pam: modules/pam_console/chmod.c, modules/pam_console/hashtable.c, ...
baggins
baggins at pld-linux.org
Mon Feb 5 16:16:00 CET 2007
Author: baggins Date: Mon Feb 5 15:16:00 2007 GMT
Module: pam Tag: HEAD
---- Log message:
- fix compilation warnings
- remove obsolete code
---- Files affected:
pam/modules/pam_console:
chmod.c (1.1 -> 1.2) , hashtable.c (1.1 -> 1.2) , pam_console.c (1.7 -> 1.8) , pam_console_apply.c (1.1 -> 1.2)
pam/modules/pam_pwexport:
pam_pwexport.c (1.1 -> 1.2)
pam/modules/pam_pwgen:
Makefile.am (1.12 -> 1.13) , pam_pwgen.c (1.9 -> 1.10) , pam_pwgen_app.c (1.7 -> 1.8)
pam/modules/pam_rps:
pam_rps.c (1.1 -> 1.2)
pam/modules/pam_timestamp:
hmacfile.c (1.1 -> 1.2) , hmacsha1.c (1.1 -> 1.2) , pam_timestamp.c (1.1 -> 1.2)
---- Diffs:
================================================================
Index: pam/modules/pam_console/chmod.c
diff -u pam/modules/pam_console/chmod.c:1.1 pam/modules/pam_console/chmod.c:1.2
--- pam/modules/pam_console/chmod.c:1.1 Mon Feb 5 00:11:52 2007
+++ pam/modules/pam_console/chmod.c Mon Feb 5 16:15:55 2007
@@ -85,7 +85,7 @@
static int
change_file (const char *file, const struct mode_change *changes,
- const int deref_symlink, uid_t user, gid_t group)
+ const int deref_symlink UNUSED, uid_t user, gid_t group)
{
struct stat file_stats;
unsigned short newmode;
@@ -177,7 +177,7 @@
static int
-glob_errfn(const char *pathname, int theerr) {
+glob_errfn(const char *pathname UNUSED, int theerr UNUSED) {
/* silently ignore inaccessible files */
return 0;
}
@@ -205,7 +205,7 @@
glob_t result;
char *filename = NULL;
int flags = GLOB_NOCHECK;
- int i, rc;
+ unsigned int i, rc;
changes = mode_compile (mode,
MODE_MASK_EQUALS | MODE_MASK_PLUS | MODE_MASK_MINUS);
================================================================
Index: pam/modules/pam_console/hashtable.c
diff -u pam/modules/pam_console/hashtable.c:1.1 pam/modules/pam_console/hashtable.c:1.2
--- pam/modules/pam_console/hashtable.c:1.1 Mon Feb 5 00:11:52 2007
+++ pam/modules/pam_console/hashtable.c Mon Feb 5 16:15:55 2007
@@ -64,7 +64,7 @@
struct entry **newtable;
struct entry *e;
struct entry **pE;
- unsigned int newsize, i, index;
+ unsigned int newsize, i, idx;
/* Check we're not hitting max capacity */
if (h->primeindex == (prime_table_length - 1)) return 0;
newsize = primes[++(h->primeindex)];
@@ -78,9 +78,9 @@
for (i = 0; i < h->tablelength; i++) {
while (NULL != (e = h->table[i])) {
h->table[i] = e->next;
- index = indexFor(newsize,e->h);
- e->next = newtable[index];
- newtable[index] = e;
+ idx = indexFor(newsize,e->h);
+ e->next = newtable[idx];
+ newtable[idx] = e;
}
}
free(h->table);
@@ -96,16 +96,16 @@
memset(newtable[h->tablelength], 0, newsize - h->tablelength);
for (i = 0; i < h->tablelength; i++) {
for (pE = &(newtable[i]), e = *pE; e != NULL; e = *pE) {
- index = indexFor(newsize,e->h);
- if (index == i)
+ idx = indexFor(newsize,e->h);
+ if (idx == i)
{
pE = &(e->next);
}
else
{
*pE = e->next;
- e->next = newtable[index];
- newtable[index] = e;
+ e->next = newtable[idx];
+ newtable[idx] = e;
}
}
}
@@ -127,7 +127,7 @@
hashtable_insert(struct hashtable *h, void *k, void *v)
{
/* This method allows duplicate keys - but they shouldn't be used */
- unsigned int index;
+ unsigned int idx;
struct entry *e;
if (++(h->entrycount) > h->loadlimit)
{
@@ -140,11 +140,11 @@
e = (struct entry *)malloc(sizeof(struct entry));
if (NULL == e) { --(h->entrycount); return 0; } /*oom*/
e->h = hash(h,k);
- index = indexFor(h->tablelength,e->h);
+ idx = indexFor(h->tablelength,e->h);
e->k = k;
e->v = v;
- e->next = h->table[index];
- h->table[index] = e;
+ e->next = h->table[idx];
+ h->table[idx] = e;
return -1;
}
@@ -153,10 +153,10 @@
hashtable_search(struct hashtable *h, void *k)
{
struct entry *e;
- unsigned int hashvalue, index;
