From cb0022693cf46a76bd076baf9798db6247f14231 Mon Sep 17 00:00:00 2001 From: des Date: Sun, 30 Jun 2002 21:30:05 +0000 Subject: Vendor import of OpenPAM Citronella. --- contrib/openpam/CREDITS | 17 +- contrib/openpam/HISTORY | 24 ++- contrib/openpam/LICENSE | 8 +- contrib/openpam/MANIFEST | 8 +- contrib/openpam/Makefile | 11 +- contrib/openpam/RELNOTES | 6 +- contrib/openpam/bin/Makefile | 11 +- contrib/openpam/bin/su/Makefile | 11 +- contrib/openpam/bin/su/su.c | 124 +++++++---- contrib/openpam/doc/Makefile | 11 +- contrib/openpam/doc/man/Makefile | 118 ++++++----- contrib/openpam/doc/man/openpam.3 | 133 ++++++++++++ contrib/openpam/doc/man/openpam.man | 12 ++ contrib/openpam/doc/man/openpam_borrow_cred.3 | 15 +- contrib/openpam/doc/man/openpam_free_data.3 | 15 +- contrib/openpam/doc/man/openpam_get_option.3 | 15 +- contrib/openpam/doc/man/openpam_log.3 | 15 +- contrib/openpam/doc/man/openpam_nullconv.3 | 15 +- contrib/openpam/doc/man/openpam_restore_cred.3 | 15 +- contrib/openpam/doc/man/openpam_set_option.3 | 15 +- contrib/openpam/doc/man/openpam_ttyconv.3 | 15 +- contrib/openpam/doc/man/pam.3 | 169 +++++++++------ contrib/openpam/doc/man/pam.man | 98 +++++++++ contrib/openpam/doc/man/pam_acct_mgmt.3 | 16 +- contrib/openpam/doc/man/pam_authenticate.3 | 16 +- contrib/openpam/doc/man/pam_chauthtok.3 | 16 +- contrib/openpam/doc/man/pam_close_session.3 | 16 +- contrib/openpam/doc/man/pam_conv.3 | 182 ++++++++++++++++ contrib/openpam/doc/man/pam_end.3 | 15 +- contrib/openpam/doc/man/pam_error.3 | 17 +- contrib/openpam/doc/man/pam_get_authtok.3 | 16 +- contrib/openpam/doc/man/pam_get_data.3 | 15 +- contrib/openpam/doc/man/pam_get_item.3 | 16 +- contrib/openpam/doc/man/pam_get_user.3 | 15 +- contrib/openpam/doc/man/pam_getenv.3 | 15 +- contrib/openpam/doc/man/pam_getenvlist.3 | 15 +- contrib/openpam/doc/man/pam_info.3 | 15 +- contrib/openpam/doc/man/pam_open_session.3 | 16 +- contrib/openpam/doc/man/pam_prompt.3 | 15 +- contrib/openpam/doc/man/pam_putenv.3 | 15 +- contrib/openpam/doc/man/pam_set_data.3 | 15 +- contrib/openpam/doc/man/pam_set_item.3 | 15 +- contrib/openpam/doc/man/pam_setcred.3 | 16 +- contrib/openpam/doc/man/pam_setenv.3 | 15 +- contrib/openpam/doc/man/pam_sm_acct_mgmt.3 | 15 +- contrib/openpam/doc/man/pam_sm_authenticate.3 | 15 +- contrib/openpam/doc/man/pam_sm_chauthtok.3 | 15 +- contrib/openpam/doc/man/pam_sm_close_session.3 | 15 +- contrib/openpam/doc/man/pam_sm_open_session.3 | 15 +- contrib/openpam/doc/man/pam_sm_setcred.3 | 15 +- contrib/openpam/doc/man/pam_start.3 | 27 +-- contrib/openpam/doc/man/pam_strerror.3 | 15 +- contrib/openpam/doc/man/pam_verror.3 | 15 +- contrib/openpam/doc/man/pam_vinfo.3 | 15 +- contrib/openpam/doc/man/pam_vprompt.3 | 16 +- contrib/openpam/include/security/openpam.h | 8 +- contrib/openpam/include/security/openpam_version.h | 12 +- contrib/openpam/include/security/pam_appl.h | 8 +- contrib/openpam/include/security/pam_constants.h | 9 +- contrib/openpam/include/security/pam_modules.h | 8 +- contrib/openpam/include/security/pam_types.h | 17 +- contrib/openpam/lib/Makefile | 8 +- contrib/openpam/lib/openpam_borrow_cred.c | 8 +- contrib/openpam/lib/openpam_configure.c | 10 +- contrib/openpam/lib/openpam_dispatch.c | 24 +-- contrib/openpam/lib/openpam_dynamic.c | 8 +- contrib/openpam/lib/openpam_findenv.c | 8 +- contrib/openpam/lib/openpam_free_data.c | 8 +- contrib/openpam/lib/openpam_get_option.c | 8 +- contrib/openpam/lib/openpam_impl.h | 11 +- contrib/openpam/lib/openpam_load.c | 8 +- contrib/openpam/lib/openpam_log.c | 8 +- contrib/openpam/lib/openpam_nullconv.c | 8 +- contrib/openpam/lib/openpam_restore_cred.c | 8 +- contrib/openpam/lib/openpam_set_option.c | 8 +- contrib/openpam/lib/openpam_static.c | 8 +- contrib/openpam/lib/openpam_ttyconv.c | 8 +- contrib/openpam/lib/pam_acct_mgmt.c | 8 +- contrib/openpam/lib/pam_authenticate.c | 8 +- contrib/openpam/lib/pam_authenticate_secondary.c | 8 +- contrib/openpam/lib/pam_chauthtok.c | 8 +- contrib/openpam/lib/pam_close_session.c | 8 +- contrib/openpam/lib/pam_end.c | 8 +- contrib/openpam/lib/pam_error.c | 10 +- contrib/openpam/lib/pam_get_authtok.c | 8 +- contrib/openpam/lib/pam_get_data.c | 8 +- contrib/openpam/lib/pam_get_item.c | 9 +- contrib/openpam/lib/pam_get_mapped_authtok.c | 8 +- contrib/openpam/lib/pam_get_mapped_username.c | 8 +- contrib/openpam/lib/pam_get_user.c | 8 +- contrib/openpam/lib/pam_getenv.c | 8 +- contrib/openpam/lib/pam_getenvlist.c | 10 +- contrib/openpam/lib/pam_info.c | 8 +- contrib/openpam/lib/pam_open_session.c | 8 +- contrib/openpam/lib/pam_prompt.c | 10 +- contrib/openpam/lib/pam_putenv.c | 8 +- contrib/openpam/lib/pam_set_data.c | 8 +- contrib/openpam/lib/pam_set_item.c | 37 ++-- contrib/openpam/lib/pam_set_mapped_authtok.c | 8 +- contrib/openpam/lib/pam_set_mapped_username.c | 8 +- contrib/openpam/lib/pam_setcred.c | 8 +- contrib/openpam/lib/pam_setenv.c | 8 +- contrib/openpam/lib/pam_sm_acct_mgmt.c | 8 +- contrib/openpam/lib/pam_sm_authenticate.c | 8 +- .../openpam/lib/pam_sm_authenticate_secondary.c | 8 +- contrib/openpam/lib/pam_sm_chauthtok.c | 8 +- contrib/openpam/lib/pam_sm_close_session.c | 8 +- contrib/openpam/lib/pam_sm_get_mapped_authtok.c | 8 +- contrib/openpam/lib/pam_sm_get_mapped_username.c | 8 +- contrib/openpam/lib/pam_sm_open_session.c | 8 +- contrib/openpam/lib/pam_sm_set_mapped_authtok.c | 8 +- contrib/openpam/lib/pam_sm_set_mapped_username.c | 8 +- contrib/openpam/lib/pam_sm_setcred.c | 8 +- contrib/openpam/lib/pam_start.c | 17 +- contrib/openpam/lib/pam_strerror.c | 8 +- contrib/openpam/lib/pam_verror.c | 8 +- contrib/openpam/lib/pam_vinfo.c | 10 +- contrib/openpam/lib/pam_vprompt.c | 8 +- contrib/openpam/misc/gendoc.pl | 231 +++++++++++++++------ contrib/openpam/modules/Makefile | 9 +- contrib/openpam/modules/pam_deny/Makefile | 8 +- contrib/openpam/modules/pam_deny/pam_deny.c | 8 +- contrib/openpam/modules/pam_dummy/Makefile | 8 +- contrib/openpam/modules/pam_dummy/pam_dummy.c | 8 +- contrib/openpam/modules/pam_permit/Makefile | 8 +- contrib/openpam/modules/pam_permit/pam_permit.c | 8 +- contrib/openpam/modules/pam_unix/Makefile | 44 ++++ contrib/openpam/modules/pam_unix/pam_unix.c | 163 +++++++++++++++ 128 files changed, 1788 insertions(+), 844 deletions(-) create mode 100644 contrib/openpam/doc/man/openpam.3 create mode 100644 contrib/openpam/doc/man/openpam.man create mode 100644 contrib/openpam/doc/man/pam.man create mode 100644 contrib/openpam/doc/man/pam_conv.3 create mode 100644 contrib/openpam/modules/pam_unix/Makefile create mode 100644 contrib/openpam/modules/pam_unix/pam_unix.c (limited to 'contrib/openpam') diff --git a/contrib/openpam/CREDITS b/contrib/openpam/CREDITS index 37ae29a..adbf407 100644 --- a/contrib/openpam/CREDITS +++ b/contrib/openpam/CREDITS @@ -1,19 +1,20 @@ -The OpenPAM library was developed for the FreeBSD Project by ThinkSec -AS and NAI Labs, the Security Research Division of Network Associates, -Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as -part of the DARPA CHATS research program. +The OpenPAM library was developed for the FreeBSD Project by ThinkSec AS +and Network Associates Laboratories, the Security Research Division of +Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +("CBOSS"), as part of the DARPA CHATS research program. Principal design and development by: Dag-Erling Smørgrav -The following persons (in no particular order) have contributed, -directly or indirectly, with patches, criticism, suggestions, or -ideas: +The following persons (in no particular order) have contributed, directly +or indirectly, with patches, criticism, suggestions, or ideas: Andrew Morgan Brian Fundakowski Feldman + Darren J. Moffat + Gary Winiger Joe Marcus Clarke Mark Murray Robert Watson @@ -21,4 +22,4 @@ ideas: Solar Designer Takanori Saneto -$P4: //depot/projects/openpam/CREDITS#1 $ +$P4: //depot/projects/openpam/CREDITS#3 $ diff --git a/contrib/openpam/HISTORY b/contrib/openpam/HISTORY index 22a51b4..f14fea3 100644 --- a/contrib/openpam/HISTORY +++ b/contrib/openpam/HISTORY @@ -1,4 +1,26 @@ ============================================================================ +OpenPAM Citronella 2002-06-30 + + - ENHANCE: Add the "binding" control flag (from Solaris 9). + + - ENHANCE: Define struct pam_repository and PAM_REPOSITORY (from + Solaris 9). + + - ENHANCE: Flesh out the pam(3) man page. + + - ENHANCE: Add an openpam(3) page with cross-references to all the + documented OpenPAM API extensions. + + - ENHANCE: Add a pam_conv(3) man page describing the conversation + system. + + - ENHANCE: Improved sample application. + + - ENHANCE: Added sample pam_unix module. + + - BUGFIX: Various documentation nits. + +============================================================================ OpenPAM Cinquefoil 2002-05-24 - BUGFIX: Various warnings uncovered by gcc 3.1. @@ -162,4 +184,4 @@ OpenPAM Calamite 2002-02-09 First (beta) release. ============================================================================ -$P4: //depot/projects/openpam/HISTORY#12 $ +$P4: //depot/projects/openpam/HISTORY#13 $ diff --git a/contrib/openpam/LICENSE b/contrib/openpam/LICENSE index 9b716c2..cb4a292 100644 --- a/contrib/openpam/LICENSE +++ b/contrib/openpam/LICENSE @@ -3,9 +3,9 @@ Copyright (c) 2002 Networks Associates Technology, Inc. All rights reserved. This software was developed for the FreeBSD Project by ThinkSec AS and -NAI Labs, the Security Research Division of Network Associates, Inc. -under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -DARPA CHATS research program. +Network Associates Laboratories, the Security Research Division of +Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +("CBOSS"), as part of the DARPA CHATS research program. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions @@ -31,4 +31,4 @@ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -$P4: //depot/projects/openpam/LICENSE#4 $ +$P4: //depot/projects/openpam/LICENSE#5 $ diff --git a/contrib/openpam/MANIFEST b/contrib/openpam/MANIFEST index bdbff5a..6980160 100644 --- a/contrib/openpam/MANIFEST +++ b/contrib/openpam/MANIFEST @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/openpam/MANIFEST#9 $ +# $P4: //depot/projects/openpam/MANIFEST#11 $ # CREDITS HISTORY @@ -14,6 +14,8 @@ bin/su/Makefile bin/su/su.c doc/Makefile doc/man/Makefile +doc/man/openpam.3 +doc/man/openpam.man doc/man/openpam_borrow_cred.3 doc/man/openpam_free_data.3 doc/man/openpam_get_option.3 @@ -23,10 +25,12 @@ doc/man/openpam_restore_cred.3 doc/man/openpam_set_option.3 doc/man/openpam_ttyconv.3 doc/man/pam.3 +doc/man/pam.man doc/man/pam_acct_mgmt.3 doc/man/pam_authenticate.3 doc/man/pam_chauthtok.3 doc/man/pam_close_session.3 +doc/man/pam_conv.3 doc/man/pam_end.3 doc/man/pam_error.3 doc/man/pam_get_authtok.3 @@ -125,3 +129,5 @@ modules/pam_dummy/Makefile modules/pam_dummy/pam_dummy.c modules/pam_permit/Makefile modules/pam_permit/pam_permit.c +modules/pam_unix/Makefile +modules/pam_unix/pam_unix.c diff --git a/contrib/openpam/Makefile b/contrib/openpam/Makefile index a85cafb..bba174d 100644 --- a/contrib/openpam/Makefile +++ b/contrib/openpam/Makefile @@ -2,10 +2,11 @@ # Copyright (c) 2002 Networks Associates Technology, Inc. # All rights reserved. # -# This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# This software was developed for the FreeBSD Project by ThinkSec AS +# and Network Associates Laboratories, the Security Research Division +# of Network Associates, Inc. under DARPA/SPAWAR contract +# N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research +# program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -31,7 +32,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/Makefile#6 $ +# $P4: //depot/projects/openpam/Makefile#7 $ # SUBDIR = diff --git a/contrib/openpam/RELNOTES b/contrib/openpam/RELNOTES index 4bf6749..54e57bf 100644 --- a/contrib/openpam/RELNOTES +++ b/contrib/openpam/RELNOTES @@ -1,13 +1,13 @@ - Release notes for OpenPAM Cinquefoil + Release notes for OpenPAM Citronella ==================================== The library itself is complete. Documentation exists in the form of man pages for the library functions. -This release is incorporated into FreeBSD-CURRENT as of 2002-05-24. +This release is incorporated into FreeBSD-CURRENT as of 2002-06-30. It has also been successfully built on NetBSD, and should build with minimal or no changes on OpenBSD. It has not been tested on any other OS. -$P4: //depot/projects/openpam/RELNOTES#11 $ +$P4: //depot/projects/openpam/RELNOTES#12 $ diff --git a/contrib/openpam/bin/Makefile b/contrib/openpam/bin/Makefile index 21f8689..57cc1be 100644 --- a/contrib/openpam/bin/Makefile +++ b/contrib/openpam/bin/Makefile @@ -2,10 +2,11 @@ # Copyright (c) 2002 Networks Associates Technology, Inc. # All rights reserved. # -# This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# This software was developed for the FreeBSD Project by ThinkSec AS +# and Network Associates Laboratories, the Security Research Division +# of Network Associates, Inc. under DARPA/SPAWAR contract +# N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research +# program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -31,7 +32,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/bin/Makefile#5 $ +# $P4: //depot/projects/openpam/bin/Makefile#6 $ # SUBDIR = diff --git a/contrib/openpam/bin/su/Makefile b/contrib/openpam/bin/su/Makefile index 1fb6a04..c37e880 100644 --- a/contrib/openpam/bin/su/Makefile +++ b/contrib/openpam/bin/su/Makefile @@ -2,10 +2,11 @@ # Copyright (c) 2002 Networks Associates Technology, Inc. # All rights reserved. # -# This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# This software was developed for the FreeBSD Project by ThinkSec AS +# and Network Associates Laboratories, the Security Research Division +# of Network Associates, Inc. under DARPA/SPAWAR contract +# N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research +# program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -31,7 +32,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/bin/su/Makefile#4 $ +# $P4: //depot/projects/openpam/bin/su/Makefile#5 $ # PROG = su diff --git a/contrib/openpam/bin/su/su.c b/contrib/openpam/bin/su/su.c index 91f411b..0c8c45d 100644 --- a/contrib/openpam/bin/su/su.c +++ b/contrib/openpam/bin/su/su.