/lib/libpam/modules/pam_ksu/Makefile b/lib/libpam/modules/pam_ksu/Makefile
index 9aa6a7e..26f3f85 100644
--- a/lib/libpam/modules/pam_ksu/Makefile
+++ b/lib/libpam/modules/pam_ksu/Makefile
@@ -28,7 +28,6 @@ LIB=	pam_ksu
 SRCS=	pam_ksu.c
 MAN=	pam_ksu.8
 
-DPADD=	${LIBKRB5} ${LIBHX509} ${LIBASN1} ${LIBROKEN} ${LIBCOM_ERR} ${LIBCRYPT} ${LIBCRYPTO}
-LDADD=	-lkrb5 -lhx509 -lasn1 -lroken -lcom_err -lcrypt -lcrypto
+LIBADD+=	krb5
 
 .include <bsd.lib.mk>
diff --git a/lib/libpam/modules/pam_nologin/Makefile b/lib/libpam/modules/pam_nologin/Makefile
index ba5a7d4..746e9e8 100644
--- a/lib/libpam/modules/pam_nologin/Makefile
+++ b/lib/libpam/modules/pam_nologin/Makefile
@@ -28,7 +28,6 @@ LIB=	pam_nologin
 SRCS=	pam_nologin.c
 MAN=	pam_nologin.8
 
-DPADD=	${LIBUTIL}
-LDADD=	-lutil
+LIBADD+=	util
 
 .include <bsd.lib.mk>
diff --git a/lib/libpam/modules/pam_opie/Makefile b/lib/libpam/modules/pam_opie/Makefile
index fbc1278..c2074bf 100644
--- a/lib/libpam/modules/pam_opie/Makefile
+++ b/lib/libpam/modules/pam_opie/Makefile
@@ -29,7 +29,6 @@ LIB=	pam_opie
 SRCS=	pam_opie.c
 MAN=	pam_opie.8
 
-DPADD=	${LIBOPIE}
-LDADD=	-lopie
+LIBADD+=	opie
 
 .include <bsd.lib.mk>
diff --git a/lib/libpam/modules/pam_opieaccess/Makefile b/lib/libpam/modules/pam_opieaccess/Makefile
index 1554a88..2e764cd 100644
--- a/lib/libpam/modules/pam_opieaccess/Makefile
+++ b/lib/libpam/modules/pam_opieaccess/Makefile
@@ -4,7 +4,6 @@ LIB=	pam_opieaccess
 SRCS=	${LIB}.c
 MAN=	pam_opieaccess.8
 
-DPADD=	${LIBOPIE}
-LDADD=	-lopie
+LIBADD+=	opie
 
 .include <bsd.lib.mk>
diff --git a/lib/libpam/modules/pam_passwdqc/Makefile b/lib/libpam/modules/pam_passwdqc/Makefile
index c9cc30e..cd23642 100644
--- a/lib/libpam/modules/pam_passwdqc/Makefile
+++ b/lib/libpam/modules/pam_passwdqc/Makefile
@@ -10,8 +10,7 @@ MAN=	pam_passwdqc.8
 WARNS?=	2
 CFLAGS+= -I${SRCDIR}
 
-DPADD=	${LIBCRYPT}
-LDADD=	-lcrypt
+LIBADD+=	crypt
 
 .include <bsd.lib.mk>
 
diff --git a/lib/libpam/modules/pam_radius/Makefile b/lib/libpam/modules/pam_radius/Makefile
index 2fac833..a9a93e2 100644
--- a/lib/libpam/modules/pam_radius/Makefile
+++ b/lib/libpam/modules/pam_radius/Makefile
@@ -29,7 +29,6 @@ SRCS=	pam_radius.c
 MAN=	pam_radius.8
 WARNS?=	3
 
