summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ABOUT-NLS1
-rw-r--r--CHANGELOG21
-rw-r--r--COPYING1
-rw-r--r--Copyright1
-rw-r--r--INSTALL1
-rw-r--r--Make.xml.rules1
-rw-r--r--NEWS2
-rw-r--r--conf/pam.conf1
-rw-r--r--conf/pam_conv1/README1
-rw-r--r--doc/Makefile.am1
-rw-r--r--doc/man/pam_chauthtok.3.xml2
-rw-r--r--doc/man/pam_get_user.3.xml8
-rw-r--r--doc/man/pam_set_data.3.xml2
-rw-r--r--doc/man/pam_sm_authenticate.3.xml4
-rw-r--r--doc/man/pam_xauth_data.3.xml2
-rw-r--r--doc/specs/.cvsignore1
-rw-r--r--doc/specs/draft-morgan-pam.raw6
-rw-r--r--doc/specs/parse_y.y8
-rw-r--r--doc/specs/rfc86.0.txt6
-rw-r--r--dynamic/test.c4
-rw-r--r--examples/.cvsignore1
-rw-r--r--examples/README1
-rw-r--r--examples/blank.c4
-rw-r--r--examples/check_user.c4
-rw-r--r--examples/vpass.c2
-rw-r--r--libpam/.cvsignore1
-rw-r--r--libpam/pam_audit.c4
-rw-r--r--libpam/pam_delay.c1
-rw-r--r--libpam/pam_dispatch.c8
-rw-r--r--libpam/pam_dynamic.c10
-rw-r--r--libpam/pam_handlers.c18
-rw-r--r--libpam/pam_item.c6
-rw-r--r--libpam/pam_misc.c2
-rw-r--r--libpam/pam_modutil_getgrgid.c12
-rw-r--r--libpam/pam_modutil_getgrnam.c8
-rw-r--r--libpam/pam_modutil_getpwnam.c8
-rw-r--r--libpam/pam_modutil_getpwuid.c12
-rw-r--r--libpam/pam_modutil_getspnam.c8
-rw-r--r--libpam/pam_modutil_ingroup.c2
-rw-r--r--libpam/pam_prelude.h1
-rw-r--r--libpam/pam_session.c2
-rw-r--r--libpam/pam_tokens.h4
-rw-r--r--libpam_misc/Makefile.am1
-rw-r--r--libpam_misc/include/security/pam_misc.h4
-rw-r--r--libpam_misc/misc_conv.c2
-rw-r--r--libpamc/License1
-rw-r--r--libpamc/include/security/pam_client.h2
-rw-r--r--libpamc/pamc_client.c6
-rw-r--r--libpamc/pamc_load.c8
-rwxr-xr-xlibpamc/test/agents/secret@here9
-rw-r--r--libpamc/test/modules/pam_secret.c2
-rw-r--r--libpamc/test/regress/test.libpamc.c4
-rwxr-xr-xlibpamc/test/regress/test.secret@here3
-rw-r--r--m4/japhar_grep_cflags.m41
-rw-r--r--m4/libprelude.m42
-rw-r--r--modules/modules.map3
-rw-r--r--modules/pam_access/pam_access.c8
-rw-r--r--modules/pam_env/pam_env.conf16
-rw-r--r--modules/pam_env/pam_env.conf.5.xml2
-rw-r--r--modules/pam_exec/pam_exec.8.xml8
-rw-r--r--modules/pam_exec/pam_exec.c2
-rw-r--r--modules/pam_keyinit/pam_keyinit.c1
-rw-r--r--modules/pam_limits/pam_limits.c16
-rw-r--r--modules/pam_mkhomedir/mkhomedir_helper.c14
-rw-r--r--modules/pam_mkhomedir/pam_mkhomedir.c2
-rw-r--r--modules/pam_namespace/md5.c2
-rw-r--r--modules/pam_namespace/namespace.conf4
-rw-r--r--modules/pam_namespace/namespace.conf.5.xml6
-rwxr-xr-xmodules/pam_namespace/namespace.init2
-rw-r--r--modules/pam_namespace/pam_namespace.c330
-rw-r--r--modules/pam_namespace/pam_namespace.h7
-rw-r--r--modules/pam_pwhistory/opasswd.c4
-rw-r--r--modules/pam_securetty/pam_securetty.c4
-rw-r--r--modules/pam_selinux/Makefile.am3
-rw-r--r--modules/pam_selinux/pam_selinux.c44
-rw-r--r--modules/pam_selinux/pam_selinux_check.82
-rw-r--r--modules/pam_sepermit/pam_sepermit.c15
-rw-r--r--modules/pam_shells/pam_shells.c2
-rw-r--r--modules/pam_stress/pam_stress.c2
-rw-r--r--modules/pam_tally/pam_tally.c40
-rw-r--r--modules/pam_tally/pam_tally_app.c1
-rw-r--r--modules/pam_tally2/pam_tally2.c38
-rw-r--r--modules/pam_tally2/pam_tally2_app.c1
-rw-r--r--modules/pam_time/pam_time.c4
-rw-r--r--modules/pam_time/time.conf2
-rw-r--r--modules/pam_time/time.conf.5.xml2
-rw-r--r--modules/pam_timestamp/hmacfile.c2
-rw-r--r--modules/pam_timestamp/hmacsha1.c4
-rw-r--r--modules/pam_timestamp/pam_timestamp.8.xml1
-rw-r--r--modules/pam_timestamp/pam_timestamp_check.8.xml1
-rw-r--r--modules/pam_timestamp/sha1.c2
-rw-r--r--modules/pam_unix/CHANGELOG5
-rw-r--r--modules/pam_unix/bigcrypt.c8
-rw-r--r--modules/pam_unix/md5.c2
-rw-r--r--modules/pam_unix/pam_unix_auth.c2
-rw-r--r--modules/pam_unix/pam_unix_passwd.c4
-rw-r--r--modules/pam_unix/pam_unix_sess.c5
-rw-r--r--modules/pam_unix/passverify.c20
-rw-r--r--modules/pam_unix/support.c4
-rw-r--r--modules/pam_unix/unix_update.c2
-rw-r--r--modules/pam_userdb/Makefile.am1
-rw-r--r--modules/pam_userdb/create.pl4
-rw-r--r--modules/pam_userdb/pam_userdb.c10
-rw-r--r--modules/pam_userdb/pam_userdb.h2
-rw-r--r--po/.cvsignore1
-rw-r--r--tests/tst-dlopen.c1
-rw-r--r--xtests/group.conf1
-rw-r--r--xtests/tst-pam_access1.pamd1
-rw-r--r--xtests/tst-pam_access2.pamd1
-rw-r--r--xtests/tst-pam_access3.pamd1
-rw-r--r--xtests/tst-pam_access4.pamd1
-rw-r--r--xtests/tst-pam_authfail.c4
-rw-r--r--xtests/tst-pam_authsucceed.c4
-rw-r--r--xtests/tst-pam_dispatch3.pamd1
-rw-r--r--xtests/tst-pam_group1.pamd1
-rw-r--r--xtests/tst-pam_limits1.pamd1
-rw-r--r--xtests/tst-pam_pwhistory1.pamd1
-rw-r--r--xtests/tst-pam_substack1.pamd2
-rw-r--r--xtests/tst-pam_unix1.pamd1
-rw-r--r--xtests/tst-pam_unix2.pamd1
-rw-r--r--xtests/tst-pam_unix3.pamd1
-rw-r--r--xtests/tst-pam_unix4.pamd1
122 files changed, 436 insertions, 493 deletions
diff --git a/ABOUT-NLS b/ABOUT-NLS
index 3575535a..680627f2 100644
--- a/ABOUT-NLS
+++ b/ABOUT-NLS
@@ -1108,4 +1108,3 @@ developed inside the GNU project. Therefore the information given above
applies also for every other Free Software Project. Contact
`translation@iro.umontreal.ca' to make the `.pot' files available to
the translation teams.
-
diff --git a/CHANGELOG b/CHANGELOG
index 02d081a8..a997c0f5 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -129,17 +129,17 @@ bug report - outstanding bugs are listed here:
* libpam: Fix debug code (kukuk)
* pam_limits: Fix order of LIMITS_DEF_* priorities (kukuk)
* pam_xauth: preserve DISPLAY variable (Novell #66885 - kukuk)
-* libpam: Add prelude ids (http://www.prelude-ids.org) support,
+* libpam: Add prelude ids (http://www.prelude-ids.org) support,
as experimental. (toady)
-* configure: Add the directory where new versions of cracklib is
- installed (from Jim Gifford - toady)
+* configure: Add the directory where new versions of cracklib is
+ installed (from Jim Gifford - toady)
* libpamc: Use standard u_intX_t types instead of __uX (kukuk)
0.78: Do Nov 18 14:48:36 CET 2004
* pam_unix: change the order of trying password changes - local first,
NIS second (t8m)
-* pam_wheel: add option only_root to make it affect authentication
+* pam_wheel: add option only_root to make it affect authentication
to root account only
* pam_unix: test return values on renaming files and report error to
syslog and to user
@@ -175,7 +175,7 @@ bug report - outstanding bugs are listed here:
The whole idea is to create few "systemwide" pam configs and include
parts of them in application pam configs.
(patch by "Dmitry V. Levin" <ldv@altlinux.org>) (Bug 812567 - baggins).
-* doc/modules/pam_mkhomedir.sgml: Remove wrong debug options
+* doc/modules/pam_mkhomedir.sgml: Remove wrong debug options
(Bug 591605 - kukuk)
* pam_unix: Call password checking helper whenever the password field
contains only one character (Bug 1027903 - kukuk)
@@ -1050,7 +1050,7 @@ libpam. Prior versions were buggy - see bugfix for Bug 129775.
(otherwise /etc/pam.conf is treated as before)
- given /etc/pam.d/
. config files are named (in lower case) by service-name
- . config files have same syntax as /etc/pam.conf except
+ . config files have same syntax as /etc/pam.conf except
that the "service-name" field is not present. (there
are thus three manditory fields (and arguments are
optional):
@@ -1207,7 +1207,7 @@ Sat Nov 30 19:30:20 PST 1996, Andrew Morgan <morgan@parc.power.net>
also some coverage of libpam_misc in the App. Developers' guide.
* Cristian's patches to pam_limits and pam_pwdb. Fixing bugs. (MORE added)
-
+
* adopted Cristian's _pam_macros.h file to help with common macros and
debugging stuff, gone through tree tidying up debugging lines to use
this [not complete].
@@ -1287,7 +1287,7 @@ A brief summary of what has changed:
* removed <bf/ .. / from documentation titles. This was not giving
politically correct html..
-
+
----- My vvvvvvvvvvvvvvvvvvv was a long time ago ;*] -----
Wed Sep 4 23:57:19 PDT 1996 (Andrew Morgan <morgan@physics.ucla.edu>
@@ -1345,7 +1345,7 @@ PASSWD - Elliot's account management included, and enhanced by Cristian Gafton.
*** If anyone has any trouble, please *say*. Your problem will be
fixed in the next release. Also please feel free to scour the
- code for race conditions etc...
+ code for race conditions etc...
[* The above change requires that you purge your /usr/lib/security
directory of the old pam_unix_XXX.so modules: they will NOT be deleted
@@ -1533,7 +1533,7 @@ CFLAGS* added 'make sterile' to top level makefile. This does extraclean and rem
future documentation of static module support in pam_modules.sgml)
* libpam; many changes to makefiles and also automated the inclusion of
static module objects in pam_static.c
-* modified modules for automated static/dynamic support. Added static &
+* modified modules for automated static/dynamic support. Added static &
dynamic subdirectories, as instructed by Michael
* removed an annoying syslog message from pam_filter: "parent exited.."
* updated todo list (anyone know anything about svgalib/X? we probably should
@@ -1763,4 +1763,3 @@ Sat Feb 17 17:30:24 EST 1996 (Alexander O. Yuriev alex@bach.cis.temple.edu)
* stable code from pam_unix is added to modules/pam_unix
* test/test.c now requests username and password and attempts
to perform authentication
-
diff --git a/COPYING b/COPYING
index 2f27a2ee..12ff8c53 100644
--- a/COPYING
+++ b/COPYING
@@ -38,4 +38,3 @@ TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.
-------------------------------------------------------------------------
-
diff --git a/Copyright b/Copyright
index 2f27a2ee..12ff8c53 100644
--- a/Copyright
+++ b/Copyright
@@ -38,4 +38,3 @@ TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.
-------------------------------------------------------------------------
-
diff --git a/INSTALL b/INSTALL
index 56b077d6..31117369 100644
--- a/INSTALL
+++ b/INSTALL
@@ -233,4 +233,3 @@ configuration-related scripts to be executed by `/bin/bash'.
`configure' also accepts some other, not widely useful, options. Run
`configure --help' for more details.
-
diff --git a/Make.xml.rules b/Make.xml.rules
index 6e9dccc9..bee30cda 100644
--- a/Make.xml.rules
+++ b/Make.xml.rules
@@ -22,4 +22,3 @@ README: README.xml
$(XSLTPROC) -o $(srcdir)/$@ --path $(srcdir) --xinclude --nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
#CLEANFILES += $(man_MANS) README
-
diff --git a/NEWS b/NEWS
index 81f961f1..fe8cf47c 100644
--- a/NEWS
+++ b/NEWS
@@ -3,7 +3,7 @@ Linux-PAM NEWS -- history of user-visible changes.
Release 1.1.5
* pam_env: Fix CVE-2011-3148 and CVE-2011-3149
* pam_access: Add hostname resolution cache
-* Documentation: Improvements/fixes
+* Documentation: Improvements/fixes
Release 1.1.4
diff --git a/conf/pam.conf b/conf/pam.conf
index aa0e4130..3a06bd66 100644
--- a/conf/pam.conf
+++ b/conf/pam.conf
@@ -123,4 +123,3 @@ xdm account required pam_unix.so
# The PAM configuration file for the `xlock' service
#
xlock auth required pam_unix.so
-
diff --git a/conf/pam_conv1/README b/conf/pam_conv1/README
index 9d27e223..8c748ba8 100644
--- a/conf/pam_conv1/README
+++ b/conf/pam_conv1/README
@@ -6,4 +6,3 @@ creates the pam.d/ directory in the current directory.
The program will fail if ./pam.d/ already exists.
Andrew Morgan, February 1997
-
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 4a300e15..f4762f2d 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -19,4 +19,3 @@ releasedocs: all
make -C sag releasedocs
make -C adg releasedocs
make -C mwg releasedocs
-
diff --git a/doc/man/pam_chauthtok.3.xml b/doc/man/pam_chauthtok.3.xml
index 7e20070b..b9922a6c 100644
--- a/doc/man/pam_chauthtok.3.xml
+++ b/doc/man/pam_chauthtok.3.xml
@@ -35,7 +35,7 @@
associated with the handle <emphasis>pamh</emphasis>).
</para>
<para>
- The <emphasis>pamh</emphasis> argument is an authentication
+ The <emphasis>pamh</emphasis> argument is an authentication
handle obtained by a prior call to pam_start().
The flags argument is the binary or of zero or more of the
following values:
diff --git a/doc/man/pam_get_user.3.xml b/doc/man/pam_get_user.3.xml
index ff8be694..9c5830e9 100644
--- a/doc/man/pam_get_user.3.xml
+++ b/doc/man/pam_get_user.3.xml
@@ -42,7 +42,7 @@
name of the user specified by
<citerefentry>
<refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
- </citerefentry>. If no user was specified it what
+ </citerefentry>. If no user was specified it what
<function>pam_get_item (pamh, PAM_USER, ... );</function> would
have returned. If this is NULL it obtains the username via the
<citerefentry>
@@ -70,14 +70,14 @@
</itemizedlist>
<para>
By whatever means the username is obtained, a pointer to it is
- returned as the contents of <emphasis>*user</emphasis>. Note,
- this memory should <emphasis remap="B">not</emphasis> be
+ returned as the contents of <emphasis>*user</emphasis>. Note,
+ this memory should <emphasis remap="B">not</emphasis> be
<emphasis>free()</emphasis>'d or <emphasis>modified</emphasis>
by the module.
</para>
<para>
This function sets the <emphasis>PAM_USER</emphasis> item
- associated with the
+ associated with the
<citerefentry>
<refentrytitle>pam_set_item</refentrytitle><manvolnum>3</manvolnum>
</citerefentry> and
diff --git a/doc/man/pam_set_data.3.xml b/doc/man/pam_set_data.3.xml
index d6d224e7..c20068c6 100644
--- a/doc/man/pam_set_data.3.xml
+++ b/doc/man/pam_set_data.3.xml
@@ -40,7 +40,7 @@
<title>DESCRIPTION</title>
<para>
The <function>pam_set_data</function> function associates a pointer
- to an object with the (hopefully) unique string
+ to an object with the (hopefully) unique string
<emphasis>module_data_name</emphasis> in the PAM context specified
by the <emphasis>pamh</emphasis> argument.
</para>
diff --git a/doc/man/pam_sm_authenticate.3.xml b/doc/man/pam_sm_authenticate.3.xml
index 37c77576..9121aed2 100644
--- a/doc/man/pam_sm_authenticate.3.xml
+++ b/doc/man/pam_sm_authenticate.3.xml
@@ -62,7 +62,7 @@
Return <emphasis remap='B'>PAM_AUTH_ERR</emphasis> if the
database of authentication tokens for this authentication
mechanism has a <emphasis>NULL</emphasis> entry for the user.
