From d65f138fbc784911399e5afe66c9661e0136b43d Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Mon, 21 Jul 2014 16:31:38 +0200
Subject: Make pam_pwhistory and pam_unix tolerant of corrupted opasswd file.

* modules/pam_pwhistory/opasswd.c (parse_entry): Test for missing fields
in opasswd entry and return error.
* modules/pam_unix/passverify.c (save_old_password): Test for missing fields
in opasswd entry and skip it.
---
 modules/pam_pwhistory/opasswd.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'modules/pam_pwhistory')

diff --git a/modules/pam_pwhistory/opasswd.c b/modules/pam_pwhistory/opasswd.c
index 836d713e..e6cf3469 100644
--- a/modules/pam_pwhistory/opasswd.c
+++ b/modules/pam_pwhistory/opasswd.c
@@ -82,10 +82,15 @@ parse_entry (char *line, opwd *data)
 {
   const char delimiters[] = ":";
   char *endptr;
+  char *count;
 
   data->user = strsep (&line, delimiters);
   data->uid = strsep (&line, delimiters);
-  data->count = strtol (strsep (&line, delimiters), &endptr, 10);
+  count = strsep (&line, delimiters);
+  if (count == NULL)
+      return 1;
+
+  data->count = strtol (count, &endptr, 10);
   if (endptr != NULL && *endptr != '\0')
       return 1;
 
-- 
cgit v1.2.3


From a684595c0bbd88df71285f43fb27630e3829121e Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@thkukuk.de>
Date: Tue, 29 Mar 2016 14:14:03 +0200
Subject: Remove "--enable-static-modules" option and support from  Linux-PAM.
 It was never official supported and was broken since years.

* configure.ac: Remove --enable-static-modules option.
* doc/man/pam_sm_acct_mgmt.3.xml: Remove PAM_EXTERN.
* doc/man/pam_sm_authenticate.3.xml: Likewise.
* doc/man/pam_sm_chauthtok.3.xml: Likewise.
* doc/man/pam_sm_close_session.3.xml: Likewise.
* doc/man/pam_sm_open_session.3.xml: Likewise.
* doc/man/pam_sm_setcred.3.xml: Likewise.
* libpam/Makefile.am: Remove STATIC_MODULES cases.
* libpam/include/security/pam_modules.h: Remove PAM_STATIC parts.
* libpam/pam_dynamic.c: Likewise.
* libpam/pam_handlers.c: Likewise.
* libpam/pam_private.h: Likewise.
* libpam/pam_static.c: Remove file.
* libpam/pam_static_modules.h: Remove header file.
* modules/pam_access/pam_access.c: Remove PAM_EXTERN and PAM_STATIC parts.
* modules/pam_cracklib/pam_cracklib.c: Likewise.
* modules/pam_debug/pam_debug.c: Likewise.
* modules/pam_deny/pam_deny.c: Likewise.
* modules/pam_echo/pam_echo.c: Likewise.
* modules/pam_env/pam_env.c: Likewise.
* modules/pam_exec/pam_exec.c: Likewise.
* modules/pam_faildelay/pam_faildelay.c: Likewise.
* modules/pam_filter/pam_filter.c: Likewise.
* modules/pam_ftp/pam_ftp.c: Likewise.
* modules/pam_group/pam_group.c: Likewise.
* modules/pam_issue/pam_issue.c: Likewise.
* modules/pam_keyinit/pam_keyinit.c: Likewise.
* modules/pam_lastlog/pam_lastlog.c: Likewise.
* modules/pam_limits/pam_limits.c: Likewise.
* modules/pam_listfile/pam_listfile.c: Likewise.
* modules/pam_localuser/pam_localuser.c: Likewise.
* modules/pam_loginuid/pam_loginuid.c: Likewise.
* modules/pam_mail/pam_mail.c: Likewise.
* modules/pam_mkhomedir/pam_mkhomedir.c: Likewise.
* modules/pam_motd/pam_motd.c: Likewise.
* modules/pam_namespace/pam_namespace.c: Likewise.
* modules/pam_nologin/pam_nologin.c: Likewise.
* modules/pam_permit/pam_permit.c: Likewise.
* modules/pam_pwhistory/pam_pwhistory.c: Likewise.
* modules/pam_rhosts/pam_rhosts.c: Likewise.
* modules/pam_rootok/pam_rootok.c: Likewise.
* modules/pam_securetty/pam_securetty.c: Likewise.
* modules/pam_selinux/pam_selinux.c: Likewise.
* modules/pam_sepermit/pam_sepermit.c: Likewise.
* modules/pam_shells/pam_shells.c: Likewise.
* modules/pam_stress/pam_stress.c: Likewise.
* modules/pam_succeed_if/pam_succeed_if.c: Likewise.
* modules/pam_tally/pam_tally.c: Likewise.
* modules/pam_tally2/pam_tally2.c: Likewise.
* modules/pam_time/pam_time.c: Likewise.
* modules/pam_timestamp/pam_timestamp.c: Likewise.
* modules/pam_tty_audit/pam_tty_audit.c: Likewise.
* modules/pam_umask/pam_umask.c: Likewise.
* modules/pam_userdb/pam_userdb.c: Likewise.
* modules/pam_warn/pam_warn.c: Likewise.
* modules/pam_wheel/pam_wheel.c: Likewise.
* modules/pam_xauth/pam_xauth.c: Likewise.
* modules/pam_unix/Makefile.am: Remove STATIC_MODULES part.
* modules/pam_unix/pam_unix_acct.c: Remove PAM_STATIC part.
* modules/pam_unix/pam_unix_auth.c: Likewise.
* modules/pam_unix/pam_unix_passwd.c: Likewise.
* modules/pam_unix/pam_unix_sess.c: Likewise.
* modules/pam_unix/pam_unix_static.c: Removed.
* modules/pam_unix/pam_unix_static.h: Removed.
* po/POTFILES.in: Remove removed files.
* tests/tst-dlopen.c: Remove PAM_STATIC part.
---
 modules/pam_pwhistory/pam_pwhistory.c | 15 +--------------
 1 file changed, 1 insertion(+), 14 deletions(-)

