Commit summary:
---------------
there were some dangling file descriptors and unclear pass/fail
properties of some of the password updating code in pam_unix.
Bug report from Len Lattanzi.
Andrew G. Morgan [Sat, 19 Jan 2002 07:10:45 +0000 (07:10 +0000)]
Relevant BUGIDs: 493294
Purpose of commit: bugfix and document
Commit summary:
---------------
The login limit counting seemed to have its math incorrect.
The default has been changed to the sane one, and a new module argument
has been added "utmp_early" that returns the module to its old behavior.
Thanks to Berend De Schouwe for getting to the bottom of this issue.
Andrew G. Morgan [Tue, 11 Dec 2001 07:41:39 +0000 (07:41 +0000)]
Relevant BUGIDs: 486063
Purpose of commit: compatibility
Commit summary:
---------------
A BSD fix from Dag-Erling Smørgrav and Anton Berezin. What was there
before did not correctly deal with BSD dynamic linking.
Commit summary:
---------------
If you are looking for an object that you can blindly dlopen() and
use to bind to pam w/ modules, this commit is for you. Its not fully
integrated into the build tree, but I'd like some feedback before
wiring it in as a regular feature.
Commit summary:
---------------
pam_unix is too generic a module to override the PAM_USER_PROMPT item.
(More modifications to xsh to help me test this change.)
Commit summary:
---------------
Added libpammodutil and link it with every module as its built.
The issue here is that there is a lot of code that the various modules
use in common, and this staic library can be used to help make this code
more maintainable. I do not intend to make this library dynamic. Especially
right now, as I want to be free to chop and change the API and don't want
to deal with revision control and third party modules.
This checkin makes the pam_rhost_auth module make some use of this new
library. I don't intend to add support for any other module prior to
releasing 0.76.
Commit summary:
---------------
The malloc debugging stuff appears to have had a few residual issues
that I've fixed (trying to resolve another checkin!).
Steve Langasek [Tue, 27 Nov 2001 18:26:29 +0000 (18:26 +0000)]
Relevant BUGIDs: 483959, 113596
Purpose of commit: bugfix
Commit summary:
---------------
* Restore pam_unix's handling of 'likeauth' argument to a known working
state
* prettify AUTH_RETURN macro
* remove redundant argv checks in pam_sm_setcred()
Andrew G. Morgan [Tue, 27 Nov 2001 05:15:37 +0000 (05:15 +0000)]
Relevant BUGIDs: 483959
Purpose of commit: fix memory leak
Commit summary:
---------------
Fernando Trias pointed out a silly memory leak in pam_unix.so. It looks
like some allocated memory that is simply not needed for anything.
Andrew G. Morgan [Mon, 26 Nov 2001 03:04:46 +0000 (03:04 +0000)]
Relevant BUGIDs: 485454
Purpose of commit: revive feature
Commit summary:
---------------
malloc et al. debugging was not supported by the new autoconf setup,
this commit rectifies that. It also adds a couple of header file inclusions
that seem to be needed with recent glibc headers.
Andrew G. Morgan [Tue, 13 Nov 2001 05:07:24 +0000 (05:07 +0000)]
Relevant BUGIDs: 476986
Purpose of commit: new feature, cleanup
Commit summary:
---------------
patch from Nalin to support '+hostname' as equivalent to 'hostname'.
fixed compiler warning by working out when to include header file.
Andrew G. Morgan [Thu, 11 Oct 2001 04:52:25 +0000 (04:52 +0000)]
Relevant BUGIDs: 468724
Purpose of commit: bugfix
Commit summary:
---------------
Legacy behavior for pam_close_session and pam_setcred was not sufficient.
Basically, it appears to be common practice for some applications to call
these functions without first calling pam_authenticate and pam_open_session
which would have frozen the auth and session module stacks.
The new behavior is to treat the returns of these secondary functions as
authoritative when navigating the stack in the absence of a chain-freezing
first set of calls.
pam_chauthtok should not benefit from this behavior, and there does not
appear to be a justification for using an event like this to freeze the
stack outright - legacy behavior did not do that.
Andrew G. Morgan [Thu, 11 Oct 2001 04:14:30 +0000 (04:14 +0000)]
Relevant BUGIDs: 463984
Purpose of commit: bugfix
Commit summary:
---------------
The last fix to the conversation function was less than marginal: it
didn't actually work! This second commit adds the all important 'return
the user's input' bit!
Also added some more D() stuff to pam_misc to help locate the problem
and finally cleaned up the Makefile in the examples/ directory. I used
xsh to do the testing.
Andrew G. Morgan [Wed, 10 Oct 2001 05:00:11 +0000 (05:00 +0000)]
Relevant BUGIDs: 424315
Purpose of commit: cleanup, new feature
Commit summary:
---------------
I'm adding a new module (pam_debug) that helped me to verify that
the new setcred handling did not suffer from a bug in the handling
of 'auth optional'. I'm also fixing a D(()) line from
libpam/pam_dispatch.c which was simply broken.
[There is still an outstanding backward compatibility issue with
pam_dispatch that I'll address with respect to Bug 468724.]