- Without this flag, such a <emphasis>NULL</emphasis> token
+ Without this flag, such a <emphasis>NULL</emphasis> token
will lead to a success without the user being prompted.
</para>
</listitem>
@@ -95,7 +95,7 @@
<listitem>
<para>
The modules were not able to access the authentication
- information. This might be due to a network or hardware
+ information. This might be due to a network or hardware
failure etc.
</para>
</listitem>
diff --git a/doc/man/pam_xauth_data.3.xml b/doc/man/pam_xauth_data.3.xml
index 0cd6730b..505985e4 100644
--- a/doc/man/pam_xauth_data.3.xml
+++ b/doc/man/pam_xauth_data.3.xml
@@ -35,7 +35,7 @@ struct pam_xauth_data {
<title>DESCRIPTION</title>
<para>
The <function>pam_xauth_data</function> structure contains X
- authentication data used to make a connection to an X display.
+ authentication data used to make a connection to an X display.
Using this mechanism, an application can communicate X
authentication data to PAM service modules. This allows modules to
make a connection to the user's X display in order to label the
diff --git a/doc/specs/.cvsignore b/doc/specs/.cvsignore
index 0e7cbe2f..efaf18a0 100644
--- a/doc/specs/.cvsignore
+++ b/doc/specs/.cvsignore
@@ -9,4 +9,3 @@ padout
parse_l.c
parse_y.c
parse_y.h
-
diff --git a/doc/specs/draft-morgan-pam.raw b/doc/specs/draft-morgan-pam.raw
index 45109f45..ec5bba49 100644
--- a/doc/specs/draft-morgan-pam.raw
+++ b/doc/specs/draft-morgan-pam.raw
@@ -227,7 +227,7 @@ o Anyone can define additional agents by using names in the format
your agent has as an identifier, they you are entitled to use
this identifier.) It is up to each domain how it manages its local
namespace.
-
+
The '/' character is a mandatory delimiter, indicating the end of the
agent_id. The trailing data is of a format specific to the agent with
the given agent_id.
@@ -377,7 +377,7 @@ conversation function with which it encapsulates module-generated
requests and exchanges them with the client. Every message sent by a
module should be acknowledged.
-General conversation functions can support the following five
+General conversation functions can support the following five
conversation requests:
echo text string
@@ -617,7 +617,7 @@ Following a call to pamc_end, the pamc_handle_t will be invalid.
The return value for this function is one of the following:
- PAM_BPC_TRUE - all invoked agents are content with
+ PAM_BPC_TRUE - all invoked agents are content with
authentication (the server is _not_ judged
_un_trustworthy by any agent)
diff --git a/doc/specs/parse_y.y b/doc/specs/parse_y.y
index 87fc54ea..b195f5d3 100644
--- a/doc/specs/parse_y.y
+++ b/doc/specs/parse_y.y
@@ -7,7 +7,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-
+
#define MAXLINE 1000
#define INDENT_STRING " "
#define PAPER_WIDTH 74
@@ -86,7 +86,7 @@ doc:
printf("%s%s%s", $2, fixed, $4);
free($2);
free($4);
-
+
l = (len+1)/2;
memset(fixed, ' ', l);
fixed[l] = '\0';
@@ -113,7 +113,7 @@ doc:
printf("%s%s%s", $2, fixed, $4);
free($2);
free($4);
-
+
l = (len+1)/2;
memset(fixed, ' ', l);
fixed[l] = '\0';
@@ -281,7 +281,7 @@ char *new_counter(const char *key)
sprintf(new+j, "%d", ++i);
counter_root = set_key(counter_root, key, new);
-
+
if (last_label) {
free(last_label);
}
diff --git a/doc/specs/rfc86.0.txt b/doc/specs/rfc86.0.txt
index 6dd5e6ea..b8c635a6 100644
--- a/doc/specs/rfc86.0.txt
+++ b/doc/specs/rfc86.0.txt
@@ -1843,9 +1843,3 @@
Samar, Schemers Page 28
-
-
-
-
-
-
diff --git a/dynamic/test.c b/dynamic/test.c
index 35496fe4..c633cfd7 100644
--- a/dynamic/test.c
+++ b/dynamic/test.c
@@ -16,8 +16,8 @@ int main(int argc, char **argv)
}
/* handle->XXX points to each of the PAM functions */
-
-
+
+
if (dlclose(handle)) {
fprintf(stderr, "failed to unload pam.so: %s\n", dlerror());
exit(1);
diff --git a/examples/.cvsignore b/examples/.cvsignore
index 752507ee..12e16f1b 100644
--- a/examples/.cvsignore
+++ b/examples/.cvsignore
@@ -6,4 +6,3 @@ Makefile
Makefile.in
.deps
.libs
-
diff --git a/examples/README b/examples/README
index f4ae9511..fee734dd 100644
--- a/examples/README
+++ b/examples/README
@@ -10,4 +10,3 @@ application it might be a place to start...
xsh is new as of Linux-PAM-0.31, it is identical to blank, but invokes
/bin/sh if the user is authenticated.
-
diff --git a/examples/blank.c b/examples/blank.c
index 9d51756e..82100139 100644
--- a/examples/blank.c
+++ b/examples/blank.c
@@ -50,7 +50,7 @@ int main(int argc, char **argv)
fprintf(stderr,"usage: %s [username]\n",argv[0]);
} else if (argc == 2) {
username = argv[1];
- }
+ }
/* initialize the Linux-PAM library */
retcode = pam_start("blank", username, &conv, &pamh);
@@ -141,7 +141,7 @@ int main(int argc, char **argv)
fprintf(stderr,"%s: problem closing a session\n",argv[0]);
break;
}
-
+
retcode = pam_setcred(pamh, PAM_DELETE_CRED);
bail_out(pamh,0,retcode,"pam_setcred2");
diff --git a/examples/check_user.c b/examples/check_user.c
index 4a33f2a8..89cc137b 100644
--- a/examples/check_user.c
+++ b/examples/check_user.c
@@ -1,6 +1,6 @@
/*
$Id$
-
+
This program was contributed by Shane Watts <shane@icarus.bofh.asn.au>
slight modifications by AGM.
@@ -35,7 +35,7 @@ int main(int argc, char *argv[])
}
retval = pam_start("check", user, &conv, &pamh);
-
+
if (retval == PAM_SUCCESS)
retval = pam_authenticate(pamh, 0); /* is user really user? */
diff --git a/examples/vpass.c b/examples/vpass.c
index a54ec061..f73b3611 100644
--- a/examples/vpass.c
+++ b/examples/vpass.c
@@ -47,5 +47,3 @@ int main(void)
pam_end(pamh, res);
exit(0);
}
-
-
diff --git a/libpam/.cvsignore b/libpam/.cvsignore
index e1a7920a..c281f21f 100644
--- a/libpam/.cvsignore
+++ b/libpam/.cvsignore
@@ -6,4 +6,3 @@ Makefile.in
.libs
*.la
*.lo
-
diff --git a/libpam/pam_audit.c b/libpam/pam_audit.c
index 7f2e0b2c..531746ab 100644
--- a/libpam/pam_audit.c
+++ b/libpam/pam_audit.c
@@ -161,7 +161,7 @@ pam_modutil_audit_write(pam_handle_t *pamh, int type,
{
int audit_fd;
int rc;
-
+
if ((audit_fd=_pam_audit_open(pamh)) == -1) {
return PAM_SYSTEM_ERR;
} else if (audit_fd == -2) {
@@ -171,7 +171,7 @@ pam_modutil_audit_write(pam_handle_t *pamh, int type,
rc = _pam_audit_writelog(pamh, audit_fd, type, message, retval);
audit_close(audit_fd);
-
+
return rc < 0 ? PAM_SYSTEM_ERR : PAM_SUCCESS;
}
diff --git a/libpam/pam_delay.c b/libpam/pam_delay.c
index a9cfa802..cb6c9d5c 100644
--- a/libpam/pam_delay.c
+++ b/libpam/pam_delay.c
@@ -156,4 +156,3 @@ int pam_fail_delay(pam_handle_t *pamh, unsigned int usec)
return PAM_SUCCESS;
}
-
diff --git a/libpam/pam_dispatch.c b/libpam/pam_dispatch.c
index 98c69c60..eb52c824 100644
--- a/libpam/pam_dispatch.c
+++ b/libpam/pam_dispatch.c
@@ -261,16 +261,16 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h,
if (impression == _PAM_UNDEF
|| (impression == _PAM_POSITIVE
&& status == PAM_SUCCESS) ) {
- if ( retval != PAM_IGNORE || cached_retval == retval ) {
+ if ( retval != PAM_IGNORE || cached_retval == retval ) {
impression = _PAM_POSITIVE;
- status = retval;
- }
+ status = retval;
+ }
}
}
/* this means that we need to skip #action stacked modules */
while (h->next != NULL && h->next->stack_level >= stack_level && action > 0) {
- do {
+ do {
h = h->next;
++depth;
} while (h->next != NULL && h->next->stack_level > stack_level);
diff --git a/libpam/pam_dynamic.c b/libpam/pam_dynamic.c
index 5be33c36..e1155e50 100644
--- a/libpam/pam_dynamic.c
+++ b/libpam/pam_dynamic.c
@@ -55,8 +55,8 @@ void *_pam_dlopen(const char *mod_path)
NSObjectFileImage ofile;
void *ret = NULL;
- if (NSCreateObjectFileImageFromFile(mod_path, &ofile) !=
- NSObjectFileImageSuccess )
+ if (NSCreateObjectFileImageFromFile(mod_path, &ofile) !=
+ NSObjectFileImageSuccess )
return NULL;
ret = NSLinkModule(ofile, mod_path, NSLINKMODULE_OPTION_PRIVATE | NSLINKMODULE_OPTION_BINDNOW);
@@ -68,7 +68,7 @@ void *_pam_dlopen(const char *mod_path)
#endif
}
-servicefn _pam_dlsym(void *handle, const char *symbol)
+servicefn _pam_dlsym(void *handle, const char *symbol)
{
#ifdef PAM_SHL
char *_symbol = NULL;
@@ -83,7 +83,7 @@ servicefn _pam_dlsym(void *handle, const char *symbol)
return NULL;
strcpy(_symbol, SHLIB_SYM_PREFIX);
strcat(_symbol, symbol);
- if( shl_findsym(&handle, _symbol,
+ if( shl_findsym(&handle, _symbol,
(short) TYPE_PROCEDURE, &ret ){
free(_symbol);
return NULL;
@@ -92,7 +92,7 @@ servicefn _pam_dlsym(void *handle, const char *symbol)
}
return ret;
-
+
#elif defined(PAM_DYLD)
NSSymbol nsSymbol;
char *_symbol;
diff --git a/libpam/pam_handlers.c b/libpam/pam_handlers.c
index 59a1929f..02714f78 100644
--- a/libpam/pam_handlers.c
+++ b/libpam/pam_handlers.c
@@ -194,16 +194,16 @@ static int _pam_parse_conf_file(pam_handle_t *pamh, FILE *f
tok = _pam_StrTok(NULL, " \n\t", &nexttok);
if (pam_include) {
- if (substack) {
+ if (substack) {
res = _pam_add_handler(pamh, PAM_HT_SUBSTACK, other,
- stack_level, module_type, actions, tok,
- 0, NULL, 0);
+ stack_level, module_type, actions, tok,
+ 0, NULL, 0);
if (res != PAM_SUCCESS) {
pam_syslog(pamh, LOG_ERR, "error adding substack %s", tok);
D(("failed to load module - aborting"));
return PAM_ABORT;
- }
- }
+ }
+ }
if (_pam_load_conf_file(pamh, tok, this_service, module_type,
stack_level + substack
#ifdef PAM_READ_BOTH_CONFS
@@ -625,7 +625,7 @@ _pam_load_module(pam_handle_t *pamh, const char *mod_path, int handler_type)
struct loaded_module *mod;
D(("_pam_load_module: loading module `%s'", mod_path));
-
+
mod = pamh->handlers.module;
/* First, ensure the module is loaded */
@@ -774,12 +774,12 @@ int _pam_add_handler(pam_handle_t *pamh
/* if we get here with NULL it means allocation error */
return PAM_ABORT;
}
-
+
mod_type = mod->type;
}
-
+
if (mod_path == NULL)
- mod_path = UNKNOWN_MODULE;
+ mod_path = UNKNOWN_MODULE;
/*
* At this point 'mod' points to the stored/loaded module.
diff --git a/libpam/pam_item.c b/libpam/pam_item.c
index 00e00c29..8148fd57 100644
--- a/libpam/pam_item.c
+++ b/libpam/pam_item.c
@@ -315,8 +315,8 @@ int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt)
if (pamh->former.want_user) {
/* must have a prompt to resume with */
if (! pamh->former.prompt) {
- pam_syslog(pamh, LOG_ERR,
- "pam_get_user: failed to resume with prompt"
+ pam_syslog(pamh, LOG_ERR,
+ "pam_get_user: failed to resume with prompt"
);
return PAM_ABORT;
}
@@ -324,7 +324,7 @@ int pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt)
/* must be the same prompt as last time */
if (strcmp(pamh->former.prompt, use_prompt)) {
pam_syslog(pamh, LOG_ERR,
- "pam_get_user: resumed with different prompt");
+ "pam_get_user: resumed with different prompt");
return PAM_ABORT;
}
diff --git a/libpam/pam_misc.c b/libpam/pam_misc.c
index 0e607276..aac0e923 100644
--- a/libpam/pam_misc.c
+++ b/libpam/pam_misc.c
@@ -312,7 +312,7 @@ void _pam_parse_control(int *control_array, char *tok)
break;
}
}
- if (act > 0) {
+ if (act > 0) {
/*
* Either we have a number or we have hit an error. In
* principle, there is nothing to stop us accepting
diff --git a/libpam/pam_modutil_getgrgid.c b/libpam/pam_modutil_getgrgid.c
index 600946a1..386d6f4b 100644
--- a/libpam/pam_modutil_getgrgid.c
+++ b/libpam/pam_modutil_getgrgid.c
@@ -16,7 +16,7 @@
#include <stdlib.h>
static int intlen(int number)
-{
+{
int len = 2;
while (number != 0) {
number /= 10;
@@ -26,7 +26,7 @@ static int intlen(int number)
}
static int longlen(long number)
-{
+{
int len = 2;
while (number != 0) {
number /= 10;
@@ -72,7 +72,7 @@ pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid)
int i;
data_name = malloc(strlen("_pammodutil_getgrgid") + 1 +
- longlen((long)gid) + 1 + intlen(INT_MAX) + 1);
+ longlen((long)gid) + 1 + intlen(INT_MAX) + 1);
if ((pamh != NULL) && (data_name == NULL)) {
D(("was unable to register the data item [%s]",
pam_strerror(pamh, status)));
@@ -83,7 +83,7 @@ pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid)
if (pamh != NULL) {
for (i = 0; i < INT_MAX; i++) {
sprintf(data_name, "_pammodutil_getgrgid_%ld_%d",
- (long) gid, i);
+ (long) gid, i);
status = PAM_NO_MODULE_DATA;
if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) {
status = pam_set_data(pamh, data_name,
@@ -114,7 +114,7 @@ pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid)
/* no sense in repeating the call */
break;
}
-
+
length <<= PWD_LENGTH_SHIFT;
} while (length < PWD_ABSURD_PWD_LENGTH);
@@ -131,7 +131,7 @@ pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid)
* Sorry, there does not appear to be a reentrant version of
* getgrgid(). So, we use the standard libc function.
*/
-
+
return getgrgid(gid);
#endif /* def HAVE_GETGRGID_R */
diff --git a/libpam/pam_modutil_getgrnam.c b/libpam/pam_modutil_getgrnam.c
index adf7daa2..cbb1551d 100644
--- a/libpam/pam_modutil_getgrnam.c
+++ b/libpam/pam_modutil_getgrnam.c
@@ -16,7 +16,7 @@
#include <stdlib.h>
static int intlen(int number)
-{
+{
int len = 2;
while (number != 0) {
number /= 10;
@@ -62,7 +62,7 @@ pam_modutil_getgrnam(pam_handle_t *pamh, const char *group)
int i;
data_name = malloc(strlen("_pammodutil_getgrnam") + 1 +
- strlen(group) + 1 + intlen(INT_MAX) + 1);
+ strlen(group) + 1 + intlen(INT_MAX) + 1);
if ((pamh != NULL) && (data_name == NULL)) {
D(("was unable to register the data item [%s]",
pam_strerror(pamh, status)));
@@ -103,7 +103,7 @@ pam_modutil_getgrnam(pam_handle_t *pamh, const char *group)
/* no sense in repeating the call */
break;
}
-
+
length <<= PWD_LENGTH_SHIFT;
} while (length < PWD_ABSURD_PWD_LENGTH);
@@ -120,7 +120,7 @@ pam_modutil_getgrnam(pam_handle_t *pamh, const char *group)
* Sorry, there does not appear to be a reentrant version of
* getgrnam(). So, we use the standard libc function.
