+2007-08-28 Steve Langasek <vorlon@debian.org>
+
+ * configure.in: call AC_CHECK_HEADERS instead of AC_CHECK_HEADER
+ for crack.h, so we get a HAVE_CRACK_H define.
+ * modules/pam_cracklib/pam_cracklib.c: don't copy around the
+ cracklib dictpath into a fixed-width buffer, when we can just
+ point at the existing strings; and allow users to override the
+ default cracklib path with -DCRACKLIB_DICT, required for
+ compatibility with cracklib 2.7.
+
2007-08-27 Steve Langasek <vorlon@debian.org>
* modules/pam_limits/pam_limits.c: when building on non-Linux
AC_HELP_STRING([--disable-cracklib],[do not use cracklib]),
WITH_CRACKLIB=$enableval, WITH_CRACKLIB=yes)
if test x"$WITH_CRACKLIB" != xno ; then
- AC_CHECK_HEADER([crack.h],
+ AC_CHECK_HEADERS([crack.h],
AC_CHECK_LIB([crack], [FascistCheck], LIBCRACK="-lcrack", LIBCRACK=""))
else
LIBCRACK=""
extern char *FascistCheck(char *pw, const char *dictpath);
#endif
+#ifndef CRACKLIB_DICT
+#define CRACKLIB_DICT NULL
+#endif
+
/* For Translators: "%s%s" could be replaced with "<service> " or "". */
#define PROMPT1 _("New %s%spassword: ")
/* For Translators: "%s%s" could be replaced with "<service> " or "". */
int min_class;
int use_authtok;
char prompt_type[BUFSIZ];
- char cracklib_dictpath[PATH_MAX];
+ char *cracklib_dictpath;
};
#define CO_RETRY_TIMES 1
} else if (!strncmp(*argv,"use_authtok",11)) {
opt->use_authtok = 1;
} else if (!strncmp(*argv,"dictpath=",9)) {
- strncpy(opt->cracklib_dictpath, *argv+9,
- sizeof(opt->cracklib_dictpath) - 1);
+ opt->cracklib_dictpath = *argv+9;
+ if (!*(opt->cracklib_dictpath)) {
+ opt->cracklib_dictpath = CRACKLIB_DICT;
+ }
} else {
pam_syslog(pamh,LOG_ERR,"pam_parse: unknown option; %s",*argv);
}
}
opt->prompt_type[sizeof(opt->prompt_type) - 1] = '\0';
- opt->cracklib_dictpath[sizeof(opt->cracklib_dictpath) - 1] = '\0';
return ctrl;
}
options.use_authtok = CO_USE_AUTHTOK;
memset(options.prompt_type, 0, BUFSIZ);
strcpy(options.prompt_type,"UNIX");
- memset(options.cracklib_dictpath, 0,
- sizeof (options.cracklib_dictpath));
+ options.cracklib_dictpath = CRACKLIB_DICT;
ctrl = _pam_parse(pamh, &options, argc, argv);
const char *crack_msg;
D(("against cracklib"));
- if ((crack_msg = FascistCheck(token1,options.cracklib_dictpath[0] == '\0'?NULL:options.cracklib_dictpath))) {
+ if ((crack_msg = FascistCheck(token1,options.cracklib_dictpath))) {
if (ctrl & PAM_DEBUG_ARG)
pam_syslog(pamh,LOG_DEBUG,"bad password: %s",crack_msg);
pam_error(pamh, _("BAD PASSWORD: %s"), crack_msg);
projects / linux-pam / commitdiff