pool/pam
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Update pam_unix-login.defs.diff patch to the final upstream

Browse Source 
version.

OBS-URL: https://build.opensuse.org/package/show/Linux-PAM/pam?expand=0&rev=102
This commit is contained in:
Thorsten Kukuk 2013-02-05 16:28:46 +00:00 committed by Git OBS Bridge
parent 9c8c5632c1
commit 59a3466dd8
2 changed files with 71 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pam.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Tue Feb 5 17:28:25 CET 2013 - kukuk@suse.de
- Update pam_unix-login.defs.diff patch to the final upstream
version.
-------------------------------------------------------------------
Tue Feb 5 14:09:06 CET 2013 - kukuk@suse.de

98
pam_unix-login.defs.diff
View File

@ -1,15 +1,63 @@
2013-02-05 Thorsten Kukuk <kukuk@thkukuk.de>
Use hash from /etc/login.defs as default if no
other one is specified as argument.
* modules/pam_unix/support.c: Add search_key, call from __set_ctrl
* modules/pam_unix/support.h: Add define for /etc/login.defs
* modules/pam_unix/pam_unix.8.xml: Document new behavior.
* modules/pam_umask/pam_umask.c: Add missing NULL pointer check
--- modules/pam_unix/support.c
+++ modules/pam_unix/support.c
@@ -37,6 +37,76 @@
diff --git a/modules/pam_umask/pam_umask.c b/modules/pam_umask/pam_umask.c
index 6d2ec1a..863f038 100644
--- a/modules/pam_umask/pam_umask.c
+++ b/modules/pam_umask/pam_umask.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2005, 2006, 2007, 2010 Thorsten Kukuk <kukuk@thkukuk.de>
+ * Copyright (c) 2005, 2006, 2007, 2010, 2013 Thorsten Kukuk <kukuk@thkukuk.de>
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -112,6 +112,10 @@ search_key (const char *filename)
{
buflen = BUF_SIZE;
buf = malloc (buflen);
+ if (buf == NULL) {
+ fclose (fp);
+ return NULL;
+ }
}
buf[0] = '\0';
if (fgets (buf, buflen - 1, fp) == NULL)
diff --git a/modules/pam_unix/pam_unix.8.xml b/modules/pam_unix/pam_unix.8.xml
index 0a42d7a..9ce084e 100644
--- a/modules/pam_unix/pam_unix.8.xml
+++ b/modules/pam_unix/pam_unix.8.xml
@@ -81,7 +81,9 @@
<para>
The password component of this module performs the task of updating
- the user's password.
+ the user's password. The default encryption hash is taken from the
+ <emphasis remap='B'>ENCRYPT_METHOD</emphasis> variable from
+ <emphasis>/etc/login.defs</emphasis>
</para>
<para>
@@ -393,6 +395,9 @@ session required pam_unix.so
<title>SEE ALSO</title>
<para>
<citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
<refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index ab04535..527c380 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -37,6 +37,80 @@
#define SELINUX_ENABLED 0
#endif
@ -39,6 +87,10 @@ other one is specified as argument.
+ {
+ buflen = BUF_SIZE;
+ buf = malloc (buflen);
+ if (buf == NULL) {
+ fclose (fp);
+ return NULL;
+ }
+ }
+ buf[0] = '\0';
+ if (fgets (buf, buflen - 1, fp) == NULL)
@ -86,7 +138,7 @@ other one is specified as argument.
/* this is a front-end for module-application conversations */
int _make_remark(pam_handle_t * pamh, unsigned int ctrl,
@@ -58,6 +128,8 @@ int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int *rounds,
@@ -58,6 +132,8 @@ int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int *rounds,
int *pass_min_len, int argc, const char **argv)
{
unsigned int ctrl;
@ -95,7 +147,7 @@ other one is specified as argument.
D(("called."));
@@ -81,10 +153,27 @@ int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int *rounds,
@@ -81,10 +157,28 @@ int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int *rounds,
D(("SILENT"));
set(UNIX__QUIET, ctrl);
}
@ -110,11 +162,12 @@ other one is specified as argument.
+ }
+ }
+ if (j >= UNIX_CTRLS_) {
+ pam_syslog(pamh, LOG_WARNING, "unrecognized ENCRYPTION_METHOD value [%s]", val);
+ pam_syslog(pamh, LOG_WARNING, "unrecognized ENCRYPT_METHOD value [%s]", val);
+ } else {
+ ctrl &= unix_args[j].mask; /* for turning things off */
+ ctrl |= unix_args[j].flag; /* for turning things on */
+ }
+ free (val);
+ }
+
/* now parse the arguments to this module */
@ -124,8 +177,10 @@ other one is specified as argument.
D(("pam_unix arg: %s", *argv));
--- modules/pam_unix/support.h
+++ modules/pam_unix/support.h
diff --git a/modules/pam_unix/support.h b/modules/pam_unix/support.h
index db4cd95..d21e349 100644
--- a/modules/pam_unix/support.h
+++ b/modules/pam_unix/support.h
@@ -8,6 +8,12 @@
#include <pwd.h>
@ -139,26 +194,3 @@ other one is specified as argument.
* here is the string to inform the user that the new passwords they
* typed were not the same.
*/
--- modules/pam_unix/pam_unix.8.xml
+++ modules/pam_unix/pam_unix.8.xml
@@ -81,7 +81,9 @@
<para>
The password component of this module performs the task of updating
- the user's password.
+ the user's password. The default encryption hash is taken from the
+ <emphasis remap='B'>ENCYPTION_METHOD</emphasis> variable from
+ <emphasis>/etc/login.defs</emphasis>
</para>
<para>
@@ -393,6 +395,9 @@ session required pam_unix.so
<title>SEE ALSO</title>
<para>
<citerefentry>
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
<refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>