summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
authorDmitry V. Levin <ldv@altlinux.org>2012-02-03 00:13:44 +0000
committerDmitry V. Levin <ldv@altlinux.org>2012-02-03 00:13:44 +0000
commit3c69856acf9af74368b789b1ed867b433db0ed02 (patch)
treebeb903eaa0c4ea459ecfa833c9ed2fa469e88e40 /modules
parentfa1cf8afa8d482753900a1ac8a171b977bf40e15 (diff)
pam_unix: make configuration consistent in --enable-static-modules mode
In --enable-static-modules mode, it was not possible to use "pam_unix" in PAM config files. Instead, different names had to be used for each management group: pam_unix_auth, pam_unix_acct, pam_unix_passwd and pam_unix_session. This change makes pam_unix configuration consistent with other PAM modules. * README: Remove the paragraph describing pam_unix distinctions in --enable-static-modules mode. * libpam/pam_static_modules.h (_pam_unix_acct_modstruct, _pam_unix_auth_modstruct, _pam_unix_passwd_modstruct, _pam_unix_session_modstruct): Remove. (_pam_unix_modstruct): New pam_module declaration. * modules/pam_unix/pam_unix_static.h: New file. * modules/pam_unix/pam_unix_static.c: Likewise. * modules/pam_unix/Makefile.am (noinst_HEADERS): Add pam_unix_static.h (pam_unix_la_SOURCES) [STATIC_MODULES]: Add pam_unix_static.c * modules/pam_unix/pam_unix_acct.c [PAM_STATIC]: Include pam_unix_static.h [PAM_STATIC] (_pam_unix_acct_modstruct): Remove. * modules/pam_unix/pam_unix_auth.c [PAM_STATIC]: Include pam_unix_static.h [PAM_STATIC] (_pam_unix_auth_modstruct): Remove. * modules/pam_unix/pam_unix_passwd.c [PAM_STATIC]: Include pam_unix_static.h [PAM_STATIC] (_pam_unix_passwd_modstruct): Remove. * modules/pam_unix/pam_unix_sess.c [PAM_STATIC]: Include pam_unix_static.h [PAM_STATIC] (_pam_unix_session_modstruct): Remove. Suggested-by: Matveychikov Ilya <i.matveychikov@securitycode.ru>
Diffstat (limited to 'modules')
-rw-r--r--modules/pam_unix/Makefile.am6
-rw-r--r--modules/pam_unix/pam_unix_acct.c24
-rw-r--r--modules/pam_unix/pam_unix_auth.c25
-rw-r--r--modules/pam_unix/pam_unix_passwd.c25
-rw-r--r--modules/pam_unix/pam_unix_sess.c27
-rw-r--r--modules/pam_unix/pam_unix_static.c23
-rw-r--r--modules/pam_unix/pam_unix_static.h6
7 files changed, 65 insertions, 71 deletions
diff --git a/modules/pam_unix/Makefile.am b/modules/pam_unix/Makefile.am
index ab0d55ac..56ed5916 100644
--- a/modules/pam_unix/Makefile.am
+++ b/modules/pam_unix/Makefile.am
@@ -34,7 +34,8 @@ pam_unix_la_LIBADD = $(top_builddir)/libpam/libpam.la \
securelib_LTLIBRARIES = pam_unix.la
-noinst_HEADERS = md5.h support.h yppasswd.h bigcrypt.h passverify.h
+noinst_HEADERS = md5.h support.h yppasswd.h bigcrypt.h passverify.h \
+ pam_unix_static.h
sbin_PROGRAMS = unix_chkpwd unix_update
@@ -43,6 +44,9 @@ noinst_PROGRAMS = bigcrypt
pam_unix_la_SOURCES = bigcrypt.c pam_unix_acct.c \
pam_unix_auth.c pam_unix_passwd.c pam_unix_sess.c support.c \
passverify.c yppasswd_xdr.c md5_good.c md5_broken.c
+if STATIC_MODULES
+pam_unix_la_SOURCES += pam_unix_static.c
+endif
bigcrypt_SOURCES = bigcrypt.c bigcrypt_main.c
bigcrypt_CFLAGS = $(AM_CFLAGS)
diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c
index 2731b8bc..8e90cc9a 100644
--- a/modules/pam_unix/pam_unix_acct.c
+++ b/modules/pam_unix/pam_unix_acct.c
@@ -52,7 +52,11 @@
/* indicate that the following groups are defined */
-#define PAM_SM_ACCOUNT
+#ifdef PAM_STATIC
+# include "pam_unix_static.h"
+#else
+# define PAM_SM_ACCOUNT
+#endif
#include <security/pam_modules.h>
#include <security/pam_ext.h>
@@ -178,8 +182,8 @@ int _unix_run_verify_binary(pam_handle_t *pamh, unsigned int ctrl,
* account management module.