*/
-
+
return getgrnam(group);
#endif /* def HAVE_GETGRNAM_R */
diff --git a/libpam/pam_modutil_getpwnam.c b/libpam/pam_modutil_getpwnam.c
index f4e4d80e..8132c769 100644
--- a/libpam/pam_modutil_getpwnam.c
+++ b/libpam/pam_modutil_getpwnam.c
@@ -16,7 +16,7 @@
#include <stdlib.h>
static int intlen(int number)
-{
+{
int len = 2;
while (number != 0) {
number /= 10;
@@ -62,7 +62,7 @@ pam_modutil_getpwnam(pam_handle_t *pamh, const char *user)
int i;
data_name = malloc(strlen("_pammodutil_getpwnam") + 1 +
- strlen(user) + 1 + intlen(INT_MAX) + 1);
+ strlen(user) + 1 + intlen(INT_MAX) + 1);
if ((pamh != NULL) && (data_name == NULL)) {
D(("was unable to register the data item [%s]",
pam_strerror(pamh, status)));
@@ -103,7 +103,7 @@ pam_modutil_getpwnam(pam_handle_t *pamh, const char *user)
/* no sense in repeating the call */
break;
}
-
+
length <<= PWD_LENGTH_SHIFT;
} while (length < PWD_ABSURD_PWD_LENGTH);
@@ -120,7 +120,7 @@ pam_modutil_getpwnam(pam_handle_t *pamh, const char *user)
* Sorry, there does not appear to be a reentrant version of
* getpwnam(). So, we use the standard libc function.
*/
-
+
return getpwnam(user);
#endif /* def HAVE_GETPWNAM_R */
diff --git a/libpam/pam_modutil_getpwuid.c b/libpam/pam_modutil_getpwuid.c
index 33a6cf49..3a435937 100644
--- a/libpam/pam_modutil_getpwuid.c
+++ b/libpam/pam_modutil_getpwuid.c
@@ -16,7 +16,7 @@
#include <stdlib.h>
static int intlen(int number)
-{
+{
int len = 2;
while (number != 0) {
number /= 10;
@@ -26,7 +26,7 @@ static int intlen(int number)
}
static int longlen(long number)
-{
+{
int len = 2;
while (number != 0) {
number /= 10;
@@ -72,7 +72,7 @@ pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid)
int i;
data_name = malloc(strlen("_pammodutil_getpwuid") + 1 +
- longlen((long) uid) + 1 + intlen(INT_MAX) + 1);
+ longlen((long) uid) + 1 + intlen(INT_MAX) + 1);
if ((pamh != NULL) && (data_name == NULL)) {
D(("was unable to register the data item [%s]",
pam_strerror(pamh, status)));
@@ -83,7 +83,7 @@ pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid)
if (pamh != NULL) {
for (i = 0; i < INT_MAX; i++) {
sprintf(data_name, "_pammodutil_getpwuid_%ld_%d",
- (long) uid, i);
+ (long) uid, i);
status = PAM_NO_MODULE_DATA;
if (pam_get_data(pamh, data_name, &ignore) != PAM_SUCCESS) {
status = pam_set_data(pamh, data_name,
@@ -114,7 +114,7 @@ pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid)
/* no sense in repeating the call */
break;
}
-
+
length <<= PWD_LENGTH_SHIFT;
} while (length < PWD_ABSURD_PWD_LENGTH);
@@ -131,7 +131,7 @@ pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid)
* Sorry, there does not appear to be a reentrant version of
* getpwuid(). So, we use the standard libc function.
*/
-
+
return getpwuid(uid);
#endif /* def HAVE_GETPWUID_R */
diff --git a/libpam/pam_modutil_getspnam.c b/libpam/pam_modutil_getspnam.c
index 7cc64881..032709ed 100644
--- a/libpam/pam_modutil_getspnam.c
+++ b/libpam/pam_modutil_getspnam.c
@@ -16,7 +16,7 @@
#include <stdlib.h>
static int intlen(int number)
-{
+{
int len = 2;
while (number != 0) {
number /= 10;
@@ -62,7 +62,7 @@ pam_modutil_getspnam(pam_handle_t *pamh, const char *user)
int i;
data_name = malloc(strlen("_pammodutil_getspnam") + 1 +
- strlen(user) + 1 + intlen(INT_MAX) + 1);
+ strlen(user) + 1 + intlen(INT_MAX) + 1);
if ((pamh != NULL) && (data_name == NULL)) {
D(("was unable to register the data item [%s]",
pam_strerror(pamh, status)));
@@ -103,7 +103,7 @@ pam_modutil_getspnam(pam_handle_t *pamh, const char *user)
/* no sense in repeating the call */
break;
}
-
+
length <<= PWD_LENGTH_SHIFT;
} while (length < PWD_ABSURD_PWD_LENGTH);
@@ -120,7 +120,7 @@ pam_modutil_getspnam(pam_handle_t *pamh, const char *user)
* Sorry, there does not appear to be a reentrant version of
* getspnam(). So, we use the standard libc function.
*/
-
+
return getspnam(user);
#endif /* def HAVE_GETSPNAM_R */
diff --git a/libpam/pam_modutil_ingroup.c b/libpam/pam_modutil_ingroup.c
index 7a15f712..875cf3e2 100644
--- a/libpam/pam_modutil_ingroup.c
+++ b/libpam/pam_modutil_ingroup.c
@@ -74,7 +74,7 @@ pam_modutil_user_in_group_common(pam_handle_t *pamh UNUSED,
return 0;
}
-int
+int
pam_modutil_user_in_group_nam_nam(pam_handle_t *pamh,
const char *user, const char *group)
{
diff --git a/libpam/pam_prelude.h b/libpam/pam_prelude.h
index 13ee6fdb..196b1418 100644
--- a/libpam/pam_prelude.h
+++ b/libpam/pam_prelude.h
@@ -13,4 +13,3 @@
void prelude_send_alert(pam_handle_t *pamh, int authval);
#endif /* _SECURITY_PAM_PRELUDE_H */
-
diff --git a/libpam/pam_session.c b/libpam/pam_session.c
index 34532bce..512153f2 100644
--- a/libpam/pam_session.c
+++ b/libpam/pam_session.c
@@ -24,7 +24,7 @@ int pam_open_session(pam_handle_t *pamh, int flags)
#ifdef HAVE_LIBAUDIT
retval = _pam_auditlog(pamh, PAM_OPEN_SESSION, retval, flags);
-#endif
+#endif
return retval;
}
diff --git a/libpam/pam_tokens.h b/libpam/pam_tokens.h
index fcda7ec2..1412fa31 100644
--- a/libpam/pam_tokens.h
+++ b/libpam/pam_tokens.h
@@ -89,13 +89,13 @@ const char * const _pam_token_returns[_PAM_RETURN_VALUES+1] = {
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
diff --git a/libpam_misc/Makefile.am b/libpam_misc/Makefile.am
index 7cc8812a..a521b60d 100644
--- a/libpam_misc/Makefile.am
+++ b/libpam_misc/Makefile.am
@@ -20,4 +20,3 @@ libpam_misc_la_LIBADD = $(top_builddir)/libpam/libpam.la
lib_LTLIBRARIES = libpam_misc.la
libpam_misc_la_SOURCES = help_env.c misc_conv.c
-
diff --git a/libpam_misc/include/security/pam_misc.h b/libpam_misc/include/security/pam_misc.h
index 07578e64..fca2422c 100644
--- a/libpam_misc/include/security/pam_misc.h
+++ b/libpam_misc/include/security/pam_misc.h
@@ -6,8 +6,8 @@
#include <security/pam_appl.h>
#include <security/pam_client.h>
-#ifdef __cplusplus
-extern "C" {
+#ifdef __cplusplus
+extern "C" {
#endif /* __cplusplus */
/* include some useful macros */
diff --git a/libpam_misc/misc_conv.c b/libpam_misc/misc_conv.c
index 3f82de1b..3f74eeae 100644
--- a/libpam_misc/misc_conv.c
+++ b/libpam_misc/misc_conv.c
@@ -180,7 +180,7 @@ static int read_string(int echo, const char *prompt, char **retstr)
if (have_term)
nc = read(STDIN_FILENO, line, INPUTSIZE-1);
else /* we must read one line only */
- for (nc = 0; nc < INPUTSIZE-1 && (nc?line[nc-1]:0) != '\n';
+ for (nc = 0; nc < INPUTSIZE-1 && (nc?line[nc-1]:0) != '\n';
nc++) {
int rv;
if ((rv=read(STDIN_FILENO, line+nc, 1)) != 1) {
diff --git a/libpamc/License b/libpamc/License
index 90106954..93160780 100644
--- a/libpamc/License
+++ b/libpamc/License
@@ -39,4 +39,3 @@ TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE.
-------------------------------------------------------------------------
-
diff --git a/libpamc/include/security/pam_client.h b/libpamc/include/security/pam_client.h
index 988c2456..47e41aaf 100644
--- a/libpamc/include/security/pam_client.h
+++ b/libpamc/include/security/pam_client.h
@@ -121,7 +121,7 @@ do { \
\
__size = PAM_BP_MIN_SIZE + data_length; \
if ((*(old_p) = PAM_BP_CALLOC(1, 1+__size))) { \
- __PAM_BP_WOCTET(*(old_p), 3) = __size & 0xFF; \
+ __PAM_BP_WOCTET(*(old_p), 3) = __size & 0xFF; \
__PAM_BP_WOCTET(*(old_p), 2) = (__size>>=8) & 0xFF; \
__PAM_BP_WOCTET(*(old_p), 1) = (__size>>=8) & 0xFF; \
__PAM_BP_WOCTET(*(old_p), 0) = (__size>>=8) & 0xFF; \
diff --git a/libpamc/pamc_client.c b/libpamc/pamc_client.c
index 9d2bc671..175f424d 100644
--- a/libpamc/pamc_client.c
+++ b/libpamc/pamc_client.c
@@ -66,7 +66,7 @@ pamc_handle_t pamc_start(void)
if ( default_path[i] == PAMC_SYSTEM_AGENT_SEPARATOR
|| !default_path[i] ) {
int length;
-
+
pch->agent_paths[this] = malloc(length = 1+i-last);
if (pch->agent_paths[this] == NULL) {
@@ -102,7 +102,7 @@ drop_pch:
}
/*
- * shutdown each of the loaded agents and
+ * shutdown each of the loaded agents and
*/
static int __pamc_shutdown_agents(pamc_handle_t pch)
@@ -110,7 +110,7 @@ static int __pamc_shutdown_agents(pamc_handle_t pch)
int retval = PAM_BPC_TRUE;
D(("called"));
-
+
while (pch->chain) {
pid_t pid;
int status;
diff --git a/libpamc/pamc_load.c b/libpamc/pamc_load.c
index dbbfbd59..5155e0ae 100644
--- a/libpamc/pamc_load.c
+++ b/libpamc/pamc_load.c
@@ -25,7 +25,7 @@ static int __pamc_exec_agent(pamc_handle_t pch, pamc_agent_t *agent)
return PAM_BPC_FAIL;
}
}
-
+
/* enough memory for any path + this agent */
reset_length = 3 + pch->max_path + agent->id_length;
D(("reset_length = %d (3+%d+%d)",
@@ -57,7 +57,7 @@ static int __pamc_exec_agent(pamc_handle_t pch, pamc_agent_t *agent)
D(("no agent was found"));
goto free_and_return;
}
-
+
if (pipe(to_agent)) {
D(("failed to open pipe to agent"));
goto free_and_return;
@@ -262,7 +262,7 @@ int pamc_load(pamc_handle_t pch, const char *agent_id)
D(("sorry agent is disabled"));
return PAM_BPC_FALSE;
}
-
+
length = strlen(agent_id);
/* scan list to see if agent is loaded */
@@ -296,7 +296,7 @@ int pamc_load(pamc_handle_t pch, const char *agent_id)
agent->next = pch->chain;
pch->chain = agent;
-
+
return PAM_BPC_TRUE;
fail_free_agent_id:
diff --git a/libpamc/test/agents/secret@here b/libpamc/test/agents/secret@here
index afdcbaa8..8d82c013 100755
--- a/libpamc/test/agents/secret@here
+++ b/libpamc/test/agents/secret@here
@@ -41,7 +41,7 @@ for (;;) {
($reply_control, $reply_data) = HandleContinuation($data);
} else {
if ($debug) {
- print STDERR
+ print STDERR
"agent: unrecognized packet $control {$data} to read\n";
}
($reply_control, $reply_data) = (0x04, "");
@@ -133,7 +133,7 @@ sub HandleContinuation ($) {
}
my $expected_digest = CreateDigest($state{$key});
- my ($local_cookie, $remote_cookie, $shared_secret)
+ my ($local_cookie, $remote_cookie, $shared_secret)
= split '\|', $state{$key};
delete $state{$key};
@@ -154,7 +154,7 @@ sub HandleContinuation ($) {
print STDERR "agent: server appears to know the secret\n";
}
- my $session_authenticated_ticket =
+ my $session_authenticated_ticket =
CreateDigest($remote_cookie."|".$shared_secret."|".$local_cookie);
# FIXME: Agent should set a derived session key environment
@@ -183,7 +183,7 @@ sub ReadBinaryPrompt {
# broken packet header
return (-1, "");
}
-
+
my ($length, $control) = unpack("N C", $buffer);
if ($length < 5) {
# broken packet length
@@ -305,4 +305,3 @@ sub GetRandom {
}
}
-
diff --git a/libpamc/test/modules/pam_secret.c b/libpamc/test/modules/pam_secret.c
index 6316f7f5..f1c74c6f 100644
--- a/libpamc/test/modules/pam_secret.c
+++ b/libpamc/test/modules/pam_secret.c
@@ -664,6 +664,6 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags,
old_data = NULL;
D(("done (%d)", retval));
-
+
return retval;
}
diff --git a/libpamc/test/regress/test.libpamc.c b/libpamc/test/regress/test.libpamc.c
index 91f8d121..b0fff9c6 100644
--- a/libpamc/test/regress/test.libpamc.c
+++ b/libpamc/test/regress/test.libpamc.c
@@ -172,7 +172,7 @@ void prompt_to_packet(pamc_bp_t prompt, struct internal_packet *packet)
data_length = PAM_BP_LENGTH(prompt);
packet->at = 0;
append_data(packet, data_length, NULL);
-
+
PAM_BP_EXTRACT(prompt, 0, data_length, packet->buffer);
fprintf(stderr, "server received[%d]: {%d|0x%.2x|%s}\n",
@@ -332,7 +332,7 @@ int main(int argc, char **argv)
digest);
}
-
+
retval = pamc_end(&pch);
fprintf(stderr, "server: agent(s) were %shappy to terminate\n",
diff --git a/libpamc/test/regress/test.secret@here b/libpamc/test/regress/test.secret@here
index 2e0b9b94..67fe22ec 100755
--- a/libpamc/test/regress/test.secret@here
+++ b/libpamc/test/regress/test.secret@here
@@ -94,7 +94,7 @@ sub ReadBinaryPrompt ($) {
# broken packet header
return (-1, "");
}
-
+
my ($length, $control) = unpack("N C", $buffer);
if ($length < 5) {
# broken packet length
@@ -149,4 +149,3 @@ sub IdentifyLocalSecret ($) {
return $secret;
}
-
diff --git a/m4/japhar_grep_cflags.m4 b/m4/japhar_grep_cflags.m4
index 5318a140..cf2ea4a5 100644
--- a/m4/japhar_grep_cflags.m4
+++ b/m4/japhar_grep_cflags.m4
@@ -45,4 +45,3 @@ else
fi
AC_MSG_RESULT($ac_cv___attribute__)
])
-
diff --git a/m4/libprelude.m4 b/m4/libprelude.m4
index 2c61d35a..f78527f6 100644
--- a/m4/libprelude.m4
+++ b/m4/libprelude.m4
@@ -8,7 +8,7 @@ dnl $id$
# Werner Koch 99-12-09
dnl AM_PATH_LIBPRELUDE([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
-dnl Test for libprelude, and define LIBPRELUDE_PREFIX, LIBPRELUDE_CFLAGS, LIBPRELUDE_PTHREAD_CFLAGS,
+dnl Test for libprelude, and define LIBPRELUDE_PREFIX, LIBPRELUDE_CFLAGS, LIBPRELUDE_PTHREAD_CFLAGS,
dnl LIBPRELUDE_LDFLAGS, and LIBPRELUDE_LIBS
dnl
AC_DEFUN([AM_PATH_LIBPRELUDE],
diff --git a/modules/modules.map b/modules/modules.map
index 2234aa40..369b0479 100644
--- a/modules/modules.map
+++ b/modules/modules.map
@@ -1,4 +1,4 @@
-{
+{
global:
pam_sm_acct_mgmt;
pam_sm_authenticate;
@@ -8,4 +8,3 @@
pam_sm_setcred;
local: *;
};
-
diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c
index 2669a5ec..65798f17 100644
--- a/modules/pam_access/pam_access.c
+++ b/modules/pam_access/pam_access.c
@@ -100,7 +100,7 @@ struct login_info {
const char *from;
const char *config_file;
const char *hostname;
- int debug; /* Print debugging messages. */
+ int debug; /* Print debugging messages. */
int only_new_group_syntax; /* Only allow group entries of the form "(xyz)" */
int noaudit; /* Do not audit denials */
const char *fs; /* field separator */
@@ -375,7 +375,7 @@ login_access (pam_handle_t *pamh, struct login_info *item)
/* Allow field seperator in last field of froms */
if (!(perm = strtok_r(line, item->fs, &sptr))
|| !(users = strtok_r(NULL, item->fs, &sptr))
- || !(froms = strtok_r(NULL, "\n", &sptr))) {
+ || !(froms = strtok_r(NULL, "\n", &sptr))) {
pam_syslog(pamh, LOG_ERR, "%s: line %d: bad field count",
item->config_file, lineno);
continue;
@@ -398,8 +398,8 @@ login_access (pam_handle_t *pamh, struct login_info *item)
nonall_match = YES;
}
if (item->debug)
- pam_syslog (pamh, LOG_DEBUG,
- "from_match=%d, \"%s\"", match, item->from);
+ pam_syslog (pamh, LOG_DEBUG,
+ "from_match=%d, \"%s\"", match, item->from);
}
}
(void) fclose(fp);
diff --git a/modules/pam_env/pam_env.conf b/modules/pam_env/pam_env.conf
index d0ba35c2..30e9d008 100644
--- a/modules/pam_env/pam_env.conf
+++ b/modules/pam_env/pam_env.conf
@@ -1,7 +1,7 @@
#
-# This is the configuration file for pam_env, a PAM module to load in
-# a configurable list of environment variables for a
-#
+# This is the configuration file for pam_env, a PAM module to load in
+# a configurable list of environment variables for a
+#
# The original idea for this came from Andrew G. Morgan ...
#<quote>
# Mmm. Perhaps you might like to write a pam_env module that reads a
@@ -22,16 +22,16 @@
# administrators rather than set by logging in, how to treat them both
# in the same config file?
#
-# Here is my idea:
+# Here is my idea:
#
# Each line starts with the variable name, there are then two possible
-# options for each variable DEFAULT and OVERRIDE.