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/bin/su/su.c#6 $ + * $P4: //depot/projects/openpam/bin/su/su.c#8 $ */ #include @@ -41,11 +41,14 @@ #include #include #include +#include #include #include #include -#include +#include /* for openpam_ttyconv() */ + +extern char **environ; static pam_handle_t *pamh; static struct pam_conv pamc; @@ -58,24 +61,14 @@ usage(void) exit(1); } -static int -check(const char *func, int pam_err) -{ - - if (pam_err == PAM_SUCCESS || pam_err == PAM_NEW_AUTHTOK_REQD) - return pam_err; - openlog("su", LOG_CONS, LOG_AUTH); - syslog(LOG_ERR, "%s(): %s", func, pam_strerror(pamh, pam_err)); - errx(1, "Sorry."); -} - int main(int argc, char *argv[]) { char hostname[MAXHOSTNAMELEN]; const char *user, *tty; + char **args, **pam_envlist, **pam_env; struct passwd *pwd; - int o, status; + int o, pam_err, status; pid_t pid; while ((o = getopt(argc, argv, "h")) != -1) @@ -94,52 +87,93 @@ main(int argc, char *argv[]) /* set some items */ gethostname(hostname, sizeof(hostname)); - check("pam_set_item", pam_set_item(pamh, PAM_RHOST, hostname)); + if ((pam_err = pam_set_item(pamh, PAM_RHOST, hostname)) != PAM_SUCCESS) + goto pamerr; user = getlogin(); - check("pam_set_item", pam_set_item(pamh, PAM_RUSER, user)); + if ((pam_err = pam_set_item(pamh, PAM_RUSER, user)) != PAM_SUCCESS) + goto pamerr; tty = ttyname(STDERR_FILENO); - check("pam_set_item", pam_set_item(pamh, PAM_TTY, tty)); + if ((pam_err = pam_set_item(pamh, PAM_TTY, tty)) != PAM_SUCCESS) + goto pamerr; /* authenticate the applicant */ - check("pam_authenticate", pam_authenticate(pamh, 0)); - if (check("pam_acct_mgmt", pam_acct_mgmt(pamh, 0)) == - PAM_NEW_AUTHTOK_REQD) - check("pam_chauthtok", - pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK)); + if ((pam_err = pam_authenticate(pamh, 0)) != PAM_SUCCESS) + goto pamerr; + if ((pam_err = pam_acct_mgmt(pamh, 0)) == PAM_NEW_AUTHTOK_REQD) + pam_err = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK); + if (pam_err != PAM_SUCCESS) + goto pamerr; /* establish the requested credentials */ - check("pam_setcred", pam_setcred(pamh, PAM_ESTABLISH_CRED)); + if ((pam_err = pam_setcred(pamh, PAM_ESTABLISH_CRED)) != PAM_SUCCESS) + goto pamerr; /* authentication succeeded; open a session */ - check("pam_open_session", pam_open_session(pamh, 0)); + if ((pam_err = pam_open_session(pamh, 0)) != PAM_SUCCESS) + goto pamerr; + + /* get mapped user name; PAM may have changed it */ + pam_err = pam_get_item(pamh, PAM_USER, (const void **)&user); + if (pam_err != PAM_SUCCESS || (pwd = getpwnam(user)) == NULL) + goto pamerr; + + /* set uid and groups */ + if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) { + warn("initgroups()"); + goto err; + } + if (setgid(pwd->pw_gid) == -1) { + warn("setgid()"); + goto err; + } + if (setuid(pwd->pw_uid) == -1) { + warn("setuid()"); + goto err; + } - if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) - err(1, "initgroups()"); - if (setuid(pwd->pw_uid) == -1) - err(1, "setuid()"); + /* export PAM environment */ + if ((pam_envlist = pam_getenvlist(pamh)) != NULL) { + for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env) { + putenv(*pam_env); + free(*pam_env); + } + free(pam_envlist); + } - /* XXX export environment variables */ + /* build argument list */ + if ((args = calloc(argc + 2, sizeof *args)) == NULL) { + warn("calloc()"); + goto err; + } + *args = pwd->pw_shell; + memcpy(args + 1, argv, argc * sizeof *args); + /* fork and exec */ switch ((pid = fork())) { case -1: - err(1, "fork()"); + warn("fork()"); + goto err; case 0: /* child: start a shell */ - *argv = pwd->pw_shell; - execvp(*argv, argv); - err(1, "execvp()"); + execve(*args, args, environ); + warn("execve()"); + _exit(1); default: /* parent: wait for child to exit */ waitpid(pid, &status, 0); - if (WIFEXITED(status)) - status = WEXITSTATUS(status); - else - status = 1; - } - /* close the session and release PAM resources */ - check("pam_close_session", pam_close_session(pamh, 0)); - check("pam_end", pam_end(pamh, 0)); + /* close the session and release PAM resources */ + pam_err = pam_close_session(pamh, 0); + pam_end(pamh, pam_err); - exit(status); + exit(WEXITSTATUS(status)); + } + +pamerr: + pam_end(pamh, pam_err); + fprintf(stderr, "Sorry\n"); + exit(1); +err: + pam_end(pamh, pam_err); + exit(1); } diff --git a/contrib/openpam/doc/Makefile b/contrib/openpam/doc/Makefile index 8b30081..02ad7af 100644 --- a/contrib/openpam/doc/Makefile +++ b/contrib/openpam/doc/Makefile @@ -2,10 +2,11 @@ # Copyright (c) 2002 Networks Associates Technology, Inc. # All rights reserved. # -# This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# This software was developed for the FreeBSD Project by ThinkSec AS +# and Network Associates Laboratories, the Security Research Division +# of Network Associates, Inc. under DARPA/SPAWAR contract +# N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research +# program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -31,7 +32,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/doc/Makefile#3 $ +# $P4: //depot/projects/openpam/doc/Makefile#4 $ # SUBDIR = diff --git a/contrib/openpam/doc/man/Makefile b/contrib/openpam/doc/man/Makefile index d2384b3..4d8b394 100644 --- a/contrib/openpam/doc/man/Makefile +++ b/contrib/openpam/doc/man/Makefile @@ -2,10 +2,11 @@ # Copyright (c) 2002 Networks Associates Technology, Inc. # All rights reserved. # -# This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# This software was developed for the FreeBSD Project by ThinkSec AS +# and Network Associates Laboratories, the Security Research Division +# of Network Associates, Inc. under DARPA/SPAWAR contract +# N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research +# program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -31,52 +32,75 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/doc/man/Makefile#8 $ +# $P4: //depot/projects/openpam/doc/man/Makefile#11 $ # -MAN = -MAN += openpam_borrow_cred.3 -MAN += openpam_free_data.3 -MAN += openpam_get_option.3 -MAN += openpam_log.3 -MAN += openpam_nullconv.3 -MAN += openpam_restore_cred.3 -MAN += openpam_set_option.3 -MAN += openpam_ttyconv.3 +GENDOC = ${.CURDIR}/../../misc/gendoc.pl + +# Standard PAM API +PMAN = +PMAN += pam_acct_mgmt.3 +PMAN += pam_authenticate.3 +PMAN += pam_chauthtok.3 +PMAN += pam_close_session.3 +PMAN += pam_end.3 +PMAN += pam_get_data.3 +PMAN += pam_get_item.3 +PMAN += pam_get_user.3 +PMAN += pam_getenv.3 +PMAN += pam_getenvlist.3 +PMAN += pam_open_session.3 +PMAN += pam_putenv.3 +PMAN += pam_set_data.3 +PMAN += pam_set_item.3 +PMAN += pam_setcred.3 +PMAN += pam_start.3 +PMAN += pam_strerror.3 + +# Standard module API +MMAN = +MMAN += pam_sm_acct_mgmt.3 +MMAN += pam_sm_authenticate.3 +MMAN += pam_sm_chauthtok.3 +MMAN += pam_sm_close_session.3 +MMAN += pam_sm_open_session.3 +MMAN += pam_sm_setcred.3 + +# OpenPAM extensions +OMAN = +OMAN += openpam_borrow_cred.3 +OMAN += openpam_free_data.3 +OMAN += openpam_get_option.3 +OMAN += openpam_log.3 +OMAN += openpam_nullconv.3 +OMAN += openpam_restore_cred.3 +OMAN += openpam_set_option.3 +OMAN += openpam_ttyconv.3 +OMAN += pam_error.3 +OMAN += pam_get_authtok.3 +OMAN += pam_info.3 +OMAN += pam_prompt.3 +OMAN += pam_setenv.3 +OMAN += pam_verror.3 +OMAN += pam_vinfo.3 +OMAN += pam_vprompt.3 + +MAN = ${PMAN} ${OMAN} ${MMAN} +MAN += openpam.3 MAN += pam.3 -MAN += pam_acct_mgmt.3 -MAN += pam_authenticate.3 -MAN += pam_chauthtok.3 -MAN += pam_close_session.3 -MAN += pam_end.3 -MAN += pam_error.3 -MAN += pam_get_authtok.3 -MAN += pam_get_data.3 -MAN += pam_get_item.3 -MAN += pam_get_user.3 -MAN += pam_getenv.3 -MAN += pam_getenvlist.3 -MAN += pam_info.3 -MAN += pam_open_session.3 -MAN += pam_prompt.3 -MAN += pam_putenv.3 -MAN += pam_set_data.3 -MAN += pam_set_item.3 -MAN += pam_setcred.3 -MAN += pam_setenv.3 -MAN += pam_sm_acct_mgmt.3 -MAN += pam_sm_authenticate.3 -MAN += pam_sm_chauthtok.3 -MAN += pam_sm_close_session.3 -MAN += pam_sm_open_session.3 -MAN += pam_sm_setcred.3 -MAN += pam_start.3 -MAN += pam_strerror.3 -MAN += pam_verror.3 -MAN += pam_vinfo.3 -MAN += pam_vprompt.3 +MAN += pam_conv.3 + +CLEANFILES += ${PMAN} ${OMAN} ${MMAN} openpam.3 pam.3 + +.for man in ${PMAN} ${OMAN} ${MMAN} +${man}: ${.CURDIR}/../../lib/${man:R}.c ${GENDOC} + perl -w ${GENDOC} ${.CURDIR}/../../lib/${man:R}.c +.endfor + +openpam.3: ${OMAN} ${GENDOC} openpam.man + perl -w ${GENDOC} -o ${OMAN} <${.CURDIR}/openpam.man -generate: - (cd ${.CURDIR} && perl -w ../../misc/gendoc.pl ../../lib/*.c >pam.3) +pam.3: ${PMAN} ${GENDOC} pam.man + perl -w ${GENDOC} -p ${PMAN} <${.CURDIR}/pam.man .include diff --git a/contrib/openpam/doc/man/openpam.3 b/contrib/openpam/doc/man/openpam.3 new file mode 100644 index 0000000..cc8cbaa --- /dev/null +++ b/contrib/openpam/doc/man/openpam.3 @@ -0,0 +1,133 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $P4$ +.\" +.Dd June 30, 2002 +.Dt OPENPAM 3 +.Os +.Sh NAME +.Nm openpam_borrow_cred , +.Nm openpam_free_data , +.Nm openpam_get_option , +.Nm openpam_log , +.Nm openpam_nullconv , +.Nm openpam_restore_cred , +.Nm openpam_set_option , +.Nm openpam_ttyconv , +.Nm pam_error , +.Nm pam_get_authtok , +.Nm pam_info , +.Nm pam_prompt , +.Nm pam_setenv , +.Nm pam_verror , +.Nm pam_vinfo , +.Nm pam_vprompt +.Nd Pluggable Authentication Modules Library +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/openpam.h +.Ft int +.Fn openpam_borrow_cred "pam_handle_t *pamh" "const struct passwd *pwd" +.Ft void +.Fn openpam_free_data "pam_handle_t *pamh" "void *data" "int status" +.Ft const char * +.Fn openpam_get_option "pam_handle_t *pamh" "const char *option" +.Ft void +.Fn openpam_log "int level" "const char *fmt" "..." +.Ft int +.Fn openpam_nullconv "int n" "const struct pam_message **msg" "struct pam_response **resp" "void *data" +.Ft int +.Fn openpam_restore_cred "pam_handle_t *pamh" +.Ft int +.Fn openpam_set_option "pam_handle_t *pamh" "const char *option" "const char *value" +.Ft int +.Fn openpam_ttyconv "int n" "const struct pam_message **msg" "struct pam_response **resp" "void *data" +.Ft int +.Fn pam_error "pam_handle_t *pamh" "const char *fmt" "..." +.Ft int +.Fn pam_get_authtok "pam_handle_t *pamh" "int item" "const char **authtok" "const char *prompt" +.Ft int +.Fn pam_info "pam_handle_t *pamh" "const char *fmt" "..." +.Ft int +.Fn pam_prompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "..." +.Ft int +.Fn pam_setenv "pam_handle_t *pamh" "const char *name" "const char *value" "int overwrite" +.Ft int +.Fn pam_verror "pam_handle_t *pamh" "const char *fmt" "va_list ap" +.Ft int +.Fn pam_vinfo "pam_handle_t *pamh" "const char *fmt" "va_list ap" +.Ft int +.Fn pam_vprompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "va_list ap" +.\" +.\" $P4: //depot/projects/openpam/doc/man/openpam.man#1 $ +.\" +.Sh DESCRIPTION +These functions are OpenPAM extensions to the PAM API. Those named +.Fn pam_* +are, in the author's opinion, logical and necessary extensions to the +standard API, while those named +.Fn openpam_* +are either simple convenience functions, or functions intimately tied +to OpenPAM implementation details, and therefore not well suited to +standardization. +.Sh SEE ALSO +.Xr openpam_borrow_cred 3 , +.Xr openpam_free_data 3 , +.Xr openpam_get_option 3 , +.Xr openpam_log 3 , +.Xr openpam_nullconv 3 , +.Xr openpam_restore_cred 3 , +.Xr openpam_set_option 3 , +.Xr openpam_ttyconv 3 , +.Xr pam_error 3 , +.Xr pam_get_authtok 3 , +.Xr pam_info 3 , +.Xr pam_prompt 3 , +.Xr pam_setenv 3 , +.Xr pam_verror 3 , +.Xr pam_vinfo 3 , +.Xr pam_vprompt 3 +.Sh STANDARDS +.Rs +.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" +.%D "June 1997" +.Re +.Sh AUTHORS +The OpenPAM library and this manual page were developed for the +FreeBSD Project by ThinkSec AS and Network Associates Laboratories, +the Security Research Division of Network Associates, Inc. under +DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam.man b/contrib/openpam/doc/man/openpam.man new file mode 100644 index 0000000..a781967 --- /dev/null +++ b/contrib/openpam/doc/man/openpam.man @@ -0,0 +1,12 @@ +.\" +.\" $P4: //depot/projects/openpam/doc/man/openpam.man#1 $ +.