summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog15
-rw-r--r--libpam/include/security/_pam_compat.h7
-rw-r--r--libpam/include/security/_pam_types.h8
-rw-r--r--libpam/pam_strerror.c35
-rw-r--r--modules/pam_cracklib/pam_cracklib.c13
-rw-r--r--modules/pam_pwdb/support.-c19
-rw-r--r--modules/pam_unix/support.c18
-rw-r--r--modules/pam_userdb/pam_userdb.c11
8 files changed, 80 insertions, 46 deletions
diff --git a/ChangeLog b/ChangeLog
index 724bc919..22cda4d3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+2006-01-08 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_cracklib/pam_cracklib.c: Use PAM_AUTHTOK_RECOVERY_ERR
+ instead of PAM_AUTHTOK_RECOVER_ERR.
+ * modules/pam_pwdb/support.-c: Likewise.
+ * modules/pam_unix/support.c: Likewise.
+ * modules/pam_userdb/pam_userdb.c (pam_sm_authenticate): Likewise.
+ * libpam/pam_strerror.c (pam_strerror): Likewise.
+
+ * libpam/include/security/_pam_compat.h: Define
+ PAM_AUTHTOK_RECOVER_ERR for backward compatibility.
+
+ * libpam/include/security/_pam_types.h: Rename
+ PAM_AUTHTOK_RECOVER_ERR to PAM_AUTHTOK_RECOVERY_ERR.
+
2006-01-05 Thorsten Kukuk <kukuk@thkukuk.de>
* libpam/include/security/_pam_types.h: Remove nonnull attribute
diff --git a/libpam/include/security/_pam_compat.h b/libpam/include/security/_pam_compat.h
index 1bfec42c..a5f58e42 100644
--- a/libpam/include/security/_pam_compat.h
+++ b/libpam/include/security/_pam_compat.h
@@ -2,8 +2,6 @@
#define _PAM_COMPAT_H
/*
- * $Id$
- *
* This file was contributed by Derrick J Brashear <shadow@dementia.org>
* slight modification by Brad M. Garcia <bgarcia@fore.com>
*
@@ -118,6 +116,11 @@
#endif /* _SECURITY__PAM_TYPES_H */
+#else
+
+/* For compatibility with old Linux-PAM implementations. */
+#define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR
+
#endif /* defined(solaris) || (defined(__SVR4) && defined(sun)) */
#endif /* _PAM_COMPAT_H */
diff --git a/libpam/include/security/_pam_types.h b/libpam/include/security/_pam_types.h
index a55dba9c..18f222db 100644
--- a/libpam/include/security/_pam_types.h
+++ b/libpam/include/security/_pam_types.h
@@ -1,14 +1,10 @@
/*
* <security/_pam_types.h>
*
- * $Id$
- *
* This file defines all of the types common to the Linux-PAM library
* applications and modules.
*
* Note, the copyright+license information is at end of file.
- *
- * Created: 1996/3/5 by AGM
*/
#ifndef _SECURITY__PAM_TYPES_H
@@ -67,8 +63,8 @@ typedef struct pam_handle pam_handle_t;
#define PAM_NO_MODULE_DATA 18 /* No module specific data is present */
#define PAM_CONV_ERR 19 /* Conversation error */
#define PAM_AUTHTOK_ERR 20 /* Authentication token manipulation error */
-#define PAM_AUTHTOK_RECOVER_ERR 21 /* Authentication information */
- /* cannot be recovered */
+#define PAM_AUTHTOK_RECOVERY_ERR 21 /* Authentication information */
+ /* cannot be recovered */
#define PAM_AUTHTOK_LOCK_BUSY 22 /* Authentication token lock busy */
#define PAM_AUTHTOK_DISABLE_AGING 23 /* Authentication token aging disabled */
#define PAM_TRY_AGAIN 24 /* Preliminary check by password service */
diff --git a/libpam/pam_strerror.c b/libpam/pam_strerror.c
index ca7bde83..f7923314 100644
--- a/libpam/pam_strerror.c
+++ b/libpam/pam_strerror.c
@@ -1,7 +1,34 @@
-/* pam_strerror.c */
-
/*
- * $Id$
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "pam_private.h"
@@ -55,7 +82,7 @@ const char *pam_strerror(pam_handle_t *pamh UNUSED, int errnum)
return _("Conversation error");
case PAM_AUTHTOK_ERR:
return _("Authentication token manipulation error");
- case PAM_AUTHTOK_RECOVER_ERR:
+ case PAM_AUTHTOK_RECOVERY_ERR:
return _("Authentication information cannot be recovered");
case PAM_AUTHTOK_LOCK_BUSY:
return _("Authentication token lock busy");
diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c
index aa55afd4..091a56f5 100644
--- a/modules/pam_cracklib/pam_cracklib.c
+++ b/modules/pam_cracklib/pam_cracklib.c
@@ -1,6 +1,5 @@
/*
* pam_cracklib module
- * $Id$
*/
/*
@@ -572,7 +571,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
token1 = x_strdup(item);
item = NULL;
} else {
- retval = PAM_AUTHTOK_RECOVER_ERR; /* didn't work */
+ retval = PAM_AUTHTOK_RECOVERY_ERR; /* didn't work */
}
} else {
@@ -587,7 +586,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
if (token1 == NULL) {
pam_syslog(pamh, LOG_NOTICE,
"could not recover authentication token 1");
- retval = PAM_AUTHTOK_RECOVER_ERR;
+ retval = PAM_AUTHTOK_RECOVERY_ERR;
}
/*
* tidy up the conversation (resp_retcode) is ignored
@@ -595,7 +594,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
_pam_drop(resp);
} else {
retval = (retval == PAM_SUCCESS) ?
