diff options
| author | des <des@FreeBSD.org> | 2013-09-07 16:15:30 +0000 |
|---|---|---|
| committer | des <des@FreeBSD.org> | 2013-09-07 16:15:30 +0000 |
| commit | 338d7c2adbde6bf877c1224d39c4fa8fa056147d (patch) | |
| tree | 4c0d4245135ec591f272bdbba48f0fbd9104862b /lib | |
| parent | e86dd36ab210b4404ece0cbcf05629b6ec4ef10b (diff) | |
| download | FreeBSD-src-338d7c2adbde6bf877c1224d39c4fa8fa056147d.zip FreeBSD-src-338d7c2adbde6bf877c1224d39c4fa8fa056147d.tar.gz | |
Vendor import of OpenPAM Nummularia..
Diffstat (limited to 'lib')
86 files changed, 1837 insertions, 424 deletions
diff --git a/lib/Makefile.am b/lib/Makefile.am new file mode 100644 index 0000000..0268ffe --- /dev/null +++ b/lib/Makefile.am @@ -0,0 +1,3 @@ +# $Id$ + +SUBDIRS = libpam diff --git a/lib/Makefile.in b/lib/Makefile.in new file mode 100644 index 0000000..3ea0f71 --- /dev/null +++ b/lib/Makefile.in @@ -0,0 +1,609 @@ +# Makefile.in generated by automake 1.14 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# $Id: Makefile.am 714 2013-08-19 15:30:21Z des $ +VPATH = @srcdir@ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = lib +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +SOURCES = +DIST_SOURCES = +RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ + ctags-recursive dvi-recursive html-recursive info-recursive \ + install-data-recursive install-dvi-recursive \ + install-exec-recursive install-html-recursive \ + install-info-recursive install-pdf-recursive \ + install-ps-recursive install-recursive installcheck-recursive \ + installdirs-recursive pdf-recursive ps-recursive \ + tags-recursive uninstall-recursive +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ + distclean-recursive maintainer-clean-recursive +am__recursive_targets = \ + $(RECURSIVE_TARGETS) \ + $(RECURSIVE_CLEAN_TARGETS) \ + $(am__extra_recursive_targets) +AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ + distdir +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +DIST_SUBDIRS = $(SUBDIRS) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +am__relativize = \ + dir0=`pwd`; \ + sed_first='s,^\([^/]*\)/.*$$,\1,'; \ + sed_rest='s,^[^/]*/*,,'; \ + sed_last='s,^.*/\([^/]*\)$$,\1,'; \ + sed_butlast='s,/*[^/]*$$,,'; \ + while test -n "$$dir1"; do \ + first=`echo "$$dir1" | sed -e "$$sed_first"`; \ + if test "$$first" != "."; then \ + if test "$$first" = ".."; then \ + dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ + dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ + else \ + first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ + if test "$$first2" = "$$first"; then \ + dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ + else \ + dir2="../$$dir2"; \ + fi; \ + dir0="$$dir0"/"$$first"; \ + fi; \ + fi; \ + dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ + done; \ + reldir="$$dir2" +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CRYPTO_LIBS = @CRYPTO_LIBS@ +CRYPT_LIBS = @CRYPT_LIBS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DL_LIBS = @DL_LIBS@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIB_MAJ = @LIB_MAJ@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENPAM_MODULES_DIR = @OPENPAM_MODULES_DIR@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +SUBDIRS = libpam +all: all-recursive + +.SUFFIXES: +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign lib/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +# This directory's subdirectories are mostly independent; you can cd +# into them and run 'make' without going through this Makefile. +# To change the values of 'make' variables: instead of editing Makefiles, +# (1) if the variable is set in 'config.status', edit 'config.status' +# (which will cause the Makefiles to be regenerated when you run 'make'); +# (2) otherwise, pass the desired values on the 'make' command line. +$(am__recursive_targets): + @fail=; \ + if $(am__make_keepgoing); then \ + failcom='fail=yes'; \ + else \ + failcom='exit 1'; \ + fi; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + case "$@" in \ + distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ + *) list='$(SUBDIRS)' ;; \ + esac; \ + for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || eval $$failcom; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-recursive +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ + include_option=--etags-include; \ + empty_fix=.; \ + else \ + include_option=--include; \ + empty_fix=; \ + fi; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test ! -f $$subdir/TAGS || \ + set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ + fi; \ + done; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-recursive + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-recursive + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done + @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + $(am__make_dryrun) \ + || test -d "$(distdir)/$$subdir" \ + || $(MKDIR_P) "$(distdir)/$$subdir" \ + || exit 1; \ + dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ + $(am__relativize); \ + new_distdir=$$reldir; \ + dir1=$$subdir; dir2="$(top_distdir)"; \ + $(am__relativize); \ + new_top_distdir=$$reldir; \ + echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ + echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ + ($(am__cd) $$subdir && \ + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="$$new_top_distdir" \ + distdir="$$new_distdir" \ + am__remove_distdir=: \ + am__skip_length_check=: \ + am__skip_mode_fix=: \ + distdir) \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-recursive +all-am: Makefile +installdirs: installdirs-recursive +installdirs-am: +install: install-recursive +install-exec: install-exec-recursive +install-data: install-data-recursive +uninstall: uninstall-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-recursive +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-recursive + +clean-am: clean-generic clean-libtool mostlyclean-am + +distclean: distclean-recursive + -rm -f Makefile +distclean-am: clean-am distclean-generic distclean-tags + +dvi: dvi-recursive + +dvi-am: + +html: html-recursive + +html-am: + +info: info-recursive + +info-am: + +install-data-am: + +install-dvi: install-dvi-recursive + +install-dvi-am: + +install-exec-am: + +install-html: install-html-recursive + +install-html-am: + +install-info: install-info-recursive + +install-info-am: + +install-man: + +install-pdf: install-pdf-recursive + +install-pdf-am: + +install-ps: install-ps-recursive + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-recursive + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-recursive + +mostlyclean-am: mostlyclean-generic mostlyclean-libtool + +pdf: pdf-recursive + +pdf-am: + +ps: ps-recursive + +ps-am: + +uninstall-am: + +.MAKE: $(am__recursive_targets) install-am install-strip + +.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \ + check-am clean clean-generic clean-libtool cscopelist-am ctags \ + ctags-am distclean distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + installdirs-am maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ + ps ps-am tags tags-am uninstall uninstall-am + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/lib/libpam/Makefile.am b/lib/libpam/Makefile.am index 9ce2d2f..99c37f0 100644 --- a/lib/libpam/Makefile.am +++ b/lib/libpam/Makefile.am @@ -1,22 +1,27 @@ -# $Id: Makefile.am 602 2012-04-15 17:31:15Z des $ +# $Id: Makefile.am 660 2013-03-11 15:08:52Z des $ NULL = -INCLUDES = -I$(top_srcdir)/include +AM_CPPFLAGS = -I$(top_srcdir)/include lib_LTLIBRARIES = libpam.la noinst_HEADERS = \ + openpam_asprintf.h \ openpam_constants.h \ + openpam_cred.h \ openpam_ctype.h \ openpam_debug.h \ + openpam_dlfunc.h \ openpam_features.h \ openpam_impl.h \ openpam_strlcat.h \ openpam_strlcmp.h \ - openpam_strlcpy.h + openpam_strlcpy.h \ + openpam_vasprintf.h libpam_la_SOURCES = \ + openpam_asprintf.c \ openpam_borrow_cred.c \ openpam_check_owner_perms.c \ openpam_configure.c \ @@ -39,8 +44,11 @@ libpam_la_SOURCES = \ openpam_set_option.c \ openpam_set_feature.c \ openpam_static.c \ + openpam_strlcat.c \ + openpam_strlcpy.c \ openpam_straddch.c \ openpam_subst.c \ + openpam_vasprintf.c \ openpam_ttyconv.c \ pam_acct_mgmt.c \ pam_authenticate.c \ diff --git a/lib/libpam/Makefile.in b/lib/libpam/Makefile.in index 353fbab..b84d479 100644 --- a/lib/libpam/Makefile.in +++ b/lib/libpam/Makefile.in @@ -1,9 +1,8 @@ -# Makefile.in generated by automake 1.11.1 from Makefile.am. +# Makefile.in generated by automake 1.14 from Makefile.am. # @configure_input@ -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, -# Inc. +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -15,10 +14,55 @@ @SET_MAKE@ -# $Id: Makefile.am 602 2012-04-15 17:31:15Z des $ +# $Id: Makefile.am 660 2013-03-11 15:08:52Z des $ VPATH = @srcdir@ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -37,11 +81,14 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -subdir = lib -DIST_COMMON = $(noinst_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in +subdir = lib/libpam +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/depcomp $(noinst_HEADERS) ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/configure.ac +am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d @@ -69,11 +116,17 @@ am__nobase_list = $(am__nobase_strip_setup); \ am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } am__installdirs = "$(DESTDIR)$(libdir)" LTLIBRARIES = $(lib_LTLIBRARIES) libpam_la_DEPENDENCIES = am__objects_1 = -am_libpam_la_OBJECTS = openpam_borrow_cred.lo \ +am_libpam_la_OBJECTS = openpam_asprintf.lo