\" +.Sh DESCRIPTION +These functions are OpenPAM extensions to the PAM API. Those named +.Fn pam_* +are, in the author's opinion, logical and necessary extensions to the +standard API, while those named +.Fn openpam_* +are either simple convenience functions, or functions intimately tied +to OpenPAM implementation details, and therefore not well suited to +standardization. diff --git a/contrib/openpam/doc/man/openpam_borrow_cred.3 b/contrib/openpam/doc/man/openpam_borrow_cred.3 index c7e429c..4a0997b 100644 --- a/contrib/openpam/doc/man/openpam_borrow_cred.3 +++ b/contrib/openpam/doc/man/openpam_borrow_cred.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/openpam_borrow_cred.3#5 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt OPENPAM_BORROW_CRED 3 .Os .Sh NAME @@ -84,7 +84,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam_free_data.3 b/contrib/openpam/doc/man/openpam_free_data.3 index d87b06c..fd2eb20 100644 --- a/contrib/openpam/doc/man/openpam_free_data.3 +++ b/contrib/openpam/doc/man/openpam_free_data.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/openpam_free_data.3#5 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt OPENPAM_FREE_DATA 3 .Os .Sh NAME @@ -67,7 +67,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam_get_option.3 b/contrib/openpam/doc/man/openpam_get_option.3 index 6fd205a..0bcaafe 100644 --- a/contrib/openpam/doc/man/openpam_get_option.3 +++ b/contrib/openpam/doc/man/openpam_get_option.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/openpam_get_option.3#9 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt OPENPAM_GET_OPTION 3 .Os .Sh NAME @@ -69,7 +69,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam_log.3 b/contrib/openpam/doc/man/openpam_log.3 index 5a13827..0a65306 100644 --- a/contrib/openpam/doc/man/openpam_log.3 +++ b/contrib/openpam/doc/man/openpam_log.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/openpam_log.3#10 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt OPENPAM_LOG 3 .Os .Sh NAME @@ -58,7 +58,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam_nullconv.3 b/contrib/openpam/doc/man/openpam_nullconv.3 index 85a9259..d0a3770 100644 --- a/contrib/openpam/doc/man/openpam_nullconv.3 +++ b/contrib/openpam/doc/man/openpam_nullconv.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/openpam_nullconv.3#2 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt OPENPAM_NULLCONV 3 .Os .Sh NAME @@ -91,7 +91,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam_restore_cred.3 b/contrib/openpam/doc/man/openpam_restore_cred.3 index 2e11820..281435d 100644 --- a/contrib/openpam/doc/man/openpam_restore_cred.3 +++ b/contrib/openpam/doc/man/openpam_restore_cred.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/openpam_restore_cred.3#5 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt OPENPAM_RESTORE_CRED 3 .Os .Sh NAME @@ -77,7 +77,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam_set_option.3 b/contrib/openpam/doc/man/openpam_set_option.3 index 4f3dd21..66c1bded 100644 --- a/contrib/openpam/doc/man/openpam_set_option.3 +++ b/contrib/openpam/doc/man/openpam_set_option.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/openpam_set_option.3#9 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt OPENPAM_SET_OPTION 3 .Os .Sh NAME @@ -72,7 +72,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/openpam_ttyconv.3 b/contrib/openpam/doc/man/openpam_ttyconv.3 index 993ad46..4f111e8 100644 --- a/contrib/openpam/doc/man/openpam_ttyconv.3 +++ b/contrib/openpam/doc/man/openpam_ttyconv.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/openpam_ttyconv.3#10 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt OPENPAM_TTYCONV 3 .Os .Sh NAME @@ -86,7 +86,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam.3 b/contrib/openpam/doc/man/pam.3 index 14a8441..e685edd 100644 --- a/contrib/openpam/doc/man/pam.3 +++ b/contrib/openpam/doc/man/pam.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,52 +31,35 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam.3#15 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM 3 .Os .Sh NAME -.Nm openpam_borrow_cred , -.Nm openpam_free_data , -.Nm openpam_restore_cred , .Nm pam_acct_mgmt , .Nm pam_authenticate , .Nm pam_chauthtok , .Nm pam_close_session , .Nm pam_end , -.Nm pam_error , -.Nm pam_get_authtok , .Nm pam_get_data , .Nm pam_get_item , .Nm pam_get_user , .Nm pam_getenv , .Nm pam_getenvlist , -.Nm pam_info , .Nm pam_open_session , -.Nm pam_prompt , .Nm pam_putenv , .Nm pam_set_data , .Nm pam_set_item , .Nm pam_setcred , -.Nm pam_setenv , .Nm pam_start , -.Nm pam_strerror , -.Nm pam_verror , -.Nm pam_vinfo , -.Nm pam_vprompt +.Nm pam_strerror .Nd Pluggable Authentication Modules Library .Sh LIBRARY .Lb libpam .Sh SYNOPSIS .In security/pam_appl.h .Ft int -.Fn openpam_borrow_cred "pam_handle_t *pamh" "const struct passwd *pwd" -.Ft void -.Fn openpam_free_data "pam_handle_t *pamh" "void *data" "int status" -.Ft int -.Fn openpam_restore_cred "pam_handle_t *pamh" -.Ft int .Fn pam_acct_mgmt "pam_handle_t *pamh" "int flags" .Ft int .Fn pam_authenticate "pam_handle_t *pamh" "int flags" @@ -87,10 +70,6 @@ .Ft int .Fn pam_end "pam_handle_t *pamh" "int status" .Ft int -.Fn pam_error "pam_handle_t *pamh" "const char *fmt" "..." -.Ft int -.Fn pam_get_authtok "pam_handle_t *pamh" "int item" "const char **authtok" "const char *prompt" -.Ft int .Fn pam_get_data "pam_handle_t *pamh" "const char *module_data_name" "const void **data" .Ft int .Fn pam_get_item "pam_handle_t *pamh" "int item_type" "const void **item" @@ -101,12 +80,8 @@ .Ft char ** .Fn pam_getenvlist "pam_handle_t *pamh" .Ft int -.Fn pam_info "pam_handle_t *pamh" "const char *fmt" "..." -.Ft int .Fn pam_open_session "pam_handle_t *pamh" "int flags" .Ft int -.Fn pam_prompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "..." -.Ft int .Fn pam_putenv "pam_handle_t *pamh" "const char *namevalue" .Ft int .Fn pam_set_data "pam_handle_t *pamh" "const char *module_data_name" "void *data" "void (*cleanup)(pam_handle_t *pamh, void *data, int pam_end_status)" @@ -115,22 +90,110 @@ .Ft int .Fn pam_setcred "pam_handle_t *pamh" "int flags" .Ft int -.Fn pam_setenv "pam_handle_t *pamh" "const char *name" "const char *value" "int overwrite" -.Ft int .Fn pam_start "const char *service" "const char *user" "const struct pam_conv *pam_conv" "pam_handle_t **pamh" .Ft const char * .Fn pam_strerror "pam_handle_t *pamh" "int error_number" -.Ft int -.Fn pam_verror "pam_handle_t *pamh" "const char *fmt" "va_list ap" -.Ft int -.Fn pam_vinfo "pam_handle_t *pamh" "const char *fmt" "va_list ap" -.Ft int -.Fn pam_vprompt "pam_handle_t *pamh" "int style" "char **resp" "const char *fmt" "va_list ap" +.\" +.\" $P4: //depot/projects/openpam/doc/man/pam.man#1 $ +.\" .Sh DESCRIPTION +The Pluggable Authentication Modules (PAM) library abstracts a number +of common authentication-related operations and provides a framework +for dynamically loaded modules that implement these operations in +various ways. +.Ss Terminology +In PAM parlance, the application that uses PAM to authenticate a user +is the server, and is identified for configuration purposes by a +service name, which is often (but not necessarily) the program name. +.Pp +The user requesting authentication is called the applicant, while the +user (usually, root) charged with verifying his identity and granting +him the requested credentials is called the arbitrator. +.Pp +The sequence of operations the server goes through to authenticate a +user and perform whatever task he requested is a PAM transaction; the +context within which the server performs the requested task is called +a session. +.Pp +The functionality embodied by PAM is divided into six primitives +grouped into four facilities: authentication, account management, +session management and password management. +.Ss Conversation +The PAM library expects the application to provide a conversation +callback which it can use to communicate with the user. +Some modules may use specialized conversation functions to communicate +with special hardware such as cryptographic dongles or biometric +devices. +See +.Xr pam_conv 3 +for details. +.Ss Initialization And Cleanup +The +.Fn pam_start +function initializes the PAM library and returns a handle which must +be provided in all subsequent function calls. +The transaction state is contained entirely within the structure +identified by this handle, so it is possible to conduct multiple +transactions in parallel. +.Pp +The +.Fn pam_end +function releases all resources associated with the specified context, +and can be called at any time to terminate a PAM transaction. +.Ss Storage +The +.Fn pam_set_item +and +.Fn pam_get_item +functions set and retrieve a number of predefined items, including the +service name, the names of the requesting and target users, the +conversation function, and prompts. +.Pp +The +.Fn pam_set_data +and +.Fn pam_get_data +manage named chunks of free-form data, generally used by modules to +store state from one invocation to another. +.Ss Authentication +There are two authentication primitives: +.Fn pam_authenticate +and +.Fn pam_setcred . +The former authenticates the user, while the latter manages his +credentials. +.Ss Account Management +The +.Fn pam_acct_mgmt +function enforces policies such as password expiry, account expiry, +time-of-day restrictions, and so forth. +.Ss Session Management +The +.Fn pam_open_session +and +.Fn pam_close_session +handle session setup and teardown. +.Ss Password Management +The +.Fn pam_chauthtok +function allows the server to change the user's password, either at +the user's request or because the password has expired. +.Ss Miscellaneous +The +.Fn pam_putenv , +.Fn pam_getenv +and +.Fn pam_getenvlist +manage a private environment list in which modules can set environment +variables they want the server to export during the session. +.Pp +The +.Fn pam_strerror +function returns a pointer to a string describing a the specified PAM +error code. .Sh RETURN VALUES -The following return codes are defined in the -.In security/pam_constants.h -header: +The following return codes are defined by +.Aq Pa security/pam_constants.h : .Bl -tag -width 18n .It Bq Er PAM_ABORT General failure. @@ -194,35 +257,25 @@ Try again. Unknown user. .El .Sh SEE ALSO -.Xr openpam_borrow_cred 3 , -.Xr openpam_free_data 3 , -.Xr openpam_restore_cred 3 , +.Xr openpam 3 .Xr pam_acct_mgmt 3 , .Xr pam_authenticate 3 , .Xr pam_chauthtok 3 , .Xr pam_close_session 3 , +.Xr pam_conv 3 , .Xr pam_end 3 , -.Xr pam_error 3 , -.Xr pam_get_authtok 3 , .Xr pam_get_data 3 , .Xr pam_get_item 3 , .Xr pam_get_user 3 , .Xr pam_getenv 3 , .Xr pam_getenvlist 3 , -.Xr pam_info 3 , .Xr pam_open_session 3 , -.Xr pam_prompt 3 , .Xr pam_putenv 3 , .Xr pam_set_data 3 , .Xr pam_set_item 3 , .Xr pam_setcred 3 , -.Xr pam_setenv 3 , .Xr pam_start 3 , -.Xr pam_strerror 3 , -.Xr pam_verror 3 , -.Xr pam_vinfo 3 , -.Xr pam_vprompt 3 , -.Xr pam.conf 5 +.Xr pam_strerror 3 .Sh STANDARDS .Rs .%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" @@ -230,8 +283,8 @@ Unknown user. .Re .Sh AUTHORS The OpenPAM library and this manual page were developed for the -FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research -Division of Network Associates, Inc. under DARPA/SPAWAR contract -N66001-01-C-8035 +FreeBSD Project by ThinkSec AS and Network Associates Laboratories, +the Security Research Division of Network Associates, Inc. under +DARPA/SPAWAR contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam.man b/contrib/openpam/doc/man/pam.man new file mode 100644 index 0000000..b14a7b8 --- /dev/null +++ b/contrib/openpam/doc/man/pam.man @@ -0,0 +1,98 @@ +.\" +.\" $P4: //depot/projects/openpam/doc/man/pam.man#1 $ +.\" +.Sh DESCRIPTION +The Pluggable Authentication Modules (PAM) library abstracts a number +of common authentication-related operations and provides a framework +for dynamically loaded modules that implement these operations in +various ways. +.Ss Terminology +In PAM parlance, the application that uses PAM to authenticate a user +is the server, and is identified for configuration purposes by a +service name, which is often (but not necessarily) the program name. +.Pp +The user requesting authentication is called the applicant, while the +user (usually, root) charged with verifying his identity and granting +him the requested credentials is called the arbitrator. +.Pp +The sequence of operations the server goes through to authenticate a +user and perform whatever task he requested is a PAM transaction; the +context within which the server performs the requested task is called +a session. +.Pp +The functionality embodied by PAM is divided into six primitives +grouped into four facilities: authentication, account management, +session management and password management. +.Ss Conversation +The PAM library expects the application to provide a conversation +callback which it can use to communicate with the user. +Some modules may use specialized conversation functions to communicate +with special hardware such as cryptographic dongles or biometric +devices. +See +.Xr pam_conv 3 +for details. +.Ss Initialization And Cleanup +The +.Fn pam_start +function initializes the PAM library and returns a handle which must +be provided in all subsequent function calls. +The transaction state is contained entirely within the structure +identified by this handle, so it is possible to conduct multiple +transactions in parallel. +.Pp +The +.Fn pam_end +function releases all resources associated with the specified context, +and can be called at any time to terminate a PAM transaction. +.Ss Storage +The +.Fn pam_set_item +and +.Fn pam_get_item +functions set and retrieve a number of predefined items, including the +service name, the names of the requesting and target users, the +conversation function, and prompts. +.Pp +The +.Fn pam_set_data +and +.Fn pam_get_data +manage named chunks of free-form data, generally used by modules to +store state from one invocation to another. +.Ss Authentication +There are two authentication primitives: +.Fn pam_authenticate +and +.Fn pam_setcred . +The former authenticates the user, while the latter manages his +credentials. +.Ss Account Management +The +.Fn pam_acct_mgmt +function enforces policies such as password expiry, account expiry, +time-of-day restrictions, and so forth. +.Ss Session Management +The +.Fn pam_open_session +and +.Fn pam_close_session +handle session setup and teardown. +.Ss Password Management +The +.Fn pam_chauthtok +function allows the server to change the user's password, either at +the user's request or because the password has expired. +.Ss Miscellaneous +The +.Fn pam_putenv , +.Fn pam_getenv +and +.Fn pam_getenvlist +manage a private environment list in which modules can set environment +variables they want the server to export during the session. +.Pp +The +.Fn pam_strerror +function returns a pointer to a string describing a the specified PAM +error code. diff --git a/contrib/openpam/doc/man/pam_acct_mgmt.3 b/contrib/openpam/doc/man/pam_acct_mgmt.3 index 574a514..0b89bce 100644 --- a/contrib/openpam/doc/man/pam_acct_mgmt.3 +++ b/contrib/openpam/doc/man/pam_acct_mgmt.