-DPADD=	${LIBRADIUS}
-LDADD=	-lradius
+LIBADD+=	radius
 
 .include <bsd.lib.mk>
diff --git a/lib/libpam/modules/pam_radius/pam_radius.c b/lib/libpam/modules/pam_radius/pam_radius.c
index c5d4dd4..dcfde30 100644
--- a/lib/libpam/modules/pam_radius/pam_radius.c
+++ b/lib/libpam/modules/pam_radius/pam_radius.c
@@ -62,11 +62,11 @@ __FBSDID("$FreeBSD$");
 #define	PASSWORD_PROMPT		"RADIUS Password:"
 
 static int	 build_access_request(struct rad_handle *, const char *,
-		    const char *, const char *, const char *, const void *,
-		    size_t);
+		    const char *, const char *, const char *, const char *,
+		    const void *, size_t);
 static int	 do_accept(pam_handle_t *, struct rad_handle *);
 static int	 do_challenge(pam_handle_t *, struct rad_handle *,
-		    const char *, const char *, const char *);
+		    const char *, const char *, const char *, const char *);
 
 /*
  * Construct an access request, but don't send it.  Returns 0 on success,
@@ -75,7 +75,7 @@ static int	 do_challenge(pam_handle_t *, struct rad_handle *,
 static int
 build_access_request(struct rad_handle *radh, const char *user,
     const char *pass, const char *nas_id, const char *nas_ipaddr,
-    const void *state, size_t state_len)
+    const char *rhost, const void *state, size_t state_len)
 {
 	int error;
 	char host[MAXHOSTNAMELEN];
@@ -121,8 +121,13 @@ build_access_request(struct rad_handle *radh, const char *user,
 			}
 		}
 	}
-	if (state != NULL && rad_put_attr(radh, RAD_STATE, state,
-	    state_len) == -1) {
+	if (rhost != NULL &&
+	    rad_put_string(radh, RAD_CALLING_STATION_ID, rhost) == -1) {
+		syslog(LOG_CRIT, "rad_put_string: %s", rad_strerror(radh));
+		return (-1);
+	}
+	if (state != NULL &&
+	    rad_put_attr(radh, RAD_STATE, state, state_len) == -1) {
 		syslog(LOG_CRIT, "rad_put_attr: %s", rad_strerror(radh));
 		return (-1);
 	}
@@ -162,7 +167,7 @@ do_accept(pam_handle_t *pamh, struct rad_handle *radh)
 
 static int
 do_challenge(pam_handle_t *pamh, struct rad_handle *radh, const char *user,
-    const char *nas_id, const char *nas_ipaddr)
+    const char *nas_id, const char *nas_ipaddr, const char *rhost)
 {
 	int retval;
 	int attrtype;
@@ -230,7 +235,7 @@ do_challenge(pam_handle_t *pamh, struct rad_handle *radh, const char *user,
 	    conv->appdata_ptr)) != PAM_SUCCESS)
 		return (retval);
 	if (build_access_request(radh, user, resp[num_msgs-1].resp, nas_id,
-	    nas_ipaddr, state, statelen) == -1)
+	    nas_ipaddr, rhost, state, statelen) == -1)
 		return (PAM_SERVICE_ERR);
 	memset(resp[num_msgs-1].resp, 0, strlen(resp[num_msgs-1].resp));
 	free(resp[num_msgs-1].resp);
@@ -246,7 +251,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
 {
 	struct rad_handle *radh;
 	const char *user, *pass;
-	const void *tmpuser;
+	const void *rhost, *tmpuser;
 	const char *conf_file, *template_user, *nas_id, *nas_ipaddr;
 	int retval;
 	int e;
@@ -255,6 +260,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
 	template_user = openpam_get_option(pamh, PAM_OPT_TEMPLATE_USER);
 	nas_id = openpam_get_option(pamh, PAM_OPT_NAS_ID);
 	nas_ipaddr = openpam_get_option(pamh, PAM_OPT_NAS_IPADDR);
+	pam_get_item(pamh, PAM_RHOST, &rhost);
 
 	retval = pam_get_user(pamh, &user, NULL);
 	if (retval != PAM_SUCCESS)
@@ -284,8 +290,8 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
 