+# options for each variable DEFAULT and OVERRIDE.
# DEFAULT allows and administrator to set the value of the
# variable to some default value, if none is supplied then the empty
# string is assumed. The OVERRIDE option tells pam_env that it should
# enter in its value (overriding the default value) if there is one
# to use. OVERRIDE is not used, "" is assumed and no override will be
-# done.
+# done.
#
# VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]]
#
@@ -42,7 +42,7 @@
# values can be delimited with "", escaped " not supported.
# Note that many environment variables that you would like to use
# may not be set by the time the module is called.
-# For example, HOME is used below several times, but
+# For example, HOME is used below several times, but
# many PAM applications don't make it available by the time you need it.
#
#
@@ -52,7 +52,7 @@
# to "localhost" rather than not being set at all
#REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
#
-# Set the DISPLAY variable if it seems reasonable
+# Set the DISPLAY variable if it seems reasonable
#DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
#
#
diff --git a/modules/pam_env/pam_env.conf.5.xml b/modules/pam_env/pam_env.conf.5.xml
index 090e0e75..45950b8c 100644
--- a/modules/pam_env/pam_env.conf.5.xml
+++ b/modules/pam_env/pam_env.conf.5.xml
@@ -21,7 +21,7 @@
<para>
The <filename>/etc/security/pam_env.conf</filename> file specifies
- the environment variables to be set, unset or modified by
+ the environment variables to be set, unset or modified by
<citerefentry><refentrytitle>pam_env</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
When someone logs in, this file is read and the environment
variables are set according.
diff --git a/modules/pam_exec/pam_exec.8.xml b/modules/pam_exec/pam_exec.8.xml
index 0976f67c..4dc2a19d 100644
--- a/modules/pam_exec/pam_exec.8.xml
+++ b/modules/pam_exec/pam_exec.8.xml
@@ -123,8 +123,8 @@
</term>
<listitem>
<para>
- Per default pam_exec.so will echo the exit status of the
- external command if it fails.
+ Per default pam_exec.so will echo the exit status of the
+ external command if it fails.
Specifying this option will suppress the message.
</para>
</listitem>
@@ -136,8 +136,8 @@
</term>
<listitem>
<para>
- Per default pam_exec.so will execute the external command
- with the real user ID of the calling process.
+ Per default pam_exec.so will execute the external command
+ with the real user ID of the calling process.
Specifying this option means the command is run
with the effective user ID.
</para>
diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c
index 7b2e402c..8b37e95e 100644
--- a/modules/pam_exec/pam_exec.c
+++ b/modules/pam_exec/pam_exec.c
@@ -282,7 +282,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
char *buffer = NULL;
if ((i = open (logfile, O_CREAT|O_APPEND|O_WRONLY,
- S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) == -1)
+ S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) == -1)
{
int err = errno;
pam_syslog (pamh, LOG_ERR, "open of %s failed: %m",
diff --git a/modules/pam_keyinit/pam_keyinit.c b/modules/pam_keyinit/pam_keyinit.c
index 4732f93b..8d0501e0 100644
--- a/modules/pam_keyinit/pam_keyinit.c
+++ b/modules/pam_keyinit/pam_keyinit.c
@@ -266,4 +266,3 @@ struct pam_module _pam_keyinit_modstruct = {
NULL
};
#endif
-
diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c
index c1810e07..8bf3b9bb 100644
--- a/modules/pam_limits/pam_limits.c
+++ b/modules/pam_limits/pam_limits.c
@@ -630,7 +630,7 @@ process_limit (const pam_handle_t *pamh, int source, const char *lim_type,
else
rlimit_value *= 1024;
}
- break;
+ break;
#ifdef RLIMIT_NICE
case RLIMIT_NICE:
if (int_value > 19)
@@ -672,7 +672,7 @@ process_limit (const pam_handle_t *pamh, int source, const char *lim_type,
} else {
pl->login_limit = int_value;
pl->login_limit_def = source;
- }
+ }
}
}
return;
@@ -975,8 +975,8 @@ static int setup_limits(pam_handle_t *pamh,
if (check_logins(pamh, uname, pl->login_limit, ctrl, pl) == LOGIN_ERR) {
#ifdef HAVE_LIBAUDIT
if (!(ctrl & PAM_NO_AUDIT)) {
- pam_modutil_audit_write(pamh, AUDIT_ANOM_LOGIN_SESSIONS,
- "pam_limits", PAM_PERM_DENIED);
+ pam_modutil_audit_write(pamh, AUDIT_ANOM_LOGIN_SESSIONS,
+ "pam_limits", PAM_PERM_DENIED);
/* ignore return value as we fail anyway */
}
#endif
@@ -1055,12 +1055,12 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
/* Parse the *.conf files. */
for (i = 0; globbuf.gl_pathv[i] != NULL; i++) {
pl->conf_file = globbuf.gl_pathv[i];
- retval = parse_config_file(pamh, pwd->pw_name, pwd->pw_uid, pwd->pw_gid, ctrl, pl);
- if (retval == PAM_IGNORE) {
+ retval = parse_config_file(pamh, pwd->pw_name, pwd->pw_uid, pwd->pw_gid, ctrl, pl);
+ if (retval == PAM_IGNORE) {
D(("the configuration file ('%s') has an applicable '<domain> -' entry", pl->conf_file));
globfree(&globbuf);
return PAM_SUCCESS;
- }
+ }
if (retval != PAM_SUCCESS)
goto out;
}
@@ -1070,7 +1070,7 @@ out:
globfree(&globbuf);
if (retval != PAM_SUCCESS)
{
- pam_syslog(pamh, LOG_WARNING, "error parsing the configuration file: '%s' ",CONF_FILE);
+ pam_syslog(pamh, LOG_WARNING, "error parsing the configuration file: '%s' ",CONF_FILE);
return retval;
}
diff --git a/modules/pam_mkhomedir/mkhomedir_helper.c b/modules/pam_mkhomedir/mkhomedir_helper.c
index 2a47de3a..f426d721 100644
--- a/modules/pam_mkhomedir/mkhomedir_helper.c
+++ b/modules/pam_mkhomedir/mkhomedir_helper.c
@@ -272,8 +272,8 @@ create_homedir(const struct passwd *pwd,
}
/* Set the proper ownership and permissions for the module. We make
- the file a+w and then mask it with the set mask. This preseves
- execute bits */
+ the file a+w and then mask it with the set mask. This preseves
+ execute bits */
if (fchmod(destfd, (st.st_mode | 0222) & (~u_mask)) != 0 ||
fchown(destfd, pwd->pw_uid, pwd->pw_gid) != 0)
{
@@ -384,8 +384,8 @@ main(int argc, char *argv[])
pwd = getpwnam(argv[1]);
if (pwd == NULL) {
- pam_syslog(NULL, LOG_ERR, "User unknown.");
- return PAM_CRED_INSUFFICIENT;
+ pam_syslog(NULL, LOG_ERR, "User unknown.");
+ return PAM_CRED_INSUFFICIENT;
}
if (argc >= 3) {
@@ -399,11 +399,11 @@ main(int argc, char *argv[])
}
if (argc >= 4) {
- if (strlen(argv[3]) >= sizeof(skeldir)) {
+ if (strlen(argv[3]) >= sizeof(skeldir)) {
pam_syslog(NULL, LOG_ERR, "Too long skeldir path.");
return PAM_SESSION_ERR;
- }
- strcpy(skeldir, argv[3]);
+ }
+ strcpy(skeldir, argv[3]);
}
/* Stat the home directory, if something exists then we assume it is
diff --git a/modules/pam_mkhomedir/pam_mkhomedir.c b/modules/pam_mkhomedir/pam_mkhomedir.c
index dfc4979e..5ac8a0f1 100644
--- a/modules/pam_mkhomedir/pam_mkhomedir.c
+++ b/modules/pam_mkhomedir/pam_mkhomedir.c
@@ -140,7 +140,7 @@ create_homedir (pam_handle_t *pamh, options_t *opt,
if (rlim.rlim_max >= MAX_FD_NO)
rlim.rlim_max = MAX_FD_NO;
for (i=0; i < (int)rlim.rlim_max; i++) {
- close(i);
+ close(i);
}
}
diff --git a/modules/pam_namespace/md5.c b/modules/pam_namespace/md5.c
index c79fb357..ce4f7d6e 100644
--- a/modules/pam_namespace/md5.c
+++ b/modules/pam_namespace/md5.c
@@ -107,7 +107,7 @@ void MD5Name(MD5Update)(struct MD5Context *ctx, unsigned const char *buf, unsign
}
/*
- * Final wrapup - pad to 64-byte boundary with the bit pattern
+ * Final wrapup - pad to 64-byte boundary with the bit pattern
* 1 0* (64-bit count of bits processed, MSB-first)
*/
void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx)
diff --git a/modules/pam_namespace/namespace.conf b/modules/pam_namespace/namespace.conf
index f973225f..b611a0f2 100644
--- a/modules/pam_namespace/namespace.conf
+++ b/modules/pam_namespace/namespace.conf
@@ -5,8 +5,8 @@
# Uncommenting the following three lines will polyinstantiate
# /tmp, /var/tmp and user's home directories. /tmp and /var/tmp will
# be polyinstantiated based on the MLS level part of the security context as well as user
-# name, Polyinstantion will not be performed for user root and adm for directories
-# /tmp and /var/tmp, whereas home directories will be polyinstantiated for all users.
+# name, Polyinstantion will not be performed for user root and adm for directories
+# /tmp and /var/tmp, whereas home directories will be polyinstantiated for all users.
# The user name and context is appended to the instance prefix.
#
# Note that instance directories do not have to reside inside the
diff --git a/modules/pam_namespace/namespace.conf.5.xml b/modules/pam_namespace/namespace.conf.5.xml
index 61c8673b..673099b0 100644
--- a/modules/pam_namespace/namespace.conf.5.xml
+++ b/modules/pam_namespace/namespace.conf.5.xml
@@ -61,7 +61,7 @@
<para>
The second field, <replaceable>instance_prefix</replaceable> is
the string prefix used to build the pathname for the instantiation
- of &lt;polydir&gt;. Depending on the polyinstantiation
+ of &lt;polydir&gt;. Depending on the polyinstantiation
<replaceable>method</replaceable> it is then appended with
"instance differentiation string" to generate the final
instance directory path. This directory is created if it did not exist
@@ -75,7 +75,7 @@
<para>
The third field, <replaceable>method</replaceable>, is the method
used for polyinstantiation. It can take these values; "user"
- for polyinstantiation based on user name, "level" for
+ for polyinstantiation based on user name, "level" for
polyinstantiation based on process MLS level and user name, "context" for
polyinstantiation based on process security context and user name,
"tmpfs" for mounting tmpfs filesystem as an instance dir, and
@@ -97,7 +97,7 @@
The <replaceable>method</replaceable> field can contain also following
optional flags separated by <emphasis>:</emphasis> characters.
</para>
-
+
<para><emphasis>create</emphasis>=<replaceable>mode</replaceable>,<replaceable>owner</replaceable>,<replaceable>group</replaceable>
- create the polyinstantiated directory. The mode, owner and group parameters
are optional. The default for mode is determined by umask, the default
diff --git a/modules/pam_namespace/namespace.init b/modules/pam_namespace/namespace.init
index 9898bf3a..9ab58062 100755
--- a/modules/pam_namespace/namespace.init
+++ b/modules/pam_namespace/namespace.init
@@ -1,5 +1,5 @@
#!/bin/sh -p
-# It receives polydir path as $1, the instance path as $2,
+# It receives polydir path as $1, the instance path as $2,
# a flag whether the instance dir was newly created (0 - no, 1 - yes) in $3,
# and user name in $4.
#
diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c
index 4a99184a..f0bffa15 100644
--- a/modules/pam_namespace/pam_namespace.c
+++ b/modules/pam_namespace/pam_namespace.c
@@ -76,7 +76,7 @@ static void del_polydir_list(struct polydir_s *polydirs_ptr)
struct polydir_s *dptr = polydirs_ptr;
while (dptr) {
- struct polydir_s *tptr = dptr;
+ struct polydir_s *tptr = dptr;
dptr = dptr->next;
del_polydir(tptr);
}
@@ -163,9 +163,9 @@ static int parse_create_params(char *params, struct polydir_s *poly)
poly->group = (gid_t)ULONG_MAX;
if (*params != '=')
- return 0;
+ return 0;
params++;
-
+
next = strchr(params, ',');
if (next != NULL) {
*next = '\0';
@@ -182,7 +182,7 @@ static int parse_create_params(char *params, struct polydir_s *poly)
params = next;
if (params == NULL)
- return 0;
+ return 0;
next = strchr(params, ',');
if (next != NULL) {
*next = '\0';
@@ -200,22 +200,22 @@ static int parse_create_params(char *params, struct polydir_s *poly)
if (params == NULL || *params == '\0') {
if (pwd != NULL)
poly->group = pwd->pw_gid;
- return 0;
+ return 0;
}
grp = getgrnam(params);
if (grp == NULL)
- return -1;
+ return -1;
poly->group = grp->gr_gid;
-
+
return 0;
}
static int parse_iscript_params(char *params, struct polydir_s *poly)
{
if (*params != '=')
- return 0;
+ return 0;
params++;
-
+
if (*params != '\0') {
if (*params != '/') { /* path is relative to NAMESPACE_D_DIR */
if (asprintf(&poly->init_script, "%s%s", NAMESPACE_D_DIR, params) == -1)
@@ -235,11 +235,11 @@ static int parse_method(char *method, struct polydir_s *poly,
enum polymethod pm;
char *sptr = NULL;
static const char *method_names[] = { "user", "context", "level", "tmpdir",
- "tmpfs", NULL };
+ "tmpfs", NULL };
static const char *flag_names[] = { "create", "noinit", "iscript",
- "shared", NULL };
+ "shared", NULL };
static const unsigned int flag_values[] = { POLYDIR_CREATE, POLYDIR_NOINIT,
- POLYDIR_ISCRIPT, POLYDIR_SHARED };
+ POLYDIR_ISCRIPT, POLYDIR_SHARED };
int i;
char *flag;
@@ -247,41 +247,41 @@ static int parse_method(char *method, struct polydir_s *poly,
pm = NONE;
for (i = 0; method_names[i]; i++) {
- if (strcmp(method, method_names[i]) == 0) {
- pm = i + 1; /* 0 = NONE */
- }
+ if (strcmp(method, method_names[i]) == 0) {
+ pm = i + 1; /* 0 = NONE */
+ }
}
if (pm == NONE) {
pam_syslog(idata->pamh, LOG_NOTICE, "Unknown method");
return -1;
}
-
+
poly->method = pm;
-
+
while ((flag=strtok_r(NULL, ":", &sptr)) != NULL) {
- for (i = 0; flag_names[i]; i++) {
- int namelen = strlen(flag_names[i]);
-
- if (strncmp(flag, flag_names[i], namelen) == 0) {
- poly->flags |= flag_values[i];
- switch (flag_values[i]) {
- case POLYDIR_CREATE:
- if (parse_create_params(flag+namelen, poly) != 0) {
+ for (i = 0; flag_names[i]; i++) {
+ int namelen = strlen(flag_names[i]);
+
+ if (strncmp(flag, flag_names[i], namelen) == 0) {
+ poly->flags |= flag_values[i];
+ switch (flag_values[i]) {
+ case POLYDIR_CREATE:
+ if (parse_create_params(flag+namelen, poly) != 0) {
pam_syslog(idata->pamh, LOG_CRIT, "Invalid create parameters");
- return -1;
- }
- break;
+ return -1;
+ }
+ break;
- case POLYDIR_ISCRIPT:
- if (parse_iscript_params(flag+namelen, poly) != 0) {
+ case POLYDIR_ISCRIPT:
+ if (parse_iscript_params(flag+namelen, poly) != 0) {
pam_syslog(idata->pamh, LOG_CRIT, "Memory allocation error");
- return -1;
- };
- break;
- }
- }
- }
+ return -1;
+ };
+ break;
+ }
+ }
+ }
}
return 0;
@@ -337,7 +337,7 @@ static int process_line(char *line, const char *home, const char *rhome,
poly = calloc(1, sizeof(*poly));
if (poly == NULL)
- goto erralloc;
+ goto erralloc;
/*
* Initialize and scan the five strings from the line from the
@@ -383,12 +383,12 @@ static int process_line(char *line, const char *home, const char *rhome,
dir = NULL;
goto erralloc;
}
-
+
if ((dir=expand_variables(dir, var_names, var_values)) == NULL) {
instance_prefix = NULL;
goto erralloc;
}
-
+
if ((instance_prefix=expand_variables(instance_prefix, var_names, var_values))
== NULL) {
goto erralloc;
@@ -409,12 +409,12 @@ static int process_line(char *line, const char *home, const char *rhome,
if (len > 0 && rdir[len-1] == '/') {
rdir[len-1] = '\0';
}
-
+
if (dir[0] == '\0' || rdir[0] == '\0') {
- pam_syslog(idata->pamh, LOG_NOTICE, "Invalid polydir");
- goto skipping;
+ pam_syslog(idata->pamh, LOG_NOTICE, "Invalid polydir");
+ goto skipping;
}
-
+
/*
* Populate polyinstantiated directory structure with appropriate
* pathnames and the method with which to polyinstantiate.