openpam_borrow_cred.lo \ openpam_check_owner_perms.lo openpam_configure.lo \ openpam_constants.lo openpam_dispatch.lo openpam_dynamic.lo \ openpam_features.lo openpam_findenv.lo openpam_free_data.lo \ @@ -82,7 +135,8 @@ am_libpam_la_OBJECTS = openpam_borrow_cred.lo \ openpam_nullconv.lo openpam_readline.lo openpam_readlinev.lo \ openpam_readword.lo openpam_restore_cred.lo \ openpam_set_option.lo openpam_set_feature.lo openpam_static.lo \ - openpam_straddch.lo openpam_subst.lo openpam_ttyconv.lo \ + openpam_strlcat.lo openpam_strlcpy.lo openpam_straddch.lo \ + openpam_subst.lo openpam_vasprintf.lo openpam_ttyconv.lo \ pam_acct_mgmt.lo pam_authenticate.lo pam_chauthtok.lo \ pam_close_session.lo pam_end.lo pam_error.lo \ pam_get_authtok.lo pam_get_data.lo pam_get_item.lo \ @@ -92,30 +146,78 @@ am_libpam_la_OBJECTS = openpam_borrow_cred.lo \ pam_start.lo pam_strerror.lo pam_verror.lo pam_vinfo.lo \ pam_vprompt.lo $(am__objects_1) libpam_la_OBJECTS = $(am_libpam_la_OBJECTS) -libpam_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +libpam_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(libpam_la_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = SOURCES = $(libpam_la_SOURCES) DIST_SOURCES = $(libpam_la_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac HEADERS = $(noinst_HEADERS) +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ @@ -126,6 +228,7 @@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ +CRYPTO_LIBS = @CRYPTO_LIBS@ CRYPT_LIBS = @CRYPT_LIBS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ @@ -232,19 +335,24 @@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ NULL = -INCLUDES = -I$(top_srcdir)/include +AM_CPPFLAGS = -I$(top_srcdir)/include lib_LTLIBRARIES = libpam.la noinst_HEADERS = \ + openpam_asprintf.h \ openpam_constants.h \ + openpam_cred.h \ openpam_ctype.h \ openpam_debug.h \ + openpam_dlfunc.h \ openpam_features.h \ openpam_impl.h \ openpam_strlcat.h \ openpam_strlcmp.h \ - openpam_strlcpy.h + openpam_strlcpy.h \ + openpam_vasprintf.h libpam_la_SOURCES = \ + openpam_asprintf.c \ openpam_borrow_cred.c \ openpam_check_owner_perms.c \ openpam_configure.c \ @@ -267,8 +375,11 @@ libpam_la_SOURCES = \ openpam_set_option.c \ openpam_set_feature.c \ openpam_static.c \ + openpam_strlcat.c \ + openpam_strlcpy.c \ openpam_straddch.c \ openpam_subst.c \ + openpam_vasprintf.c \ openpam_ttyconv.c \ pam_acct_mgmt.c \ pam_authenticate.c \ @@ -331,9 +442,9 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/libpam/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign lib/Makefile + $(AUTOMAKE) --foreign lib/libpam/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -352,9 +463,9 @@ $(top_srcdir)/configure: $(am__configure_deps) $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ list2=; for p in $$list; do \ if test -f $$p; then \ @@ -362,6 +473,8 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) else :; fi; \ done; \ test -z "$$list2" || { \ + echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ } @@ -377,14 +490,17 @@ uninstall-libLTLIBRARIES: clean-libLTLIBRARIES: -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -libpam.la: $(libpam_la_OBJECTS) $(libpam_la_DEPENDENCIES) - $(libpam_la_LINK) -rpath $(libdir) $(libpam_la_OBJECTS) $(libpam_la_LIBADD) $(LIBS) + @list='$(lib_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +libpam.la: $(libpam_la_OBJECTS) $(libpam_la_DEPENDENCIES) $(EXTRA_libpam_la_DEPENDENCIES) + $(AM_V_CCLD)$(libpam_la_LINK) -rpath $(libdir) $(libpam_la_OBJECTS) $(libpam_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -392,6 +508,7 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_asprintf.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_borrow_cred.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_check_owner_perms.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_configure.Plo@am__quote@ @@ -415,8 +532,11 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_set_option.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_static.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_straddch.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_strlcat.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_strlcpy.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_subst.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_ttyconv.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openpam_vasprintf.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_acct_mgmt.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_authenticate.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_chauthtok.Plo@am__quote@ @@ -444,25 +564,25 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_vprompt.Plo@am__quote@ .c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo @@ -470,26 +590,15 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ + $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ @@ -501,15 +610,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $$unique; \ fi; \ fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique @@ -518,6 +623,21 @@ GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -569,10 +689,15 @@ install-am: all-am installcheck: installcheck-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi mostlyclean-generic: clean-generic: @@ -657,19 +782,19 @@ uninstall-am: uninstall-libLTLIBRARIES .MAKE: install-am install-strip -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ - clean-libLTLIBRARIES clean-libtool ctags distclean \ - distclean-compile distclean-generic distclean-libtool \ - distclean-tags distdir dvi dvi-am html html-am info info-am \ - install install-am install-data install-data-am install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am \ - install-libLTLIBRARIES install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \ + ctags-am distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-libLTLIBRARIES install-man install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ + installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-libLTLIBRARIES + tags tags-am uninstall uninstall-am uninstall-libLTLIBRARIES # Tell versions [3.59,3.63) of GNU make to not export all variables. diff --git a/lib/libpam/openpam_asprintf.c b/lib/libpam/openpam_asprintf.c new file mode 100644 index 0000000..3169f4b --- /dev/null +++ b/lib/libpam/openpam_asprintf.c @@ -0,0 +1,57 @@ +/*- + * Copyright (c) 2012 Dag-Erling Smørgrav + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: openpam_asprintf.c 648 2013-03-05 17:54:27Z des $ + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#ifndef HAVE_ASPRINTF + +#include <stdarg.h> +#include <stdio.h> + +#include "openpam_asprintf.h" +#include "openpam_vasprintf.h" + +/* like sprintf(3), but allocates memory for the result. */ +int +openpam_asprintf(char **str, const char *fmt, ...) +{ + va_list ap; + int ret; + + va_start(ap, fmt); + ret = vasprintf(str, fmt, ap); + va_end(ap); + return (ret); +} + +#endif diff --git a/lib/libpam/openpam_asprintf.h b/lib/libpam/openpam_asprintf.h new file mode 100644 index 0000000..6d9e4e3 --- /dev/null +++ b/lib/libpam/openpam_asprintf.h @@ -0,0 +1,41 @@ +/*- + * Copyright (c) 2012 Dag-Erling Smørgrav + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: openpam_asprintf.h 648 2013-03-05 17:54:27Z des $ + */ + +#ifndef OPENPAM_ASPRINTF_H_INCLUDED +#define OPENPAM_ASPRINTF_H_INCLUDED + +#ifndef HAVE_ASPRINTF +int openpam_asprintf(char **, const char *, ...); +#undef asprintf +#define asprintf(arg, ...) openpam_asprintf(arg, __VA_ARGS__) +#endif + +#endif diff --git a/lib/libpam/openpam_borrow_cred.c b/lib/libpam/openpam_borrow_cred.c index e0dfc55..1b407bd 100644 --- a/lib/libpam/openpam_borrow_cred.c +++ b/lib/libpam/openpam_borrow_cred.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_borrow_cred.c 437 2011-09-13 12:00:13Z des $ + * $Id: openpam_borrow_cred.c 649 2013-03-05 17:58:33Z des $ */ #ifdef HAVE_CONFIG_H @@ -50,6 +50,7 @@ #include <security/pam_appl.h> #include "openpam_impl.h" +#include "openpam_cred.h" /* * OpenPAM extension @@ -68,12 +69,12 @@ openpam_borrow_cred(pam_handle_t *pamh, ENTERI(pwd->pw_uid); r = pam_get_data(pamh, PAM_SAVED_CRED, &scredp); if (r == PAM_SUCCESS && scredp != NULL) { - openpam_log(PAM_LOG_DEBUG, + openpam_log(PAM_LOG_LIBDEBUG, "already operating under borrowed credentials"); RETURNC(PAM_SYSTEM_ERR); } if (geteuid() != 0 && geteuid() != pwd->pw_uid) { - openpam_log(PAM_LOG_DEBUG, "called with non-zero euid: %d", + openpam_log(PAM_LOG_LIBDEBUG, "called with non-zero euid: %d", (int)geteuid()); RETURNC(PAM_PERM_DENIED); } diff --git a/lib/libpam/openpam_check_owner_perms.c b/lib/libpam/openpam_check_owner_perms.c index d3b2ca9..c8a598a 100644 --- a/lib/libpam/openpam_check_owner_perms.c +++ b/lib/libpam/openpam_check_owner_perms.c @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_check_owner_perms.c 543 2012-03-31 22:11:34Z des $ + * $Id: openpam_check_owner_perms.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_configure.c b/lib/libpam/openpam_configure.c index 8172a6f..1a43dc7 100644 --- a/lib/libpam/openpam_configure.c +++ b/lib/libpam/openpam_configure.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_configure.c 612 2012-05-26 23:02:55Z des $ + * $Id: openpam_configure.c 667 2013-03-17 14:24:00Z des $ */ #ifdef HAVE_CONFIG_H @@ -41,7 +41,6 @@ #include <sys/param.h> -#include <ctype.h> #include <errno.h> #include <stdio.h> #include <stdlib.h> @@ -308,14 +307,6 @@ fail: return (-1); } -static const char *openpam_policy_path[] = { - "/etc/pam.d/", - "/etc/pam.conf", - "/usr/local/etc/pam.d/", - "/usr/local/etc/pam.conf", - NULL -}; - /* * Read the specified chains from the specified file. * diff --git a/lib/libpam/openpam_constants.c b/lib/libpam/openpam_constants.c index 833e81f..1cdd810 100644 --- a/lib/libpam/openpam_constants.c +++ b/lib/libpam/openpam_constants.