| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2010-10-04 Dmitry V. Levin <ldv@altlinux.org>
* libpam/pam_modutil_priv.c: New file.
* libpam/Makefile.am (libpam_la_SOURCES): Add it.
* libpam/include/security/pam_modutil.h (struct pam_modutil_privs,
PAM_MODUTIL_DEF_PRIVS, pam_modutil_drop_priv,
pam_modutil_regain_priv): New declarations.
* libpam/libpam.map (LIBPAM_MODUTIL_1.1.3): New interface.
* modules/pam_env/pam_env.c (handle_env): Use new pam_modutil interface.
* modules/pam_mail/pam_mail.c (_do_mail): Likewise.
* modules/pam_xauth/pam_xauth.c (check_acl, pam_sm_open_session,
pam_sm_close_session): Likewise.
(pam_sm_open_session): Remove redundant fchown call.
Fixes CVE-2010-3430, CVE-2010-3431.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2010-09-16 Dmitry V. Levin <ldv@altlinux.org>
* modules/pam_env/pam_env.c (handle_env): Use setfsuid() return code.
* modules/pam_mail/pam_mail.c (_do_mail): Likewise.
* modules/pam_xauth/pam_xauth.c (check_acl, pam_sm_open_session,
pam_sm_close_session): Likewise.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2010-08-12 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_mail/pam_mail.c: Check for mail only with user
privilegs.
* modules/pam_xauth/pam_xauth.c (run_coprocess): Check return
value of setgid, setgroups and setuid.
* modules/pam_xauth/pam_xauth.c (check_acl): Save errno for
later usage.
* modules/pam_env/pam_env.c (handle_env): Check if user exists,
read local user config only with user privilegs.`
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-09-25 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_mail/pam_mail.c (report_mail): Fix logic of
"quiet" option (Patch from Andreas Henriksson <andreas@fatal.se>)
* modules/pam_mail/pam_mail.8.xml: Fix typo.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2007-04-30 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_mail/pam_mail.c (_do_mail): Remove duplicate
check for PAM_SILENT and don't bail out if it is set [#1706247].
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfixes
Commit summary:
---------------
2006-05-22 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_listfile/pam_listfile.c (pam_sm_authenticate):
Fix memory leaks, [#1490956] found by Coverity.
* modules/pam_tally/pam_tally.c (pam_get_uid): Check return
value of pam_get_user().
(tally_get_data): Check if oldtime is not NULL.
[#1489818] found by Coverity.
* modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Don't
ignore return value of stat(). [#1489808] found by Coverity.
* modules/pam_mail/pam_mail.c (get_folder): Fix a potential
NULL pointer dereference. [#1489792] found by Coverity.
* libpam/Makefile.am: bump release number of libpam.so.
* libpam/pam_misc.c (_pam_mkargv): Fix memory leak,
[#1489804] found by Coverity.
* modules/pam_echo/pam_echo.c (replace_and_print): Initialize
str, [#1489658] found by Coverity.
* modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Fix
a potential NULL pointer dereference.
(pam_sm_chauthtok): Remove dead code.
[#1489634] found by Coverity.
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fixed typo in string. Updated czech translation.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2005-12-07 Thorsten Kukuk <kukuk@suse.de>
* modules/pam_mail/pam_mail.c: Modify assembling of output
for easier translation.
* po/de.po: Translate new pam_mail messages.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Steve Langasek <vorlon@debian.org>
Cleanup gratuitous use of strdup().
Fix "missing argument" checks.
* modules/pam_env/pam_env.c (_pam_parse): Add const qualifier
to conffile and envfile arguments. Do not use x_strdup() for
conffile and envfile initialization. Fix "missing argument"
checks.
(_parse_config_file): Take conffile argument of type "const char *"
instead of "char **". Do not free conffile.
(_parse_env_file): Take env_file argument of type "const char *"
instead of "char **". Do not free env_file.
(pam_sm_setcred): Add const qualifier to conf_file and env_file.
Pass conf_file and env_file to _parse_config_file() and
_parse_env_file() by value.
(pam_sm_open_session): Likewise.
* modules/pam_ftp/pam_ftp.c (_pam_parse): Add const qualifier to
users argument. Do not use x_strdup() for users initialization.
(lookup): Add const qualifier to list argument.
(pam_sm_authenticate): Add const qualifier to users argument.
* modules/pam_mail/pam_mail.c (_pam_parse): Add const qualifier
to maildir argument. Do not use x_strdup() for maildir
initialization. Fix "missing argument" check.
(get_folder): Take path_mail argument of type "const char *"
instead of "char **". Do not free path_mail.
(_do_mail): Add const qualifier to path_mail argument.
Pass path_mail to get_folder() by value.
* modules/pam_motd/pam_motd.c: Include <syslog.h>.
(pam_sm_open_session): Add const qualifier to motd_path.
Do not use x_strdup() for motd_path initialization. Do not
free motd_path. Fix "missing argument" check. Add "unknown
option" warning.
* modules/pam_userdb/pam_userdb.c (_pam_parse): Add const
qualifier to database and cryptmode arguments. Fix "missing
argument" checks.
(pam_sm_authenticate): Add const qualifier to database and cryptmode.
(pam_sm_acct_mgmt): Likewise.
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Mark missing strings for translation
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix, cleanup
Commit summary:
---------------
2005-09-21 Dmitry V. Levin <ldv@altlinux.org>
* modules/pam_mail/pam_mail.c: Include <errno.h>.
Remove YOUR_MAIL_VERBOSE_FORMAT, YOUR_MAIL_STANDARD_FORMAT and
NO_MAIL_STANDARD_FORMAT macros.
(parse_args, get_folder): Cleanup error messages.
(get_folder): Fix leak of the path_mail variable in case of
pam_get_user() failure. Cleanup memory management.
(get_mail_status): Add pam_handle_t* argument. Fix leaks of
namelist variable. Cleanup memory management. Log memory
allocation failures. Remove 250-byte limit on Maildir pathname.
(report_mail): Mark text messages for translation.
(_do_mail): Cleanup memory management. Pass pam_handle_t*
to get_mail_status().
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Moved functions from pammodutil to libpam.
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Replace own conversation function with pam_info.
Replace _log_err with pam_syslog.
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Big "automake/autoconf/libtool" commit
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Rename _pam_aconf.h to config.h.
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Fix all occurrence of dereferencing type-punned pointer will break
strict-aliasing rules warnings
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Various cleanups and minor bugfixes by Steve Grubb.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: 440107: Add various patches from Linux Distibutors to make
PAM modules reentrant.
|
|
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: Add rest of Steve Grubb's resource leak and other fixes
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
* pam_mail - use PAM_PATH_MAILDIR as the location of mail spool
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: autoconf support for Linux-PAM
Commit summary:
---------------
This is a merge of the autoconf support that was developed against
a 0-72 branch.
[Note, because CVS has some issues, this is actually only 95% of
the actual commit. The other files were actually committed when
the preparation branch Linux-PAM-0-73pre-autoconf was updated.
Hopefully, this will complete the merge.]
|
|
|