 	PAM_LOG("Radius config file read");
 
-	if (build_access_request(radh, user, pass, nas_id, nas_ipaddr, NULL,
-	    0) == -1) {
+	if (build_access_request(radh, user, pass, nas_id, nas_ipaddr, rhost,
+	    NULL, 0) == -1) {
 		rad_close(radh);
 		return (PAM_SERVICE_ERR);
 	}
@@ -330,7 +336,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
 
 		case RAD_ACCESS_CHALLENGE:
 			retval = do_challenge(pamh, radh, user, nas_id,
-			    nas_ipaddr);
+			    nas_ipaddr, rhost);
 			if (retval != PAM_SUCCESS) {
 				rad_close(radh);
 				return (retval);
diff --git a/lib/libpam/modules/pam_ssh/Makefile b/lib/libpam/modules/pam_ssh/Makefile
index 5643f32..b5ca478 100644
--- a/lib/libpam/modules/pam_ssh/Makefile
+++ b/lib/libpam/modules/pam_ssh/Makefile
@@ -13,9 +13,7 @@ SRCS+=	roaming_dummy.c
 WARNS?=	3
 CFLAGS+= -I${SSHDIR} -include ssh_namespace.h
 
-DPADD=	${LIBSSH} ${LIBCRYPTO} ${LIBCRYPT}
-LDADD=	${LDSSH} -lcrypto -lcrypt
-USEPRIVATELIB= ssh
+LIBADD=	ssh
 
 .include <bsd.lib.mk>
 
diff --git a/lib/libpam/modules/pam_tacplus/Makefile b/lib/libpam/modules/pam_tacplus/Makefile
index 053812a..5d2a3f3 100644
--- a/lib/libpam/modules/pam_tacplus/Makefile
+++ b/lib/libpam/modules/pam_tacplus/Makefile
@@ -28,7 +28,6 @@ LIB=	pam_tacplus
 SRCS=	pam_tacplus.c
 MAN=	pam_tacplus.8
 
-DPADD=	${LIBTACPLUS}
-LDADD=	-ltacplus
+LIBADD+=	tacplus
 
 .include <bsd.lib.mk>
diff --git a/lib/libpam/modules/pam_unix/Makefile b/lib/libpam/modules/pam_unix/Makefile
index ea9e639..5330ae4 100644
--- a/lib/libpam/modules/pam_unix/Makefile
+++ b/lib/libpam/modules/pam_unix/Makefile
@@ -41,13 +41,11 @@ LIB=	pam_unix
 SRCS=	pam_unix.c
 MAN=	pam_unix.8
 
-DPADD+= ${LIBUTIL} ${LIBCRYPT}
-LDADD+= -lutil -lcrypt
+LIBADD+=	util crypt
 
 .if ${MK_NIS} != "no"
 CFLAGS+= -DYP
-DPADD+= ${LIBYPCLNT}
-LDADD+= -lypclnt
+LIBADD+=	ypclnt
 .endif
 
 .include <bsd.lib.mk>
author	sjg <sjg@FreeBSD.org>	2015-05-27 01:19:58 +0000
committer	sjg <sjg@FreeBSD.org>	2015-05-27 01:19:58 +0000
commit	65145fa4c81da358fcbc3b650156dab705dfa34e (patch)
tree	55c065b6730aaac2afb6c29933ee6ec5fa4c4249 /lib/libpam/modules
parent	60ff4eb0dff94a04d75d0d52a3957aaaf5f8c693 (diff)
parent	e6b664c390af88d4a87208bc042ce503da664c3b (diff)
download	FreeBSD-src-65145fa4c81da358fcbc3b650156dab705dfa34e.zip FreeBSD-src-65145fa4c81da358fcbc3b650156dab705dfa34e.tar.gz