@@ -430,14 +430,14 @@ static int process_line(char *line, const char *home, const char *rhome,
strcpy(poly->instance_prefix, instance_prefix);
if (parse_method(method, poly, idata) != 0) {
- goto skipping;
+ goto skipping;
}
if (poly->method == TMPDIR) {
- if (sizeof(poly->instance_prefix) - strlen(poly->instance_prefix) < 7) {
- pam_syslog(idata->pamh, LOG_NOTICE, "Pathnames too long");
- goto skipping;
- }
+ if (sizeof(poly->instance_prefix) - strlen(poly->instance_prefix) < 7) {
+ pam_syslog(idata->pamh, LOG_NOTICE, "Pathnames too long");
+ goto skipping;
+ }
strcat(poly->instance_prefix, "XXXXXX");
}
@@ -463,7 +463,7 @@ static int process_line(char *line, const char *home, const char *rhome,
uid_t *uidptr;
const char *ustr, *sstr;
int count, i;
-
+
if (*uids == '~') {
poly->flags |= POLYDIR_EXCLUSIVE;
uids++;
@@ -488,8 +488,8 @@ static int process_line(char *line, const char *home, const char *rhome,
pwd = pam_modutil_getpwnam(idata->pamh, ustr);
if (pwd == NULL) {
- pam_syslog(idata->pamh, LOG_ERR, "Unknown user %s in configuration", ustr);
- poly->num_uids--;
+ pam_syslog(idata->pamh, LOG_ERR, "Unknown user %s in configuration", ustr);
+ poly->num_uids--;
} else {
*uidptr = pwd->pw_uid;
uidptr++;
@@ -508,7 +508,7 @@ static int process_line(char *line, const char *home, const char *rhome,
erralloc:
pam_syslog(idata->pamh, LOG_CRIT, "Memory allocation error");
-
+
skipping:
if (idata->flags & PAMNS_IGN_CONFIG_ERR)
retval = 0;
@@ -554,9 +554,9 @@ static int parse_config_file(struct instance_data *idata)
return PAM_SESSION_ERR;
}
if ((home=strdup(cpwd->pw_dir)) == NULL) {
- pam_syslog(idata->pamh, LOG_CRIT,
- "Memory allocation error");
- return PAM_SESSION_ERR;
+ pam_syslog(idata->pamh, LOG_CRIT,
+ "Memory allocation error");
+ return PAM_SESSION_ERR;
}
cpwd = pam_modutil_getpwnam(idata->pamh, idata->ruser);
@@ -568,10 +568,10 @@ static int parse_config_file(struct instance_data *idata)
}
if ((rhome=strdup(cpwd->pw_dir)) == NULL) {
- pam_syslog(idata->pamh, LOG_CRIT,
- "Memory allocation error");
- free(home);
- return PAM_SESSION_ERR;
+ pam_syslog(idata->pamh, LOG_CRIT,
+ "Memory allocation error");
+ free(home);
+ return PAM_SESSION_ERR;
}
/*
@@ -594,7 +594,7 @@ static int parse_config_file(struct instance_data *idata)
fil = fopen(confname, "r");
if (fil == NULL) {
pam_syslog(idata->pamh, LOG_ERR, "Error opening config file %s",
- confname);
+ confname);
globfree(&globbuf);
free(rhome);
free(home);
@@ -625,14 +625,14 @@ static int parse_config_file(struct instance_data *idata)
if (n >= globbuf.gl_pathc)
break;
- confname = globbuf.gl_pathv[n];
+ confname = globbuf.gl_pathv[n];
n++;
}
-
+
globfree(&globbuf);
free(rhome);
free(home);
-
+
/* All done...just some debug stuff */
if (idata->flags & PAMNS_DEBUG) {
struct polydir_s *dptr = idata->polydirs_ptr;
@@ -640,7 +640,7 @@ static int parse_config_file(struct instance_data *idata)
uid_t i;
pam_syslog(idata->pamh, LOG_DEBUG,
- dptr?"Configured poly dirs:":"No configured poly dirs");
+ dptr?"Configured poly dirs:":"No configured poly dirs");
while (dptr) {
pam_syslog(idata->pamh, LOG_DEBUG, "dir='%s' iprefix='%s' meth=%d",
dptr->dir, dptr->instance_prefix, dptr->method);
@@ -667,7 +667,7 @@ static int ns_override(struct polydir_s *polyptr, struct instance_data *idata,
unsigned int i;
if (idata->flags & PAMNS_DEBUG)
- pam_syslog(idata->pamh, LOG_DEBUG,
+ pam_syslog(idata->pamh, LOG_DEBUG,
"Checking for ns override in dir %s for uid %d",
polyptr->dir, uid);
@@ -745,7 +745,7 @@ static int form_context(const struct polydir_s *polyptr,
rc = getexeccon(&scon);
}
if (rc < 0 || scon == NULL) {
- pam_syslog(idata->pamh, LOG_ERR,
+ pam_syslog(idata->pamh, LOG_ERR,
"Error getting exec context, %m");
return PAM_SESSION_ERR;
}
@@ -870,17 +870,17 @@ static int poly_name(const struct polydir_s *polyptr, char **i_name,
}
pm = USER;
}
-
+
switch (pm) {
case USER:
if (asprintf(i_name, "%s", idata->user) < 0) {
*i_name = NULL;
goto fail;
- }
- break;
+ }
+ break;
#ifdef WITH_SELINUX
- case LEVEL:
+ case LEVEL:
case CONTEXT:
if (selinux_trans_to_raw_context(*i_context, &rawcon) < 0) {
pam_syslog(idata->pamh, LOG_ERR, "Error translating directory context");
@@ -890,27 +890,27 @@ static int poly_name(const struct polydir_s *polyptr, char **i_name,
if (asprintf(i_name, "%s", rawcon) < 0) {
*i_name = NULL;
goto fail;
- }
+ }
} else {
if (asprintf(i_name, "%s_%s", rawcon, idata->user) < 0) {
*i_name = NULL;
goto fail;
- }
+ }
}
- break;
+ break;
#endif /* WITH_SELINUX */
case TMPDIR:
case TMPFS:
if ((*i_name=strdup("")) == NULL)
- goto fail;
+ goto fail;
return PAM_SUCCESS;
- default:
- if (idata->flags & PAMNS_DEBUG)
- pam_syslog(idata->pamh, LOG_ERR, "Unknown method");
- goto fail;
+ default:
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_ERR, "Unknown method");
+ goto fail;
}
if (idata->flags & PAMNS_DEBUG)
@@ -919,24 +919,24 @@ static int poly_name(const struct polydir_s *polyptr, char **i_name,
if ((idata->flags & PAMNS_GEN_HASH) || strlen(*i_name) > NAMESPACE_MAX_DIR_LEN) {
hash = md5hash(*i_name, idata);
if (hash == NULL) {
- goto fail;
+ goto fail;
}
if (idata->flags & PAMNS_GEN_HASH) {
- free(*i_name);
+ free(*i_name);
*i_name = hash;
hash = NULL;
} else {
- char *newname;
- if (asprintf(&newname, "%.*s_%s", NAMESPACE_MAX_DIR_LEN-1-(int)strlen(hash),
- *i_name, hash) < 0) {
- goto fail;
- }
- free(*i_name);
- *i_name = newname;
+ char *newname;
+ if (asprintf(&newname, "%.*s_%s", NAMESPACE_MAX_DIR_LEN-1-(int)strlen(hash),
+ *i_name, hash) < 0) {
+ goto fail;
+ }
+ free(*i_name);
+ *i_name = newname;
}
}
rc = PAM_SUCCESS;
-
+
fail:
free(hash);
#ifdef WITH_SELINUX
@@ -959,34 +959,34 @@ static int protect_mount(int dfd, const char *path, struct instance_data *idata)
{
struct protect_dir_s *dir = idata->protect_dirs;
char tmpbuf[64];
-
+
while (dir != NULL) {
if (strcmp(path, dir->dir) == 0) {
return 0;
}
dir = dir->next;
}
-
+
dir = calloc(1, sizeof(*dir));
-
+
if (dir == NULL) {
return -1;
}
-
+
dir->dir = strdup(path);
-
+
if (dir->dir == NULL) {
free(dir);
return -1;
}
-
+
snprintf(tmpbuf, sizeof(tmpbuf), "/proc/self/fd/%d", dfd);
-
+
if (idata->flags & PAMNS_DEBUG) {
pam_syslog(idata->pamh, LOG_INFO,
"Protect mount of %s over itself", path);
}
-
+
if (mount(tmpbuf, tmpbuf, NULL, MS_BIND, NULL) != 0) {
int save_errno = errno;
pam_syslog(idata->pamh, LOG_ERR,
@@ -996,7 +996,7 @@ static int protect_mount(int dfd, const char *path, struct instance_data *idata)
errno = save_errno;
return -1;
}
-
+
dir->next = idata->protect_dirs;
idata->protect_dirs = dir;
@@ -1019,15 +1019,15 @@ static int protect_dir(const char *path, mode_t mode, int do_mkdir, int always,
if (p == NULL) {
goto error;
}
-
+
if (*dir == '/') {
dfd = open("/", flags);
if (dfd == -1) {
goto error;
}
- dir++; /* assume / is safe */
+ dir++; /* assume / is safe */
}
-
+
while ((d=strchr(dir, '/')) != NULL) {
*d = '\0';
dfd_next = openat(dfd, dir, flags);
@@ -1042,8 +1042,8 @@ static int protect_dir(const char *path, mode_t mode, int do_mkdir, int always,
if (fstat(dfd, &st) != 0) {
goto error;
}
-
- if (flags & O_NOFOLLOW) {
+
+ if (flags & O_NOFOLLOW) {
/* we are inside user-owned dir - protect */
if (protect_mount(dfd, p, idata) == -1)
goto error;
@@ -1058,14 +1058,14 @@ static int protect_dir(const char *path, mode_t mode, int do_mkdir, int always,
}
rv = openat(dfd, dir, flags);
-
+
if (rv == -1) {
if (!do_mkdir || mkdirat(dfd, dir, mode) != 0) {
goto error;
}
rv = openat(dfd, dir, flags);
}
-
+
if (rv != -1) {
if (fstat(rv, &st) != 0) {
save_errno = errno;
@@ -1082,7 +1082,7 @@ static int protect_dir(const char *path, mode_t mode, int do_mkdir, int always,
}
}
- if ((flags & O_NOFOLLOW) || always) {
+ if ((flags & O_NOFOLLOW) || always) {
/* we are inside user-owned dir - protect */
if (protect_mount(rv, p, idata) == -1) {
save_errno = errno;
@@ -1251,7 +1251,7 @@ static int create_polydir(struct polydir_s *polyptr,
pam_syslog(idata->pamh, LOG_DEBUG,
"Polydir %s context: %s", dir, (char *)dircon);
if (setfscreatecon(dircon) != 0)
- pam_syslog(idata->pamh, LOG_NOTICE,
+ pam_syslog(idata->pamh, LOG_NOTICE,
"Error setting context for directory %s: %m", dir);
freecon(dircon);
}
@@ -1279,15 +1279,15 @@ static int create_polydir(struct polydir_s *polyptr,
pam_syslog(idata->pamh, LOG_DEBUG, "Created polydir %s", dir);
if (polyptr->mode != (mode_t)ULONG_MAX) {
- /* explicit mode requested */
- if (fchmod(rc, mode) != 0) {
+ /* explicit mode requested */
+ if (fchmod(rc, mode) != 0) {
pam_syslog(idata->pamh, LOG_ERR,
- "Error changing mode of directory %s: %m", dir);
+ "Error changing mode of directory %s: %m", dir);
close(rc);
umount(dir); /* undo the eventual protection bind mount */
- rmdir(dir);
- return PAM_SESSION_ERR;
- }
+ rmdir(dir);
+ return PAM_SESSION_ERR;
+ }
}
if (polyptr->owner != (uid_t)ULONG_MAX)
@@ -1345,14 +1345,14 @@ static int create_instance(struct polydir_s *polyptr, char *ipath, struct stat *
* attributes to match that of the original directory that is being
* polyinstantiated.