- PAM_AUTHTOK_RECOVER_ERR:retval ;
+ PAM_AUTHTOK_RECOVERY_ERR:retval ;
}
}
@@ -657,7 +656,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
if (token2 == NULL) {
pam_syslog(pamh,LOG_NOTICE,
"could not recover authentication token 2");
- retval = PAM_AUTHTOK_RECOVER_ERR;
+ retval = PAM_AUTHTOK_RECOVERY_ERR;
}
/*
* tidy up the conversation (resp_retcode) is ignored
@@ -665,7 +664,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
_pam_drop(resp);
} else {
retval = (retval == PAM_SUCCESS) ?
- PAM_AUTHTOK_RECOVER_ERR:retval ;
+ PAM_AUTHTOK_RECOVERY_ERR:retval ;
}
if (retval != PAM_SUCCESS) {
@@ -684,7 +683,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
pam_set_item(pamh, PAM_AUTHTOK, NULL);
if (ctrl & PAM_DEBUG_ARG)
pam_syslog(pamh,LOG_NOTICE,"Password mistyped");
- retval = PAM_AUTHTOK_RECOVER_ERR;
+ retval = PAM_AUTHTOK_RECOVERY_ERR;
continue;
}
diff --git a/modules/pam_pwdb/support.-c b/modules/pam_pwdb/support.-c
index 45867ce8..6ba831e2 100644
--- a/modules/pam_pwdb/support.-c
+++ b/modules/pam_pwdb/support.-c
@@ -1,6 +1,4 @@
-/*
- * $Id$
- *
+/*
* Copyright information at end of file.
*/
@@ -139,7 +137,7 @@ static int converse(pam_handle_t *pamh, int ctrl, int nargs
D(("begin to converse"));
- retval = pam_get_item( pamh, PAM_CONV, (const void **) &conv ) ;
+ retval = pam_get_item( pamh, PAM_CONV, (const void **) &conv ) ;
if ( retval == PAM_SUCCESS ) {
retval = conv->conv(nargs, ( const struct pam_message ** ) message
@@ -767,10 +765,10 @@ static int _unix_read_password( pam_handle_t *pamh
item = NULL;
return PAM_SUCCESS;
} else if (on(UNIX_USE_FIRST_PASS,ctrl)) {
- return PAM_AUTHTOK_RECOVER_ERR; /* didn't work */
+ return PAM_AUTHTOK_RECOVERY_ERR; /* didn't work */
} else if (on(UNIX_USE_AUTHTOK, ctrl)
&& off(UNIX__OLD_PASSWD, ctrl)) {
- return PAM_AUTHTOK_RECOVER_ERR;
+ return PAM_AUTHTOK_RECOVERY_ERR;
}
}
@@ -825,7 +823,7 @@ static int _unix_read_password( pam_handle_t *pamh
if (!resp[i-1].resp
|| strcmp(token,resp[i-1].resp)) {
token = _pam_delete(token); /* mistyped */
- retval = PAM_AUTHTOK_RECOVER_ERR;
+ retval = PAM_AUTHTOK_RECOVERY_ERR;
make_remark(pamh, ctrl
, PAM_ERROR_MSG, MISTYPED_PASS);
}
@@ -847,7 +845,7 @@ static int _unix_read_password( pam_handle_t *pamh
} else {
retval = (retval == PAM_SUCCESS)
- ? PAM_AUTHTOK_RECOVER_ERR:retval ;
+ ? PAM_AUTHTOK_RECOVERY_ERR:retval ;
}
}
@@ -941,13 +939,13 @@ static int _pam_unix_approve_pass(pam_handle_t *pamh
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
@@ -960,4 +958,3 @@ static int _pam_unix_approve_pass(pam_handle_t *pamh
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index 733c25c2..cb89eb31 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -1,6 +1,4 @@
/*
- * $Id$
- *
* Copyright information at end of file.