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_constants.c 491 2011-11-12 00:12:32Z des $ + * $Id: openpam_constants.c 690 2013-08-15 13:22:51Z des $ */ #ifdef HAVE_CONFIG_H @@ -125,3 +125,21 @@ const char *pam_sm_func_name[PAM_NUM_PRIMITIVES] = { "pam_sm_close_session", "pam_sm_chauthtok" }; + +const char *openpam_policy_path[] = { + "/etc/pam.d/", + "/etc/pam.conf", + "/usr/local/etc/pam.d/", + "/usr/local/etc/pam.conf", + NULL +}; + +const char *openpam_module_path[] = { +#ifdef OPENPAM_MODULES_DIRECTORY + OPENPAM_MODULES_DIRECTORY, +#else + "/usr/lib", + "/usr/local/lib", +#endif + NULL +}; diff --git a/lib/libpam/openpam_constants.h b/lib/libpam/openpam_constants.h index a7d6ce8..a42b4fa 100644 --- a/lib/libpam/openpam_constants.h +++ b/lib/libpam/openpam_constants.h @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_constants.h 606 2012-04-20 11:06:38Z des $ + * $Id: openpam_constants.h 659 2013-03-11 14:10:13Z des $ */ #ifndef OPENPAM_CONSTANTS_H_INCLUDED @@ -40,4 +39,7 @@ extern const char *pam_control_flag_name[PAM_NUM_CONTROL_FLAGS]; extern const char *pam_func_name[PAM_NUM_PRIMITIVES]; extern const char *pam_sm_func_name[PAM_NUM_PRIMITIVES]; +extern const char *openpam_policy_path[]; +extern const char *openpam_module_path[]; + #endif diff --git a/lib/libpam/openpam_cred.h b/lib/libpam/openpam_cred.h new file mode 100644 index 0000000..68e2fd9 --- /dev/null +++ b/lib/libpam/openpam_cred.h @@ -0,0 +1,52 @@ +/*- + * Copyright (c) 2001-2003 Networks Associates Technology, Inc. + * Copyright (c) 2004-2011 Dag-Erling Smørgrav + * All rights reserved. + * + * This software was developed for the FreeBSD Project by ThinkSec AS and + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: openpam_cred.h 648 2013-03-05 17:54:27Z des $ + */ + +#ifndef OPENPAM_CRED_H_INCLUDED +#define OPENPAM_CRED_H_INCLUDED + +/* + * Saved credentials + */ +#define PAM_SAVED_CRED "pam_saved_cred" +struct pam_saved_cred { + uid_t euid; + gid_t egid; + gid_t groups[NGROUPS_MAX]; + int ngroups; +}; + +#endif diff --git a/lib/libpam/openpam_ctype.h b/lib/libpam/openpam_ctype.h index b3ec846..4f5888d 100644 --- a/lib/libpam/openpam_ctype.h +++ b/lib/libpam/openpam_ctype.h @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,13 +26,37 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_ctype.h 578 2012-04-06 00:45:59Z des $ + * $Id: openpam_ctype.h 666 2013-03-17 14:22:17Z des $ */ #ifndef OPENPAM_CTYPE_H_INCLUDED #define OPENPAM_CTYPE_H_INCLUDED /* + * Evaluates to non-zero if the argument is a digit. + */ +#define is_digit(ch) \ + (ch >= '0' && ch <= '9') + +/* + * Evaluates to non-zero if the argument is an uppercase letter. + */ +#define is_upper(ch) \ + (ch >= 'A' && ch <= 'A') + +/* + * Evaluates to non-zero if the argument is a lowercase letter. + */ +#define is_lower(ch) \ + (ch >= 'a' && ch <= 'z') + +/* + * Evaluates to non-zero if the argument is a letter. + */ +#define is_letter(ch) \ + (is_upper(ch) || is_lower(ch)) + +/* * Evaluates to non-zero if the argument is a linear whitespace character. * For the purposes of this macro, the definition of linear whitespace is * extended to include the form feed and carraige return characters. @@ -60,9 +83,7 @@ * of ASCII. */ #define is_pfcs(ch) \ - ((ch >= '0' && ch <= '9') || \ - (ch >= 'A' && ch <= 'Z') || \ - (ch >= 'a' && ch <= 'z') || \ + (is_digit(ch) || is_letter(ch) || \ ch == '.' || ch == '_' || ch == '-') #endif diff --git a/lib/libpam/openpam_debug.h b/lib/libpam/openpam_debug.h index 050783e..1fe8346 100644 --- a/lib/libpam/openpam_debug.h +++ b/lib/libpam/openpam_debug.h @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_debug.h 606 2012-04-20 11:06:38Z des $ + * $Id: openpam_debug.h 648 2013-03-05 17:54:27Z des $ */ #ifndef OPENPAM_DEBUG_H_INCLUDED diff --git a/lib/libpam/openpam_dispatch.c b/lib/libpam/openpam_dispatch.c index 54dfd3b..0dcc732 100644 --- a/lib/libpam/openpam_dispatch.c +++ b/lib/libpam/openpam_dispatch.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_dispatch.c 501 2011-12-07 01:28:05Z des $ + * $Id: openpam_dispatch.c 649 2013-03-05 17:58:33Z des $ */ #ifdef HAVE_CONFIG_H @@ -112,12 +112,12 @@ openpam_dispatch(pam_handle_t *pamh, debug = (openpam_get_option(pamh, "debug") != NULL); if (debug) ++openpam_debug; - openpam_log(PAM_LOG_DEBUG, "calling %s() in %s", + openpam_log(PAM_LOG_LIBDEBUG, "calling %s() in %s", pam_sm_func_name[primitive], chain->module->path); r = (chain->module->func[primitive])(pamh, flags, chain->optc, (const char **)chain->optv); pamh->current = NULL; - openpam_log(PAM_LOG_DEBUG, "%s: %s(): %s", + openpam_log(PAM_LOG_LIBDEBUG, "%s: %s(): %s", chain->module->path, pam_sm_func_name[primitive], pam_strerror(pamh, r)); if (debug) @@ -152,7 +152,7 @@ openpam_dispatch(pam_handle_t *pamh, err = r; if ((chain->flag == PAM_REQUIRED || chain->flag == PAM_BINDING) && !fail) { - openpam_log(PAM_LOG_DEBUG, "required module failed"); + openpam_log(PAM_LOG_LIBDEBUG, "required module failed"); fail = 1; err = r; } @@ -162,7 +162,7 @@ openpam_dispatch(pam_handle_t *pamh, * immediately. */ if (chain->flag == PAM_REQUISITE) { - openpam_log(PAM_LOG_DEBUG, "requisite module failed"); + openpam_log(PAM_LOG_LIBDEBUG, "requisite module failed"); fail = 1; break; } @@ -179,6 +179,7 @@ openpam_check_error_code(int primitive, int r) { /* common error codes */ if (r == PAM_SUCCESS || + r == PAM_SYSTEM_ERR || r == PAM_SERVICE_ERR || r == PAM_BUF_ERR || r == PAM_CONV_ERR || diff --git a/lib/libpam/openpam_dlfunc.h b/lib/libpam/openpam_dlfunc.h new file mode 100644 index 0000000..a92ab9c --- /dev/null +++ b/lib/libpam/openpam_dlfunc.h @@ -0,0 +1,43 @@ +/*- + * Copyright (c) 2013 Dag-Erling Smørgrav + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: openpam_dlfunc.h 660 2013-03-11 15:08:52Z des $ + */ + +#ifndef OPENPAM_DLFCN_H_INCLUDED +#define OPENPAM_DLFCN_H_INCLUDED + +#ifndef HAVE_DLFUNC +typedef void (*dlfunc_t)(); + +static inline dlfunc_t +dlfunc(void *handle, const char *symbol) +{ + + return ((dlfunc_t)dlsym(handle, symbol)); +} +#endif + +#endif diff --git a/lib/libpam/openpam_dynamic.c b/lib/libpam/openpam_dynamic.c index 1dfc1ac..27cd4e6 100644 --- a/lib/libpam/openpam_dynamic.c +++ b/lib/libpam/openpam_dynamic.c @@ -32,16 +32,18 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_dynamic.c 607 2012-04-20 11:09:37Z des $ + * $Id: openpam_dynamic.c 683 2013-04-14 14:49:59Z des $ */ #ifdef HAVE_CONFIG_H # include "config.h" #endif +#include <sys/param.h> + #include <dlfcn.h> -#include <fcntl.h> #include <errno.h> +#include <fcntl.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -50,6 +52,9 @@ #include <security/pam_appl.h> #include "openpam_impl.h" +#include "openpam_asprintf.h" +#include "openpam_ctype.h" +#include "openpam_dlfunc.h" #ifndef RTLD_NOW #define RTLD_NOW RTLD_LAZY @@ -68,8 +73,12 @@ try_dlopen(const char *modfn) void *dlh; int fd; - if ((fd = open(modfn, O_RDONLY)) < 0) + openpam_log(PAM_LOG_LIBDEBUG, "dlopen(%s)", modfn); + if ((fd = open(modfn, O_RDONLY)) < 0) { + if (errno != ENOENT) + openpam_log(PAM_LOG_ERROR, "%s: %m", modfn); return (NULL); + } if (OPENPAM_FEATURE(VERIFY_MODULE_FILE) && openpam_check_desc_owner_perms(modfn, fd) != 0) { close(fd); @@ -91,6 +100,7 @@ try_dlopen(const char *modfn) int check_module_file; void *dlh; + openpam_log(PAM_LOG_LIBDEBUG, "dlopen(%s)", modfn); openpam_get_feature(OPENPAM_VERIFY_MODULE_FILE, &check_module_file); if (check_module_file && @@ -106,83 +116,147 @@ try_dlopen(const char *modfn) #endif /* - * OpenPAM internal - * - * Locate a dynamically linked module + * Try to load a module from the suggested location. */ - -pam_module_t * -openpam_dynamic(const char *path) +static pam_module_t * +try_module(const char *modpath) { const pam_module_t *dlmodule; pam_module_t *module; - const char *prefix; - char *vpath; - void *dlh; int i, serrno; - dlh = NULL; - - /* Prepend the standard prefix if not an absolute pathname. */ - if (path[0] != '/') - prefix = OPENPAM_MODULES_DIR; - else - prefix = ""; - - /* try versioned module first, then unversioned module */ - if (asprintf(&vpath, "%s%s.