Relevant BUGIDs: none

Purpose of commit: new feature

Commit summary:
---------------

2006-01-21  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_listfile/pam_listfile.c: Add support for session
        and password management.

diff --git a/ChangeLog b/ChangeLog
index 34a3d53a2a9bc3620baffad3a83255b369a6e47e..2ad9e22220baeb07e45da02ad447606657012ad8 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,15 +1,14 @@
 2006-01-22  Thorsten Kukuk  <kukuk@thkukuk.de>
 
-       * modules/pam_succeed_if/pam_succeed_if.c (pam_sm_acct_mgmt):
-       Add support for static modules.
+       * modules/pam_succeed_if/pam_succeed_if.c: Add support for
+       static modules.
        * modules/pam_xauth/pam_xauth.c: Likewise.
 
-       * libpam/pam_handlers.c (_pam_add_handler): Add pamh to
-       _pam_open_static_handler call.
-
        * libpam/pam_static.c (_pam_open_static_handler): Add pamh
        as argument.
        * libpam/pam_private.h: Adjust prototype.
+       * libpam/pam_handlers.c (_pam_add_handler): Add pamh to
+       _pam_open_static_handler call.
 
        * configure.in: Don't define PAM_DYNAMIC.
        * libpam/pam_handlers.c: Get ride of PAM_DYNAMIC, don't
@@ -21,6 +20,11 @@
        * libpam/Makefile.am: Bump version number of libpam, remove
        pam_dynamic.h.
 
+2006-01-21  Thorsten Kukuk  <kukuk@thkukuk.de>
+
+       * modules/pam_listfile/pam_listfile.c: Add support for session
+       and password management.
+
 2006-01-19  Thorsten Kukuk  <kukuk@suse.de>
 
        * doc/specs/Makefile.am (spec): Add padout to fix parallel

diff --git a/NEWS b/NEWS
index 4dc517e9cb5e96918738300bbadc260413af28a9..2a00c4ae8bed4b268d92b84076e6d40bf1217618 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,7 @@
 Linux-PAM NEWS -- history of user-visible changes.
 
 * Fix building of static variants of libpam, libpamc and libpam_misc
+* pam_listfile: Add support for password and session management
 
 Release 0.99.3.0
 

diff --git a/modules/pam_listfile/pam_listfile.c b/modules/pam_listfile/pam_listfile.c
index c19cfc1af1f628d7853a1fe0b4f764b9fd3546bd..69384be65e12276cf95ded0dcc4aadbc9c5aa7a8 100644 (file)
--- a/modules/pam_listfile/pam_listfile.c
+++ b/modules/pam_listfile/pam_listfile.c
@@ -1,8 +1,3 @@
-/*
- * $Id$
- *
- */
-
 /*
  * by Elliot Lee <sopwith@redhat.com>, Red Hat Software. July 25, 1996.
  * log refused access error christopher mccrory <chrismcc@netus.com> 1998/7/11
@@ -36,14 +31,14 @@
 
 #define PAM_SM_AUTH
 #define PAM_SM_ACCOUNT
+#define PAM_SM_PASSWORD
+#define PAM_SM_SESSION
 
 #include <security/pam_modules.h>
 #include <security/_pam_macros.h>
 #include <security/pam_modutil.h>
 #include <security/pam_ext.h>
 
-/* some syslogging */
-
 /* checks if a user is on a list of members */
 static int is_on_list(char * const *list, const char *member)
 {
@@ -222,7 +217,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
                    /* Not a member of apply= group */
 #ifdef DEBUG
                    pam_syslog(pamh,LOG_DEBUG,
-                            
+
                             "don't apply: %s not a member of group %s",
                             user_name,apply_val);
 #endif /* DEBUG */
@@ -301,7 +296,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
                break;
            default:
                pam_syslog(pamh,LOG_ERR,
-                        
+
                         "Internal weirdness, unknown extended item %d",
                         extitem);
                free(ifname);
@@ -310,7 +305,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
     }
 #ifdef DEBUG
     pam_syslog(pamh,LOG_INFO,
-            
+
             "Got file = %s, item = %d, value = %s, sense = %d",
             ifname, citem, citemp, sense);
 #endif
@@ -384,7 +379,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
     free(ifname);
     if ((sense && retval) || (!sense && !retval)) {
 #ifdef DEBUG
-       pam_syslog(pamh,LOG_INFO, 
+       pam_syslog(pamh,LOG_INFO,
                 "Returning PAM_SUCCESS, retval = %d", retval);
 #endif
        return PAM_SUCCESS;
@@ -412,10 +407,31 @@ pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
 }
 
 PAM_EXTERN int
-pam_sm_acct_mgmt (pam_handle_t *pamh, int flags UNUSED,
+pam_sm_acct_mgmt (pam_handle_t *pamh, int flags,
+                 int argc, const char **argv)
+{
+    return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_open_session (pam_handle_t *pamh, int flags,
+                    int argc, const char **argv)
+{
+    return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_close_session (pam_handle_t *pamh, int flags,
+                     int argc, const char **argv)
+{
+    return pam_sm_authenticate(pamh, flags, argc, argv);
+}
+
+PAM_EXTERN int
+pam_sm_chauthtok (pam_handle_t *pamh, int flags,
                  int argc, const char **argv)
 {
-    return pam_sm_authenticate(pamh, 0, argc, argv);
+    return pam_sm_authenticate(pamh, flags, argc, argv);
 }
 
 #ifdef PAM_STATIC
@@ -427,9 +443,9 @@ struct pam_module _pam_listfile_modstruct = {
     pam_sm_authenticate,
     pam_sm_setcred,
     pam_sm_acct_mgmt,
-    NULL,
-    NULL,
-    NULL,
+    pam_sm_open_session,
+    pam_sm_close_session,
+    pam_sm_chauthtok,
 };
 
 #endif /* PAM_STATIC */