+ unsigned int hashvalue, idx;
hashvalue = hash(h,k);
- index = indexFor(h->tablelength,hashvalue);
- e = h->table[index];
+ idx = indexFor(h->tablelength,hashvalue);
+ e = h->table[idx];
while (NULL != e)
{
/* Check hash value to short circuit heavier comparison */
@@ -176,11 +176,11 @@
struct entry *e;
struct entry **pE;
void *v;
- unsigned int hashvalue, index;
+ unsigned int hashvalue, idx;
hashvalue = hash(h,k);
- index = indexFor(h->tablelength,hash(h,k));
- pE = &(h->table[index]);
+ idx = indexFor(h->tablelength,hash(h,k));
+ pE = &(h->table[idx]);
e = *pE;
while (NULL != e)
{
================================================================
Index: pam/modules/pam_console/pam_console.c
diff -u pam/modules/pam_console/pam_console.c:1.7 pam/modules/pam_console/pam_console.c:1.8
--- pam/modules/pam_console/pam_console.c:1.7 Mon Feb 5 00:11:52 2007
+++ pam/modules/pam_console/pam_console.c Mon Feb 5 16:15:55 2007
@@ -378,7 +378,7 @@
}
PAM_EXTERN int
-pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
+pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED, int argc, const char **argv)
{
/* getuid() must return an id that maps to a username as a filename in
* /var/run/console/
@@ -471,13 +471,14 @@
}
PAM_EXTERN int
-pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
+pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
PAM_EXTERN int
-pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
+pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED, int argc, const char **argv)
{
/* Create /var/run/console/console.lock if it does not exist
* Create /var/run/console/<username> if it does not exist
@@ -547,7 +548,7 @@
}
PAM_EXTERN int
-pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
+pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED, int argc, const char **argv)
{
/* Get /var/run/console/<username> use count, leave it locked
* If use count is now 1:
================================================================
Index: pam/modules/pam_console/pam_console_apply.c
diff -u pam/modules/pam_console/pam_console_apply.c:1.1 pam/modules/pam_console/pam_console_apply.c:1.2
--- pam/modules/pam_console/pam_console_apply.c:1.1 Mon Feb 5 00:11:52 2007
+++ pam/modules/pam_console/pam_console_apply.c Mon Feb 5 16:15:55 2007
@@ -35,7 +35,7 @@
static int syslogging = 0;
void
-_pam_log(pam_handle_t *pamh, int err, int debug_p, const char *format, ...)
+_pam_log(pam_handle_t *pamh UNUSED, int err, int debug_p, const char *format, ...)
{
va_list args;
if (debug_p && !debug) return;
@@ -53,7 +53,7 @@
}
static int
-pf_glob_errorfn(const char *epath, int eerrno)
+pf_glob_errorfn(const char *epath UNUSED, int eerrno UNUSED)
{
return 0;
}
================================================================
Index: pam/modules/pam_pwexport/pam_pwexport.c
diff -u pam/modules/pam_pwexport/pam_pwexport.c:1.1 pam/modules/pam_pwexport/pam_pwexport.c:1.2
--- pam/modules/pam_pwexport/pam_pwexport.c:1.1 Thu Mar 29 14:40:36 2001
+++ pam/modules/pam_pwexport/pam_pwexport.c Mon Feb 5 16:15:55 2007
@@ -17,35 +17,6 @@
#include <security/pam_modules.h>
/*
- * Find parameter in command line
- * if we find "param=val" then ret val is "val"
- * if we find "param" then ret val is ""
- * else of course it is NULL
- *
- * Currently unused. Someday we may accept parameters.
- */
-#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 7)
-static char *find_parm (char *, int, const char **) __attribute__((unused));
-#endif
-
-static char *find_parm (char *parm, int argc, const char **argv)
-{
- int l = strlen(parm);
- while (argc) {
- if (!strncmp (parm, *argv, l)) {
- switch (argv[0][l]) {
- case '=': case ':':
- l++;
- case '\0':
- return (char *)&argv[0][l];
- }
- }
- argc--; argv++;
- }
- return NULL;
-}
-
-/*
* Find the executable name.