%d", prefix, path, LIB_MAJ) < 0) + if ((module = calloc(1, sizeof *module)) == NULL || + (module->path = strdup(modpath)) == NULL || + (module->dlh = try_dlopen(modpath)) == NULL) goto err; - if ((dlh = try_dlopen(vpath)) == NULL && errno == ENOENT) { - *strrchr(vpath, '.') = '\0'; - dlh = try_dlopen(vpath); - } - if (dlh == NULL) - goto err; - if ((module = calloc(1, sizeof *module)) == NULL) - goto buf_err; - if ((module->path = strdup(path)) == NULL) - goto buf_err; - module->dlh = dlh; - dlmodule = dlsym(dlh, "_pam_module"); + dlmodule = dlsym(module->dlh, "_pam_module"); for (i = 0; i < PAM_NUM_PRIMITIVES; ++i) { if (dlmodule) { module->func[i] = dlmodule->func[i]; } else { - module->func[i] = - (pam_func_t)dlsym(dlh, pam_sm_func_name[i]); + module->func[i] = (pam_func_t)dlfunc(module->dlh, + pam_sm_func_name[i]); /* * This openpam_log() call is a major source of * log spam, and the cases that matter are caught * and logged in openpam_dispatch(). This would * be less problematic if dlerror() returned an * error code so we could log an error only when - * dlsym() failed for a reason other than "no such - * symbol". + * dlfunc() failed for a reason other than "no + * such symbol". */ #if 0 if (module->func[i] == NULL) - openpam_log(PAM_LOG_DEBUG, "%s: %s(): %s", - path, pam_sm_func_name[i], dlerror()); + openpam_log(PAM_LOG_LIBDEBUG, "%s: %s(): %s", + modpath, pam_sm_func_name[i], dlerror()); #endif } } - FREE(vpath); return (module); -buf_err: - serrno = errno; - if (dlh != NULL) - dlclose(dlh); - FREE(module); - errno = serrno; err: serrno = errno; - if (errno != 0) - openpam_log(PAM_LOG_ERROR, "%s: %m", vpath); - FREE(vpath); + if (module != NULL) { + if (module->dlh != NULL) + dlclose(module->dlh); + if (module->path != NULL) + FREE(module->path); + FREE(module); + } + errno = serrno; + if (serrno != 0 && serrno != ENOENT) + openpam_log(PAM_LOG_ERROR, "%s: %m", modpath); errno = serrno; return (NULL); } /* + * OpenPAM internal + * + * Locate a dynamically linked module + */ + +pam_module_t * +openpam_dynamic(const char *modname) +{ + pam_module_t *module; + char modpath[PATH_MAX]; + const char **path, *p; + int has_so, has_ver; + int dot, len; + + /* + * Simple case: module name contains path separator(s) + */ + if (strchr(modname, '/') != NULL) { + /* + * Absolute paths are not allowed if RESTRICT_MODULE_NAME + * is in effect (default off). Relative paths are never + * allowed. + */ + if (OPENPAM_FEATURE(RESTRICT_MODULE_NAME) || + modname[0] != '/') { + openpam_log(PAM_LOG_ERROR, + "invalid module name: %s", modname); + return (NULL); + } + return (try_module(modname)); + } + + /* + * Check for .so and version sufixes + */ + p = strchr(modname, '\0'); + has_ver = has_so = 0; + while (is_digit(*p)) + --p; + if (*p == '.' && *++p != '\0') { + /* found a numeric suffix */ + has_ver = 1; + /* assume that .so is either present or unneeded */ + has_so = 1; + } else if (*p == '\0' && p >= modname + sizeof PAM_SOEXT && + strcmp(p - sizeof PAM_SOEXT + 1, PAM_SOEXT) == 0) { + /* found .so suffix */ + has_so = 1; + } + + /* + * Complicated case: search for the module in the usual places. + */ + for (path = openpam_module_path; *path != NULL; ++path) { + /* + * Assemble the full path, including the version suffix. Take + * note of where the suffix begins so we can cut it off later. + */ + if (has_ver) + len = snprintf(modpath, sizeof modpath, "%s/%s%n", + *path, modname, &dot); + else if (has_so) + len = snprintf(modpath, sizeof modpath, "%s/%s%n.%d", + *path, modname, &dot, LIB_MAJ); + else + len = snprintf(modpath, sizeof modpath, "%s/%s%s%n.%d", + *path, modname, PAM_SOEXT, &dot, LIB_MAJ); + /* check for overflow */ + if (len < 0 || (unsigned int)len >= sizeof modpath) { + errno = ENOENT; + continue; + } + /* try the versioned path */ + if ((module = try_module(modpath)) != NULL) + return (module); + if (errno == ENOENT && modpath[dot] != '\0') { + /* no luck, try the unversioned path */ + modpath[dot] = '\0'; + if ((module = try_module(modpath)) != NULL) + return (module); + } + } + + /* :( */ + return (NULL); +} + +/* * NOPARSE */ diff --git a/lib/libpam/openpam_features.c b/lib/libpam/openpam_features.c index 586fc2a..8ca8828 100644 --- a/lib/libpam/openpam_features.c +++ b/lib/libpam/openpam_features.c @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_features.c 608 2012-05-17 16:00:13Z des $ + * $Id: openpam_features.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_features.h b/lib/libpam/openpam_features.h index 227b1a9..00cac1c 100644 --- a/lib/libpam/openpam_features.h +++ b/lib/libpam/openpam_features.h @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id$ + * $Id: openpam_features.h 648 2013-03-05 17:54:27Z des $ */ #ifndef OPENPAM_FEATURES_H_INCLUDED diff --git a/lib/libpam/openpam_findenv.c b/lib/libpam/openpam_findenv.c index b833ec9..3512c3f 100644 --- a/lib/libpam/openpam_findenv.c +++ b/lib/libpam/openpam_findenv.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_findenv.c 437 2011-09-13 12:00:13Z des $ + * $Id: openpam_findenv.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_free_data.c b/lib/libpam/openpam_free_data.c index 561687c..8f3d852 100644 --- a/lib/libpam/openpam_free_data.c +++ b/lib/libpam/openpam_free_data.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_free_data.c 437 2011-09-13 12:00:13Z des $ + * $Id: openpam_free_data.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_free_envlist.c b/lib/libpam/openpam_free_envlist.c index 14754dc..dda0615 100644 --- a/lib/libpam/openpam_free_envlist.c +++ b/lib/libpam/openpam_free_envlist.c @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -25,7 +24,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $Id: openpam_free_envlist.c 447 2011-10-22 02:47:36Z des $ + * $Id: openpam_free_envlist.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_get_feature.c b/lib/libpam/openpam_get_feature.c index b552357..ad3d9b3a 100644 --- a/lib/libpam/openpam_get_feature.c +++ b/lib/libpam/openpam_get_feature.c @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_get_feature.c 608 2012-05-17 16:00:13Z des $ + * $Id: openpam_get_feature.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_get_option.c b/lib/libpam/openpam_get_option.c index 1f62d21..2cf5e87 100644 --- a/lib/libpam/openpam_get_option.c +++ b/lib/libpam/openpam_get_option.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_get_option.c 531 2012-03-31 14:24:37Z des $ + * $Id: openpam_get_option.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_impl.h b/lib/libpam/openpam_impl.h index 9e8b45f..c533acb 100644 --- a/lib/libpam/openpam_impl.h +++ b/lib/libpam/openpam_impl.h @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_impl.h 594 2012-04-14 14:18:41Z des $ + * $Id: openpam_impl.h 648 2013-03-05 17:54:27Z des $ */ #ifndef OPENPAM_IMPL_H_INCLUDED @@ -122,19 +122,6 @@ struct pam_handle { int env_size; }; -#ifdef NGROUPS_MAX -/* - * Saved credentials - */ -#define PAM_SAVED_CRED "pam_saved_cred" -struct pam_saved_cred { - uid_t euid; - gid_t egid; - gid_t groups[NGROUPS_MAX]; - int ngroups; -}; -#endif - /* * Default policy */ diff --git a/lib/libpam/openpam_load.c b/lib/libpam/openpam_load.c index 871d1a8..a926dbd 100644 --- a/lib/libpam/openpam_load.c +++ b/lib/libpam/openpam_load.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_load.c 547 2012-04-01 15:01:21Z des $ + * $Id: openpam_load.c 664 2013-03-17 10:56:15Z des $ */ #ifdef HAVE_CONFIG_H @@ -52,24 +52,24 @@ */ pam_module_t * -openpam_load_module(const char *path) +openpam_load_module(const char *modulename) { pam_module_t *module; - module = openpam_dynamic(path); + module = openpam_dynamic(modulename); openpam_log(PAM_LOG_DEBUG, "%s dynamic %s", - (module == NULL) ? "no" : "using", path); + (module == NULL) ? "no" : "using", modulename); #ifdef OPENPAM_STATIC_MODULES /* look for a static module */ - if (module == NULL && strchr(path, '/') == NULL) { - module = openpam_static(path); + if (module == NULL && strchr(modulename, '/') == NULL) { + module = openpam_static(modulename); openpam_log(PAM_LOG_DEBUG, "%s static %s", - (module == NULL) ? "no" : "using", path); + (module == NULL) ? "no" : "using", modulename); } #endif if (module == NULL) { - openpam_log(PAM_LOG_ERROR, "no %s found", path); + openpam_log(PAM_LOG_ERROR, "no %s found", modulename); return (NULL); } return (module); diff --git a/lib/libpam/openpam_log.c b/lib/libpam/openpam_log.c index 2b89f6c..e52ca95 100644 --- a/lib/libpam/openpam_log.c +++ b/lib/libpam/openpam_log.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_log.c 544 2012-03-31 22:47:15Z des $ + * $Id: openpam_log.c 686 2013-07-11 16:36:02Z des $ */ #ifdef HAVE_CONFIG_H @@ -48,12 +48,9 @@ #include <security/pam_appl.h> #include "openpam_impl.h" +#include "openpam_asprintf.h" -#ifdef OPENPAM_DEBUG -int openpam_debug = 1; -#else int openpam_debug = 0; -#endif #if !defined(openpam_log) @@ -68,6 +65,7 @@ openpam_log(int level, const char *fmt, ...) { va_list ap; int priority; + int serrno; switch (level) { case PAM_LOG_LIBDEBUG: @@ -87,9 +85,11 @@ openpam_log(int level, const char *fmt, ...) priority = LOG_ERR; break; } + serrno = errno; va_start(ap, fmt); vsyslog(priority, fmt, ap); va_end(ap); + errno = serrno; } #else @@ -120,8 +120,8 @@ _openpam_log(int level, const char *func, const char *fmt, ...) priority = LOG_ERR; break; } - va_start(ap, fmt); serrno = errno; + va_start(ap, fmt); if (asprintf(&format, "in %s(): %s", func, fmt) > 0) { errno = serrno; vsyslog(priority, format, ap); @@ -131,6 +131,7 @@ _openpam_log(int level, const char *func, const char *fmt, ...) vsyslog(priority, fmt, ap); } va_end(ap); + errno = serrno; } #endif @@ -167,4 +168,6 @@ _openpam_log(int level, const char *func, const char *fmt, ...) * * The remaining arguments are a =printf format string and the * corresponding arguments. + * + * The =openpam_log function does not modify the value of :errno. */ diff --git a/lib/libpam/openpam_nullconv.c b/lib/libpam/openpam_nullconv.c index a95b1e0..49c71ba 100644 --- a/lib/libpam/openpam_nullconv.c +++ b/lib/libpam/openpam_nullconv.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_nullconv.c 437 2011-09-13 12:00:13Z des $ + * $Id: openpam_nullconv.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_readline.c b/lib/libpam/openpam_readline.c index 047ab8369..e3ed9b0 100644 --- a/lib/libpam/openpam_readline.c +++ b/lib/libpam/openpam_readline.c @@ -32,14 +32,13 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_readline.c 596 2012-04-14 14:52:40Z des $ + * $Id: openpam_readline.c 703 2013-08-16 11:57:54Z des $ */ #ifdef HAVE_CONFIG_H # include "config.h" #endif -#include <ctype.h> #include <stdio.h> #include <stdlib.h> @@ -101,7 +100,6 @@ openpam_readline(FILE *f, int *lineno, size_t *lenp) goto fail; if (lenp != NULL) *lenp = len; - openpam_log(PAM_LOG_LIBDEBUG, "returning '%s'", line); return (line); fail: FREE(line); diff --git a/lib/libpam/openpam_readlinev.c b/lib/libpam/openpam_readlinev.c index 5a43b61..5edc368 100644 --- a/lib/libpam/openpam_readlinev.c +++ b/lib/libpam/openpam_readlinev.c @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_readlinev.c 588 2012-04-08 11:52:25Z des $ + * $Id: openpam_readlinev.