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_acct_mgmt.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_ACCT_MGMT 3 .Os .Sh NAME @@ -61,6 +61,7 @@ Do not emit any messages. .It Dv PAM_DISALLOW_NULL_AUTHTOK Fail if the user's authentication token is null. .El +.Pp If any other bits are set, .Xr pam_authenticate 3 will return @@ -104,7 +105,8 @@ Unknown user. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_authenticate.3 b/contrib/openpam/doc/man/pam_authenticate.3 index a314a9a..22ad32e 100644 --- a/contrib/openpam/doc/man/pam_authenticate.3 +++ b/contrib/openpam/doc/man/pam_authenticate.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_authenticate.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_AUTHENTICATE 3 .Os .Sh NAME @@ -71,6 +71,7 @@ Do not emit any messages. .It Dv PAM_DISALLOW_NULL_AUTHTOK Fail if the user's authentication token is null. .El +.Pp If any other bits are set, .Nm will return @@ -117,7 +118,8 @@ Unknown user. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_chauthtok.3 b/contrib/openpam/doc/man/pam_chauthtok.3 index e2372dd..2d41dae 100644 --- a/contrib/openpam/doc/man/pam_chauthtok.3 +++ b/contrib/openpam/doc/man/pam_chauthtok.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_chauthtok.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_CHAUTHTOK 3 .Os .Sh NAME @@ -63,6 +63,7 @@ Do not emit any messages. .It Dv PAM_CHANGE_EXPIRED_AUTHTOK Change only those authentication tokens that have expired. .El +.Pp If any other bits are set, .Nm will return @@ -109,7 +110,8 @@ Try again. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_close_session.3 b/contrib/openpam/doc/man/pam_close_session.3 index eae011b..30891e6 100644 --- a/contrib/openpam/doc/man/pam_close_session.3 +++ b/contrib/openpam/doc/man/pam_close_session.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_close_session.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_CLOSE_SESSION 3 .Os .Sh NAME @@ -60,6 +60,7 @@ values: .It Dv PAM_SILENT Do not emit any messages. .El +.Pp If any other bits are set, .Nm will return @@ -99,7 +100,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_conv.3 b/contrib/openpam/doc/man/pam_conv.3 new file mode 100644 index 0000000..00dc572 --- /dev/null +++ b/contrib/openpam/doc/man/pam_conv.3 @@ -0,0 +1,182 @@ +.\"- +.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" All rights reserved. +.\" +.\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $P4: //depot/projects/openpam/doc/man/pam_conv.3#2 $ +.\" +.Dd May 27, 2002 +.Dt PAM_CONV 3 +.Os +.Sh NAME +.Nm pam_conv +.Nd PAM conversation system +.Sh LIBRARY +.Lb libpam +.Sh SYNOPSIS +.In security/pam_appl.h +.Bd -literal +struct pam_message { + int msg_style; + char *msg; +}; + +struct pam_response { + char *resp; + int resp_retcode; +}; + +struct pam_conv { + int (*conv)(int, const struct pam_message **, + struct pam_response **, void *); + void *appdata_ptr; +}; +.Ed +.Sh DESCRIPTION +The PAM library uses an application-defined callback to communicate +with the user. +This callback is specified by the +.Vt struct pam_conv +passed to +.Fn pam_start +at the start of the transaction. +It is also possible to set or change the conversation function at any +point during a PAM transaction by changing the value of the +.Dv PAM_CONV +item. +.Pp +The conversation function's first argument specifies the number of +messages (up to +.Dv PAM_NUM_MSG ) +to process. +The second argument is a pointer to a contiguous array of +.Vt struct pam_message +containing the actual messages. +.Pp +Each message can have one of four types, specified by the +.Va msg_style +member of +.Vt struct pam_message : +.Bl -tag -width 18n +.It Dv PAM_PROMPT_ECHO_OFF +Display a prompt and accept the user's response without echoing it to +the terminal. +This is commonly used for passwords. +.It Dv PAM_PROMPT_ECHO_ON +Display a prompt and accept the user's response, echoing it to the +terminal. +This is commonly used for login names and one-time passphrases. +.It Dv PAM_ERROR_MSG +Display an error message. +.It Dv PAM_TEXT_INFO +Display an informational message. +.El +.Pp +In each case, the prompt or message to display is pointed to by the +.Va msg +member of +.Vt struct pam_message . +It can be up to +.Dv PAM_MAX_MSG_SIZE +characters long, including the terminating NUL. +.Pp +On success, the conversation function should allocate and fill a +contiguous array of +.Vt struct pam_response , +one for each message that was passed in. +A pointer to the user's response to each message (or +.Dv NULL +in the case of informational or error messages) should be stored in +the +.Va resp +member of the corresponding +.Vt struct pam_response . +Each response can be up to +.Dv PAM_MAX_RESP_SIZE +characters long, including the terminating NUL. +.Pp +The +.Va resp_retcode +member of +.Vt struct pam_response +is unused and should be set to zero. +.Pp +The conversation function should store a pointer to this array in the +location pointed to by its third argument. +It is the caller's responsibility to release both this array and the +responses themselves, using +.Xr free 3 . +It is the conversation function's responsibility to ensure that it is +legal to do so. +.Pp +The +.Va appdata_ptr +member of +.Vt struct pam_conv +is passed unmodified to the conversation function as its fourth and +final argument. +.Pp +On failure, the conversation function should release any resources it +has allocated, and return one of the predefined PAM error codes. +.Sh RETURN VALUES +The conversation function should return one of the following values: +.Bl -tag -width 18n +.It Bq Er PAM_BUF_ERR +Memory buffer error. +.It Bq Er PAM_CONV_ERR +Conversation failure. +.It Bq Er PAM_SUCCESS +Success. +.It Bq Er PAM_SYSTEM_ERR +System error. +.El +.Sh SEE ALSO +.Xr openpam_ttyconv 3 , +.Xr openpam_nullconv 3 , +.Xr pam 3 , +.Xr pam_error 3 , +.Xr pam_get_item 3 , +.Xr pam_info 3 , +.Xr pam_prompt 3 , +.Xr pam_set_item 3 , +.Xr pam_start 3 +.Sh STANDARDS +.Rs +.%T "X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules" +.%D "June 1997" +.Re +.Sh AUTHORS +The OpenPAM library and this manual page were developed for the +FreeBSD Project by ThinkSec AS and Network Associates Laboratories, +the Security Research Division of Network Associates, Inc. under +DARPA/SPAWAR contract N66001-01-C-8035 +.Pq Dq CBOSS , +as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_end.3 b/contrib/openpam/doc/man/pam_end.3 index 0f766e6..46f3800 100644 --- a/contrib/openpam/doc/man/pam_end.3 +++ b/contrib/openpam/doc/man/pam_end.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_end.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_END 3 .Os .Sh NAME @@ -77,7 +77,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_error.3 b/contrib/openpam/doc/man/pam_error.3 index cfa9c84..b1e0749 100644 --- a/contrib/openpam/doc/man/pam_error.3 +++ b/contrib/openpam/doc/man/pam_error.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_error.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_ERROR 3 .Os .Sh NAME @@ -47,7 +47,7 @@ .Fn pam_error "pam_handle_t *pamh" "const char *fmt" "..." .Sh DESCRIPTION The -.Xr pam_info 3 +.Nm function displays an error message through the intermediary of the given PAM context's conversation function. .Pp @@ -77,7 +77,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_get_authtok.3 b/contrib/openpam/doc/man/pam_get_authtok.3 index 446cc07..8d5ce17 100644 --- a/contrib/openpam/doc/man/pam_get_authtok.3 +++ b/contrib/openpam/doc/man/pam_get_authtok.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_get_authtok.3#15 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_GET_AUTHTOK 3 .Os .Sh NAME @@ -66,6 +66,7 @@ when changing authentication tokens. Returns the previous authentication token when changing authentication tokens. .El +.Pp The .Va prompt argument specifies a prompt to use if no token is cached. @@ -122,7 +123,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_get_data.3 b/contrib/openpam/doc/man/pam_get_data.3 index c159695..d7fb801 100644 --- a/contrib/openpam/doc/man/pam_get_data.3 +++ b/contrib/openpam/doc/man/pam_get_data.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_get_data.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_GET_DATA 3 .Os .Sh NAME @@ -86,7 +86,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_get_item.3 b/contrib/openpam/doc/man/pam_get_item.3 index 71926e5..cf6dd47 100644 --- a/contrib/openpam/doc/man/pam_get_item.3 +++ b/contrib/openpam/doc/man/pam_get_item.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_get_item.3#14 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_GET_ITEM 3 .Os .Sh NAME @@ -89,6 +89,7 @@ authentication token. The prompt to use when asking the applicant for an expired authentication token prior to changing it. .El +.Pp See .Xr pam_start 3 for a description of @@ -118,7 +119,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_get_user.3 b/contrib/openpam/doc/man/pam_get_user.3 index e41464b..f09671a 100644 --- a/contrib/openpam/doc/man/pam_get_user.3 +++ b/contrib/openpam/doc/man/pam_get_user.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_get_user.3#14 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_GET_USER 3 .Os .Sh NAME @@ -99,7 +99,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_getenv.3 b/contrib/openpam/doc/man/pam_getenv.3 index 8324f9f..09b0add 100644 --- a/contrib/openpam/doc/man/pam_getenv.3 +++ b/contrib/openpam/doc/man/pam_getenv.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_getenv.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_GETENV 3 .Os .Sh NAME @@ -75,7 +75,8 @@ on failure. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_getenvlist.3 b/contrib/openpam/doc/man/pam_getenvlist.3 index f9ec82c..fb6a062 100644 --- a/contrib/openpam/doc/man/pam_getenvlist.3 +++ b/contrib/openpam/doc/man/pam_getenvlist.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_getenvlist.3#14 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_GETENVLIST 3 .Os .Sh NAME @@ -96,7 +96,8 @@ on failure. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_info.3 b/contrib/openpam/doc/man/pam_info.3 index bf20ca4..ac96df2 100644 --- a/contrib/openpam/doc/man/pam_info.3 +++ b/contrib/openpam/doc/man/pam_info.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_info.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_INFO 3 .Os .Sh NAME @@ -77,7 +77,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_open_session.3 b/contrib/openpam/doc/man/pam_open_session.3 index 4275b3d..d4acb1a 100644 --- a/contrib/openpam/doc/man/pam_open_session.3 +++ b/contrib/openpam/doc/man/pam_open_session.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_open_session.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_OPEN_SESSION 3 .Os .Sh NAME @@ -60,6 +60,7 @@ values: .It Dv PAM_SILENT Do not emit any messages. .El +.Pp If any other bits are set, .Nm will return @@ -99,7 +100,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_prompt.3 b/contrib/openpam/doc/man/pam_prompt.3 index 0e12a50..b6ee1b1 100644 --- a/contrib/openpam/doc/man/pam_prompt.3 +++ b/contrib/openpam/doc/man/pam_prompt.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_prompt.3#14 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_PROMPT 3 .Os .Sh NAME @@ -89,7 +89,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_putenv.3 b/contrib/openpam/doc/man/pam_putenv.3 index 5092e03..61b0ea6 100644 --- a/contrib/openpam/doc/man/pam_putenv.3 +++ b/contrib/openpam/doc/man/pam_putenv.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_putenv.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_PUTENV 3 .Os .Sh NAME @@ -80,7 +80,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_set_data.3 b/contrib/openpam/doc/man/pam_set_data.3 index 11cd179..de302c1 100644 --- a/contrib/openpam/doc/man/pam_set_data.3 +++ b/contrib/openpam/doc/man/pam_set_data.