diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2002-12-16 15:28:05 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2002-12-16 15:28:05 +0000 |
commit | 648199192cc9f4c4dc9cfa4a6515c8579de5ce7b (patch) | |
tree | 9d7dd8720c59534fc8d19cee8e948ce320f42554 /contrib/openpam | |
parent | 9c05d469da1d825c4645742f7ca9632ebd1bf480 (diff) | |
download | src-648199192cc9f4c4dc9cfa4a6515c8579de5ce7b.tar.gz src-648199192cc9f4c4dc9cfa4a6515c8579de5ce7b.zip |
Notes
Diffstat (limited to 'contrib/openpam')
98 files changed, 412 insertions, 259 deletions
diff --git a/contrib/openpam/CREDITS b/contrib/openpam/CREDITS index adbf407ccd14..77ec7cebb3f1 100644 --- a/contrib/openpam/CREDITS +++ b/contrib/openpam/CREDITS @@ -14,6 +14,7 @@ or indirectly, with patches, criticism, suggestions, or ideas: Andrew Morgan <morgan@transmeta.com> Brian Fundakowski Feldman <green@freebsd.org> Darren J. Moffat <Darren.Moffat@sun.com> + Eric Melville <eric@freebsd.org> Gary Winiger <Gary.Winiger@sun.com> Joe Marcus Clarke <marcus@marcuscom.com> Mark Murray <markm@freebsd.org> @@ -22,4 +23,4 @@ or indirectly, with patches, criticism, suggestions, or ideas: Solar Designer <solar@openwall.com> Takanori Saneto <sanewo@ba2.so-net.ne.jp> -$P4: //depot/projects/openpam/CREDITS#3 $ +$P4: //depot/projects/openpam/CREDITS#4 $ diff --git a/contrib/openpam/HISTORY b/contrib/openpam/HISTORY index f14fea3e5019..c16bcc48e830 100644 --- a/contrib/openpam/HISTORY +++ b/contrib/openpam/HISTORY @@ -1,3 +1,18 @@ +OpenPAM Cyclamen 2002-12-12 + + - ENHANCE: Improve recursion detection in openpam_dispatch(). + + - ENHANCE: Add debugging messages at entry and exit points of most + functions. + + - ENHANCE: Fix some minor style issues. + + - BUGFIX: Add default cases to the switches in openpam_log.c. + + - ENHANCE: Add /usr/local/etc/pam.conf to policy search path. + + - BUGFIX: In openpam_ttyconv(3), print the prompt to stdout rather + than stderr. ============================================================================ OpenPAM Citronella 2002-06-30 @@ -6,7 +21,7 @@ OpenPAM Citronella 2002-06-30 - ENHANCE: Define struct pam_repository and PAM_REPOSITORY (from Solaris 9). - - ENHANCE: Flesh out the pam(3) man page. + - ENHANCE: Flesh out the pam(3) man page. - ENHANCE: Add an openpam(3) page with cross-references to all the documented OpenPAM API extensions. @@ -19,7 +34,6 @@ OpenPAM Citronella 2002-06-30 - ENHANCE: Added sample pam_unix module. - BUGFIX: Various documentation nits. - ============================================================================ OpenPAM Cinquefoil 2002-05-24 @@ -184,4 +198,4 @@ OpenPAM Calamite 2002-02-09 First (beta) release. ============================================================================ -$P4: //depot/projects/openpam/HISTORY#13 $ +$P4: //depot/projects/openpam/HISTORY#16 $ diff --git a/contrib/openpam/MANIFEST b/contrib/openpam/MANIFEST index 61e41ca2ea23..79ac0b20c113 100644 --- a/contrib/openpam/MANIFEST +++ b/contrib/openpam/MANIFEST @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/openpam/MANIFEST#12 $ +# $P4: //depot/projects/openpam/MANIFEST#13 $ # CREDITS HISTORY @@ -125,8 +125,6 @@ misc/gendoc.pl modules/Makefile modules/pam_deny/Makefile modules/pam_deny/pam_deny.c -modules/pam_dummy/Makefile -modules/pam_dummy/pam_dummy.c modules/pam_permit/Makefile modules/pam_permit/pam_permit.c modules/pam_unix/Makefile diff --git a/contrib/openpam/README b/contrib/openpam/README index 883796553aee..fb61f42179cc 100644 --- a/contrib/openpam/README +++ b/contrib/openpam/README @@ -7,20 +7,21 @@ implementations disagree, OpenPAM tries to remain compatible with Solaris, at the expense of XSSO conformance and Linux-PAM compatibility. -These are some of OpenPAM's features: +These are some of OpenPAM's features: - Implements the complete PAM API as described in the original PAM paper and in OSF-RFC 86.0; this corresponds to the full XSSO