*/
-PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
- int argc, const char **argv)
+int
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
unsigned int ctrl;
const void *void_uname;
@@ -291,17 +295,3 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
return retval;
}
-
-
-/* static module data */
-#ifdef PAM_STATIC
-struct pam_module _pam_unix_acct_modstruct = {
- "pam_unix_acct",
- NULL,
- NULL,
- pam_sm_acct_mgmt,
- NULL,
- NULL,
- NULL,
-};
-#endif
diff --git a/modules/pam_unix/pam_unix_auth.c b/modules/pam_unix/pam_unix_auth.c
index 1379d96c..44573e6c 100644
--- a/modules/pam_unix/pam_unix_auth.c
+++ b/modules/pam_unix/pam_unix_auth.c
@@ -50,7 +50,11 @@
/* indicate the following groups are defined */
-#define PAM_SM_AUTH
+#ifdef PAM_STATIC
+# include "pam_unix_static.h"
+#else
+# define PAM_SM_AUTH
+#endif
#define _PAM_EXTERN_FUNCTIONS
#include <security/_pam_macros.h>
@@ -98,9 +102,8 @@ setcred_free (pam_handle_t *pamh UNUSED, void *ptr, int err UNUSED)
free (ptr);
}
-
-PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags
- ,int argc, const char **argv)
+int
+pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
unsigned int ctrl;
int retval, *ret_data = NULL;
@@ -190,7 +193,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags
* warned you. -- AOY
*/
-PAM_EXTERN int
+int
pam_sm_setcred (pam_handle_t *pamh, int flags UNUSED,
int argc UNUSED, const char **argv UNUSED)
{
@@ -213,15 +216,3 @@ pam_sm_setcred (pam_handle_t *pamh, int flags UNUSED,
return retval;
}
-
-#ifdef PAM_STATIC
-struct pam_module _pam_unix_auth_modstruct = {
- "pam_unix_auth",
- pam_sm_authenticate,
- pam_sm_setcred,
- NULL,
- NULL,
- NULL,
- NULL,
-};
-#endif
diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index 498a81c6..e9059d3c 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -63,7 +63,11 @@
/* indicate the following groups are defined */
-#define PAM_SM_PASSWORD
+#ifdef PAM_STATIC
+# include "pam_unix_static.h"
+#else
+# define PAM_SM_PASSWORD
+#endif
#include <security/pam_modules.h>
#include <security/pam_ext.h>
@@ -523,9 +527,8 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh
return retval;
}
-
-PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
- int argc, const char **argv)
+int
+pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
unsigned int ctrl, lctrl;
int retval;
@@ -823,17 +826,3 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
return retval;
}
-
-
-/* static module data */
-#ifdef PAM_STATIC
-struct pam_module _pam_unix_passwd_modstruct = {
- "pam_unix_passwd",
- NULL,
- NULL,
- NULL,
- NULL,
- NULL,
- pam_sm_chauthtok,
-};
-#endif
diff --git a/modules/pam_unix/pam_unix_sess.c b/modules/pam_unix/pam_unix_sess.c
index 72046ea0..d1376732 100644
--- a/modules/pam_unix/pam_unix_sess.c
+++ b/modules/pam_unix/pam_unix_sess.c
@@ -49,7 +49,11 @@
/* indicate the following groups are defined */
-#define PAM_SM_SESSION
+#ifdef PAM_STATIC
+# include "pam_unix_static.h"
+#else
+# define PAM_SM_SESSION
+#endif
#include <security/_pam_macros.h>
#include <security/pam_modules.h>
@@ -63,8 +67,8 @@
* session module.
*/
-PAM_EXTERN int pam_sm_open_session(pam_handle_t * pamh, int flags,
- int argc, const char **argv)
+int
+pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
char *user_name, *service;
unsigned int ctrl;
@@ -98,8 +102,8 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t * pamh, int flags,
return PAM_SUCCESS;
}
-PAM_EXTERN int pam_sm_close_session(pam_handle_t * pamh, int flags,
- int argc, const char **argv)
+int
+pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
char *user_name, *service;
unsigned int ctrl;
@@ -127,16 +131,3 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t * pamh, int flags,
return PAM_SUCCESS;
}
-
-/* static module data */
-#ifdef PAM_STATIC
-struct pam_module _pam_unix_session_modstruct = {
- "pam_unix_session",
- NULL,
- NULL,
- NULL,
- pam_sm_open_session,
- pam_sm_close_session,
- NULL,
-};
-#endif
diff --git a/modules/pam_unix/pam_unix_static.c b/modules/pam_unix/pam_unix_static.c
new file mode 100644
index 00000000..160268c9
--- /dev/null
+++ b/modules/pam_unix/pam_unix_static.c
@@ -0,0 +1,23 @@
+#include "config.h"
+
+#ifdef PAM_STATIC
+
+#define static extern
+#define PAM_SM_ACCOUNT
+#define PAM_SM_AUTH
+#define PAM_SM_PASSWORD
+#define PAM_SM_SESSION
+#include "pam_unix_static.h"
+#include <security/pam_modules.h>
+
+struct pam_module _pam_unix_modstruct = {
+ "pam_unix",
+ pam_sm_authenticate,
+ pam_sm_setcred,
+ pam_sm_acct_mgmt,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ pam_sm_chauthtok,
+};
+
+#endif
diff --git a/modules/pam_unix/pam_unix_static.h b/modules/pam_unix/pam_unix_static.h
new file mode 100644
index 00000000..39b05efe
--- /dev/null
+++ b/modules/pam_unix/pam_unix_static.h
@@ -0,0 +1,6 @@
+#define pam_sm_acct_mgmt _pam_unix_sm_acct_mgmt
+#define pam_sm_authenticate _pam_unix_sm_authenticate
+#define pam_sm_setcred _pam_unix_sm_setcred
+#define pam_sm_chauthtok _pam_unix_sm_chauthtok
+#define pam_sm_open_session _pam_unix_sm_open_session
+#define pam_sm_close_session _pam_unix_sm_close_session