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_set_data.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_SET_DATA 3 .Os .Sh NAME @@ -91,7 +91,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_set_item.3 b/contrib/openpam/doc/man/pam_set_item.3 index 23de994..7717e9e 100644 --- a/contrib/openpam/doc/man/pam_set_item.3 +++ b/contrib/openpam/doc/man/pam_set_item.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_set_item.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_SET_ITEM 3 .Os .Sh NAME @@ -84,7 +84,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_setcred.3 b/contrib/openpam/doc/man/pam_setcred.3 index e5b3937..8596a94 100644 --- a/contrib/openpam/doc/man/pam_setcred.3 +++ b/contrib/openpam/doc/man/pam_setcred.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_setcred.3#14 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_SETCRED 3 .Os .Sh NAME @@ -66,6 +66,7 @@ Fully reinitialise credentials. .It Dv PAM_REFRESH_CRED Refresh credentials. .El +.Pp The latter four are mutually exclusive. .Pp If any other bits are set, @@ -112,7 +113,8 @@ Unknown user. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_setenv.3 b/contrib/openpam/doc/man/pam_setenv.3 index 5948513..ad250c7 100644 --- a/contrib/openpam/doc/man/pam_setenv.3 +++ b/contrib/openpam/doc/man/pam_setenv.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_setenv.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_SETENV 3 .Os .Sh NAME @@ -79,7 +79,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 b/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 index e0ee659..9d4c768 100644 --- a/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 +++ b/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_sm_acct_mgmt.3#9 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_SM_ACCT_MGMT 3 .Os .Sh NAME @@ -94,7 +94,8 @@ Unknown user. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_authenticate.3 b/contrib/openpam/doc/man/pam_sm_authenticate.3 index 6d9ebaa..695f635 100644 --- a/contrib/openpam/doc/man/pam_sm_authenticate.3 +++ b/contrib/openpam/doc/man/pam_sm_authenticate.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_sm_authenticate.3#9 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_SM_AUTHENTICATE 3 .Os .Sh NAME @@ -96,7 +96,8 @@ Unknown user. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_chauthtok.3 b/contrib/openpam/doc/man/pam_sm_chauthtok.3 index 5a3d68c..773f546 100644 --- a/contrib/openpam/doc/man/pam_sm_chauthtok.3 +++ b/contrib/openpam/doc/man/pam_sm_chauthtok.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_sm_chauthtok.3#9 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_SM_CHAUTHTOK 3 .Os .Sh NAME @@ -96,7 +96,8 @@ Try again. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_close_session.3 b/contrib/openpam/doc/man/pam_sm_close_session.3 index 9c95ff4..b84b57a 100644 --- a/contrib/openpam/doc/man/pam_sm_close_session.3 +++ b/contrib/openpam/doc/man/pam_sm_close_session.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_sm_close_session.3#9 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_SM_CLOSE_SESSION 3 .Os .Sh NAME @@ -88,7 +88,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_open_session.3 b/contrib/openpam/doc/man/pam_sm_open_session.3 index 4f9a82a..6e3aae4 100644 --- a/contrib/openpam/doc/man/pam_sm_open_session.3 +++ b/contrib/openpam/doc/man/pam_sm_open_session.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_sm_open_session.3#9 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_SM_OPEN_SESSION 3 .Os .Sh NAME @@ -88,7 +88,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_sm_setcred.3 b/contrib/openpam/doc/man/pam_sm_setcred.3 index a03cc04..9cc6602 100644 --- a/contrib/openpam/doc/man/pam_sm_setcred.3 +++ b/contrib/openpam/doc/man/pam_sm_setcred.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_sm_setcred.3#9 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_SM_SETCRED 3 .Os .Sh NAME @@ -94,7 +94,8 @@ Unknown user. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_start.3 b/contrib/openpam/doc/man/pam_start.3 index 2de4985..99af5ed 100644 --- a/contrib/openpam/doc/man/pam_start.3 +++ b/contrib/openpam/doc/man/pam_start.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_start.3#14 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_START 3 .Os .Sh NAME @@ -70,16 +70,10 @@ The argument points to a .Vt struct pam_conv describing the -conversation function to use. -This structure is defined as follows: +conversation function to use; see +.Va pam_conv +for details. .Pp -.Bd -literal - struct pam_conv { - int (*conv)(int, const struct pam_message **, - struct pam_response **, void *); - void *appdata_ptr; - }; -.Ed .Sh RETURN VALUES The .Nm @@ -105,7 +99,8 @@ System error. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_strerror.3 b/contrib/openpam/doc/man/pam_strerror.3 index 9f31f28..0c8314e 100644 --- a/contrib/openpam/doc/man/pam_strerror.3 +++ b/contrib/openpam/doc/man/pam_strerror.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_strerror.3#13 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_STRERROR 3 .Os .Sh NAME @@ -71,7 +71,8 @@ on failure. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_verror.3 b/contrib/openpam/doc/man/pam_verror.3 index 851b0be..c6db52d 100644 --- a/contrib/openpam/doc/man/pam_verror.3 +++ b/contrib/openpam/doc/man/pam_verror.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_verror.3#11 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_VERROR 3 .Os .Sh NAME @@ -81,7 +81,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_vinfo.3 b/contrib/openpam/doc/man/pam_vinfo.3 index 0e43f77..1b89582 100644 --- a/contrib/openpam/doc/man/pam_vinfo.3 +++ b/contrib/openpam/doc/man/pam_vinfo.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_vinfo.3#11 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_VINFO 3 .Os .Sh NAME @@ -81,7 +81,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/doc/man/pam_vprompt.3 b/contrib/openpam/doc/man/pam_vprompt.3 index 848cf90..7d00070 100644 --- a/contrib/openpam/doc/man/pam_vprompt.3 +++ b/contrib/openpam/doc/man/pam_vprompt.3 @@ -3,9 +3,9 @@ .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and -.\" NAI Labs, the Security Research Division of Network Associates, Inc. -.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -.\" DARPA CHATS research program. +.\" Network Associates Laboratories, the Security Research Division of +.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -31,9 +31,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_vprompt.3#11 $ +.\" $P4$ .\" -.Dd May 24, 2002 +.Dd June 30, 2002 .Dt PAM_VPROMPT 3 .Os .Sh NAME @@ -74,6 +74,7 @@ for a response. Display the message as an informational message, and do not wait for a response. .El +.Pp A pointer to the response, or .Dv NULL if the conversation function did @@ -117,7 +118,8 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. diff --git a/contrib/openpam/include/security/openpam.h b/contrib/openpam/include/security/openpam.h index 16f3960..57dab04 100644 --- a/contrib/openpam/include/security/openpam.h +++ b/contrib/openpam/include/security/openpam.h @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/include/security/openpam.h#20 $ + * $P4: //depot/projects/openpam/include/security/openpam.h#21 $ */ #ifndef _SECURITY_OPENPAM_H_INCLUDED diff --git a/contrib/openpam/include/security/openpam_version.h b/contrib/openpam/include/security/openpam_version.h index 969e719..0469fea 100644 --- a/contrib/openpam/include/security/openpam_version.h +++ b/contrib/openpam/include/security/openpam_version.h @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,14 +31,14 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/include/security/openpam_version.h#4 $ + * $P4: //depot/projects/openpam/include/security/openpam_version.h#6 $ */ #ifndef _OPENPAM_VERSION_H_INCLUDED #define _OPENPAM_VERSION_H_INCLUDED #define _OPENPAM -#define _OPENPAM_VERSION 20020524 -#define _OPENPAM_RELEASE "Cinquefoil" +#define _OPENPAM_VERSION 20020630 +#define _OPENPAM_RELEASE "Citronella" #endif diff --git a/contrib/openpam/include/security/pam_appl.h b/contrib/openpam/include/security/pam_appl.h index 23b5a9b..4ad74de 100644 --- a/contrib/openpam/include/security/pam_appl.h +++ b/contrib/openpam/include/security/pam_appl.h @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/include/security/pam_appl.h#9 $ + * $P4: //depot/projects/openpam/include/security/pam_appl.h#10 $ */ #ifndef _PAM_APPL_H_INCLUDED diff --git a/contrib/openpam/include/security/pam_constants.h b/contrib/openpam/include/security/pam_constants.h index 9f3d38f..941249f 100644 --- a/contrib/openpam/include/security/pam_constants.h +++ b/contrib/openpam/include/security/pam_constants.h @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/include/security/pam_constants.h#14 $ + * $P4: //depot/projects/openpam/include/security/pam_constants.h#17 $ */ #ifndef _PAM_CONSTANTS_H_INCLUDED @@ -122,6 +122,7 @@ enum { PAM_USER_PROMPT = 9, PAM_AUTHTOK_PROMPT = 10, /* OpenPAM extension */ PAM_OLDAUTHTOK_PROMPT = 11, /* OpenPAM extension */ + PAM_REPOSITORY = 12, PAM_NUM_ITEMS /* OpenPAM extension */ }; diff --git a/contrib/openpam/include/security/pam_modules.h b/contrib/openpam/include/security/pam_modules.h index 1359a1b..02beab2 100644 --- a/contrib/openpam/include/security/pam_modules.h +++ b/contrib/openpam/include/security/pam_modules.h @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/include/security/pam_modules.h#7 $ + * $P4: //depot/projects/openpam/include/security/pam_modules.h#8 $ */ #ifndef _PAM_MODULES_H_INCLUDED diff --git a/contrib/openpam/include/security/pam_types.h b/contrib/openpam/include/security/pam_types.h index a95fdd4..2cafa01 100644 --- a/contrib/openpam/include/security/pam_types.h +++ b/contrib/openpam/include/security/pam_types.h @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/include/security/pam_types.h#5 $ + * $P4: //depot/projects/openpam/include/security/pam_types.h#7 $ */ #ifndef _PAM_TYPES_H_INCLUDED @@ -69,6 +69,15 @@ struct pam_conv { struct pam_handle; typedef struct pam_handle pam_handle_t; +/* + * Solaris 9 + */ +typedef struct pam_repository { + char *type; + void *scope; + size_t scope_len; +} pam_repository_t; + #ifdef __cplusplus } #endif diff --git a/contrib/openpam/lib/Makefile b/contrib/openpam/lib/Makefile index 8549d8e..95aa856 100644 --- a/contrib/openpam/lib/Makefile +++ b/contrib/openpam/lib/Makefile @@ -3,9 +3,9 @@ # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# Network Associates Laboratories, the Security Research Division of +# Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +# ("CBOSS"), as part of the DARPA CHATS research program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/lib/Makefile#15 $ +# $P4: //depot/projects/openpam/lib/Makefile#16 $ # LIB = pam diff --git a/contrib/openpam/lib/openpam_borrow_cred.c b/contrib/openpam/lib/openpam_borrow_cred.c index 87aed86..fa0ec58 100644 --- a/contrib/openpam/lib/openpam_borrow_cred.c +++ b/contrib/openpam/lib/openpam_borrow_cred.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#1 $ + * $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#2 $ */ #include diff --git a/contrib/openpam/lib/openpam_configure.c b/contrib/openpam/lib/openpam_configure.c index 5c7ca18..b0025fe 100644 --- a/contrib/openpam/lib/openpam_configure.c +++ b/contrib/openpam/lib/openpam_configure.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_configure.c#3 $ + * $P4: //depot/projects/openpam/lib/openpam_configure.c#5 $ */ #include @@ -150,6 +150,8 @@ openpam_read_policy_file(pam_chain_t *policy[], flag = PAM_SUFFICIENT; } else if (strcmp(p, "optional") == 0) { flag = PAM_OPTIONAL; + } else if (strcmp(p, "binding") == 0) { + flag = PAM_BINDING; } else { openpam_log(PAM_LOG_ERROR, "%s: invalid control flag on line %d: '%s'", diff --git a/contrib/openpam/lib/openpam_dispatch.c b/contrib/openpam/lib/openpam_dispatch.c index 6b63ef0..d65edee 100644 --- a/contrib/openpam/lib/openpam_dispatch.c +++ b/contrib/openpam/lib/openpam_dispatch.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_dispatch.c#14 $ + * $P4: //depot/projects/openpam/lib/openpam_dispatch.c#17 $ */ #include @@ -114,15 +114,12 @@ openpam_dispatch(pam_handle_t *pamh, * For pam_setcred() and pam_chauthtok() with the * PAM_PRELIM_CHECK flag, treat "sufficient" as * "optional". - * - * Note that Solaris libpam does not terminate - * the chain here if a required module has - * previously failed. I'm not sure why. */ - if (chain->flag == PAM_SUFFICIENT && + if ((chain->flag == PAM_SUFFICIENT || + chain->flag == PAM_BINDING) && !fail && primitive != PAM_SM_SETCRED && - (primitive != PAM_SM_CHAUTHTOK || - !(flags & PAM_PRELIM_CHECK))) + !(primitive == PAM_SM_CHAUTHTOK && + (flags & PAM_PRELIM_CHECK))) break; continue; } @@ -136,7 +133,8 @@ openpam_dispatch(pam_handle_t *pamh, */ if (err == 0) err = r; - if (chain->flag == PAM_REQUIRED && !fail) { + if ((chain->flag == PAM_REQUIRED || + chain->flag == PAM_BINDING) && !fail) { openpam_log(PAM_LOG_DEBUG, "required module failed"); fail = 1; err = r; @@ -153,7 +151,7 @@ openpam_dispatch(pam_handle_t *pamh, } } - if (!fail) + if (!fail && err != PAM_NEW_AUTHTOK_REQD) err = PAM_SUCCESS; openpam_log(PAM_LOG_DEBUG, "returning: %s", pam_strerror(pamh, err)); return (err); diff --git a/contrib/openpam/lib/openpam_dynamic.c b/contrib/openpam/lib/openpam_dynamic.c index e012a49..f169ed8 100644 --- a/contrib/openpam/lib/openpam_dynamic.c +++ b/contrib/openpam/lib/openpam_dynamic.