API - except for mappings and secondary authentication. + except for mappings and secondary authentication. Also + implements some extensions found in Solaris 9. - Extends the API with several useful and time-saving functions. - Performs strict checking of return values from service modules. - - Reads configuration from /etc/pam.d/, /usr/local/etc/pam.d/ and - /etc/pam.conf, in that order; this will be made configurable in a - future release. + - Reads configuration from /etc/pam.d/, /etc/pam.conf, + /usr/local/etc/pam.d/ and /usr/local/etc/pam.conf, in that order; + this will be made configurable in a future release. Please direct bug reports and inquiries to openpam@thinksec.com. -$P4: //depot/projects/openpam/README#3 $ +$P4: //depot/projects/openpam/README#4 $ diff --git a/contrib/openpam/RELNOTES b/contrib/openpam/RELNOTES index 54e57bf67c8b..86a69884e874 100644 --- a/contrib/openpam/RELNOTES +++ b/contrib/openpam/RELNOTES @@ -1,13 +1,26 @@ - Release notes for OpenPAM Citronella - ==================================== + Release notes for OpenPAM Cyclamen + ================================== + +This release corresponds to the code used in FreeBSD-CURRENT as of the +release date. It has also been successfully built on NetBSD 1.6, and +should build with minimal or no changes on OpenBSD. Work is underway +to port OpenPAM to MacOS 10.2. It has not been tested on any other +operating system. The library itself is complete. Documentation exists in the form of -man pages for the library functions. +man pages for the library functions. These man pages are generated by +a Perl script from specially marked-up comments in the source files +themselves, which minimizes the chance that any of them should be out +of date. + +The distribution also includes three sample modules (pam_deny, +pam_permit and pam_unix) and a sample application (su). These are not +intended for actual use, but rather to serve as examples for module or +application developers. -This release is incorporated into FreeBSD-CURRENT as of 2002-06-30. -It has also been successfully built on NetBSD, and should build with -minimal or no changes on OpenBSD. It has not been tested on any other -OS. +NOTE: to the person who sent me MacOS patches in July 2002: I have +lost your name and email address. Please contact me so I can give you +proper credit for your contribution. -$P4: //depot/projects/openpam/RELNOTES#12 $ +$P4: //depot/projects/openpam/RELNOTES#13 $ diff --git a/contrib/openpam/doc/man/openpam.3 b/contrib/openpam/doc/man/openpam.3 index cc8cbaa9103f..4d5bc08237b5 100644 --- a/contrib/openpam/doc/man/openpam.3 +++ b/contrib/openpam/doc/man/openpam.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt OPENPAM 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/openpam_borrow_cred.3 b/contrib/openpam/doc/man/openpam_borrow_cred.3 index 4a0997bd8c6b..8da6c55c3592 100644 --- a/contrib/openpam/doc/man/openpam_borrow_cred.3 +++ b/contrib/openpam/doc/man/openpam_borrow_cred.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt OPENPAM_BORROW_CRED 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/openpam_free_data.3 b/contrib/openpam/doc/man/openpam_free_data.3 index fd2eb2068934..43da4e94873e 100644 --- a/contrib/openpam/doc/man/openpam_free_data.3 +++ b/contrib/openpam/doc/man/openpam_free_data.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt OPENPAM_FREE_DATA 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/openpam_get_option.3 b/contrib/openpam/doc/man/openpam_get_option.3 index 0bcaafec83f0..5682fa09c43a 100644 --- a/contrib/openpam/doc/man/openpam_get_option.3 +++ b/contrib/openpam/doc/man/openpam_get_option.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt OPENPAM_GET_OPTION 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/openpam_log.3 b/contrib/openpam/doc/man/openpam_log.3 index 0a653064efe7..33847dc061aa 100644 --- a/contrib/openpam/doc/man/openpam_log.3 +++ b/contrib/openpam/doc/man/openpam_log.