* Simple enough ... look for the leading /
*/
@@ -73,7 +44,7 @@
/********************************************************************/
/* The functional part of the module. Called for authentication. */
-PAM_EXTERN int pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, int argc, const char **argv)
{
char *user, *tok;
FILE *out;
@@ -93,7 +64,8 @@
}
/* Required to be defined, but not required to be useful... */
-PAM_EXTERN int pam_sm_setcred (pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
@@ -101,7 +73,8 @@
/********************************************************************/
/* Changing passwords. */
-PAM_EXTERN int pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
+PAM_EXTERN int pam_sm_chauthtok (pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
char *user, *tok, *oldtok;
FILE *out;
================================================================
Index: pam/modules/pam_pwgen/Makefile.am
diff -u pam/modules/pam_pwgen/Makefile.am:1.12 pam/modules/pam_pwgen/Makefile.am:1.13
--- pam/modules/pam_pwgen/Makefile.am:1.12 Mon Feb 5 00:12:47 2007
+++ pam/modules/pam_pwgen/Makefile.am Mon Feb 5 16:15:55 2007
@@ -15,7 +15,8 @@
AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
AM_LDFLAGS = -L$(top_builddir)/libpam -lpam $(LIBAUDIT)
-pam_pwgen_la_LDFLAGS = -no-undefined -avoid-version -module $(AM_LDFLAGS)
+pam_pwgen_la_LDFLAGS = -no-undefined -avoid-version -module $(AM_LDFLAGS) \
+ @LIBCRYPT@
if HAVE_VERSIONING
pam_pwgen_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
endif
================================================================
Index: pam/modules/pam_pwgen/pam_pwgen.c
diff -u pam/modules/pam_pwgen/pam_pwgen.c:1.9 pam/modules/pam_pwgen/pam_pwgen.c:1.10
--- pam/modules/pam_pwgen/pam_pwgen.c:1.9 Sat May 18 23:07:31 2002
+++ pam/modules/pam_pwgen/pam_pwgen.c Mon Feb 5 16:15:55 2007
@@ -4,6 +4,7 @@
* Password generator code by Tom Van Vleck <thvv at multicians.org>
*/
+#include "config.h"
#include <stdio.h>
#include <stdlib.h>
#include <crypt.h>
@@ -34,7 +35,7 @@
" (Password generation may be a bit slow.)\n"\
" Hit <RETURN> or <ENTER> until you like the choice.\n"\
" When you have chosen the password you want, type it in.\n"
-#define PWGEN_PROMPT3 "\nEnter new UNIX password: "
+#define PWGEN_PROMPT3 "Enter new UNIX password: "
#define PWGEN_PROMPT4 "Retype new UNIX password: "
#define MISTYPED_PASS1 "Sorry, password do not match any of the proposed"
#define MISTYPED_PASS2 "Sorry, passwords do not match"
@@ -60,6 +61,7 @@
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
+#include <security/pam_ext.h>
#ifndef LINUX_PAM
#include <security/pam_appl.h>
@@ -81,21 +83,6 @@
static char *gen_pronouncable_passwd(int length, void *tr);
static char *gen_random_passwd(int length, void *null_data);
-/* some syslogging */
-/* closelog first to make sure it'll _really_ go to syslog */
-
-static void _pam_log(int err, const char *format,...)