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_dynamic.c#5 $ + * $P4: //depot/projects/openpam/lib/openpam_dynamic.c#6 $ */ #include diff --git a/contrib/openpam/lib/openpam_findenv.c b/contrib/openpam/lib/openpam_findenv.c index 42597a4..06b5730 100644 --- a/contrib/openpam/lib/openpam_findenv.c +++ b/contrib/openpam/lib/openpam_findenv.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_findenv.c#7 $ + * $P4: //depot/projects/openpam/lib/openpam_findenv.c#8 $ */ #include diff --git a/contrib/openpam/lib/openpam_free_data.c b/contrib/openpam/lib/openpam_free_data.c index 6c71266..11935f8 100644 --- a/contrib/openpam/lib/openpam_free_data.c +++ b/contrib/openpam/lib/openpam_free_data.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_free_data.c#1 $ + * $P4: //depot/projects/openpam/lib/openpam_free_data.c#2 $ */ #include diff --git a/contrib/openpam/lib/openpam_get_option.c b/contrib/openpam/lib/openpam_get_option.c index 2670504..b70b945 100644 --- a/contrib/openpam/lib/openpam_get_option.c +++ b/contrib/openpam/lib/openpam_get_option.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_get_option.c#3 $ + * $P4: //depot/projects/openpam/lib/openpam_get_option.c#4 $ */ #include diff --git a/contrib/openpam/lib/openpam_impl.h b/contrib/openpam/lib/openpam_impl.h index 446af16..23bfc90 100644 --- a/contrib/openpam/lib/openpam_impl.h +++ b/contrib/openpam/lib/openpam_impl.h @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_impl.h#14 $ + * $P4: //depot/projects/openpam/lib/openpam_impl.h#16 $ */ #ifndef _OPENPAM_IMPL_H_INCLUDED @@ -48,7 +48,8 @@ extern const char *_pam_sm_func_name[PAM_NUM_PRIMITIVES]; #define PAM_REQUISITE 2 #define PAM_SUFFICIENT 3 #define PAM_OPTIONAL 4 -#define PAM_NUM_CONTROLFLAGS 5 +#define PAM_BINDING 5 +#define PAM_NUM_CONTROLFLAGS 6 /* * Chains diff --git a/contrib/openpam/lib/openpam_load.c b/contrib/openpam/lib/openpam_load.c index abbc491..717906f 100644 --- a/contrib/openpam/lib/openpam_load.c +++ b/contrib/openpam/lib/openpam_load.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_load.c#13 $ + * $P4: //depot/projects/openpam/lib/openpam_load.c#14 $ */ #include diff --git a/contrib/openpam/lib/openpam_log.c b/contrib/openpam/lib/openpam_log.c index 4ce7751..1bbe623 100644 --- a/contrib/openpam/lib/openpam_log.c +++ b/contrib/openpam/lib/openpam_log.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_log.c#14 $ + * $P4: //depot/projects/openpam/lib/openpam_log.c#15 $ */ #include diff --git a/contrib/openpam/lib/openpam_nullconv.c b/contrib/openpam/lib/openpam_nullconv.c index 544b484..59811e9 100644 --- a/contrib/openpam/lib/openpam_nullconv.c +++ b/contrib/openpam/lib/openpam_nullconv.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_nullconv.c#2 $ + * $P4: //depot/projects/openpam/lib/openpam_nullconv.c#3 $ */ #include diff --git a/contrib/openpam/lib/openpam_restore_cred.c b/contrib/openpam/lib/openpam_restore_cred.c index 05c3b10..f5acff8 100644 --- a/contrib/openpam/lib/openpam_restore_cred.c +++ b/contrib/openpam/lib/openpam_restore_cred.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_restore_cred.c#1 $ + * $P4: //depot/projects/openpam/lib/openpam_restore_cred.c#2 $ */ #include diff --git a/contrib/openpam/lib/openpam_set_option.c b/contrib/openpam/lib/openpam_set_option.c index 4eb3cae..2862b0b 100644 --- a/contrib/openpam/lib/openpam_set_option.c +++ b/contrib/openpam/lib/openpam_set_option.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_set_option.c#4 $ + * $P4: //depot/projects/openpam/lib/openpam_set_option.c#5 $ */ #include diff --git a/contrib/openpam/lib/openpam_static.c b/contrib/openpam/lib/openpam_static.c index ea45342..59ec255 100644 --- a/contrib/openpam/lib/openpam_static.c +++ b/contrib/openpam/lib/openpam_static.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_static.c#4 $ + * $P4: //depot/projects/openpam/lib/openpam_static.c#5 $ */ #include diff --git a/contrib/openpam/lib/openpam_ttyconv.c b/contrib/openpam/lib/openpam_ttyconv.c index b35a5f9..241420f 100644 --- a/contrib/openpam/lib/openpam_ttyconv.c +++ b/contrib/openpam/lib/openpam_ttyconv.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#11 $ + * $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#12 $ */ #include diff --git a/contrib/openpam/lib/pam_acct_mgmt.c b/contrib/openpam/lib/pam_acct_mgmt.c index 11e389d..35e24d8 100644 --- a/contrib/openpam/lib/pam_acct_mgmt.c +++ b/contrib/openpam/lib/pam_acct_mgmt.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_acct_mgmt.c#8 $ + * $P4: //depot/projects/openpam/lib/pam_acct_mgmt.c#9 $ */ #include diff --git a/contrib/openpam/lib/pam_authenticate.c b/contrib/openpam/lib/pam_authenticate.c index fbf3829..6cc2563 100644 --- a/contrib/openpam/lib/pam_authenticate.c +++ b/contrib/openpam/lib/pam_authenticate.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_authenticate.c#10 $ + * $P4: //depot/projects/openpam/lib/pam_authenticate.c#11 $ */ #include diff --git a/contrib/openpam/lib/pam_authenticate_secondary.c b/contrib/openpam/lib/pam_authenticate_secondary.c index bd36a46..363645e 100644 --- a/contrib/openpam/lib/pam_authenticate_secondary.c +++ b/contrib/openpam/lib/pam_authenticate_secondary.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_authenticate_secondary.c#5 $ + * $P4: //depot/projects/openpam/lib/pam_authenticate_secondary.c#6 $ */ #include diff --git a/contrib/openpam/lib/pam_chauthtok.c b/contrib/openpam/lib/pam_chauthtok.c index 3101d0c..774eee5 100644 --- a/contrib/openpam/lib/pam_chauthtok.c +++ b/contrib/openpam/lib/pam_chauthtok.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_chauthtok.c#11 $ + * $P4: //depot/projects/openpam/lib/pam_chauthtok.c#12 $ */ #include diff --git a/contrib/openpam/lib/pam_close_session.c b/contrib/openpam/lib/pam_close_session.c index 50d8ba2..00bfb55 100644 --- a/contrib/openpam/lib/pam_close_session.c +++ b/contrib/openpam/lib/pam_close_session.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_close_session.c#8 $ + * $P4: //depot/projects/openpam/lib/pam_close_session.c#9 $ */ #include diff --git a/contrib/openpam/lib/pam_end.c b/contrib/openpam/lib/pam_end.c index 8fb9c29..2c2b2a3 100644 --- a/contrib/openpam/lib/pam_end.c +++ b/contrib/openpam/lib/pam_end.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_end.c#9 $ + * $P4: //depot/projects/openpam/lib/pam_end.c#10 $ */ #include diff --git a/contrib/openpam/lib/pam_error.c b/contrib/openpam/lib/pam_error.c index 354ad2a..4aac633 100644 --- a/contrib/openpam/lib/pam_error.c +++ b/contrib/openpam/lib/pam_error.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_error.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_error.c#8 $ */ #include @@ -73,7 +73,7 @@ pam_error(pam_handle_t *pamh, */ /** - * The =pam_info function displays an error message through the + * The =pam_error function displays an error message through the * intermediary of the given PAM context's conversation function. * * >pam_info diff --git a/contrib/openpam/lib/pam_get_authtok.c b/contrib/openpam/lib/pam_get_authtok.c index d56de79..7d41f91 100644 --- a/contrib/openpam/lib/pam_get_authtok.c +++ b/contrib/openpam/lib/pam_get_authtok.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#18 $ + * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#19 $ */ #include diff --git a/contrib/openpam/lib/pam_get_data.c b/contrib/openpam/lib/pam_get_data.c index e40a1dd..8f1bc52 100644 --- a/contrib/openpam/lib/pam_get_data.c +++ b/contrib/openpam/lib/pam_get_data.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_data.c#7 $ + * $P4: //depot/projects/openpam/lib/pam_get_data.c#8 $ */ #include diff --git a/contrib/openpam/lib/pam_get_item.c b/contrib/openpam/lib/pam_get_item.c index 55879f4..da2970e 100644 --- a/contrib/openpam/lib/pam_get_item.c +++ b/contrib/openpam/lib/pam_get_item.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_item.c#11 $ + * $P4: //depot/projects/openpam/lib/pam_get_item.c#13 $ */ #include @@ -67,6 +67,7 @@ pam_get_item(pam_handle_t *pamh, case PAM_USER_PROMPT: case PAM_AUTHTOK_PROMPT: case PAM_OLDAUTHTOK_PROMPT: + case PAM_REPOSITORY: *item = pamh->item[item_type]; return (PAM_SUCCESS); default: diff --git a/contrib/openpam/lib/pam_get_mapped_authtok.c b/contrib/openpam/lib/pam_get_mapped_authtok.c index ce130cc..0b22d8f 100644 --- a/contrib/openpam/lib/pam_get_mapped_authtok.c +++ b/contrib/openpam/lib/pam_get_mapped_authtok.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_mapped_authtok.c#5 $ + * $P4: //depot/projects/openpam/lib/pam_get_mapped_authtok.c#6 $ */ #include diff --git a/contrib/openpam/lib/pam_get_mapped_username.c b/contrib/openpam/lib/pam_get_mapped_username.c index d9bbc73..644ada2 100644 --- a/contrib/openpam/lib/pam_get_mapped_username.c +++ b/contrib/openpam/lib/pam_get_mapped_username.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_mapped_username.c#5 $ + * $P4: //depot/projects/openpam/lib/pam_get_mapped_username.c#6 $ */ #include diff --git a/contrib/openpam/lib/pam_get_user.c b/contrib/openpam/lib/pam_get_user.c index 608614a..f0dc282 100644 --- a/contrib/openpam/lib/pam_get_user.c +++ b/contrib/openpam/lib/pam_get_user.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_user.c#11 $ + * $P4: //depot/projects/openpam/lib/pam_get_user.c#12 $ */ #include diff --git a/contrib/openpam/lib/pam_getenv.c b/contrib/openpam/lib/pam_getenv.c index 968a719..e8f3635 100644 --- a/contrib/openpam/lib/pam_getenv.c +++ b/contrib/openpam/lib/pam_getenv.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_getenv.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_getenv.c#7 $ */ #include diff --git a/contrib/openpam/lib/pam_getenvlist.c b/contrib/openpam/lib/pam_getenvlist.c index 37c20d1..37ec622 100644 --- a/contrib/openpam/lib/pam_getenvlist.c +++ b/contrib/openpam/lib/pam_getenvlist.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_getenvlist.c#8 $ + * $P4: //depot/projects/openpam/lib/pam_getenvlist.c#9 $ */ #include @@ -88,7 +88,7 @@ pam_getenvlist(pam_handle_t *pamh) * should be released using =free after use: * * char **envlist, **env; - * + * * envlist = environ; * environ = pam_getenvlist(pamh); * \/\* do something nifty \*\/ diff --git a/contrib/openpam/lib/pam_info.c b/contrib/openpam/lib/pam_info.c index 3260a41..6102e84 100644 --- a/contrib/openpam/lib/pam_info.c +++ b/contrib/openpam/lib/pam_info.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_info.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_info.c#7 $ */ #include diff --git a/contrib/openpam/lib/pam_open_session.c b/contrib/openpam/lib/pam_open_session.c index 02f73fb..afae0dc 100644 --- a/contrib/openpam/lib/pam_open_session.c +++ b/contrib/openpam/lib/pam_open_session.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_open_session.c#8 $ + * $P4: //depot/projects/openpam/lib/pam_open_session.c#9 $ */ #include diff --git a/contrib/openpam/lib/pam_prompt.c b/contrib/openpam/lib/pam_prompt.c index 7d4fa2e..6f63c16 100644 --- a/contrib/openpam/lib/pam_prompt.c +++ b/contrib/openpam/lib/pam_prompt.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,9 +31,11 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_prompt.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_prompt.c#8 $ */ +#include + #include #include diff --git a/contrib/openpam/lib/pam_putenv.c b/contrib/openpam/lib/pam_putenv.c index 3dd996c..9c7df0e 100644 --- a/contrib/openpam/lib/pam_putenv.c +++ b/contrib/openpam/lib/pam_putenv.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_putenv.c#7 $ + * $P4: //depot/projects/openpam/lib/pam_putenv.c#8 $ */ #include diff --git a/contrib/openpam/lib/pam_set_data.c b/contrib/openpam/lib/pam_set_data.c index 253a4bf..371e8ef 100644 --- a/contrib/openpam/lib/pam_set_data.c +++ b/contrib/openpam/lib/pam_set_data.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_set_data.c#9 $ + * $P4: //depot/projects/openpam/lib/pam_set_data.c#10 $ */ #include diff --git a/contrib/openpam/lib/pam_set_item.c b/contrib/openpam/lib/pam_set_item.c index f5d953b..b34bc78 100644 --- a/contrib/openpam/lib/pam_set_item.c +++ b/contrib/openpam/lib/pam_set_item.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_set_item.c#13 $ + * $P4: //depot/projects/openpam/lib/pam_set_item.c#15 $ */ #include @@ -56,13 +56,12 @@ pam_set_item(pam_handle_t *pamh, const void *item) { void **slot, *tmp; - size_t size; + size_t nsize, osize; if (pamh == NULL) return (PAM_SYSTEM_ERR); slot = &pamh->item[item_type]; - tmp = NULL; switch (item_type) { case PAM_SERVICE: case PAM_USER: @@ -74,27 +73,31 @@ pam_set_item(pam_handle_t *pamh, case PAM_USER_PROMPT: case PAM_AUTHTOK_PROMPT: case PAM_OLDAUTHTOK_PROMPT: - if (*slot != NULL) - size = strlen(*slot) + 1; if (item != NULL) - if ((tmp = strdup(item)) == NULL) - return (PAM_BUF_ERR); + nsize = strlen(item) + 1; + if (*slot != NULL) + osize = strlen(*slot) + 1; + break; + case PAM_REPOSITORY: + osize = nsize = sizeof(struct pam_repository); break; case PAM_CONV: - size = sizeof(struct pam_conv); - if (item != NULL) { - if ((tmp = malloc(size)) == NULL) - return (PAM_BUF_ERR); - memcpy(tmp, item, sizeof(struct pam_conv)); - } + osize = nsize = sizeof(struct pam_conv); break; default: return (PAM_SYMBOL_ERR); } if (*slot != NULL) { - memset(*slot, 0xd0, size); + memset(*slot, 0xd0, osize); free(*slot); } + if (item != NULL) { + if ((tmp = malloc(nsize)) == NULL) + return (PAM_BUF_ERR); + memcpy(tmp, item, nsize); + } else { + tmp = NULL; + } *slot = tmp; return (PAM_SUCCESS); } diff --git a/contrib/openpam/lib/pam_set_mapped_authtok.c b/contrib/openpam/lib/pam_set_mapped_authtok.c index 50de2ca..ec18579 100644 --- a/contrib/openpam/lib/pam_set_mapped_authtok.c +++ b/contrib/openpam/lib/pam_set_mapped_authtok.