Andrew G. Morgan [Wed, 19 Sep 2001 06:16:34 +0000 (06:16 +0000)]
Relevant BUGIDs: 440107
Purpose of commit: keep configure in synch
Commit summary:
---------------
Vorlon updated configure.in, but didn't check in configure to match it.
I'm doing it so I can test and then commit another patch.
Steve Langasek [Thu, 13 Sep 2001 05:26:26 +0000 (05:26 +0000)]
Relevant BUGIDs: 440107
Purpose of commit: reentrant modules
Commit summary:
---------------
Lay the autoconf groundwork for making all PAM modules reentrant on systems
that include the POSIX getxx_r() functions.
Steve Langasek [Wed, 12 Sep 2001 19:15:10 +0000 (19:15 +0000)]
Relevant BUGIDs: 440107
Purpose of commit: reentrant modules
Commit summary:
---------------
Lay the autoconf groundwork for making all PAM modules reentrant on systems
that include the POSIX getxx_r() functions.
Steve Langasek [Tue, 10 Jul 2001 20:24:16 +0000 (20:24 +0000)]
Relevant BUGIDs: 440107
Purpose of commit: bugfix/cleanup
Commit summary:
---------------
Removed superfluous use of static variables in md5 and bigcrypt routines,
bringing us a step closer to thread-safeness. Eliminated some variable
indirection along the way.
Steve Langasek [Wed, 27 Jun 2001 18:53:30 +0000 (18:53 +0000)]
Relevant BUGIDs: 436432
Purpose of commit: cleanup
Commit summary:
---------------
nix unneeded #include line from pam_tally.c. Keep things as minimalistic as
possible until we /know/ it's needed for something.
Andrew G. Morgan [Sun, 24 Jun 2001 22:54:05 +0000 (22:54 +0000)]
Relevant BUGIDs: 413162
Purpose of commit: new feature
Commit summary:
---------------
pam_cracklib enhancements to make use of negative limits.
Werner Puschitz gets brownie points for submitting documentation to
match!
Andrew G. Morgan [Sun, 24 Jun 2001 22:21:24 +0000 (22:21 +0000)]
Relevant BUGIDs: 424060
Purpose of commit: bugfix
Commit summary:
---------------
latest attempt to deal with the number of rlimits supported by
Linux. (Last attempt was the fix for Bug 219554 (ne 119554).
Commit summary:
---------------
A little closer to supporting AIX. These changes are not all of the
suggested changes in the bug report that I will close as a result
of this checkin, but they are all the changes that I feel happy making
right now. I've avoided some of the more gratutitous changes, hoping
that the submitter will reevaluate what they need in the light of what
I have committed here.
Andrew G. Morgan [Sun, 15 Apr 2001 06:32:08 +0000 (06:32 +0000)]
Relevant BUGIDs: 414943
Purpose of commit: comment about bug ids
Commit summary:
---------------
Sourceforge bumped all the bugids by 100000 at some point and this
made earlier entries in this CHANGELOG off by that amount. I've
added a comment about this to help the reader in trying to track
each interesting bug down.
Commit summary:
---------------
Bumped the version number.
Fixed a lack of SONAME definitions that were causing the libraries
not to be installed correctly.
Andrew G. Morgan [Sun, 11 Feb 2001 06:33:53 +0000 (06:33 +0000)]
Relevant BUGIDs: 112540
Purpose of commit: minor security bugfix
Commit summary:
---------------
Fixes for the password helper binaries.
Before, there was no check that the password entered was actually that
of the intended user being authenticated. Instead, the password was
checked for the requesting user. While this disstinction sounds like a
security hole, its actually not been a problem in practice. The helper
binaries have only been used in the case that the application is not
setuid-0 and as such even if an improper authentication succeeded, the
application could not change its uid from that of the requesting user.
Commit summary:
---------------
This bugfix leads to backwardly incompatable behavior with earlier
releases of Linux-PAM.
Note, this cleans up the setcred/session and chauthtok stacks in
such a way that it is no longer preferred that the setcred module
always return the same error code as the auth components of said
modules did.
This means behavior should be a great deal more sane. It also gives
meaning to the unique return codes that are available to pam_sm_setcred.
[I'm sure that when we add support for credential relevant events,
this change will be critical.]
Andrew G. Morgan [Mon, 22 Jan 2001 06:07:28 +0000 (06:07 +0000)]
Relevant BUGIDs: 129027, 128576
Purpose of commit: new feature + documentation
Commit summary:
---------------
Cleaned up the handling of AUTHTOK items and pam_[gs]et_data() functions.
Added more clear documentation about the pam_[gs]et_item() functions to
the pam_appl and pam_modules programmer guides.
Andrew G. Morgan [Sat, 20 Jan 2001 23:47:07 +0000 (23:47 +0000)]
Relevant BUGIDs: 127625
Purpose of commit: documentation
Commit summary:
---------------
added a note to this man page explaining that we do support a
default directory for modules. Also added some text describing
the alternative control syntax for pam configuration files.
Andrew G. Morgan [Sat, 20 Jan 2001 23:06:05 +0000 (23:06 +0000)]
Relevant BUGIDs: 127700
Purpose of commit: bugfix
Commit summary:
---------------
ia64 support - it behaves like an alpha wrt md5, but then unsigned int
is 32 bits everywhere(*) these days, so just remove the #ifdef nonsense.