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_readword.c b/lib/libpam/openpam_readword.c index 1c0e9b6..5a4330c 100644 --- a/lib/libpam/openpam_readword.c +++ b/lib/libpam/openpam_readword.c @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_readword.c 588 2012-04-08 11:52:25Z des $ + * $Id: openpam_readword.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_restore_cred.c b/lib/libpam/openpam_restore_cred.c index 41d44d0..8a150cc 100644 --- a/lib/libpam/openpam_restore_cred.c +++ b/lib/libpam/openpam_restore_cred.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_restore_cred.c 437 2011-09-13 12:00:13Z des $ + * $Id: openpam_restore_cred.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H @@ -50,6 +50,7 @@ #include <security/pam_appl.h> #include "openpam_impl.h" +#include "openpam_cred.h" /* * OpenPAM extension diff --git a/lib/libpam/openpam_set_feature.c b/lib/libpam/openpam_set_feature.c index 4f6a4a5..8e95f3e 100644 --- a/lib/libpam/openpam_set_feature.c +++ b/lib/libpam/openpam_set_feature.c @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_set_feature.c 608 2012-05-17 16:00:13Z des $ + * $Id: openpam_set_feature.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_set_option.c b/lib/libpam/openpam_set_option.c index 1712a71..1c06d61 100644 --- a/lib/libpam/openpam_set_option.c +++ b/lib/libpam/openpam_set_option.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_set_option.c 532 2012-03-31 14:24:53Z des $ + * $Id: openpam_set_option.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H @@ -48,6 +48,7 @@ #include <security/pam_appl.h> #include "openpam_impl.h" +#include "openpam_asprintf.h" /* * OpenPAM extension diff --git a/lib/libpam/openpam_static.c b/lib/libpam/openpam_static.c index 40b807c..302b3f4 100644 --- a/lib/libpam/openpam_static.c +++ b/lib/libpam/openpam_static.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_static.c 437 2011-09-13 12:00:13Z des $ + * $Id: openpam_static.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_straddch.c b/lib/libpam/openpam_straddch.c index 9845cc6..522405c 100644 --- a/lib/libpam/openpam_straddch.c +++ b/lib/libpam/openpam_straddch.c @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_straddch.c 568 2012-04-05 14:35:53Z des $ + * $Id: openpam_straddch.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H @@ -66,7 +65,7 @@ openpam_straddch(char **str, size_t *size, size_t *len, int ch) *str = tmpstr; *size = tmpsize; *len = 0; - } else if (*len + 1 >= *size) { + } else if (ch != 0 && *len + 1 >= *size) { /* additional space required */ tmpsize = *size * 2; if ((tmpstr = realloc(*str, tmpsize)) == NULL) { @@ -77,8 +76,10 @@ openpam_straddch(char **str, size_t *size, size_t *len, int ch) *size = tmpsize; *str = tmpstr; } - (*str)[*len] = ch; - ++*len; + if (ch != 0) { + (*str)[*len] = ch; + ++*len; + } (*str)[*len] = '\0'; return (0); } @@ -95,6 +96,11 @@ openpam_straddch(char **str, size_t *size, size_t *len, int ch) * The =size and =len argument point to variables used to hold the size * of the buffer and the length of the string it contains, respectively. * + * The final argument, =ch, is the character that should be appended to + * the string. If =ch is 0, nothing is appended, but a new buffer is + * still allocated if =str is NULL. This can be used to "bootstrap" the + * string. + * * If a new buffer is allocated or an existing buffer is reallocated to * make room for the additional character, =str and =size are updated * accordingly. @@ -103,7 +109,7 @@ openpam_straddch(char **str, size_t *size, size_t *len, int ch) * NUL-terminated. * * If the =openpam_straddch function is successful, it increments the - * integer variable pointed to by =len and returns 0. + * integer variable pointed to by =len (unless =ch was 0) and returns 0. * Otherwise, it leaves the variables pointed to by =str, =size and =len * unmodified, sets :errno to =ENOMEM and returns -1. * diff --git a/lib/libpam/openpam_strlcat.c b/lib/libpam/openpam_strlcat.c new file mode 100644 index 0000000..64ba9ab --- /dev/null +++ b/lib/libpam/openpam_strlcat.c @@ -0,0 +1,58 @@ +/*- + * Copyright (c) 2011-2012 Dag-Erling Smørgrav + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: openpam_strlcat.c 648 2013-03-05 17:54:27Z des $ + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#ifndef HAVE_STRLCAT + +#include <stddef.h> + +#include "openpam_strlcat.h" + +/* like strcat(3), but always NUL-terminates; returns strlen(src) */ +size_t +openpam_strlcat(char *dst, const char *src, size_t size) +{ + size_t len; + + for (len = 0; *dst && size > 1; ++len, --size) + dst++; + for (; *src && size > 1; ++len, --size) + *dst++ = *src++; + *dst = '\0'; + while (*src) + ++len, ++src; + return (len); +} + +#endif diff --git a/lib/libpam/openpam_strlcat.h b/lib/libpam/openpam_strlcat.h index 1f26693..d099346 100644 --- a/lib/libpam/openpam_strlcat.h +++ b/lib/libpam/openpam_strlcat.h @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,28 +26,16 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_strlcat.h 578 2012-04-06 00:45:59Z des $ + * $Id: openpam_strlcat.h 648 2013-03-05 17:54:27Z des $ */ #ifndef OPENPAM_STRLCAT_H_INCLUDED #define OPENPAM_STRLCAT_H_INCLUDED #ifndef HAVE_STRLCAT -/* like strcat(3), but always NUL-terminates; returns strlen(src) */ -static size_t -strlcat(char *dst, const char *src, size_t size) -{ - size_t len; - - for (len = 0; *dst && size > 1; ++len, --size) - dst++; - for (; *src && size > 1; ++len, --size) - *dst++ = *src++; - *dst = '\0'; - while (*src) - ++len, ++src; - return (len); -} +size_t openpam_strlcat(char *, const char *, size_t); +#undef strlcat +#define strlcat(arg, ...) openpam_strlcat(arg, __VA_ARGS__) #endif #endif diff --git a/lib/libpam/openpam_strlcmp.h b/lib/libpam/openpam_strlcmp.h index 2a78e0f..d003838 100644 --- a/lib/libpam/openpam_strlcmp.h +++ b/lib/libpam/openpam_strlcmp.h @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_strlcmp.h 578 2012-04-06 00:45:59Z des $ + * $Id: openpam_strlcmp.h 648 2013-03-05 17:54:27Z des $ */ #ifndef OPENPAM_STRLCMP_H_INCLUDED diff --git a/lib/libpam/openpam_strlcpy.c b/lib/libpam/openpam_strlcpy.c new file mode 100644 index 0000000..7a3d142 --- /dev/null +++ b/lib/libpam/openpam_strlcpy.c @@ -0,0 +1,56 @@ +/*- + * Copyright (c) 2011-2012 Dag-Erling Smørgrav + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: openpam_strlcpy.c 648 2013-03-05 17:54:27Z des $ + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#ifndef HAVE_STRLCPY + +#include <stddef.h> + +#include "openpam_strlcpy.h" + +/* like strcpy(3), but always NUL-terminates; returns strlen(src) */ +size_t +openpam_strlcpy(char *dst, const char *src, size_t size) +{ + size_t len; + + for (len = 0; *src && size > 1; ++len, --size) + *dst++ = *src++; + *dst = '\0'; + while (*src) + ++len, ++src; + return (len); +} + +#endif diff --git a/lib/libpam/openpam_strlcpy.h b/lib/libpam/openpam_strlcpy.h index 9c65548..8260c56 100644 --- a/lib/libpam/openpam_strlcpy.h +++ b/lib/libpam/openpam_strlcpy.h @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,26 +26,16 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_strlcpy.h 578 2012-04-06 00:45:59Z des $ + * $Id: openpam_strlcpy.h 648 2013-03-05 17:54:27Z des $ */ #ifndef OPENPAM_STRLCPY_H_INCLUDED #define OPENPAM_STRLCPY_H_INCLUDED #ifndef HAVE_STRLCPY -/* like strcpy(3), but always NUL-terminates; returns strlen(src) */ -static size_t -strlcpy(char *dst, const char *src, size_t size) -{ - size_t len; - - for (len = 0; *src && size > 1; ++len, --size) - *dst++ = *src++; - *dst = '\0'; - while (*src) - ++len, ++src; - return (len); -} +size_t openpam_strlcpy(char *, const char *, size_t); +#undef strlcpy +#define strlcpy(arg, ...) openpam_strlcpy(arg, __VA_ARGS__) #endif #endif diff --git a/lib/libpam/openpam_subst.c b/lib/libpam/openpam_subst.c index bab7a78..1a49734 100644 --- a/lib/libpam/openpam_subst.c +++ b/lib/libpam/openpam_subst.c @@ -6,8 +6,7 @@ * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. + * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. @@ -27,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_subst.c 543 2012-03-31 22:11:34Z des $ + * $Id: openpam_subst.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/openpam_ttyconv.c b/lib/libpam/openpam_ttyconv.c index 14a324d..e4b4459 100644 --- a/lib/libpam/openpam_ttyconv.c +++ b/lib/libpam/openpam_ttyconv.