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_set_mapped_authtok.c#5 $ + * $P4: //depot/projects/openpam/lib/pam_set_mapped_authtok.c#6 $ */ #include diff --git a/contrib/openpam/lib/pam_set_mapped_username.c b/contrib/openpam/lib/pam_set_mapped_username.c index 7410411..eedefe4 100644 --- a/contrib/openpam/lib/pam_set_mapped_username.c +++ b/contrib/openpam/lib/pam_set_mapped_username.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_set_mapped_username.c#5 $ + * $P4: //depot/projects/openpam/lib/pam_set_mapped_username.c#6 $ */ #include diff --git a/contrib/openpam/lib/pam_setcred.c b/contrib/openpam/lib/pam_setcred.c index 1273cb4..1621baa 100644 --- a/contrib/openpam/lib/pam_setcred.c +++ b/contrib/openpam/lib/pam_setcred.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_setcred.c#9 $ + * $P4: //depot/projects/openpam/lib/pam_setcred.c#10 $ */ #include diff --git a/contrib/openpam/lib/pam_setenv.c b/contrib/openpam/lib/pam_setenv.c index 6177da2..d1c865f 100644 --- a/contrib/openpam/lib/pam_setenv.c +++ b/contrib/openpam/lib/pam_setenv.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_setenv.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_setenv.c#7 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_acct_mgmt.c b/contrib/openpam/lib/pam_sm_acct_mgmt.c index a72fd9c..e70ab2c 100644 --- a/contrib/openpam/lib/pam_sm_acct_mgmt.c +++ b/contrib/openpam/lib/pam_sm_acct_mgmt.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_acct_mgmt.c#3 $ + * $P4: //depot/projects/openpam/lib/pam_sm_acct_mgmt.c#4 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_authenticate.c b/contrib/openpam/lib/pam_sm_authenticate.c index 817a9db..9d9c55d 100644 --- a/contrib/openpam/lib/pam_sm_authenticate.c +++ b/contrib/openpam/lib/pam_sm_authenticate.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_authenticate.c#3 $ + * $P4: //depot/projects/openpam/lib/pam_sm_authenticate.c#4 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_authenticate_secondary.c b/contrib/openpam/lib/pam_sm_authenticate_secondary.c index b67d6f4..e694de2 100644 --- a/contrib/openpam/lib/pam_sm_authenticate_secondary.c +++ b/contrib/openpam/lib/pam_sm_authenticate_secondary.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_authenticate_secondary.c#3 $ + * $P4: //depot/projects/openpam/lib/pam_sm_authenticate_secondary.c#4 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_chauthtok.c b/contrib/openpam/lib/pam_sm_chauthtok.c index 2fc0e1a..34d652f 100644 --- a/contrib/openpam/lib/pam_sm_chauthtok.c +++ b/contrib/openpam/lib/pam_sm_chauthtok.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_chauthtok.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_chauthtok.c#5 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_close_session.c b/contrib/openpam/lib/pam_sm_close_session.c index ad8e8e8..1644ec8 100644 --- a/contrib/openpam/lib/pam_sm_close_session.c +++ b/contrib/openpam/lib/pam_sm_close_session.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_close_session.c#3 $ + * $P4: //depot/projects/openpam/lib/pam_sm_close_session.c#4 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_get_mapped_authtok.c b/contrib/openpam/lib/pam_sm_get_mapped_authtok.c index f53cf20..c4ae55f 100644 --- a/contrib/openpam/lib/pam_sm_get_mapped_authtok.c +++ b/contrib/openpam/lib/pam_sm_get_mapped_authtok.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_get_mapped_authtok.c#3 $ + * $P4: //depot/projects/openpam/lib/pam_sm_get_mapped_authtok.c#4 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_get_mapped_username.c b/contrib/openpam/lib/pam_sm_get_mapped_username.c index b3f54cd..6c3f86e 100644 --- a/contrib/openpam/lib/pam_sm_get_mapped_username.c +++ b/contrib/openpam/lib/pam_sm_get_mapped_username.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_get_mapped_username.c#3 $ + * $P4: //depot/projects/openpam/lib/pam_sm_get_mapped_username.c#4 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_open_session.c b/contrib/openpam/lib/pam_sm_open_session.c index f7e0205..d1092dc 100644 --- a/contrib/openpam/lib/pam_sm_open_session.c +++ b/contrib/openpam/lib/pam_sm_open_session.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_open_session.c#3 $ + * $P4: //depot/projects/openpam/lib/pam_sm_open_session.c#4 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_set_mapped_authtok.c b/contrib/openpam/lib/pam_sm_set_mapped_authtok.c index 3a58c7c..cb4f113 100644 --- a/contrib/openpam/lib/pam_sm_set_mapped_authtok.c +++ b/contrib/openpam/lib/pam_sm_set_mapped_authtok.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_set_mapped_authtok.c#3 $ + * $P4: //depot/projects/openpam/lib/pam_sm_set_mapped_authtok.c#4 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_set_mapped_username.c b/contrib/openpam/lib/pam_sm_set_mapped_username.c index e80961f..b8b1f0a 100644 --- a/contrib/openpam/lib/pam_sm_set_mapped_username.c +++ b/contrib/openpam/lib/pam_sm_set_mapped_username.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_set_mapped_username.c#3 $ + * $P4: //depot/projects/openpam/lib/pam_sm_set_mapped_username.c#4 $ */ #include diff --git a/contrib/openpam/lib/pam_sm_setcred.c b/contrib/openpam/lib/pam_sm_setcred.c index 800a295..b4940ad 100644 --- a/contrib/openpam/lib/pam_sm_setcred.c +++ b/contrib/openpam/lib/pam_sm_setcred.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_setcred.c#3 $ + * $P4: //depot/projects/openpam/lib/pam_sm_setcred.c#4 $ */ #include diff --git a/contrib/openpam/lib/pam_start.c b/contrib/openpam/lib/pam_start.c index c1b301d..1711759 100644 --- a/contrib/openpam/lib/pam_start.c +++ b/contrib/openpam/lib/pam_start.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_start.c#14 $ + * $P4: //depot/projects/openpam/lib/pam_start.c#16 $ */ #include @@ -98,14 +98,7 @@ pam_start(const char *service, * It is stored in the =PAM_USER item in the created context. * * The =pam_conv argument points to a =struct pam_conv describing the - * conversation function to use. - * This structure is defined as follows: - * - * struct pam_conv { - * int (*conv)(int, const struct pam_message **, - * struct pam_response **, void *); - * void *appdata_ptr; - * }; + * conversation function to use; see =pam_conv for details. * * >pam_get_item * >pam_set_item diff --git a/contrib/openpam/lib/pam_strerror.c b/contrib/openpam/lib/pam_strerror.c index f436ff5..f32f737 100644 --- a/contrib/openpam/lib/pam_strerror.c +++ b/contrib/openpam/lib/pam_strerror.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_strerror.c#9 $ + * $P4: //depot/projects/openpam/lib/pam_strerror.c#10 $ */ #include diff --git a/contrib/openpam/lib/pam_verror.c b/contrib/openpam/lib/pam_verror.c index 93a7d64..cfb6e0f 100644 --- a/contrib/openpam/lib/pam_verror.c +++ b/contrib/openpam/lib/pam_verror.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_verror.c#5 $ + * $P4: //depot/projects/openpam/lib/pam_verror.c#6 $ */ #include diff --git a/contrib/openpam/lib/pam_vinfo.c b/contrib/openpam/lib/pam_vinfo.c index f86ac02..0c57ec5 100644 --- a/contrib/openpam/lib/pam_vinfo.c +++ b/contrib/openpam/lib/pam_vinfo.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_vinfo.c#5 $ + * $P4: //depot/projects/openpam/lib/pam_vinfo.c#6 $ */ #include @@ -49,7 +49,7 @@ int pam_vinfo(pam_handle_t *pamh, const char *fmt, - va_list ap) + va_list ap) { char *rsp; int r; diff --git a/contrib/openpam/lib/pam_vprompt.c b/contrib/openpam/lib/pam_vprompt.c index eaf9fed..d92768c 100644 --- a/contrib/openpam/lib/pam_vprompt.c +++ b/contrib/openpam/lib/pam_vprompt.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_vprompt.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_vprompt.c#7 $ */ #include diff --git a/contrib/openpam/misc/gendoc.pl b/contrib/openpam/misc/gendoc.pl index cb4c69d..b22468f 100644 --- a/contrib/openpam/misc/gendoc.pl +++ b/contrib/openpam/misc/gendoc.pl @@ -4,9 +4,9 @@ # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# Network Associates Laboratories, the Security Research Division of +# Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +# ("CBOSS"), as part of the DARPA CHATS research program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -32,14 +32,51 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/misc/gendoc.pl#14 $ +# $P4: //depot/projects/openpam/misc/gendoc.pl#18 $ # use strict; use Fcntl; +use Getopt::Std; use POSIX qw(strftime); use vars qw($COPYRIGHT $TODAY %FUNCTIONS %PAMERR); +$COPYRIGHT = ".\\\"- +.\\\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\\\" All rights reserved. +.\\\" +.\\\" This software was developed for the FreeBSD Project by ThinkSec AS and +.\\\" Network Associates Laboratories, the Security Research Division of +.\\\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\\\" (\"CBOSS\"), as part of the DARPA CHATS research program. +.\\\" +.\\\" Redistribution and use in source and binary forms, with or without +.\\\" modification, are permitted provided that the following conditions +.\\\" are met: +.\\\" 1. Redistributions of source code must retain the above copyright +.\\\" notice, this list of conditions and the following disclaimer. +.\\\" 2. Redistributions in binary form must reproduce the above copyright +.\\\" notice, this list of conditions and the following disclaimer in the +.\\\" documentation and/or other materials provided with the distribution. +.\\\" 3. The name of the author may not be used to endorse or promote +.\\\" products derived from this software without specific prior written +.\\\" permission. +.\\\" +.\\\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\\\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\\\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\\\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\\\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\\\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\\\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\\\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\\\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\\\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\\\" SUCH DAMAGE. +.\\\" +.\\\" \$" . "P4" . "\$ +.\\\""; + %PAMERR = ( PAM_SUCCESS => "Success", PAM_OPEN_ERR => "Failed to load module", @@ -91,7 +128,7 @@ sub parse_source($) { if ($fn !~ m,\.c$,) { warn("$fn: not C source, ignoring\n"); - return; + return undef; } sysopen(FILE, $fn, O_RDONLY) @@ -99,19 +136,14 @@ sub parse_source($) { $source = join('', ); close(FILE); - return if ($source =~ m/^ \* NOPARSE\s*$/m); + return undef + if ($source =~ m/^ \* NOPARSE\s*$/m); - if (!defined($COPYRIGHT) && $source =~ m,^(/\*-\n.*?)\s*\*/,s) { - $COPYRIGHT = $1; - $COPYRIGHT =~ s,^.\*,.\\\",gm; - $COPYRIGHT =~ s,(\$(?:)P4).*?\$,$1\$,; - $COPYRIGHT .= "\n.\\\""; - } $func = $fn; $func =~ s,^(?:.*/)?([^/]+)\.c$,$1,; if ($source !~ m,\n \* ([\S ]+)\n \*/\n\n([\S ]+)\n$func\((.*?)\)\n\{,s) { warn("$fn: can't find $func\n"); - return; + return undef; } ($descr, $type, $args) = ($1, $2, $3); $descr =~ s,^([A-Z][a-z]),lc($1),e; @@ -156,7 +188,7 @@ sub parse_source($) { if ($inliteral) { $man .= "\0\n"; } elsif ($inlist) { - $man .= ".El\n"; + $man .= ".El\n.Pp\n"; $inlist = 0; } else { $man .= ".Pp\n"; @@ -182,7 +214,7 @@ sub parse_source($) { $man .= "$_\n"; next; } elsif ($inlist && m/^\S/) { - $man .= ".El\n"; + $man .= ".El\n.Pp\n"; $inlist = 0; } elsif ($inliteral && m/^\S/) { $man .= ".Ed\n"; @@ -231,6 +263,7 @@ sub parse_source($) { } $FUNCTIONS{$func} = { + 'source' => $fn, 'name' => $func, 'descr' => $descr, 'type' => $type, @@ -249,6 +282,8 @@ sub parse_source($) { if ($source !~ m/^ \* XSSO \d/m) { $FUNCTIONS{$func}->{'openpam'} = 1; } + expand_errors($FUNCTIONS{$func}); + return $FUNCTIONS{$func}; } sub expand_errors($); @@ -256,6 +291,8 @@ sub expand_errors($) { my $func = shift; # Ref to function hash my %errors; + my $ref; + my $fn; if (defined($func->{'recursed'})) { warn("$func->{'name'}(): loop in error spec\n"); @@ -273,11 +310,17 @@ sub expand_errors($) { } elsif (m/^!