-{
- va_list args;
-
- va_start(args, format);
- closelog();
- openlog("PAM-pwgen", LOG_CONS | LOG_PID, LOG_AUTH);
- vsyslog(err, format, args);
- va_end(args);
- closelog();
-}
-
/* use this to free strings. ESPECIALLY password strings */
static char *_pam_delete(register char *xx)
{
@@ -104,57 +91,6 @@
return NULL;
}
-/* Helper functions */
-
-void _cleanup_data(pam_handle_t * pamh, void *data, int err)
-{
- _pam_delete(data);
-}
-
-/* this is a front-end for module-application conversations */
-static int converse(pam_handle_t * pamh, int ctrl, int nargs,
- struct pam_message **message,
- struct pam_response **response)
-{
- int retval;
- struct pam_conv *conv;
-
- retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv);
-
- if (retval == PAM_SUCCESS) {
- retval = conv->conv(nargs, (const struct pam_message **) message,
- response, conv->appdata_ptr);
- if (retval != PAM_SUCCESS && (ctrl & PAM_DEBUG_ARG)) {
- _pam_log(LOG_DEBUG, "conversation failure [%s]",
- pam_strerror(pamh, retval));
- }
- } else {
- _pam_log(LOG_ERR, "couldn't obtain coversation function [%s]",
- pam_strerror(pamh, retval));
- }
-
- return retval; /* propagate error status */
-}
-
-static int make_remark(pam_handle_t * pamh, unsigned int ctrl,
- int type, const char *text)
-{
- struct pam_message *pmsg[1], msg[1];
- struct pam_response *resp;
- int retval;
-
- pmsg[0] = &msg[0];
- msg[0].msg = text;
- msg[0].msg_style = type;
- resp = NULL;
-
- retval = converse(pamh, ctrl, 1, pmsg, &resp);
- if (retval == PAM_SUCCESS)
- _pam_drop_reply(resp, 1);
-
- return retval;
-}
-
#define OLD_PASSWORDS_FILE "/etc/security/opasswd"
static const char *check_old_password(const char *forwho, const char *newpass)
@@ -201,10 +137,9 @@
if (pass_new == NULL || (pass_old && !strcmp(pass_old, pass_new))) {
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG, "bad authentication token");
- make_remark(pamh, ctrl, PAM_ERROR_MSG,
- pass_new == NULL ?
- "No password supplied" : "Password unchanged");
+ pam_syslog(pamh, LOG_DEBUG, "bad authentication token");
+ pam_error(pamh, "%s", pass_new == NULL ?
+ _("No password supplied") : _("Password unchanged"));
return PAM_AUTHTOK_ERR;
}
/*
@@ -217,21 +152,17 @@
retval = pam_get_item(pamh, PAM_USER, (const void **) &user);
if (retval != PAM_SUCCESS) {
if (ctrl & PAM_DEBUG_ARG) {
- _pam_log(LOG_ERR, "Can not get username");
+ pam_syslog(pamh, LOG_ERR, "Can not get username");
return PAM_AUTHTOK_ERR;
}
}
msg = check_old_password(user, pass_new);
}
if (msg) {
- char remark[BUFSIZ];
-
- memset(remark, 0, sizeof(remark));
- sprintf(remark, "BAD PASSWORD: %s", msg);
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_NOTICE, "new passwd fails strength check: %s",
- msg);
- make_remark(pamh, ctrl, PAM_ERROR_MSG, remark);
+ pam_syslog(pamh, LOG_NOTICE,
+ "new passwd fails strength check: %s", msg);
+ pam_error(pamh, _("BAD PASSWORD: %s"), msg);
return PAM_AUTHTOK_ERR;
};
return PAM_SUCCESS;
@@ -240,72 +171,60 @@
static int select_generator(pam_handle_t * pamh, unsigned int ctrl, int *retval)
{
- struct pam_message msg[1], *pmsg[1];
- struct pam_response *resp;
+ char *resp;
int pwgen_func = GENTYPE_NONE;
- char prompt[BUFSIZ];
int select_done;
select_done = 0;
do {
- memset(prompt, 0, sizeof(prompt));
- sprintf(prompt, PWGEN_PROMPT1);
- pmsg[0] = &msg[0];
- msg[0].msg_style = PAM_PROMPT_ECHO_ON;
- msg[0].msg = prompt;
-
resp = NULL;
- *retval = converse(pamh, ctrl, 1, pmsg, &resp);
- if (resp != NULL) {
- /* interpret the response */
- if (*retval == PAM_SUCCESS) { /* a good conversation */
- if (resp[0].resp == NULL || !strlen(resp[0].resp)) {
- _pam_log(LOG_NOTICE,
- "could not recover authentication token 1");
- *retval = PAM_AUTHTOK_RECOVER_ERR;
- } else {
- switch (tolower(resp[0].resp[0])) {
- case 'g':
- pwgen_func = GENTYPE01;
- select_done = 1;
- break;
- case 'c':
- pwgen_func = GENTYPE02;
- select_done = 1;
- break;
- case 'l':
- pwgen_func = GENTYPE03;
- select_done = 1;
- break;
- case 'p':
- pwgen_func = GENTYPE_NONE;
- *retval = PAM_IGNORE;
- select_done = 1;
- break;
- case 'q':
- pwgen_func = GENTYPE_NONE;
- *retval = PAM_ABORT;
- select_done = 1;
- break;
- default:
- break;
- }
+ *retval = pam_prompt(pamh, PAM_PROMPT_ECHO_ON, &resp, PWGEN_PROMPT1);
+ /* interpret the response */
+ if (*retval == PAM_SUCCESS) { /* a good conversation */
+ if (resp == NULL) {
+ pam_syslog(pamh, LOG_NOTICE,
+ "could not recover authentication token 1");
+ *retval = PAM_AUTHTOK_RECOVERY_ERR;
+ select_done = 1;
+ } else {
+ switch (tolower(*resp)) {
+ case 'g':
+ pwgen_func = GENTYPE01;
+ select_done = 1;
+ break;
+ case 'c':
+ pwgen_func = GENTYPE02;
+ select_done = 1;
+ break;
+ case 'l':
+ pwgen_func = GENTYPE03;
+ select_done = 1;
+ break;
+ case 'p':
+ pwgen_func = GENTYPE_NONE;
+ *retval = PAM_IGNORE;
+ select_done = 1;
+ break;
+ case 'q':
+ pwgen_func = GENTYPE_NONE;
+ *retval = PAM_ABORT;
+ select_done = 1;
+ break;
+ default:
+ break;
}
}
/*
* tidy up the conversation (resp_retcode) is ignored
*/
- _pam_drop_reply(resp, 1);
- } else {
- *retval = (*retval == PAM_SUCCESS) ?