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: openpam_ttyconv.c 527 2012-02-26 03:23:59Z des $ + * $Id: openpam_ttyconv.c 688 2013-07-11 16:40:08Z des $ */ #ifdef HAVE_CONFIG_H @@ -40,10 +40,11 @@ #endif #include <sys/types.h> +#include <sys/poll.h> +#include <sys/time.h> -#include <ctype.h> #include <errno.h> -#include <setjmp.h> +#include <fcntl.h> #include <signal.h> #include <stdio.h> #include <stdlib.h> @@ -57,108 +58,253 @@ int openpam_ttyconv_timeout = 0; +volatile sig_atomic_t caught_signal; + +/* + * Handle incoming signals during tty conversation + */ static void -timeout(int sig) +catch_signal(int signo) { - (void)sig; + switch (signo) { + case SIGINT: + case SIGQUIT: + case SIGTERM: + caught_signal = signo; + break; + } } -static char * -prompt(const char *msg) +/* + * Accept a response from the user on a tty + */ +static int +prompt_tty(int ifd, int ofd, const char *message, char *response, int echo) { - char buf[PAM_MAX_RESP_SIZE]; - struct sigaction action, saved_action; - sigset_t saved_sigset, the_sigset; - unsigned int saved_alarm; - int eof, error, fd; - size_t len; - char *retval; + struct sigaction action; + struct sigaction saction_sigint, saction_sigquit, saction_sigterm; + struct termios tcattr; + struct timeval now, target, remaining; + int remaining_ms; + tcflag_t slflag; + struct pollfd pfd; + int serrno; + int pos, ret; char ch; - sigemptyset(&the_sigset); - sigaddset(&the_sigset, SIGINT); - sigaddset(&the_sigset, SIGTSTP); - sigprocmask(SIG_SETMASK, &the_sigset, &saved_sigset); - action.sa_handler = &timeout; + /* write prompt */ + if (write(ofd, message, strlen(message)) < 0) { + openpam_log(PAM_LOG_ERROR, "write(): %m"); + return (-1); + } + + /* turn echo off if requested */ + slflag = 0; /* prevent bogus uninitialized variable warning */ + if (!echo) { + if (tcgetattr(ifd, &tcattr) != 0) { + openpam_log(PAM_LOG_ERROR, "tcgetattr(): %m"); + return (-1); + } + slflag = tcattr.c_lflag; + tcattr.c_lflag &= ~ECHO; + if (tcsetattr(ifd, TCSAFLUSH, &tcattr) != 0) { + openpam_log(PAM_LOG_ERROR, "tcsetattr(): %m"); + return (-1); + } + } + + /* install signal handlers */ + caught_signal = 0; + action.sa_handler = &catch_signal; action.sa_flags = 0; - sigemptyset(&action.sa_mask); - sigaction(SIGALRM, &action, &saved_action); - fputs(msg, stdout); - fflush(stdout); -#ifdef HAVE_FPURGE - fpurge(stdin); -#endif - fd = fileno(stdin); - buf[0] = '\0'; - eof = error = 0; - saved_alarm = 0; - if (openpam_ttyconv_timeout >= 0) - saved_alarm = alarm(openpam_ttyconv_timeout); - ch = '\0'; - for (len = 0; ch != '\n' && !eof && !error; ++len) { - switch (read(fd, &ch, 1)) { - case 1: - if (len < PAM_MAX_RESP_SIZE - 1) { - buf[len + 1] = '\0'; - buf[len] = ch; - } + sigfillset(&action.sa_mask); + sigaction(SIGINT, &action, &saction_sigint); + sigaction(SIGQUIT, &action, &saction_sigquit); + sigaction(SIGTERM, &action, &saction_sigterm); + + /* compute timeout */ + if (openpam_ttyconv_timeout > 0) { + (void)gettimeofday(&now, NULL); + remaining.tv_sec = openpam_ttyconv_timeout; + remaining.tv_usec = 0; + timeradd(&now, &remaining, &target); + } else { + /* prevent bogus uninitialized variable warning */ + now.tv_sec = now.tv_usec = 0; + remaining.tv_sec = remaining.tv_usec = 0; + target.tv_sec = target.tv_usec = 0; + } + + /* input loop */ + pos = 0; + ret = -1; + serrno = 0; + while (!caught_signal) { + pfd.fd = ifd; + pfd.events = POLLIN; + pfd.revents = 0; + if (openpam_ttyconv_timeout > 0) { + gettimeofday(&now, NULL); + if (timercmp(&now, &target, >)) + break; + timersub(&target, &now, &remaining); + remaining_ms = remaining.tv_sec * 1000 + + remaining.tv_usec / 1000; + } else { + remaining_ms = -1; + } + if ((ret = poll(&pfd, 1, remaining_ms)) < 0) { + serrno = errno; + if (errno == EINTR) + continue; + openpam_log(PAM_LOG_ERROR, "poll(): %m"); break; - case 0: - eof = 1; + } else if (ret == 0) { + /* timeout */ + write(ofd, " timed out", 10); + openpam_log(PAM_LOG_NOTICE, "timed out"); break; - default: - error = errno; + } + if ((ret = read(ifd, &ch, 1)) < 0) { + serrno = errno; + openpam_log(PAM_LOG_ERROR, "read(): %m"); break; + } else if (ret == 0 || ch == '\n') { + response[pos] = '\0'; + ret = pos; + break; + } + if (pos + 1 < PAM_MAX_RESP_SIZE) + response[pos++] = ch; + /* overflow is discarded */ + } + + /* restore tty state */ + if (!echo) { + tcattr.c_lflag = slflag; + if (tcsetattr(ifd, 0, &tcattr) != 0) { + /* treat as non-fatal, since we have our answer */ + openpam_log(PAM_LOG_NOTICE, "tcsetattr(): %m"); } } - if (openpam_ttyconv_timeout >= 0) - alarm(0); - sigaction(SIGALRM, &saved_action, NULL); - sigprocmask(SIG_SETMASK, &saved_sigset, NULL); - if (saved_alarm > 0) - alarm(saved_alarm); - if (error == EINTR) - fputs(" timeout!", stderr); - if (error || eof) { - fputs("\n", stderr); - memset(buf, 0, sizeof(buf)); - return (NULL); + + /* restore signal handlers and re-post caught signal*/ + sigaction(SIGINT, &saction_sigint, NULL); + sigaction(SIGQUIT, &saction_sigquit, NULL); + sigaction(SIGTERM, &saction_sigterm, NULL); + if (caught_signal != 0) { + openpam_log(PAM_LOG_ERROR, "caught signal %d", + (int)caught_signal); + raise((int)caught_signal); + /* if raise() had no effect... */ + serrno = EINTR; + ret = -1; } - /* trim trailing whitespace */ - for (len = strlen(buf); len > 0; --len) - if (buf[len - 1] != '\r' && buf[len - 1] != '\n') - break; - buf[len] = '\0'; - retval = strdup(buf); - memset(buf, 0, sizeof(buf)); - return (retval); + + /* done */ + write(ofd, "\n", 1); + errno = serrno; + return (ret); } -static char * -prompt_echo_off(const char *msg) +/* + * Accept a response from the user on a non-tty stdin. + */ +static int +prompt_notty(const char *message, char *response) { - struct termios tattr; - tcflag_t lflag; - char *ret; - int fd; - - fd = fileno(stdin); - if (tcgetattr(fd, &tattr) != 0) { - openpam_log(PAM_LOG_ERROR, "tcgetattr(): %m"); - return (NULL); + struct timeval now, target, remaining; + int remaining_ms; + struct pollfd pfd; + int ch, pos, ret; + + /* show prompt */ + fputs(message, stdout); + fflush(stdout); + + /* compute timeout */ + if (openpam_ttyconv_timeout > 0) { + (void)gettimeofday(&now, NULL); + remaining.tv_sec = openpam_ttyconv_timeout; + remaining.tv_usec = 0; + timeradd(&now, &remaining, &target); + } else { + /* prevent bogus uninitialized variable warning */ + now.tv_sec = now.tv_usec = 0; + remaining.tv_sec = remaining.tv_usec = 0; + target.tv_sec = target.tv_usec = 0; } - lflag = tattr.c_lflag; - tattr.c_lflag &= ~ECHO; - if (tcsetattr(fd, TCSAFLUSH, &tattr) != 0) { - openpam_log(PAM_LOG_ERROR, "tcsetattr(): %m"); - return (NULL); + + /* input loop */ + pos = 0; + for (;;) { + pfd.fd = STDIN_FILENO; + pfd.events = POLLIN; + pfd.revents = 0; + if (openpam_ttyconv_timeout > 0) { + gettimeofday(&now, NULL); + if (timercmp(&now, &target, >)) + break; + timersub(&target, &now, &remaining); + remaining_ms = remaining.tv_sec * 1000 + + remaining.tv_usec / 1000; + } else { + remaining_ms = -1; + } + if ((ret = poll(&pfd, 1, remaining_ms)) < 0) { + /* interrupt is ok, everything else -> bail */ + if (errno == EINTR) + continue; + perror("\nopenpam_ttyconv"); + return (-1); + } else if (ret == 0) { + /* timeout */ + break; + } else { + /* input */ + if ((ch = getchar()) == EOF && ferror(stdin)) { + perror("\nopenpam_ttyconv"); + return (-1); + } + if (ch == EOF || ch == '\n') { + response[pos] = '\0'; + return (pos); + } + if (pos + 1 < PAM_MAX_RESP_SIZE) + response[pos++] = ch; + /* overflow is discarded */ + } + } + fputs("\nopenpam_ttyconv: timeout\n", stderr); + return (-1); +} + +/* + * Determine whether stdin is a tty; if not, try to open the tty; in + * either case, call the appropriate method. + */ +static int +prompt(const char *message, char *response, int echo) +{ + int ifd, ofd, ret; + + if (isatty(STDIN_FILENO)) { + fflush(stdout); +#ifdef HAVE_FPURGE + fpurge(stdin); +#endif + ifd = STDIN_FILENO; + ofd = STDOUT_FILENO; + } else { + if ((ifd = open("/dev/tty", O_RDWR)) < 0) + /* no way to prevent echo */ + return (prompt_notty(message, response)); + ofd = ifd; } - ret = prompt(msg); - tattr.c_lflag = lflag; - (void)tcsetattr(fd, TCSANOW, &tattr); - if (ret != NULL) - fputs("\n", stdout); + ret = prompt_tty(ifd, ofd, message, response, echo); + if (ifd != STDIN_FILENO) + close(ifd); return (ret); } @@ -174,6 +320,7 @@ openpam_ttyconv(int n, struct pam_response **resp, void *data) { + char respbuf[PAM_MAX_RESP_SIZE]; struct pam_response *aresp; int i; @@ -188,13 +335,13 @@ openpam_ttyconv(int n, aresp[i].resp = NULL; switch (msg[i]->msg_style) { case PAM_PROMPT_ECHO_OFF: - aresp[i].resp = prompt_echo_off(msg[i]->msg); - if (aresp[i].resp == NULL) + if (prompt(msg[i]->msg, respbuf, 0) < 0 || + (aresp[i].resp = strdup(respbuf)) == NULL) goto fail; break; case PAM_PROMPT_ECHO_ON: - aresp[i].resp = prompt(msg[i]->msg); - if (aresp[i].resp == NULL) + if (prompt(msg[i]->msg, respbuf, 1) < 0 || + (aresp[i].resp = strdup(respbuf)) == NULL) goto fail; break; case PAM_ERROR_MSG: @@ -214,6 +361,7 @@ openpam_ttyconv(int n, } } *resp = aresp; + memset(respbuf, 0, sizeof respbuf); RETURNC(PAM_SUCCESS); fail: for (i = 0; i < n; ++i) { @@ -225,6 +373,7 @@ fail: memset(aresp, 0, n * sizeof *aresp); FREE(aresp); *resp = NULL; + memset(respbuf, 0, sizeof respbuf); RETURNC(PAM_CONV_ERR); } diff --git a/lib/libpam/openpam_vasprintf.c b/lib/libpam/openpam_vasprintf.c new file mode 100644 index 0000000..bedabf4 --- /dev/null +++ b/lib/libpam/openpam_vasprintf.c @@ -0,0 +1,60 @@ +/*- + * Copyright (c) 2011-2012 Dag-Erling Smørgrav + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: openpam_vasprintf.c 648 2013-03-05 17:54:27Z des $ + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#ifndef HAVE_VASPRINTF + +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> + +#include "openpam_vasprintf.h" + +/* like vsprintf(3), but allocates memory for the result. */ +int +openpam_vasprintf(char **str, const char *fmt, va_list ap) +{ + va_list apcopy; + int len, ret; + + va_copy(apcopy, ap); + len = vsnprintf(NULL, 0, fmt, ap); + if ((*str = malloc(len + 1)) == NULL) + return (-1); + ret = vsnprintf(*str, len + 1, fmt, apcopy); + va_end(apcopy); + return (ret); +} + +#endif diff --git a/lib/libpam/openpam_vasprintf.h b/lib/libpam/openpam_vasprintf.h new file mode 100644 index 0000000..e92ad0d --- /dev/null +++ b/lib/libpam/openpam_vasprintf.h @@ -0,0 +1,41 @@ +/*- + * Copyright (c) 2012 Dag-Erling Smørgrav + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: openpam_vasprintf.h 648 2013-03-05 17:54:27Z des $ + */ + +#ifndef OPENPAM_VASPRINTF_H_INCLUDED +#define OPENPAM_VASPRINTF_H_INCLUDED + +#ifndef HAVE_VASPRINTF +int openpam_vasprintf(char **, const char *, va_list); +#undef vasprintf +#define vasprintf(arg, ...) openpam_vasprintf(arg, __VA_ARGS__) +#endif + +#endif diff --git a/lib/libpam/pam_acct_mgmt.c b/lib/libpam/pam_acct_mgmt.c index 49c34ab..87337a8 100644 --- a/lib/libpam/pam_acct_mgmt.c +++ b/lib/libpam/pam_acct_mgmt.