*/
-
+
if (polyptr->method == TMPDIR) {
- if (mkdtemp(polyptr->instance_prefix) == NULL) {
+ if (mkdtemp(polyptr->instance_prefix) == NULL) {
pam_syslog(idata->pamh, LOG_ERR, "Error creating temporary instance %s, %m",
polyptr->instance_prefix);
polyptr->method = NONE; /* do not clean up! */
return PAM_SESSION_ERR;
- }
+ }
/* copy the actual directory name to ipath */
strcpy(ipath, polyptr->instance_prefix);
} else if (mkdir(ipath, S_IRUSR) < 0) {
@@ -1452,21 +1452,21 @@ static int ns_setup(struct polydir_s *polyptr,
if (retval < 0 && errno != ENOENT) {
pam_syslog(idata->pamh, LOG_ERR, "Polydir %s access error: %m",
polyptr->dir);
- return PAM_SESSION_ERR;
+ return PAM_SESSION_ERR;
}
if (retval < 0) {
- if ((polyptr->flags & POLYDIR_CREATE) &&
+ if ((polyptr->flags & POLYDIR_CREATE) &&
create_polydir(polyptr, idata) != PAM_SUCCESS)
return PAM_SESSION_ERR;
} else {
- close(retval);
+ close(retval);
}
-
+
if (polyptr->method == TMPFS) {
if (mount("tmpfs", polyptr->dir, "tmpfs", 0, NULL) < 0) {
pam_syslog(idata->pamh, LOG_ERR, "Error mounting tmpfs on %s, %m",
- polyptr->dir);
+ polyptr->dir);
return PAM_SESSION_ERR;
}
@@ -1481,7 +1481,7 @@ static int ns_setup(struct polydir_s *polyptr,
polyptr->dir);
return PAM_SESSION_ERR;
}
-
+
/*
* Obtain the name of instance pathname based on the
* polyinstantiation method and instance context returned by
@@ -1495,8 +1495,8 @@ static int ns_setup(struct polydir_s *polyptr,
#endif
if (retval != PAM_SUCCESS) {
- if (retval != PAM_IGNORE)
- pam_syslog(idata->pamh, LOG_ERR, "Error getting instance name");
+ if (retval != PAM_IGNORE)
+ pam_syslog(idata->pamh, LOG_ERR, "Error getting instance name");
goto cleanup;
} else {
#ifdef WITH_SELINUX
@@ -1526,8 +1526,8 @@ static int ns_setup(struct polydir_s *polyptr,
#endif
if (retval == PAM_IGNORE) {
- newdir = 0;
- retval = PAM_SUCCESS;
+ newdir = 0;
+ retval = PAM_SUCCESS;
}
if (retval != PAM_SUCCESS) {
@@ -1647,7 +1647,7 @@ static int cleanup_tmpdirs(struct instance_data *idata)
}
if (!WIFEXITED(status) || WIFSIGNALED(status) > 0) {
pam_syslog(idata->pamh, LOG_ERR,
- "Error removing %s", pptr->instance_prefix);
+ "Error removing %s", pptr->instance_prefix);
}
} else if (pid < 0) {
pam_syslog(idata->pamh, LOG_ERR,
@@ -1686,14 +1686,14 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt)
*/
for (pptr = idata->polydirs_ptr; pptr; pptr = pptr->next) {
if (ns_override(pptr, idata, idata->uid)) {
- if (unmnt == NO_UNMNT || ns_override(pptr, idata, idata->ruid)) {
- if (idata->flags & PAMNS_DEBUG)
- pam_syslog(idata->pamh, LOG_DEBUG,
+ if (unmnt == NO_UNMNT || ns_override(pptr, idata, idata->ruid)) {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
"Overriding poly for user %d for dir %s",
idata->uid, pptr->dir);
} else {
- if (idata->flags & PAMNS_DEBUG)
- pam_syslog(idata->pamh, LOG_DEBUG,
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
"Need unmount ns for user %d for dir %s",
idata->ruid, pptr->dir);
need_poly = 1;
@@ -1721,7 +1721,7 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt)
return PAM_SESSION_ERR;
}
} else {
- del_polydir_list(idata->polydirs_ptr);
+ del_polydir_list(idata->polydirs_ptr);
return PAM_SUCCESS;
}
@@ -1768,12 +1768,12 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt)
* are available from
*/
strcpy(poly_parent, pptr->rdir);
- fptr = strchr(poly_parent, '/');
- cptr = strrchr(poly_parent, '/');
- if (fptr && cptr && (fptr == cptr))
- strcpy(poly_parent, "/");
- else if (cptr)
- *cptr = '\0';
+ fptr = strchr(poly_parent, '/');
+ cptr = strrchr(poly_parent, '/');
+ if (fptr && cptr && (fptr == cptr))
+ strcpy(poly_parent, "/");
+ else if (cptr)
+ *cptr = '\0';
if (chdir(poly_parent) < 0) {
pam_syslog(idata->pamh, LOG_ERR,
"Can't chdir to %s, %m", poly_parent);
@@ -1781,12 +1781,12 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt)
}
if (umount(pptr->rdir) < 0) {
- int saved_errno = errno;
- pam_syslog(idata->pamh, LOG_ERR, "Unmount of %s failed, %m",
- pptr->rdir);
- if (saved_errno != EINVAL) {
- retval = PAM_SESSION_ERR;
- goto out;
+ int saved_errno = errno;
+ pam_syslog(idata->pamh, LOG_ERR, "Unmount of %s failed, %m",
+ pptr->rdir);
+ if (saved_errno != EINVAL) {
+ retval = PAM_SESSION_ERR;
+ goto out;
}
} else if (idata->flags & PAMNS_DEBUG)
pam_syslog(idata->pamh, LOG_DEBUG, "Umount succeeded %s",
@@ -1803,20 +1803,20 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt)
}
out:
if (retval != PAM_SUCCESS) {
- cleanup_tmpdirs(idata);
- unprotect_dirs(idata->protect_dirs);
+ cleanup_tmpdirs(idata);
+ unprotect_dirs(idata->protect_dirs);
} else if (pam_set_data(idata->pamh, NAMESPACE_PROTECT_DATA, idata->protect_dirs,
- cleanup_protect_data) != PAM_SUCCESS) {
+ cleanup_protect_data) != PAM_SUCCESS) {
pam_syslog(idata->pamh, LOG_ERR, "Unable to set namespace protect data");
- cleanup_tmpdirs(idata);
- unprotect_dirs(idata->protect_dirs);
+ cleanup_tmpdirs(idata);
+ unprotect_dirs(idata->protect_dirs);
return PAM_SYSTEM_ERR;
} else if (pam_set_data(idata->pamh, NAMESPACE_POLYDIR_DATA, idata->polydirs_ptr,
- cleanup_polydir_data) != PAM_SUCCESS) {
+ cleanup_polydir_data) != PAM_SUCCESS) {
pam_syslog(idata->pamh, LOG_ERR, "Unable to set namespace polydir data");
- cleanup_tmpdirs(idata);
- pam_set_data(idata->pamh, NAMESPACE_PROTECT_DATA, NULL, NULL);
- idata->protect_dirs = NULL;
+ cleanup_tmpdirs(idata);
+ pam_set_data(idata->pamh, NAMESPACE_PROTECT_DATA, NULL, NULL);
+ idata->protect_dirs = NULL;
return PAM_SYSTEM_ERR;
}
return retval;
@@ -1943,7 +1943,7 @@ static int get_user_data(struct instance_data *idata)
int retval;
char *user_name;
struct passwd *pwd;
- /*
+ /*
* Lookup user and fill struct items
*/
retval = pam_get_item(idata->pamh, PAM_USER, (void*) &user_name );
@@ -1969,10 +1969,10 @@ static int get_user_data(struct instance_data *idata)
/* Fill in RUSER too */
retval = pam_get_item(idata->pamh, PAM_RUSER, (void*) &user_name );
if ( user_name != NULL && retval == PAM_SUCCESS && user_name[0] != '\0' ) {
- strncat(idata->ruser, user_name, sizeof(idata->ruser) - 1);
- pwd = pam_modutil_getpwnam(idata->pamh, user_name);
+ strncat(idata->ruser, user_name, sizeof(idata->ruser) - 1);
+ pwd = pam_modutil_getpwnam(idata->pamh, user_name);
} else {
- pwd = pam_modutil_getpwuid(idata->pamh, getuid());
+ pwd = pam_modutil_getpwuid(idata->pamh, getuid());
}
if (!pwd) {
pam_syslog(idata->pamh, LOG_ERR, "user unknown '%s'", user_name);
@@ -2005,7 +2005,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
#ifdef WITH_SELINUX
if (is_selinux_enabled())
idata.flags |= PAMNS_SELINUX_ENABLED;
- if (ctxt_based_inst_needed())
+ if (ctxt_based_inst_needed())
idata.flags |= PAMNS_CTXT_BASED_INST;
#endif
@@ -2036,7 +2036,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
unmnt = UNMNT_ONLY;
if (strcmp(argv[i], "require_selinux") == 0) {
if (!(idata.flags & PAMNS_SELINUX_ENABLED)) {
- pam_syslog(idata.pamh, LOG_ERR,
+ pam_syslog(idata.pamh, LOG_ERR,
"selinux_required option given and selinux is disabled");
return PAM_SESSION_ERR;
}
@@ -2047,7 +2047,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
retval = get_user_data(&idata);
if (retval != PAM_SUCCESS)
- return retval;
+ return retval;
if (root_shared()) {
idata.flags |= PAMNS_MOUNT_PRIVATE;
@@ -2135,13 +2135,13 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
retval = get_user_data(&idata);
if (retval != PAM_SUCCESS)
- return retval;
+ return retval;
retval = pam_get_data(idata.pamh, NAMESPACE_POLYDIR_DATA, (const void **)&polyptr);
if (retval != PAM_SUCCESS || polyptr == NULL)
- /* nothing to reset */
- return PAM_SUCCESS;
-
+ /* nothing to reset */
+ return PAM_SUCCESS;
+
idata.polydirs_ptr = polyptr;
if (idata.flags & PAMNS_DEBUG)
@@ -2160,7 +2160,7 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
pam_set_data(idata.pamh, NAMESPACE_POLYDIR_DATA, NULL, NULL);
pam_set_data(idata.pamh, NAMESPACE_PROTECT_DATA, NULL, NULL);
-
+
return PAM_SUCCESS;
}
diff --git a/modules/pam_namespace/pam_namespace.h b/modules/pam_namespace/pam_namespace.h
index c49995c0..6bca31c4 100644
--- a/modules/pam_namespace/pam_namespace.h
+++ b/modules/pam_namespace/pam_namespace.h
@@ -1,5 +1,5 @@
/******************************************************************************
- * A module for Linux-PAM that will set the default namespace after
+ * A module for Linux-PAM that will set the default namespace after
* establishing a session via PAM.
*
* (C) Copyright IBM Corporation 2005
@@ -134,9 +134,9 @@ enum polymethod {
/*
* Depending on the application using this namespace module, we
* may need to unmount priviously bind mounted instance directory.
- * Applications such as login and sshd, that establish a new
+ * Applications such as login and sshd, that establish a new
* session unmount of instance directory is not needed. For applications
- * such as su and newrole, that switch the identity, this module
+ * such as su and newrole, that switch the identity, this module
* has to unmount previous instance directory first and re-mount
* based on the new indentity. For other trusted applications that
* just want to undo polyinstantiation, only unmount of previous
@@ -182,4 +182,3 @@ struct instance_data {
uid_t ruid; /* The uid of the requesting user */
unsigned long flags; /* Flags for debug, selinux etc */
};
-
diff --git a/modules/pam_pwhistory/opasswd.c b/modules/pam_pwhistory/opasswd.c
index 738483ac..f896119b 100644
--- a/modules/pam_pwhistory/opasswd.c
+++ b/modules/pam_pwhistory/opasswd.c
@@ -395,7 +395,7 @@ save_old_password (pam_handle_t *pamh, const char *user, uid_t uid,
entry.user, entry.uid, entry.count,
oldpass) < 0)
{
- free (save);
+ free (save);
retval = PAM_AUTHTOK_ERR;
fclose (oldpf);
fclose (newpf);
@@ -408,7 +408,7 @@ save_old_password (pam_handle_t *pamh, const char *user, uid_t uid,
entry.user, entry.uid, entry.count,
entry.old_passwords, oldpass) < 0)
{
- free (save);
+ free (save);
retval = PAM_AUTHTOK_ERR;
fclose (oldpf);
fclose (newpf);
diff --git a/modules/pam_securetty/pam_securetty.c b/modules/pam_securetty/pam_securetty.c
index 4e97ef59..5f2d1bec 100644
--- a/modules/pam_securetty/pam_securetty.c
+++ b/modules/pam_securetty/pam_securetty.c
@@ -203,9 +203,9 @@ securetty_perform_check (pam_handle_t *pamh, int ctrl,
for (n = p; n != NULL; p = n+1) {
if ((n = strchr(p, ' ')) != NULL)
- *n = '\0';
+ *n = '\0';
- if (strcmp(p, uttyname) == 0) {
+ if (strcmp(p, uttyname) == 0) {
retval = 0;
break;
}
diff --git a/modules/pam_selinux/Makefile.am b/modules/pam_selinux/Makefile.am
index 5c83acb4..ef142f4e 100644
--- a/modules/pam_selinux/Makefile.am
+++ b/modules/pam_selinux/Makefile.am
@@ -10,7 +10,7 @@ EXTRA_DIST = README $(XMLS) pam_selinux.8 pam_selinux_check.8 \
if HAVE_LIBSELINUX
TESTS = tst-pam_selinux
- man_MANS = pam_selinux.8
+ man_MANS = pam_selinux.8
endif
XMLS = README.xml pam_selinux.8.xml
@@ -40,4 +40,3 @@ noinst_DATA = README pam_selinux.8
README: pam_selinux.8.xml
-include $(top_srcdir)/Make.xml.rules
endif
-
diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c
index f99d433a..b777b01e 100644
--- a/modules/pam_selinux/pam_selinux.c
+++ b/modules/pam_selinux/pam_selinux.c
@@ -142,7 +142,7 @@ query_response (pam_handle_t *pamh, const char *text, const char *def,
char **response, int debug)
{
int rc;
- if (def)
+ if (def)
rc = pam_prompt (pamh, PAM_PROMPT_ECHO_ON, response, "%s [%s] ", text, def);
else
rc = pam_prompt (pamh, PAM_PROMPT_ECHO_ON, response, "%s ", text);
@@ -150,7 +150,7 @@ query_response (pam_handle_t *pamh, const char *text, const char *def,
if (*response == NULL) {
rc = PAM_CONV_ERR;
}
-
+
if (rc != PAM_SUCCESS) {
pam_syslog(pamh, LOG_WARNING, "No response to query: %s", text);
} else if (debug)
@@ -190,11 +190,11 @@ manual_context (pam_handle_t *pamh, const char *user, int debug)
/* Allow the user to enter each field of the context individually */
if (query_response(pamh, _("role:"), NULL, &response, debug) == PAM_SUCCESS &&
response[0] != '\0') {
- if (context_role_set (new_context, response))
+ if (context_role_set (new_context, response))
goto fail_set;
- if (get_default_type(response, &type))
+ if (get_default_type(response, &type))
goto fail_set;
- if (context_type_set (new_context, type))
+ if (context_type_set (new_context, type))
goto fail_set;
_pam_drop(type);
}
@@ -283,7 +283,7 @@ config_context (pam_handle_t *pamh, security_context_t defaultcon, int use_curre
while (1) {
if (query_response(pamh,
- _("Would you like to enter a different role or level?"), "n",
+ _("Would you like to enter a different role or level?"), "n",
&response, debug) == PAM_SUCCESS) {
resp_val = response[0];
_pam_drop(response);
@@ -293,22 +293,22 @@ config_context (pam_handle_t *pamh, security_context_t defaultcon, int use_curre
if ((resp_val == 'y') || (resp_val == 'Y'))
{
if ((new_context = context_new(defaultcon)) == NULL)
- goto fail_set;
+ goto fail_set;
/* Allow the user to enter role and level individually */
- if (query_response(pamh, _("role:"), context_role_get(new_context),
+ if (query_response(pamh, _("role:"), context_role_get(new_context),
&response, debug) == PAM_SUCCESS && response[0]) {
if (get_default_type(response, &type)) {
pam_prompt (pamh, PAM_ERROR_MSG, NULL, _("No default type for role %s\n"), response);
_pam_drop(response);
continue;
} else {
- if (context_role_set(new_context, response))
+ if (context_role_set(new_context, response))
goto fail_set;
if (context_type_set (new_context, type))
goto fail_set;
_pam_drop(type);
- }
+ }
}
_pam_drop(response);
@@ -320,9 +320,9 @@ config_context (pam_handle_t *pamh, security_context_t defaultcon, int use_curre
if (getcon(&mycon) != 0)
goto fail_set;
- my_context = context_new(mycon);
+ my_context = context_new(mycon);
if (my_context == NULL) {
- freecon(mycon);
+ freecon(mycon);
goto fail_set;
}
freecon(mycon);
@@ -331,11 +331,11 @@ config_context (pam_handle_t *pamh, security_context_t defaultcon, int use_curre
goto fail_set;
}
context_free(my_context);
- } else if (query_response(pamh, _("level:"), context_range_get(new_context),
+ } else if (query_response(pamh, _("level:"), context_range_get(new_context),
&response, debug) == PAM_SUCCESS && response[0]) {
if (context_range_set(new_context, response))
goto fail_set;
- }
+ }
_pam_drop(response);
}
@@ -355,7 +355,7 @@ config_context (pam_handle_t *pamh, security_context_t defaultcon, int use_curre
if (mls_enabled && !mls_range_allowed(pamh, defaultcon, newcon, debug)) {
pam_syslog(pamh, LOG_NOTICE, "Security context %s is not allowed for %s", defaultcon, newcon);
- send_audit_message(pamh, 0, defaultcon, newcon);
+ send_audit_message(pamh, 0, defaultcon, newcon);
free(newcon);
goto fail_range;
@@ -380,7 +380,7 @@ config_context (pam_handle_t *pamh, security_context_t defaultcon, int use_curre
context_free (new_context);
send_audit_message(pamh, 0, defaultcon, NULL);
fail_range:
- return NULL;
+ return NULL;
}
static security_context_t
@@ -405,7 +405,7 @@ context_from_env (pam_handle_t *pamh, security_context_t defaultcon, int env_par
pam_syslog(pamh, LOG_NOTICE, "No default type for role %s", env);
goto fail_set;
} else {
- if (context_role_set(new_context, env))
+ if (context_role_set(new_context, env))
goto fail_set;
if (context_type_set(new_context, type))
goto fail_set;
@@ -449,7 +449,7 @@ context_from_env (pam_handle_t *pamh, security_context_t defaultcon, int env_par
if (debug)
pam_syslog(pamh, LOG_NOTICE, "Selected Security Context %s", newcon);
-
+
/* Get the string value of the context and see if it is valid. */
if (security_check_context(newcon)) {
pam_syslog(pamh, LOG_NOTICE, "Not a valid security context %s", newcon);
@@ -623,7 +623,7 @@ pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
env_params = 1;
}
}
-
+
if (debug)
pam_syslog(pamh, LOG_NOTICE, "Open Session");
@@ -656,9 +656,9 @@ pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
#else
if (getseuserbyname(username, &seuser, &level) == 0) {
#endif
- num_contexts = get_ordered_context_list_with_level(seuser,
+ num_contexts = get_ordered_context_list_with_level(seuser,
level,
- NULL,
+ NULL,
&contextlist);
if (debug)
pam_syslog(pamh, LOG_DEBUG, "Username= %s SELinux User = %s Level= %s",
@@ -692,7 +692,7 @@ pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
return PAM_SUCCESS;
}
}
- else {
+ else {
if (seuser != NULL) {
user_context = manual_context(pamh,seuser,debug);
free(seuser);
diff --git a/modules/pam_selinux/pam_selinux_check.8 b/modules/pam_selinux/pam_selinux_check.8
index d6fcdff1..34f578d7 100644
--- a/modules/pam_selinux/pam_selinux_check.8
+++ b/modules/pam_selinux/pam_selinux_check.8
@@ -29,7 +29,7 @@ returns an exit code of 0 for success and > 0 on error:
pam_selinux(8)
.SH BUGS
-Let's hope not, but if you find any, please email the author.
+Let's hope not, but if you find any, please email the author.