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt OPENPAM_LOG 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/openpam_nullconv.3 b/contrib/openpam/doc/man/openpam_nullconv.3 index d0a377097a1b..c63c459c1412 100644 --- a/contrib/openpam/doc/man/openpam_nullconv.3 +++ b/contrib/openpam/doc/man/openpam_nullconv.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt OPENPAM_NULLCONV 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/openpam_restore_cred.3 b/contrib/openpam/doc/man/openpam_restore_cred.3 index 281435d826fc..c02024b79e28 100644 --- a/contrib/openpam/doc/man/openpam_restore_cred.3 +++ b/contrib/openpam/doc/man/openpam_restore_cred.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt OPENPAM_RESTORE_CRED 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/openpam_set_option.3 b/contrib/openpam/doc/man/openpam_set_option.3 index 66c1bded50b4..8850fa3461cd 100644 --- a/contrib/openpam/doc/man/openpam_set_option.3 +++ b/contrib/openpam/doc/man/openpam_set_option.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt OPENPAM_SET_OPTION 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/openpam_ttyconv.3 b/contrib/openpam/doc/man/openpam_ttyconv.3 index 4f111e8885f3..63c6078404ef 100644 --- a/contrib/openpam/doc/man/openpam_ttyconv.3 +++ b/contrib/openpam/doc/man/openpam_ttyconv.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt OPENPAM_TTYCONV 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam.3 b/contrib/openpam/doc/man/pam.3 index e685edd000e9..564565faa264 100644 --- a/contrib/openpam/doc/man/pam.3 +++ b/contrib/openpam/doc/man/pam.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_acct_mgmt.3 b/contrib/openpam/doc/man/pam_acct_mgmt.3 index 0b89bcecb93d..00ccd745fcb7 100644 --- a/contrib/openpam/doc/man/pam_acct_mgmt.3 +++ b/contrib/openpam/doc/man/pam_acct_mgmt.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_ACCT_MGMT 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_authenticate.3 b/contrib/openpam/doc/man/pam_authenticate.3 index 22ad32e3512b..04128415a41c 100644 --- a/contrib/openpam/doc/man/pam_authenticate.3 +++ b/contrib/openpam/doc/man/pam_authenticate.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_AUTHENTICATE 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_chauthtok.3 b/contrib/openpam/doc/man/pam_chauthtok.3 index 2d41dae282d3..247578c2a0b1 100644 --- a/contrib/openpam/doc/man/pam_chauthtok.3 +++ b/contrib/openpam/doc/man/pam_chauthtok.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_CHAUTHTOK 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_close_session.3 b/contrib/openpam/doc/man/pam_close_session.3 index 30891e645f67..7ad1c6be7306 100644 --- a/contrib/openpam/doc/man/pam_close_session.3 +++ b/contrib/openpam/doc/man/pam_close_session.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_CLOSE_SESSION 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_end.3 b/contrib/openpam/doc/man/pam_end.3 index 46f38004ab75..25a6df2126d8 100644 --- a/contrib/openpam/doc/man/pam_end.3 +++ b/contrib/openpam/doc/man/pam_end.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_END 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_error.3 b/contrib/openpam/doc/man/pam_error.3 index b1e0749088ee..8d4be299af4a 100644 --- a/contrib/openpam/doc/man/pam_error.3 +++ b/contrib/openpam/doc/man/pam_error.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_ERROR 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_get_authtok.3 b/contrib/openpam/doc/man/pam_get_authtok.3 index 8d5ce1733bd4..b8d67be773f0 100644 --- a/contrib/openpam/doc/man/pam_get_authtok.3 +++ b/contrib/openpam/doc/man/pam_get_authtok.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_GET_AUTHTOK 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_get_data.3 b/contrib/openpam/doc/man/pam_get_data.3 index d7fb801ad702..db294466d51d 100644 --- a/contrib/openpam/doc/man/pam_get_data.3 +++ b/contrib/openpam/doc/man/pam_get_data.