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_acct_mgmt.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_acct_mgmt.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_authenticate.c b/lib/libpam/pam_authenticate.c index fc6c20f..b24e396 100644 --- a/lib/libpam/pam_authenticate.c +++ b/lib/libpam/pam_authenticate.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_authenticate.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_authenticate.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_authenticate_secondary.c b/lib/libpam/pam_authenticate_secondary.c index 1a57313..9167867 100644 --- a/lib/libpam/pam_authenticate_secondary.c +++ b/lib/libpam/pam_authenticate_secondary.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_authenticate_secondary.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_authenticate_secondary.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_chauthtok.c b/lib/libpam/pam_chauthtok.c index 1750b0f..163fec7 100644 --- a/lib/libpam/pam_chauthtok.c +++ b/lib/libpam/pam_chauthtok.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_chauthtok.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_chauthtok.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_close_session.c b/lib/libpam/pam_close_session.c index 9e63a1d..8bc1efa 100644 --- a/lib/libpam/pam_close_session.c +++ b/lib/libpam/pam_close_session.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_close_session.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_close_session.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_end.c b/lib/libpam/pam_end.c index 09cde35..f7ece50 100644 --- a/lib/libpam/pam_end.c +++ b/lib/libpam/pam_end.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_end.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_end.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_error.c b/lib/libpam/pam_error.c index 1e0de5b..cd018f5 100644 --- a/lib/libpam/pam_error.c +++ b/lib/libpam/pam_error.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_error.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_error.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_get_authtok.c b/lib/libpam/pam_get_authtok.c index 1a3aebc..a062934 100644 --- a/lib/libpam/pam_get_authtok.c +++ b/lib/libpam/pam_get_authtok.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_get_authtok.c 510 2011-12-31 13:14:23Z des $ + * $Id: pam_get_authtok.c 670 2013-03-17 19:26:07Z des $ */ #ifdef HAVE_CONFIG_H @@ -113,9 +113,9 @@ pam_get_authtok(pam_handle_t *pamh, if (r == PAM_SUCCESS && prevauthtok != NULL) { *authtok = prevauthtok; RETURNC(PAM_SUCCESS); - } - else if (openpam_get_option(pamh, "use_first_pass")) + } else if (openpam_get_option(pamh, "use_first_pass")) { RETURNC(r == PAM_SUCCESS ? PAM_AUTH_ERR : r); + } } /* pam policy overrides the module's choice */ if ((promptp = openpam_get_option(pamh, prompt_option)) != NULL) @@ -168,10 +168,12 @@ pam_get_authtok(pam_handle_t *pamh, */ /** - * The =pam_get_authtok function returns the cached authentication token, - * or prompts the user if no token is currently cached. + * The =pam_get_authtok function either prompts the user for an + * authentication token or retrieves a cached authentication token, + * depending on circumstances. * Either way, a pointer to the authentication token is stored in the - * location pointed to by the =authtok argument. + * location pointed to by the =authtok argument, and the corresponding PAM + * item is updated. * * The =item argument must have one of the following values: * @@ -186,20 +188,47 @@ pam_get_authtok(pam_handle_t *pamh, * If it is =NULL, the =PAM_AUTHTOK_PROMPT or =PAM_OLDAUTHTOK_PROMPT item, * as appropriate, will be used. * If that item is also =NULL, a hardcoded default prompt will be used. - * Either way, the prompt is expanded using =openpam_subst before it is - * passed to the conversation function. - * - * If =pam_get_authtok is called from a module and the ;authtok_prompt / - * ;oldauthtok_prompt option is set in the policy file, the value of that - * option takes precedence over both the =prompt argument and the - * =PAM_AUTHTOK_PROMPT / =PAM_OLDAUTHTOK_PROMPT item. + * Additionally, when =pam_get_authtok is called from a service module, + * the prompt may be affected by module options as described below. + * The prompt is then expanded using =openpam_subst before it is passed to + * the conversation function. * * If =item is set to =PAM_AUTHTOK and there is a non-null =PAM_OLDAUTHTOK * item, =pam_get_authtok will ask the user to confirm the new token by * retyping it. * If there is a mismatch, =pam_get_authtok will return =PAM_TRY_AGAIN. * + * MODULE OPTIONS + * + * When called by a service module, =pam_get_authtok will recognize the + * following module options: + * + * ;authtok_prompt: + * Prompt to use when =item is set to =PAM_AUTHTOK. + * This option overrides both the =prompt argument and the + * =PAM_AUTHTOK_PROMPT item. + * ;echo_pass: + * If the application's conversation function allows it, this + * lets the user see what they are typing. + * This should only be used for non-reusable authentication + * tokens. + * ;oldauthtok_prompt: + * Prompt to use when =item is set to =PAM_OLDAUTHTOK. + * This option overrides both the =prompt argument and the + * =PAM_OLDAUTHTOK_PROMPT item. + * ;try_first_pass: + * If the requested item is non-null, return it without + * prompting the user. + * Typically, the service module will verify the token, and + * if it does not match, clear the item before calling + * =pam_get_authtok a second time. + * ;use_first_pass: + * Do not prompt the user at all; just return the cached + * value, or =PAM_AUTH_ERR if there is none. + * + * >pam_conv * >pam_get_item * >pam_get_user + * >openpam_get_option * >openpam_subst */ diff --git a/lib/libpam/pam_get_data.c b/lib/libpam/pam_get_data.c index 1a8ba1d..de31d70 100644 --- a/lib/libpam/pam_get_data.c +++ b/lib/libpam/pam_get_data.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_get_data.c 444 2011-10-22 01:03:23Z des $ + * $Id: pam_get_data.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_get_item.c b/lib/libpam/pam_get_item.c index 95b9df6..9dc3dc3 100644 --- a/lib/libpam/pam_get_item.c +++ b/lib/libpam/pam_get_item.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_get_item.c 491 2011-11-12 00:12:32Z des $ + * $Id: pam_get_item.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_get_mapped_authtok.c b/lib/libpam/pam_get_mapped_authtok.c index 54ff6c3..871405e 100644 --- a/lib/libpam/pam_get_mapped_authtok.c +++ b/lib/libpam/pam_get_mapped_authtok.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_get_mapped_authtok.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_get_mapped_authtok.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_get_mapped_username.c b/lib/libpam/pam_get_mapped_username.c index 4f8ac17..25305d2 100644 --- a/lib/libpam/pam_get_mapped_username.c +++ b/lib/libpam/pam_get_mapped_username.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_get_mapped_username.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_get_mapped_username.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_get_user.c b/lib/libpam/pam_get_user.c index 53245b9..2e22e0e 100644 --- a/lib/libpam/pam_get_user.c +++ b/lib/libpam/pam_get_user.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_get_user.c 455 2011-10-29 18:31:11Z des $ + * $Id: pam_get_user.c 670 2013-03-17 19:26:07Z des $ */ #ifdef HAVE_CONFIG_H @@ -116,20 +116,31 @@ pam_get_user(pam_handle_t *pamh, * If no user was specified, nor set using =pam_set_item, =pam_get_user * will prompt for a user name. * Either way, a pointer to the user name is stored in the location - * pointed to by the =user argument. + * pointed to by the =user argument, and the corresponding PAM item is + * updated. * * The =prompt argument specifies a prompt to use if no user name is * cached. * If it is =NULL, the =PAM_USER_PROMPT item will be used. * If that item is also =NULL, a hardcoded default prompt will be used. - * Either way, the prompt is expanded using =openpam_subst before it is - * passed to the conversation function. + * Additionally, when =pam_get_user is called from a service module, the + * prompt may be affected by module options as described below. + * The prompt is then expanded using =openpam_subst before it is passed to + * the conversation function. * - * If =pam_get_user is called from a module and the ;user_prompt option is - * set in the policy file, the value of that option takes precedence over - * both the =prompt argument and the =PAM_USER_PROMPT item. + * MODULE OPTIONS * + * When called by a service module, =pam_get_user will recognize the + * following module options: + * + * ;user_prompt: + * Prompt to use when asking for the user name. + * This option overrides both the =prompt argument and the + * =PAM_USER_PROMPT item. + * + * >pam_conv * >pam_get_item * >pam_get_authtok + * >openpam_get_option * >openpam_subst */ diff --git a/lib/libpam/pam_getenv.c b/lib/libpam/pam_getenv.c index e2ebf57..6669035 100644 --- a/lib/libpam/pam_getenv.c +++ b/lib/libpam/pam_getenv.