- PAM_AUTHTOK_RECOVER_ERR : *retval;
+ _pam_drop(resp);
}
} while (!select_done);
if (*retval != PAM_SUCCESS) {
if (ctrl & PAM_DEBUG_ARG)
- _pam_log(LOG_DEBUG, "unable to obtain a password");
+ pam_syslog(pamh, LOG_DEBUG, "unable to obtain a password");
}
return pwgen_func;
@@ -435,7 +354,7 @@
return password;
}
-static char *gen_random_passwd(int length, void *null_data)
+static char *gen_random_passwd(int length, void *null_data UNUSED)
{
static const char ASCII[94] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789`~!@#$%^&*()_+-=[]{};':\",./<>?\\|";
static char password[128]; /* buffer to develop a password */
@@ -451,7 +370,7 @@
return password;
}
-static char *gen_random_passwd1(int length, void *null_data)
+static char *gen_random_passwd1(int length, void *null_data UNUSED)
{
static const char LD[36] = "abcdefghijklmnopqrstuvwxyz0123456789";
static char password[128]; /* buffer to develop a password */
@@ -469,7 +388,8 @@
static void complicate(int upper, int digit, char *buf)
{
- int i, pos, len, isdig;
+ unsigned int len, pos;
+ int i, isdig;
len = strlen(buf);
isdig = strcspn(buf, "aeiostz") == len ? 1 : 0;
@@ -533,10 +453,10 @@
int retval;
char tri_file[128];
int retry_times = 0;
- int min_length = 10;
- int pw_count = 5;
+ unsigned int min_length = 10;
int upper = 0;
int digit = 0;
+ int pw_count = 5;
int *genpw = NULL;
D(("called."));
@@ -579,18 +499,18 @@
if (!ep || (digit < 0))
digit = 0;
} else {
- _pam_log(LOG_ERR, "pam_parse: unknown option; %s", *argv);
+ pam_syslog(pamh, LOG_ERR, "pam_parse: unknown option; %s", *argv);
}
}
- if (upper > min_length/2)
+ if ((unsigned int)upper > min_length/2)
upper = min_length/2;
- if (digit > min_length/2)
+ if ((unsigned int)digit > min_length/2)
digit = min_length/2;
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/pam/modules/pam_console/chmod.c?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/pam/modules/pam_console/hashtable.c?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/pam/modules/pam_console/pam_console.c?r1=1.7&r2=1.8&f=u
http://cvs.pld-linux.org/pam/modules/pam_console/pam_console_apply.c?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/pam/modules/pam_pwexport/pam_pwexport.c?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/pam/modules/pam_pwgen/Makefile.am?r1=1.12&r2=1.13&f=u
http://cvs.pld-linux.org/pam/modules/pam_pwgen/pam_pwgen.c?r1=1.9&r2=1.10&f=u
http://cvs.pld-linux.org/pam/modules/pam_pwgen/pam_pwgen_app.c?r1=1.7&r2=1.8&f=u
http://cvs.pld-linux.org/pam/modules/pam_rps/pam_rps.c?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/pam/modules/pam_timestamp/hmacfile.c?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/pam/modules/pam_timestamp/hmacsha1.c?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/pam/modules/pam_timestamp/pam_timestamp.c?r1=1.1&r2=1.2&f=u
More information about the pld-cvs-commit
mailing list