.SH AUTHOR
Dan Walsh <dwalsh@redhat.com>
diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c
index 4879b685..f7998457 100644
--- a/modules/pam_sepermit/pam_sepermit.c
+++ b/modules/pam_sepermit/pam_sepermit.c
@@ -85,11 +85,11 @@ match_process_uid(pid_t pid, uid_t uid)
uid_t puid;
FILE *f;
int re = 0;
-
+
snprintf (buf, sizeof buf, PROC_BASE "/%d/status", pid);
if (!(f = fopen (buf, "r")))
return 0;
-
+
while (fgets(buf, sizeof buf, f)) {
if (sscanf (buf, "Uid:\t%d", &puid)) {
re = uid == puid;
@@ -246,9 +246,9 @@ sepermit_match(pam_handle_t *pamh, const char *cfgfile, const char *user,
int matched = 0;
int exclusive = 0;
int ignore = 0;
-
+
f = fopen(cfgfile, "r");
-
+
if (!f) {
pam_syslog(pamh, LOG_ERR, "Failed to open config file %s: %m", cfgfile);
return PAM_SERVICE_ERR;
@@ -276,7 +276,7 @@ sepermit_match(pam_handle_t *pamh, const char *cfgfile, const char *user,
start = strtok_r(start, OPT_DELIM, &sptr);
switch (start[0]) {
- case '@':
+ case '@':
++start;
if (debug)
pam_syslog(pamh, LOG_NOTICE, "Matching user %s against group %s", user, start);
@@ -411,9 +411,9 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
}
#ifdef PAM_STATIC
-
+
/* static module data */
-
+
struct pam_module _pam_sepermit_modstruct = {
"pam_sepermit",
pam_sm_authenticate,
@@ -424,4 +424,3 @@ struct pam_module _pam_sepermit_modstruct = {
NULL
};
#endif
-
diff --git a/modules/pam_shells/pam_shells.c b/modules/pam_shells/pam_shells.c
index 89fc297e..68bd6074 100644
--- a/modules/pam_shells/pam_shells.c
+++ b/modules/pam_shells/pam_shells.c
@@ -57,7 +57,7 @@ static int perform_check(pam_handle_t *pamh)
return PAM_SERVICE_ERR;
/* It could still be NULL the second time. */
- if (!userName || (userName[0] == '\0'))
+ if (!userName || (userName[0] == '\0'))
return PAM_SERVICE_ERR;
}
diff --git a/modules/pam_stress/pam_stress.c b/modules/pam_stress/pam_stress.c
index b75a597d..c1695d7f 100644
--- a/modules/pam_stress/pam_stress.c
+++ b/modules/pam_stress/pam_stress.c
@@ -62,7 +62,7 @@ _pam_report (const pam_handle_t *pamh, int ctrl, const char *name,
pam_syslog(pamh, LOG_DEBUG, "CALLED: %s", name);
pam_syslog(pamh, LOG_DEBUG, "FLAGS : 0%o%s",
flags, (flags & PAM_SILENT) ? " (silent)":"");
- pam_syslog(pamh, LOG_DEBUG, "CTRL = 0%o", ctrl);
+ pam_syslog(pamh, LOG_DEBUG, "CTRL = 0%o", ctrl);
pam_syslog(pamh, LOG_DEBUG, "ARGV :");
while (argc--) {
pam_syslog(pamh, LOG_DEBUG, " \"%s\"", *argv++);
diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c
index dffbc895..c7128857 100644
--- a/modules/pam_tally/pam_tally.c
+++ b/modules/pam_tally/pam_tally.c
@@ -134,7 +134,7 @@ static void
log_phase_no_auth(pam_handle_t *pamh, int phase, const char *argv)
{
if ( phase != PHASE_AUTH ) {
- pam_syslog(pamh, LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"option %s allowed in auth phase only", argv);
}
}
@@ -194,12 +194,12 @@ tally_parse_args(pam_handle_t *pamh, struct tally_options *opts,
else if ( ! strcmp( *argv, "per_user" ) )
{
log_phase_no_auth(pamh, phase, *argv);
- opts->ctrl |= OPT_PER_USER;
+ opts->ctrl |= OPT_PER_USER;
}
else if ( ! strcmp( *argv, "no_lock_time") )
{
log_phase_no_auth(pamh, phase, *argv);
- opts->ctrl |= OPT_NO_LOCK_TIME;
+ opts->ctrl |= OPT_NO_LOCK_TIME;
}
else if ( ! strcmp( *argv, "no_reset" ) ) {
opts->ctrl |= OPT_NO_RESET;
@@ -463,19 +463,19 @@ tally_bump (int inc, time_t *oldtime, pam_handle_t *pamh,
(void) pam_get_item(pamh, PAM_RHOST, &remote_host);
if (!remote_host) {
- (void) pam_get_item(pamh, PAM_TTY, &cur_tty);
+ (void) pam_get_item(pamh, PAM_TTY, &cur_tty);
if (!cur_tty) {
- strncpy(fsp->fs_faillog.fail_line, "unknown",
+ strncpy(fsp->fs_faillog.fail_line, "unknown",
sizeof(fsp->fs_faillog.fail_line) - 1);
fsp->fs_faillog.fail_line[sizeof(fsp->fs_faillog.fail_line)-1] = 0;
} else {
- strncpy(fsp->fs_faillog.fail_line, cur_tty,
+ strncpy(fsp->fs_faillog.fail_line, cur_tty,
sizeof(fsp->fs_faillog.fail_line)-1);
fsp->fs_faillog.fail_line[sizeof(fsp->fs_faillog.fail_line)-1] = 0;
}
} else {
- strncpy(fsp->fs_faillog.fail_line, remote_host,
+ strncpy(fsp->fs_faillog.fail_line, remote_host,
(size_t)sizeof(fsp->fs_faillog.fail_line));
fsp->fs_faillog.fail_line[sizeof(fsp->fs_faillog.fail_line)-1] = 0;
}
@@ -534,8 +534,8 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
if (lock_time && oldtime
&& !(opts->ctrl & OPT_NO_LOCK_TIME) )
{
- if ( lock_time + oldtime > time(NULL) )
- {
+ if ( lock_time + oldtime > time(NULL) )
+ {
if (!(opts->ctrl & OPT_SILENT))
pam_info (pamh,
_("Account temporary locked (%ld seconds left)"),
@@ -543,19 +543,19 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
if (!(opts->ctrl & OPT_NOLOGNOTICE))
pam_syslog (pamh, LOG_NOTICE,
- "user %s (%lu) has time limit [%lds left]"
+ "user %s (%lu) has time limit [%lds left]"
" since last failure.",
user, (unsigned long int) uid,
oldtime+lock_time-time(NULL));
- return PAM_AUTH_ERR;
- }
+ return PAM_AUTH_ERR;
+ }
}
if (opts->unlock_time && oldtime)
{
- if ( opts->unlock_time + oldtime <= time(NULL) )
- { /* ignore deny check after unlock_time elapsed */
- return PAM_SUCCESS;
- }
+ if ( opts->unlock_time + oldtime <= time(NULL) )
+ { /* ignore deny check after unlock_time elapsed */
+ return PAM_SUCCESS;
+ }
}
if (
( deny != 0 ) && /* deny==0 means no deny */
@@ -599,8 +599,8 @@ tally_reset (pam_handle_t *pamh, uid_t uid, struct tally_options *opts)
if (tally == 0)
{
- fsp->fs_faillog.fail_time = (time_t) 0;
- strcpy(fsp->fs_faillog.fail_line, "");
+ fsp->fs_faillog.fail_time = (time_t) 0;
+ strcpy(fsp->fs_faillog.fail_line, "");
}
i=set_tally(pamh, tally, uid, opts->filename, &TALLY, fsp);
@@ -866,8 +866,8 @@ int main ( int argc UNUSED, char **argv )
if ( ! fread((char *) &fsp->fs_faillog,
sizeof (struct faillog), 1, TALLY)
|| ! fsp->fs_faillog.fail_cnt ) {
- continue;
- }
+ continue;
+ }
tally = fsp->fs_faillog.fail_cnt;
if ( ( pw=getpwuid(uid) ) ) {
diff --git a/modules/pam_tally/pam_tally_app.c b/modules/pam_tally/pam_tally_app.c
index 9e6e1faf..ad288549 100644
--- a/modules/pam_tally/pam_tally_app.c
+++ b/modules/pam_tally/pam_tally_app.c
@@ -4,4 +4,3 @@
#define MAIN
#include "pam_tally.c"
-
diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c
index e1df6d74..c72d27a0 100644
--- a/modules/pam_tally2/pam_tally2.c
+++ b/modules/pam_tally2/pam_tally2.c
@@ -159,7 +159,7 @@ static void
log_phase_no_auth(pam_handle_t *pamh, int phase, const char *argv)
{
if ( phase != PHASE_AUTH ) {
- pam_syslog(pamh, LOG_ERR,
+ pam_syslog(pamh, LOG_ERR,
"option %s allowed in auth phase only", argv);
}
}
@@ -407,7 +407,7 @@ get_tally(pam_handle_t *pamh, uid_t uid, const char *filename,
if ((*tfile = open(filename, O_RDWR)) == -1) {
#ifndef MAIN
if (errno == EACCES) /* called with insufficient access rights */
- return PAM_IGNORE;
+ return PAM_IGNORE;
#endif
pam_syslog(pamh, LOG_ALERT, "Error opening %s for update: %m", filename);
@@ -418,7 +418,7 @@ skip_open:
if (lseek(*tfile, (off_t)uid*(off_t)sizeof(*tally), SEEK_SET) == (off_t)-1) {
pam_syslog(pamh, LOG_ALERT, "lseek failed for %s: %m", filename);
if (!preopened) {
- close(*tfile);
+ close(*tfile);
*tfile = -1;
}
return PAM_AUTH_ERR;
@@ -536,30 +536,30 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid,
if (uid) {
/* Unlock time check */
if (opts->unlock_time && oldtime) {
- if (opts->unlock_time + oldtime <= time(NULL)) {
+ if (opts->unlock_time + oldtime <= time(NULL)) {
/* ignore deny check after unlock_time elapsed */
#ifdef HAVE_LIBAUDIT
snprintf(buf, sizeof(buf), "pam_tally2 uid=%u ", uid);
audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf,
NULL, NULL, NULL, 1);
#endif
- rv = PAM_SUCCESS;
- goto cleanup;
- }
+ rv = PAM_SUCCESS;
+ goto cleanup;
+ }
}
} else {
/* Root unlock time check */
if (opts->root_unlock_time && oldtime) {
if (opts->root_unlock_time + oldtime <= time(NULL)) {
- /* ignore deny check after unlock_time elapsed */
+ /* ignore deny check after unlock_time elapsed */
#ifdef HAVE_LIBAUDIT
snprintf(buf, sizeof(buf), "pam_tally2 uid=%u ", uid);
audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf,
NULL, NULL, NULL, 1);
#endif
- rv = PAM_SUCCESS;
- goto cleanup;
- }
+ rv = PAM_SUCCESS;
+ goto cleanup;
+ }
}
}
@@ -597,7 +597,7 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid,
oldtime+opts->lock_time-time(NULL));
}
if (!(opts->ctrl & OPT_NOLOGNOTICE)) {
- pam_syslog(pamh, LOG_NOTICE,
+ pam_syslog(pamh, LOG_NOTICE,
"user %s (%lu) has time limit [%lds left]"
" since last failure.",
user, (unsigned long)uid,
@@ -605,7 +605,7 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid,
}
rv = PAM_AUTH_ERR;
goto cleanup;
- }
+ }
}
cleanup:
@@ -648,10 +648,10 @@ tally_bump (int inc, time_t *oldtime, pam_handle_t *pamh,
(void) pam_get_item(pamh, PAM_RHOST, &remote_host);
if (!remote_host) {
- (void) pam_get_item(pamh, PAM_TTY, &remote_host);
+ (void) pam_get_item(pamh, PAM_TTY, &remote_host);
if (!remote_host) {
- remote_host = "unknown";
- }
+ remote_host = "unknown";
+ }
}
strncpy(tally.fail_line, remote_host,
@@ -1019,14 +1019,14 @@ main( int argc UNUSED, char **argv )
FILE *tfile=fopen(cline_filename, "r");
uid_t uid=0;
if (!tfile && cline_reset != 0) {
- perror(*argv);
- exit(1);
+ perror(*argv);
+ exit(1);
}
for ( ; tfile && !feof(tfile); uid++ ) {
if ( !fread(&tally, sizeof(tally), 1, tfile)
|| !tally.fail_cnt ) {
- continue;
+ continue;
}
print_one(&tally, uid);
}
diff --git a/modules/pam_tally2/pam_tally2_app.c b/modules/pam_tally2/pam_tally2_app.c
index 681ed690..b72e9bfd 100644
--- a/modules/pam_tally2/pam_tally2_app.c
+++ b/modules/pam_tally2/pam_tally2_app.c
@@ -4,4 +4,3 @@
#define MAIN
#include "pam_tally2.c"
-
diff --git a/modules/pam_time/pam_time.c b/modules/pam_time/pam_time.c
index dff4a6da..c94737ca 100644
--- a/modules/pam_time/pam_time.c
+++ b/modules/pam_time/pam_time.c
@@ -135,7 +135,7 @@ read_field(const pam_handle_t *pamh, int fd, char **buf, int *from, int *state)
return -1;
}
}
-
+
if (*from > 0)
to = shift_buf(*buf, *from);
@@ -652,7 +652,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
#ifdef HAVE_LIBAUDIT
if (!(ctrl & PAM_NO_AUDIT)) {
pam_modutil_audit_write(pamh, AUDIT_ANOM_LOGIN_TIME,
- "pam_time", rv); /* ignore return value as we fail anyway */
+ "pam_time", rv); /* ignore return value as we fail anyway */
}
#endif
if (ctrl & PAM_DEBUG_ARG) {
diff --git a/modules/pam_time/time.conf b/modules/pam_time/time.conf
index c7b7989c..68d2dadc 100644
--- a/modules/pam_time/time.conf
+++ b/modules/pam_time/time.conf
@@ -1,4 +1,4 @@
-# this is an example configuration file for the pam_time module. Its syntax
+# this is an example configuration file for the pam_time module. Its syntax
# was initially based heavily on that of the shadow package (shadow-960129).
#
# the syntax of the lines is as follows:
diff --git a/modules/pam_time/time.conf.5.xml b/modules/pam_time/time.conf.5.xml
index 224fda34..82227ba0 100644
--- a/modules/pam_time/time.conf.5.xml
+++ b/modules/pam_time/time.conf.5.xml
@@ -119,7 +119,7 @@ login ; tty* &amp; !ttyp* ; !root ; !Al0000-2400
Games (configured to use PAM) are only to be accessed out of
working hours. This rule does not apply to the user
<emphasis>waster</emphasis>:
- <programlisting>
+ <programlisting>
games ; * ; !waster ; Wd0000-2400 | Wk1800-0800
</programlisting>
</para>
diff --git a/modules/pam_timestamp/hmacfile.c b/modules/pam_timestamp/hmacfile.c
index d2da5ff1..7c1f8bfb 100644
--- a/modules/pam_timestamp/hmacfile.c
+++ b/modules/pam_timestamp/hmacfile.c
@@ -63,7 +63,7 @@ testvectors(void)
"b617318655057264e28bc0b6fb378c8ef146be00",
},
-#ifdef HMAC_ALLOW_SHORT_KEYS
+#ifdef HMAC_ALLOW_SHORT_KEYS
{
"Jefe", 4,
"what do ya want for nothing?", 28,
diff --git a/modules/pam_timestamp/hmacsha1.c b/modules/pam_timestamp/hmacsha1.c
index 5b3774ff..573ecf3b 100644
--- a/modules/pam_timestamp/hmacsha1.c
+++ b/modules/pam_timestamp/hmacsha1.c
@@ -69,8 +69,8 @@ hmac_key_create(pam_handle_t *pamh, const char *filename, size_t key_size,
pam_syslog(pamh, LOG_ERR, "Cannot create %s: %m", filename);
return;
}
-
-
+
+
if (fchown(keyfd, owner, group) == -1) {
pam_syslog(pamh, LOG_ERR, "Cannot chown %s: %m", filename);
return;
diff --git a/modules/pam_timestamp/pam_timestamp.8.xml b/modules/pam_timestamp/pam_timestamp.8.xml
index adb87a79..fc6a9276 100644
--- a/modules/pam_timestamp/pam_timestamp.8.xml
+++ b/modules/pam_timestamp/pam_timestamp.8.xml
@@ -186,4 +186,3 @@ session optional pam_timestamp.so
</refsect1>
</refentry>
-
diff --git a/modules/pam_timestamp/pam_timestamp_check.8.xml b/modules/pam_timestamp/pam_timestamp_check.8.xml
index 7ec7140e..06432e09 100644
--- a/modules/pam_timestamp/pam_timestamp_check.8.xml
+++ b/modules/pam_timestamp/pam_timestamp_check.8.xml
@@ -205,4 +205,3 @@ session optional pam_timestamp.so
</refsect1>
</refentry>
-
diff --git a/modules/pam_timestamp/sha1.c b/modules/pam_timestamp/sha1.c
index e6705eb5..576b4b41 100644
--- a/modules/pam_timestamp/sha1.c
+++ b/modules/pam_timestamp/sha1.c
@@ -185,7 +185,7 @@ size_t
sha1_output(struct sha1_context *ctx, unsigned char *out)
{
struct sha1_context ctx2;
-
+
/* Output the sum. */
if (out != NULL) {
u_int32_t c;
diff --git a/modules/pam_unix/CHANGELOG b/modules/pam_unix/CHANGELOG
index 1476b579..c18acc27 100644
--- a/modules/pam_unix/CHANGELOG
+++ b/modules/pam_unix/CHANGELOG
@@ -8,7 +8,7 @@ $Id$
- temporarily removed the crypt16 stuff. I'm really paranoid about
crypto stuff and exporting it, and there are a few too many 's-box'
references in the code for my liking..