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_getenv.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_getenv.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_getenvlist.c b/lib/libpam/pam_getenvlist.c index 06c003f..9dcded0 100644 --- a/lib/libpam/pam_getenvlist.c +++ b/lib/libpam/pam_getenvlist.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_getenvlist.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_getenvlist.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_info.c b/lib/libpam/pam_info.c index 7e51dbf..550bb76 100644 --- a/lib/libpam/pam_info.c +++ b/lib/libpam/pam_info.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_info.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_info.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_open_session.c b/lib/libpam/pam_open_session.c index 36c59b0..de12705 100644 --- a/lib/libpam/pam_open_session.c +++ b/lib/libpam/pam_open_session.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_open_session.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_open_session.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_prompt.c b/lib/libpam/pam_prompt.c index 194e765..e3ba0f2 100644 --- a/lib/libpam/pam_prompt.c +++ b/lib/libpam/pam_prompt.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_prompt.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_prompt.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_putenv.c b/lib/libpam/pam_putenv.c index e1f0bc3..0d4d710 100644 --- a/lib/libpam/pam_putenv.c +++ b/lib/libpam/pam_putenv.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_putenv.c 539 2012-03-31 20:53:22Z des $ + * $Id: pam_putenv.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_set_data.c b/lib/libpam/pam_set_data.c index a8de632..344f4ef 100644 --- a/lib/libpam/pam_set_data.c +++ b/lib/libpam/pam_set_data.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_set_data.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_set_data.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_set_item.c b/lib/libpam/pam_set_item.c index 05d538f..10c855a 100644 --- a/lib/libpam/pam_set_item.c +++ b/lib/libpam/pam_set_item.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_set_item.c 496 2011-11-21 16:20:45Z des $ + * $Id: pam_set_item.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_set_mapped_authtok.c b/lib/libpam/pam_set_mapped_authtok.c index d8db84f..c8fbd91 100644 --- a/lib/libpam/pam_set_mapped_authtok.c +++ b/lib/libpam/pam_set_mapped_authtok.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_set_mapped_authtok.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_set_mapped_authtok.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_set_mapped_username.c b/lib/libpam/pam_set_mapped_username.c index 4b8f815..8f62f53 100644 --- a/lib/libpam/pam_set_mapped_username.c +++ b/lib/libpam/pam_set_mapped_username.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_set_mapped_username.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_set_mapped_username.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_setcred.c b/lib/libpam/pam_setcred.c index 51fb081..7a69176 100644 --- a/lib/libpam/pam_setcred.c +++ b/lib/libpam/pam_setcred.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_setcred.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_setcred.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_setenv.c b/lib/libpam/pam_setenv.c index 6fd4c10..070a185 100644 --- a/lib/libpam/pam_setenv.c +++ b/lib/libpam/pam_setenv.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_setenv.c 539 2012-03-31 20:53:22Z des $ + * $Id: pam_setenv.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H @@ -46,6 +46,7 @@ #include <security/pam_appl.h> #include "openpam_impl.h" +#include "openpam_asprintf.h" /* * OpenPAM extension diff --git a/lib/libpam/pam_sm_acct_mgmt.c b/lib/libpam/pam_sm_acct_mgmt.c index f5c14cf..6420fba 100644 --- a/lib/libpam/pam_sm_acct_mgmt.c +++ b/lib/libpam/pam_sm_acct_mgmt.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_acct_mgmt.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_sm_acct_mgmt.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_sm_authenticate.c b/lib/libpam/pam_sm_authenticate.c index 97851af..f31b6ac 100644 --- a/lib/libpam/pam_sm_authenticate.c +++ b/lib/libpam/pam_sm_authenticate.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_authenticate.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_sm_authenticate.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_sm_authenticate_secondary.c b/lib/libpam/pam_sm_authenticate_secondary.c index 3f3f6bd..4a232fb 100644 --- a/lib/libpam/pam_sm_authenticate_secondary.c +++ b/lib/libpam/pam_sm_authenticate_secondary.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_authenticate_secondary.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_sm_authenticate_secondary.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_sm_chauthtok.c b/lib/libpam/pam_sm_chauthtok.c index 593344c..4f17562 100644 --- a/lib/libpam/pam_sm_chauthtok.c +++ b/lib/libpam/pam_sm_chauthtok.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_chauthtok.c 466 2011-11-02 23:33:43Z des $ + * $Id: pam_sm_chauthtok.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_sm_close_session.c b/lib/libpam/pam_sm_close_session.c index 290f497..9247d8f 100644 --- a/lib/libpam/pam_sm_close_session.c +++ b/lib/libpam/pam_sm_close_session.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_close_session.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_sm_close_session.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_sm_get_mapped_authtok.c b/lib/libpam/pam_sm_get_mapped_authtok.c index e86e6e5..473a52e 100644 --- a/lib/libpam/pam_sm_get_mapped_authtok.c +++ b/lib/libpam/pam_sm_get_mapped_authtok.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_get_mapped_authtok.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_sm_get_mapped_authtok.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_sm_get_mapped_username.c b/lib/libpam/pam_sm_get_mapped_username.c index 596ca6c..6de9fdb 100644 --- a/lib/libpam/pam_sm_get_mapped_username.c +++ b/lib/libpam/pam_sm_get_mapped_username.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_get_mapped_username.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_sm_get_mapped_username.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_sm_open_session.c b/lib/libpam/pam_sm_open_session.c index acb401a..a576a00 100644 --- a/lib/libpam/pam_sm_open_session.c +++ b/lib/libpam/pam_sm_open_session.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_open_session.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_sm_open_session.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_sm_set_mapped_authtok.c b/lib/libpam/pam_sm_set_mapped_authtok.c index dab40fd..de0e91f 100644 --- a/lib/libpam/pam_sm_set_mapped_authtok.c +++ b/lib/libpam/pam_sm_set_mapped_authtok.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_set_mapped_authtok.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_sm_set_mapped_authtok.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_sm_set_mapped_username.c b/lib/libpam/pam_sm_set_mapped_username.c index 3011016..2696d3e 100644 --- a/lib/libpam/pam_sm_set_mapped_username.c +++ b/lib/libpam/pam_sm_set_mapped_username.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_set_mapped_username.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_sm_set_mapped_username.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_sm_setcred.c b/lib/libpam/pam_sm_setcred.c index 0d30683..0836adc 100644 --- a/lib/libpam/pam_sm_setcred.c +++ b/lib/libpam/pam_sm_setcred.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_sm_setcred.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_sm_setcred.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_start.c b/lib/libpam/pam_start.c index 84e0085..03fae41 100644 --- a/lib/libpam/pam_start.c +++ b/lib/libpam/pam_start.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_start.c 503 2011-12-18 14:00:33Z des $ + * $Id: pam_start.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_strerror.c b/lib/libpam/pam_strerror.c index e29219d..8621ad6 100644 --- a/lib/libpam/pam_strerror.c +++ b/lib/libpam/pam_strerror.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_strerror.c 491 2011-11-12 00:12:32Z des $ + * $Id: pam_strerror.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_verror.c b/lib/libpam/pam_verror.c index 9ed85b6..683abbc 100644 --- a/lib/libpam/pam_verror.c +++ b/lib/libpam/pam_verror.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_verror.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_verror.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_vinfo.c b/lib/libpam/pam_vinfo.c index 95f45f4..3ae2c7f 100644 --- a/lib/libpam/pam_vinfo.c +++ b/lib/libpam/pam_vinfo.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_vinfo.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_vinfo.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H diff --git a/lib/libpam/pam_vprompt.c b/lib/libpam/pam_vprompt.c index 1e390e0..eb337af 100644 --- a/lib/libpam/pam_vprompt.c +++ b/lib/libpam/pam_vprompt.c @@ -32,7 +32,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: pam_vprompt.c 437 2011-09-13 12:00:13Z des $ + * $Id: pam_vprompt.c 648 2013-03-05 17:54:27Z des $ */ #ifdef HAVE_CONFIG_H |