(limited to 'modules/pam_pwhistory')

diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c
index 654edd39..0c07dc18 100644
--- a/modules/pam_pwhistory/pam_pwhistory.c
+++ b/modules/pam_pwhistory/pam_pwhistory.c
@@ -106,7 +106,7 @@ parse_option (pam_handle_t *pamh, const char *argv, options_t *options)
 /* This module saves the current crypted password in /etc/security/opasswd
    and then compares the new password with all entries in this file. */
 
-PAM_EXTERN int
+int
 pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
 {
   struct passwd *pwd;
@@ -235,16 +235,3 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
   return PAM_SUCCESS;
 }
 
-
-#ifdef PAM_STATIC
-/* static module data */
-struct pam_module _pam_pwhistory_modstruct = {
-  "pam_pwhistory",
-  NULL,
-  NULL,
-  NULL,
-  NULL,
-  NULL,
-  pam_sm_chauthtok
-};
-#endif
-- 
cgit v1.2.3


From df87fb69e44d024ce4a0a052c78b85d261e6c6a3 Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@altlinux.org>
Date: Fri, 1 Apr 2016 17:07:44 +0000
Subject: Fix whitespace issues

Remove blank lines at EOF introduced by commit
a684595c0bbd88df71285f43fb27630e3829121e,
making the project free of warnings reported by
git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD

* libpam/pam_dynamic.c: Remove blank line at EOF.
* modules/pam_echo/pam_echo.c: Likewise.
* modules/pam_keyinit/pam_keyinit.c: Likewise.
* modules/pam_mkhomedir/pam_mkhomedir.c: Likewise.
* modules/pam_pwhistory/pam_pwhistory.c: Likewise.
* modules/pam_rhosts/pam_rhosts.c: Likewise.
* modules/pam_sepermit/pam_sepermit.c: Likewise.
* modules/pam_stress/pam_stress.c: Likewise.
---
 modules/pam_pwhistory/pam_pwhistory.c | 1 -
 1 file changed, 1 deletion(-)

(limited to 'modules/pam_pwhistory')

diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c
index 0c07dc18..3efb0ca5 100644
--- a/modules/pam_pwhistory/pam_pwhistory.c
+++ b/modules/pam_pwhistory/pam_pwhistory.c
@@ -234,4 +234,3 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
 
   return PAM_SUCCESS;
 }
-
-- 
cgit v1.2.3