(PAM_[A-Z_]+)$/) { # treat negations separately } elsif (m/^=([a-z_]+)$/) { - if (!defined($FUNCTIONS{$1})) { - warn("$func->{'name'}(): reference to unknown $1()\n"); + $ref = $1; + if (!defined($FUNCTIONS{$ref})) { + $fn = $func->{'source'}; + $fn =~ s/$func->{'name'}/$ref/; + parse_source($fn); + } + if (!defined($FUNCTIONS{$ref})) { + warn("$func->{'name'}(): reference to unknown $ref()\n"); next; } - foreach (expand_errors($FUNCTIONS{$1})) { + foreach (@{$FUNCTIONS{$ref}->{'errors'}}) { $errors{$_} = 1; } } else { @@ -290,7 +333,7 @@ sub expand_errors($) { } } delete($func->{'recursed'}); - return (sort(keys(%errors))); + $func->{'errors'} = [ sort(keys(%errors)) ]; } sub gendoc($) { @@ -332,7 +375,7 @@ The function returns one of the following values: .Bl -tag -width 18n "; - my @errors = expand_errors($func); + my @errors = @{$func->{'errors'}}; warn("$func->{'name'}(): no error specification\n") unless(@errors); foreach (@errors) { @@ -372,8 +415,9 @@ function is an OpenPAM extension. The .Nm function and this manual page were developed for the FreeBSD Project -by ThinkSec AS and NAI Labs, the Security Research Division of Network -Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +by ThinkSec AS and Network Associates Laboratories, the Security +Research Division of Network Associates, Inc. under DARPA/SPAWAR +contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. "; @@ -387,73 +431,144 @@ as part of the DARPA CHATS research program. } } -sub gensummary() { +sub readproto($) { + my $fn = shift; # File name + + local *FILE; + my %func; + + sysopen(FILE, $fn, O_RDONLY) + or die("$fn: open(): $!\n"); + while () { + if (m/^\.Nm ((?:open)?pam_.*?)\s*$/) { + $func{'Nm'} = $func{'Nm'} || $1; + } elsif (m/^\.Ft (\S.*?)\s*$/) { + $func{'Ft'} = $func{'Ft'} || $1; + } elsif (m/^\.Fn (\S.*?)\s*$/) { + $func{'Fn'} = $func{'Fn'} || $1; + } + } + close(FILE); + if ($func{'Nm'}) { + $FUNCTIONS{$func{'Nm'}} = \%func; + } else { + warn("No function found\n"); + } +} + +sub gensummary($) { + my $page = shift; # Which page to produce + local *FILE; + my $upage; my $func; + my %xref; + + sysopen(FILE, "$page.3", O_RDWR|O_CREAT|O_TRUNC) + or die("$page.3: $!\n"); - print "$COPYRIGHT + $upage = uc($page); + print FILE "$COPYRIGHT .Dd $TODAY -.Dt PAM 3 +.Dt $upage 3 .Os .Sh NAME "; my @funcs = sort(keys(%FUNCTIONS)); while ($func = shift(@funcs)) { - next if (defined($FUNCTIONS{$func}->{'nolist'})); - print ".Nm $func". (@funcs ? " ,\n" : "\n"); + print FILE ".Nm $FUNCTIONS{$func}->{'Nm'}"; + print FILE " ," + if (@funcs); + print FILE "\n"; } - print ".Nd Pluggable Authentication Modules Library + print FILE ".Nd Pluggable Authentication Modules Library .Sh LIBRARY .Lb libpam -.Sh SYNOPSIS -.In security/pam_appl.h -"; +.Sh SYNOPSIS\n"; + if ($page eq 'pam') { + print FILE ".In security/pam_appl.h\n"; + } else { + print FILE ".In security/openpam.h\n"; + } foreach $func (sort(keys(%FUNCTIONS))) { - next if (defined($FUNCTIONS{$func}->{'nolist'})); - print ".Ft $FUNCTIONS{$func}->{'type'}\n"; - print ".Fn $func $FUNCTIONS{$func}->{'args'}\n"; + print FILE ".Ft $FUNCTIONS{$func}->{'Ft'}\n"; + print FILE ".Fn $FUNCTIONS{$func}->{'Fn'}\n"; } - print ".Sh DESCRIPTION -.Sh RETURN VALUES -The following return codes are defined in the -.In security/pam_constants.h -header: + while () { + if (m/^\.Xr (\S+)\s*(\d)\s*$/) { + $xref{$1} = $2; + } + print FILE $_; + } + + if ($page eq 'pam') { + print FILE ".Sh RETURN VALUES +The following return codes are defined by +.Aq Pa security/pam_constants.h : .Bl -tag -width 18n "; - foreach (sort(keys(%PAMERR))) { - print ".It Bq Er $_\n$PAMERR{$_}.\n"; + foreach (sort(keys(%PAMERR))) { + print FILE ".It Bq Er $_\n$PAMERR{$_}.\n"; + } + print FILE ".El\n"; } - print ".El -.Sh SEE ALSO + print FILE ".Sh SEE ALSO "; - foreach $func (sort(keys(%FUNCTIONS))) { - next if (defined($FUNCTIONS{$func}->{'nolist'})); - print ".Xr $func 3 ,\n"; + print FILE ".Xr openpam 3\n" + if ($page eq 'pam'); + foreach $func (keys(%FUNCTIONS)) { + $xref{$func} = 3; + } + my @refs = sort(keys(%xref)); + while ($_ = shift(@refs)) { + print FILE ".Xr $_ $xref{$_}"; + print FILE " ," + if (@refs); + print FILE "\n"; } - print ".Xr pam.conf 5 -.Sh STANDARDS + print FILE ".Sh STANDARDS .Rs .%T \"X/Open Single Sign-On Service (XSSO) - Pluggable Authentication Modules\" .%D \"June 1997\" .Re .Sh AUTHORS The OpenPAM library and this manual page were developed for the -FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research -Division of Network Associates, Inc. under DARPA/SPAWAR contract -N66001-01-C-8035 +FreeBSD Project by ThinkSec AS and Network Associates Laboratories, +the Security Research Division of Network Associates, Inc. under +DARPA/SPAWAR contract N66001-01-C-8035 .Pq Dq CBOSS , as part of the DARPA CHATS research program. -" +"; + close(FILE); +} + +sub usage() { + + print(STDERR "usage: gendoc [-s] source [...]\n"); + exit(1); } MAIN:{ + my %opts; + + usage() + unless (@ARGV && getopts("op", \%opts)); $TODAY = strftime("%B %e, %Y", localtime(time())); $TODAY =~ s,\s+, ,g; - foreach my $fn (@ARGV) { - parse_source($fn); - } - foreach my $func (values(%FUNCTIONS)) { - gendoc($func); + if ($opts{'o'} || $opts{'p'}) { + foreach my $fn (@ARGV) { + readproto($fn); + } + gensummary('openpam') + if ($opts{'o'}); + gensummary('pam') + if ($opts{'p'}); + } else { + foreach my $fn (@ARGV) { + my $func = parse_source($fn); + gendoc($func) + if (defined($func)); + } } - gensummary(); + exit(0); } diff --git a/contrib/openpam/modules/Makefile b/contrib/openpam/modules/Makefile index ef49c2d..e14652b 100644 --- a/contrib/openpam/modules/Makefile +++ b/contrib/openpam/modules/Makefile @@ -3,9 +3,9 @@ # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# Network Associates Laboratories, the Security Research Division of +# Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +# ("CBOSS"), as part of the DARPA CHATS research program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -31,12 +31,13 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/modules/Makefile#5 $ +# $P4: //depot/projects/openpam/modules/Makefile#7 $ # SUBDIR = SUBDIR += pam_deny SUBDIR += pam_dummy SUBDIR += pam_permit +SUBDIR += pam_unix .include diff --git a/contrib/openpam/modules/pam_deny/Makefile b/contrib/openpam/modules/pam_deny/Makefile index 2a160e8..502fc8b 100644 --- a/contrib/openpam/modules/pam_deny/Makefile +++ b/contrib/openpam/modules/pam_deny/Makefile @@ -3,9 +3,9 @@ # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# Network Associates Laboratories, the Security Research Division of +# Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +# ("CBOSS"), as part of the DARPA CHATS research program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/modules/pam_deny/Makefile#4 $ +# $P4: //depot/projects/openpam/modules/pam_deny/Makefile#5 $ # LIB = pam_deny diff --git a/contrib/openpam/modules/pam_deny/pam_deny.c b/contrib/openpam/modules/pam_deny/pam_deny.c index 9ee3a5a..1f83ca5 100644 --- a/contrib/openpam/modules/pam_deny/pam_deny.c +++ b/contrib/openpam/modules/pam_deny/pam_deny.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/modules/pam_deny/pam_deny.c#6 $ + * $P4: //depot/projects/openpam/modules/pam_deny/pam_deny.c#7 $ */ #include diff --git a/contrib/openpam/modules/pam_dummy/Makefile b/contrib/openpam/modules/pam_dummy/Makefile index 76d4c98..9032408 100644 --- a/contrib/openpam/modules/pam_dummy/Makefile +++ b/contrib/openpam/modules/pam_dummy/Makefile @@ -3,9 +3,9 @@ # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# Network Associates Laboratories, the Security Research Division of +# Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +# ("CBOSS"), as part of the DARPA CHATS research program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/modules/pam_dummy/Makefile#3 $ +# $P4: //depot/projects/openpam/modules/pam_dummy/Makefile#4 $ # LIB = pam_dummy diff --git a/contrib/openpam/modules/pam_dummy/pam_dummy.c b/contrib/openpam/modules/pam_dummy/pam_dummy.c index a83f2b9..61b03f3 100644 --- a/contrib/openpam/modules/pam_dummy/pam_dummy.c +++ b/contrib/openpam/modules/pam_dummy/pam_dummy.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/modules/pam_dummy/pam_dummy.c#4 $ + * $P4: //depot/projects/openpam/modules/pam_dummy/pam_dummy.c#5 $ */ #include diff --git a/contrib/openpam/modules/pam_permit/Makefile b/contrib/openpam/modules/pam_permit/Makefile index b265f52..08038c4 100644 --- a/contrib/openpam/modules/pam_permit/Makefile +++ b/contrib/openpam/modules/pam_permit/Makefile @@ -3,9 +3,9 @@ # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS and -# NAI Labs, the Security Research Division of Network Associates, Inc. -# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the -# DARPA CHATS research program. +# Network Associates Laboratories, the Security Research Division of +# Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +# ("CBOSS"), as part of the DARPA CHATS research program. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/modules/pam_permit/Makefile#4 $ +# $P4: //depot/projects/openpam/modules/pam_permit/Makefile#5 $ # LIB = pam_permit diff --git a/contrib/openpam/modules/pam_permit/pam_permit.c b/contrib/openpam/modules/pam_permit/pam_permit.c index ad7e56c..2a974e7 100644 --- a/contrib/openpam/modules/pam_permit/pam_permit.c +++ b/contrib/openpam/modules/pam_permit/pam_permit.c @@ -3,9 +3,9 @@ * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and - * NAI Labs, the Security Research Division of Network Associates, Inc. - * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the - * DARPA CHATS research program. + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/modules/pam_permit/pam_permit.c#6 $ + * $P4: //depot/projects/openpam/modules/pam_permit/pam_permit.c#7 $ */ #include diff --git a/contrib/openpam/modules/pam_unix/Makefile b/contrib/openpam/modules/pam_unix/Makefile new file mode 100644 index 0000000..0352b32 --- /dev/null +++ b/contrib/openpam/modules/pam_unix/Makefile @@ -0,0 +1,44 @@ +#- +# Copyright (c) 2002 Networks Associates Technology, Inc. +# All rights reserved. +# +# This software was developed for the FreeBSD Project by ThinkSec AS and +# Network Associates Laboratories, the Security Research Division of +# Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +# ("CBOSS"), as part of the DARPA CHATS research program. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. The name of the author may not be used to endorse or promote +# products derived from this software without specific prior written +# permission. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $P4: //depot/projects/openpam/modules/pam_unix/Makefile#2 $ +# + +LIB = pam_unix +SHLIB_NAME = pam_unix.so +SRCS = pam_unix.c +CFLAGS += -I${.CURDIR}/../../include +DPADD = ${LIBCRYPT} +LDADD = -lcrypt + +.include diff --git a/contrib/openpam/modules/pam_unix/pam_unix.c b/contrib/openpam/modules/pam_unix/pam_unix.c new file mode 100644 index 0000000..7d25d8a --- /dev/null +++ b/contrib/openpam/modules/pam_unix/pam_unix.c @@ -0,0 +1,163 @@ +/*- + * Copyright (c) 2002 Networks Associates Technology, Inc. + * All rights reserved. + * + * This software was developed for the FreeBSD Project by ThinkSec AS and + * Network Associates Laboratories, the Security Research Division of + * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $P4: //depot/projects/openpam/modules/pam_unix/pam_unix.c#2 $ + */ + +#include + +#include +#include +#include +#include +#include + +#include + +#ifndef _OPENPAM +static char password_prompt[] = "Password:"; +#endif + +#ifndef PAM_EXTERN +#define PAM_EXTERN +#endif + +PAM_EXTERN int +pam_sm_authenticate(pam_handle_t *pamh, int flags, + int argc, const char *argv[]) +{ +#ifndef _OPENPAM + struct pam_conv *conv; + struct pam_message msg; + const struct pam_message *msgp; + struct pam_response *resp; +#endif + struct passwd *pwd; + const char *user; + char *crypt_password, *password; + int pam_err, retry; + + /* identify user */ + if ((pam_err = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS) + return (pam_err); + if ((pwd = getpwnam(user)) == NULL) + return (PAM_USER_UNKNOWN); + + /* get password */ +#ifndef _OPENPAM + pam_err = pam_get_item(pamh, PAM_CONV, (const void **)&conv); + if (pam_err != PAM_SUCCESS) + return (PAM_SYSTEM_ERR); + msg.msg_style = PAM_PROMPT_ECHO_OFF; + msg.msg = password_prompt; + msgp = &msg; +#endif + for (retry = 0; retry < 3; ++retry) { +#ifdef _OPENPAM + pam_err = pam_get_authtok(pamh, PAM_AUTHTOK, + (const char **)&password, NULL); +#else + resp = NULL; + pam_err = (*conv->conv)(1, &msgp, &resp, conv->appdata_ptr); + if (resp != NULL) { + if (pam_err == PAM_SUCCESS) + password = resp->resp; + else + free(resp->resp); + free(resp); + } +#endif + if (pam_err == PAM_SUCCESS) + break; + } + if (pam_err == PAM_CONV_ERR) + return (pam_err); + if (pam_err != PAM_SUCCESS) + return (PAM_AUTH_ERR); + + /* compare passwords */ + if ((!pwd->pw_passwd[0] && (flags & PAM_DISALLOW_NULL_AUTHTOK)) || + (crypt_password = crypt(password, pwd->pw_passwd)) == NULL || + strcmp(crypt_password, pwd->pw_passwd) != 0) + pam_err = PAM_AUTH_ERR; + else + pam_err = PAM_SUCCESS; +#ifndef _OPENPAM + free(password); +#endif + return (pam_err); +} + +PAM_EXTERN int +pam_sm_setcred(pam_handle_t *pamh, int flags, + int argc, const char *argv[]) +{ + + return (PAM_SUCCESS); +} + +PAM_EXTERN int +pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, + int argc, const char *argv[]) +{ + + return (PAM_SUCCESS); +} + +PAM_EXTERN int +pam_sm_open_session(pam_handle_t *pamh, int flags, + int argc, const char *argv[]) +{ + + return (PAM_SUCCESS); +} + +PAM_EXTERN int +pam_sm_close_session(pam_handle_t *pamh, int flags, + int argc, const char *argv[]) +{ + + return (PAM_SUCCESS); +} + +PAM_EXTERN int +pam_sm_chauthtok(pam_handle_t *pamh, int flags, + int argc, const char *argv[]) +{ + + return (PAM_SERVICE_ERR); +} + +#ifdef PAM_MODULE_ENTRY +PAM_MODULE_ENTRY("pam_unix"); +#endif -- cgit v1.1