-
+
* Wed Jun 30 1999 Steve Langasek <vorlon@netexpress.net>
- further NIS+ fixes
@@ -50,6 +50,5 @@ $Id$
is too lame to use it in real life)
* Sun Mar 21 1999 Jan Rêkorajski <baggins@mimuw.edu.pl>
-- pam_unix_auth now correctly behave when user has NULL AUTHTOK
+- pam_unix_auth now correctly behave when user has NULL AUTHTOK
- pam_unix_auth returns PAM_PERM_DENIED when seteuid fails
-
diff --git a/modules/pam_unix/bigcrypt.c b/modules/pam_unix/bigcrypt.c
index 9922d177..e10d1c56 100644
--- a/modules/pam_unix/bigcrypt.c
+++ b/modules/pam_unix/bigcrypt.c
@@ -1,20 +1,20 @@
/*
* This function implements the "bigcrypt" algorithm specifically for
* Linux-PAM.
- *
+ *
* This algorithm is algorithm 0 (default) shipped with the C2 secure
* implementation of Digital UNIX.
- *
+ *
* Disclaimer: This work is not based on the source code to Digital
* UNIX, nor am I connected to Digital Equipment Corp, in any way
* other than as a customer. This code is based on published
* interfaces and reasonable guesswork.
- *
+ *
* Description: The cleartext is divided into blocks of SEGMENT_SIZE=8
* characters or less. Each block is encrypted using the standard UNIX
* libc crypt function. The result of the encryption for one block
* provides the salt for the suceeding block.
- *
+ *
* Restrictions: The buffer used to hold the encrypted result is
* statically allocated. (see MAX_PASS_LEN below). This is necessary,
* as the returned pointer points to "static data that are overwritten
diff --git a/modules/pam_unix/md5.c b/modules/pam_unix/md5.c
index 94d1c9da..7881db5d 100644
--- a/modules/pam_unix/md5.c
+++ b/modules/pam_unix/md5.c
@@ -107,7 +107,7 @@ void MD5Name(MD5Update)(struct MD5Context *ctx, unsigned const char *buf, unsign
}
/*
- * Final wrapup - pad to 64-byte boundary with the bit pattern
+ * Final wrapup - pad to 64-byte boundary with the bit pattern
* 1 0* (64-bit count of bits processed, MSB-first)
*/
void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx)
diff --git a/modules/pam_unix/pam_unix_auth.c b/modules/pam_unix/pam_unix_auth.c
index d9c4ea55..1379d96c 100644
--- a/modules/pam_unix/pam_unix_auth.c
+++ b/modules/pam_unix/pam_unix_auth.c
@@ -206,7 +206,7 @@ pam_sm_setcred (pam_handle_t *pamh, int flags UNUSED,
don't worry about an explicit check of argv. */
if (pam_get_data(pamh, "unix_setcred_return", &pretval) == PAM_SUCCESS
&& pretval) {
- retval = *(const int *)pretval;
+ retval = *(const int *)pretval;
pam_set_data(pamh, "unix_setcred_return", NULL, NULL);
D(("recovered data indicates that old retval was %d", retval));
}
diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index 631df318..6ba2c2e6 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -212,7 +212,7 @@ static int _unix_run_update_binary(pam_handle_t *pamh, unsigned int ctrl, const
rlim.rlim_max = MAX_FD_NO;
for (i=0; i < (int)rlim.rlim_max; i++) {
if (i != STDIN_FILENO)
- close(i);
+ close(i);
}
}
@@ -262,7 +262,7 @@ static int _unix_run_update_binary(pam_handle_t *pamh, unsigned int ctrl, const
} else {
D(("fork failed"));
close(fds[0]);
- close(fds[1]);
+ close(fds[1]);
retval = PAM_AUTH_ERR;
}
diff --git a/modules/pam_unix/pam_unix_sess.c b/modules/pam_unix/pam_unix_sess.c
index 778062e4..72046ea0 100644
--- a/modules/pam_unix/pam_unix_sess.c
+++ b/modules/pam_unix/pam_unix_sess.c
@@ -16,13 +16,13 @@
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
@@ -140,4 +140,3 @@ struct pam_module _pam_unix_session_modstruct = {
NULL,
};
#endif
-
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index 5199a690..089f4b83 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -89,17 +89,17 @@ verify_pwd_hash(const char *p, char *hash, unsigned int nullok)
} else {
if (!strncmp(hash, "$1$", 3)) {
pp = Goodcrypt_md5(p, hash);
- if (pp && strcmp(pp, hash) != 0) {
+ if (pp && strcmp(pp, hash) != 0) {
_pam_delete(pp);
pp = Brokencrypt_md5(p, hash);
- }
+ }
} else if (*hash != '$' && hash_len >= 13) {
- pp = bigcrypt(p, hash);
- if (pp && hash_len == 13 && strlen(pp) > hash_len) {
+ pp = bigcrypt(p, hash);
+ if (pp && hash_len == 13 && strlen(pp) > hash_len) {
_pam_overwrite(pp + hash_len);
- }
+ }
} else {
- /*
+ /*
* Ok, we don't know the crypt algorithm, but maybe
* libcrypt knows about it? We should try it.
*/
@@ -448,12 +448,12 @@ unix_selinux_confined(void)
char tempfile[]="/etc/.pwdXXXXXX";
if (confined != -1)
- return confined;
+ return confined;
/* cannot be confined without SELinux enabled */
if (!SELINUX_ENABLED){
- confined = 0;
- return confined;
+ confined = 0;
+ return confined;
}
/* let's try opening shadow read only */
@@ -633,7 +633,7 @@ save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass,
char *sptr = NULL;
found = 1;
if (howmany == 0)
- continue;
+ continue;
buf[strlen(buf) - 1] = '\0';
s_luser = strtok_r(buf, ":", &sptr);
s_uid = strtok_r(NULL, ":", &sptr);
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index cc350e58..ab04535f 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -475,7 +475,7 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
rlim.rlim_max = MAX_FD_NO;
for (i=0; i < (int)rlim.rlim_max; i++) {
if (i != STDIN_FILENO)
- close(i);
+ close(i);
}
}
@@ -530,7 +530,7 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
} else {
D(("fork failed"));
close(fds[0]);
- close(fds[1]);
+ close(fds[1]);
retval = PAM_AUTH_ERR;
}
diff --git a/modules/pam_unix/unix_update.c b/modules/pam_unix/unix_update.c
index 702912d0..6ea7ea51 100644
--- a/modules/pam_unix/unix_update.c
+++ b/modules/pam_unix/unix_update.c
@@ -62,7 +62,7 @@ set_password(const char *forwho, const char *shadow, const char *remember)
}
if (lock_pwdf() != PAM_SUCCESS)
- return PAM_AUTHTOK_LOCK_BUSY;
+ return PAM_AUTHTOK_LOCK_BUSY;
pwd = getpwnam(forwho);
diff --git a/modules/pam_userdb/Makefile.am b/modules/pam_userdb/Makefile.am
index b05cc6c6..77cc9608 100644
--- a/modules/pam_userdb/Makefile.am
+++ b/modules/pam_userdb/Makefile.am
@@ -35,4 +35,3 @@ noinst_DATA = README pam_userdb.8
README: pam_userdb.8.xml
-include $(top_srcdir)/Make.xml.rules
endif
-
diff --git a/modules/pam_userdb/create.pl b/modules/pam_userdb/create.pl
index 224204b7..06915c92 100644
--- a/modules/pam_userdb/create.pl
+++ b/modules/pam_userdb/create.pl
@@ -1,5 +1,5 @@
#!/usr/bin/perl
-# this program creates a database in ARGV[1] from pairs given on
+# this program creates a database in ARGV[1] from pairs given on
# stdandard input
#
# $Id$
@@ -19,5 +19,3 @@ while (<STDIN>) {
$lusers{$user} = $pass;
}
untie %lusers;
-
-
diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c
index 11b0d6bd..c075c4b5 100644
--- a/modules/pam_userdb/pam_userdb.c
+++ b/modules/pam_userdb/pam_userdb.c
@@ -145,7 +145,7 @@ _pam_parse (pam_handle_t *pamh, int argc, const char **argv,
* return values:
* 1 = User not found
* 0 = OK
- * -1 = Password incorrect
+ * -1 = Password incorrect
* -2 = System error
*/
static int
@@ -362,12 +362,12 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
retval = pam_get_item(pamh, PAM_AUTHTOK, &password);
if (retval != PAM_SUCCESS || password == NULL) {
if ((ctrl & PAM_TRY_FPASS_ARG) != 0) {
- /* Converse to obtain a password */
- retval = obtain_authtok(pamh);
- if (retval != PAM_SUCCESS) {
+ /* Converse to obtain a password */
+ retval = obtain_authtok(pamh);
+ if (retval != PAM_SUCCESS) {
pam_syslog(pamh, LOG_ERR, "can not obtain password from user");
return retval;
- }
+ }
retval = pam_get_item(pamh, PAM_AUTHTOK, &password);
}
if (retval != PAM_SUCCESS || password == NULL) {
diff --git a/modules/pam_userdb/pam_userdb.h b/modules/pam_userdb/pam_userdb.h
index 4cd81baf..3cd8fee0 100644
--- a/modules/pam_userdb/pam_userdb.h
+++ b/modules/pam_userdb/pam_userdb.h
@@ -2,7 +2,7 @@
#ifndef _PAM_USERSDB_H
#define _PAM_USERSDB_H
/* $Id$ */
-
+
/* Header files */
#include <security/pam_appl.h>
diff --git a/po/.cvsignore b/po/.cvsignore
index f5ef83ad..32677b4e 100644
--- a/po/.cvsignore
+++ b/po/.cvsignore
@@ -4,4 +4,3 @@ Makefile.in
*.gmo
remove-potcdate.sed
stamp-po
-
diff --git a/tests/tst-dlopen.c b/tests/tst-dlopen.c
index e4770eea..3000055c 100644
--- a/tests/tst-dlopen.c
+++ b/tests/tst-dlopen.c
@@ -45,4 +45,3 @@ int main(int argc, char **argv)
return 0;
#endif
}
-
diff --git a/xtests/group.conf b/xtests/group.conf
index 04fe3ef7..2cb34877 100644
--- a/xtests/group.conf
+++ b/xtests/group.conf
@@ -1,3 +1,2 @@
tst-pam_group1;tty1;tstpamgrp;Al0000-2400;tstpamgrpg
-
diff --git a/xtests/tst-pam_access1.pamd b/xtests/tst-pam_access1.pamd
index f47ec34f..a70f2d9c 100644
--- a/xtests/tst-pam_access1.pamd
+++ b/xtests/tst-pam_access1.pamd
@@ -3,4 +3,3 @@ auth required pam_access.so nodefgroup
account required pam_permit.so
password required pam_permit.so
session required pam_permit.so
-
diff --git a/xtests/tst-pam_access2.pamd b/xtests/tst-pam_access2.pamd
index f47ec34f..a70f2d9c 100644
--- a/xtests/tst-pam_access2.pamd
+++ b/xtests/tst-pam_access2.pamd
@@ -3,4 +3,3 @@ auth required pam_access.so nodefgroup
account required pam_permit.so
password required pam_permit.so
session required pam_permit.so
-
diff --git a/xtests/tst-pam_access3.pamd b/xtests/tst-pam_access3.pamd
index f47ec34f..a70f2d9c 100644
--- a/xtests/tst-pam_access3.pamd
+++ b/xtests/tst-pam_access3.pamd
@@ -3,4 +3,3 @@ auth required pam_access.so nodefgroup
account required pam_permit.so
password required pam_permit.so
session required pam_permit.so
-
diff --git a/xtests/tst-pam_access4.pamd b/xtests/tst-pam_access4.pamd
index f47ec34f..a70f2d9c 100644
--- a/xtests/tst-pam_access4.pamd
+++ b/xtests/tst-pam_access4.pamd
@@ -3,4 +3,3 @@ auth required pam_access.so nodefgroup
account required pam_permit.so
password required pam_permit.so
session required pam_permit.so
-
diff --git a/xtests/tst-pam_authfail.c b/xtests/tst-pam_authfail.c
index afdbd6a4..0e7d8087 100644
--- a/xtests/tst-pam_authfail.c
+++ b/xtests/tst-pam_authfail.c
@@ -60,14 +60,14 @@ main(int argc, char *argv[])
if (argc > 2) {
stack = argv[2];
}
-
+
if (argc > 1) {
if (strcmp (argv[1], "-d") == 0)
debug = 1;
else
stack = argv[1];
}
-
+
retval = pam_start(stack, user, &conv, &pamh);
if (retval != PAM_SUCCESS)
diff --git a/xtests/tst-pam_authsucceed.c b/xtests/tst-pam_authsucceed.c
index 8666f3f7..c0ee8023 100644
--- a/xtests/tst-pam_authsucceed.c
+++ b/xtests/tst-pam_authsucceed.c
@@ -60,14 +60,14 @@ main(int argc, char *argv[])
if (argc > 2) {
stack = argv[2];
}
-
+
if (argc > 1) {
if (strcmp (argv[1], "-d") == 0)
debug = 1;
else
stack = argv[1];
}
-
+
retval = pam_start(stack, user, &conv, &pamh);
if (retval != PAM_SUCCESS)
diff --git a/xtests/tst-pam_dispatch3.pamd b/xtests/tst-pam_dispatch3.pamd
index 8172c5f2..7f290aba 100644
--- a/xtests/tst-pam_dispatch3.pamd
+++ b/xtests/tst-pam_dispatch3.pamd
@@ -3,4 +3,3 @@ auth optional pam_debug.so auth=auth_err
auth sufficient pam_debug.so auth=success
auth required pam_debug.so auth=perm_denied
account required pam_debug.so acct=acct_expired
-
diff --git a/xtests/tst-pam_group1.pamd b/xtests/tst-pam_group1.pamd
index d78f3a6c..e75d0d1c 100644
--- a/xtests/tst-pam_group1.pamd
+++ b/xtests/tst-pam_group1.pamd
@@ -4,4 +4,3 @@ auth required pam_permit.so
account required pam_permit.so
password required pam_permit.so
session required pam_permit.so
-
diff --git a/xtests/tst-pam_limits1.pamd b/xtests/tst-pam_limits1.pamd
index 206ef1f7..7b1771c4 100644
--- a/xtests/tst-pam_limits1.pamd
+++ b/xtests/tst-pam_limits1.pamd
@@ -3,4 +3,3 @@ auth required pam_permit.so
account required pam_permit.so
password required pam_permit.so
session required pam_limits.so
-
diff --git a/xtests/tst-pam_pwhistory1.pamd b/xtests/tst-pam_pwhistory1.pamd
index e096cc4f..68e1b942 100644
--- a/xtests/tst-pam_pwhistory1.pamd
+++ b/xtests/tst-pam_pwhistory1.pamd
@@ -4,4 +4,3 @@ account required pam_permit.so
password required pam_pwhistory.so remember=10 retry=1
password required pam_unix.so use_authtok md5
session required pam_permit.so
-
diff --git a/xtests/tst-pam_substack1.pamd b/xtests/tst-pam_substack1.pamd
index 6eab233e..8dfe1b82 100644
--- a/xtests/tst-pam_substack1.pamd
+++ b/xtests/tst-pam_substack1.pamd
@@ -1,5 +1,5 @@
#%PAM-1.0
-# Even if the substack succeeds with sufficient
+# Even if the substack succeeds with sufficient
# the whole stack should fail.
auth substack tst-pam_substack1a
auth required pam_debug.so auth=auth_err
diff --git a/xtests/tst-pam_unix1.pamd b/xtests/tst-pam_unix1.pamd
index 1a2990c7..6cd67b6a 100644
--- a/xtests/tst-pam_unix1.pamd
+++ b/xtests/tst-pam_unix1.pamd
@@ -3,4 +3,3 @@ auth required pam_unix.so
account required pam_unix.so
password required pam_unix.so
session required pam_unix.so
-
diff --git a/xtests/tst-pam_unix2.pamd b/xtests/tst-pam_unix2.pamd
index 1a2990c7..6cd67b6a 100644
--- a/xtests/tst-pam_unix2.pamd
+++ b/xtests/tst-pam_unix2.pamd
@@ -3,4 +3,3 @@ auth required pam_unix.so
account required pam_unix.so
password required pam_unix.so
session required pam_unix.so
-
diff --git a/xtests/tst-pam_unix3.pamd b/xtests/tst-pam_unix3.pamd
index 1a2990c7..6cd67b6a 100644
--- a/xtests/tst-pam_unix3.pamd
+++ b/xtests/tst-pam_unix3.pamd
@@ -3,4 +3,3 @@ auth required pam_unix.so
account required pam_unix.so
password required pam_unix.so
session required pam_unix.so
-
diff --git a/xtests/tst-pam_unix4.pamd b/xtests/tst-pam_unix4.pamd
index 4dc414fc..1affa8e1 100644
--- a/xtests/tst-pam_unix4.pamd
+++ b/xtests/tst-pam_unix4.pamd
@@ -3,4 +3,3 @@ auth required pam_unix.so
account required pam_unix.so
password required pam_unix.so debug
session required pam_unix.so
-