*/
@@ -527,7 +525,7 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
out if pam is called from setuid binary (su, sudo...) */
setuid(0);
}
-
+
/* exec binary helper */
args[0] = x_strdup(CHKPWD_HELPER);
args[1] = x_strdup(user);
@@ -865,7 +863,7 @@ int _unix_read_password(pam_handle_t * pamh
} else if (*pass != NULL) { /* we have a password! */
return PAM_SUCCESS;
} else if (on(UNIX_USE_FIRST_PASS, ctrl)) {
- return PAM_AUTHTOK_RECOVER_ERR; /* didn't work */
+ return PAM_AUTHTOK_RECOVERY_ERR; /* didn't work */
} else if (on(UNIX_USE_AUTHTOK, ctrl)
&& off(UNIX__OLD_PASSWD, ctrl)) {
return PAM_AUTHTOK_ERR;
@@ -883,11 +881,11 @@ int _unix_read_password(pam_handle_t * pamh
if (comment != NULL && off(UNIX__QUIET, ctrl)) {
retval = pam_info(pamh, "%s", comment);
}
-
+
if (retval == PAM_SUCCESS) {
retval = pam_prompt(pamh, PAM_PROMPT_ECHO_OFF,
&resp[0], "%s", prompt1);
-
+
if (retval == PAM_SUCCESS && prompt2 != NULL) {
retval = pam_prompt(pamh, PAM_PROMPT_ECHO_OFF,
&resp[1], "%s", prompt2);
@@ -906,7 +904,7 @@ int _unix_read_password(pam_handle_t * pamh
/* verify that password entered correctly */
if (strcmp(token, resp[replies - 1])) {
/* mistyped */
- retval = PAM_AUTHTOK_RECOVER_ERR;
+ retval = PAM_AUTHTOK_RECOVERY_ERR;
_make_remark(pamh, ctrl,
PAM_ERROR_MSG, MISTYPED_PASS);
}
@@ -920,9 +918,9 @@ int _unix_read_password(pam_handle_t * pamh
} else {
retval = (retval == PAM_SUCCESS)
- ? PAM_AUTHTOK_RECOVER_ERR : retval;
+ ? PAM_AUTHTOK_RECOVERY_ERR : retval;
}
-
+
resp[0] = NULL;
if (replies > 1)
_pam_delete(resp[1]);
@@ -930,7 +928,7 @@ int _unix_read_password(pam_handle_t * pamh
if (retval != PAM_SUCCESS) {
_pam_delete(token);
-
+
if (on(UNIX_DEBUG, ctrl))
pam_syslog(pamh, LOG_DEBUG,
"unable to obtain a password");
diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c
index d47d58eb..fce5f3dd 100644
--- a/modules/pam_userdb/pam_userdb.c
+++ b/modules/pam_userdb/pam_userdb.c
@@ -1,7 +1,6 @@
/* pam_userdb module */
/*
- * $Id$
* Written by Cristian Gafton <gafton@redhat.com> 1996/09/10
* See the end of the file for Copyright Information
*/
@@ -249,7 +248,7 @@ user_lookup (pam_handle_t *pamh, const char *database, const char *cryptmode,
compare = strncmp(data.dptr, pass, data.dsize);
}
- if (cryptmode && strncasecmp(cryptmode, "none", 4)
+ if (cryptmode && strncasecmp(cryptmode, "none", 4)
&& (ctrl & PAM_DEBUG_ARG)) {
pam_syslog(pamh, LOG_INFO, "invalid value for crypt parameter: %s",
cryptmode);
@@ -355,7 +354,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
return retval;
}
}
-
+
/* Check if we got a password */
retval = pam_get_item(pamh, PAM_AUTHTOK, &password);
if (retval != PAM_SUCCESS || password == NULL) {
@@ -370,10 +369,10 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
}
if (retval != PAM_SUCCESS || password == NULL) {
pam_syslog(pamh, LOG_ERR, "can not recover user password");
- return PAM_AUTHTOK_RECOVER_ERR;
- }
+ return PAM_AUTHTOK_RECOVERY_ERR;
+ }
}
-
+
if (ctrl & PAM_DEBUG_ARG)
pam_syslog(pamh, LOG_INFO, "Verify user `%s' with a password",
username);
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 23:42:24 +0000