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_GET_DATA 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_get_item.3 b/contrib/openpam/doc/man/pam_get_item.3 index cf6dd47e08ab..472d09936e89 100644 --- a/contrib/openpam/doc/man/pam_get_item.3 +++ b/contrib/openpam/doc/man/pam_get_item.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_GET_ITEM 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_get_user.3 b/contrib/openpam/doc/man/pam_get_user.3 index f09671a87397..05d9452e81e8 100644 --- a/contrib/openpam/doc/man/pam_get_user.3 +++ b/contrib/openpam/doc/man/pam_get_user.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_GET_USER 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_getenv.3 b/contrib/openpam/doc/man/pam_getenv.3 index 09b0add301b4..17cba6bb149c 100644 --- a/contrib/openpam/doc/man/pam_getenv.3 +++ b/contrib/openpam/doc/man/pam_getenv.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_GETENV 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_getenvlist.3 b/contrib/openpam/doc/man/pam_getenvlist.3 index fb6a0624463f..7520795eac24 100644 --- a/contrib/openpam/doc/man/pam_getenvlist.3 +++ b/contrib/openpam/doc/man/pam_getenvlist.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_GETENVLIST 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_info.3 b/contrib/openpam/doc/man/pam_info.3 index ac96df2abcc0..cdbb13c49d2e 100644 --- a/contrib/openpam/doc/man/pam_info.3 +++ b/contrib/openpam/doc/man/pam_info.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_INFO 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_open_session.3 b/contrib/openpam/doc/man/pam_open_session.3 index d4acb1a8a8ff..290402712ad7 100644 --- a/contrib/openpam/doc/man/pam_open_session.3 +++ b/contrib/openpam/doc/man/pam_open_session.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_OPEN_SESSION 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_prompt.3 b/contrib/openpam/doc/man/pam_prompt.3 index b6ee1b191767..b3fa81958ba5 100644 --- a/contrib/openpam/doc/man/pam_prompt.3 +++ b/contrib/openpam/doc/man/pam_prompt.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_PROMPT 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_putenv.3 b/contrib/openpam/doc/man/pam_putenv.3 index 61b0ea63a680..b889555dca02 100644 --- a/contrib/openpam/doc/man/pam_putenv.3 +++ b/contrib/openpam/doc/man/pam_putenv.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_PUTENV 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_set_data.3 b/contrib/openpam/doc/man/pam_set_data.3 index de302c1677d0..d22305262f2a 100644 --- a/contrib/openpam/doc/man/pam_set_data.3 +++ b/contrib/openpam/doc/man/pam_set_data.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_SET_DATA 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_set_item.3 b/contrib/openpam/doc/man/pam_set_item.3 index 7717e9e54a95..6e43f9378aa9 100644 --- a/contrib/openpam/doc/man/pam_set_item.3 +++ b/contrib/openpam/doc/man/pam_set_item.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_SET_ITEM 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_setcred.3 b/contrib/openpam/doc/man/pam_setcred.3 index 8596a9451e4e..b35de1398549 100644 --- a/contrib/openpam/doc/man/pam_setcred.3 +++ b/contrib/openpam/doc/man/pam_setcred.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_SETCRED 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_setenv.3 b/contrib/openpam/doc/man/pam_setenv.3 index ad250c7e0ac1..2ea18efae88e 100644 --- a/contrib/openpam/doc/man/pam_setenv.3 +++ b/contrib/openpam/doc/man/pam_setenv.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_SETENV 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 b/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 index 9d4c7681d626..19f7acb9f6f3 100644 --- a/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 +++ b/contrib/openpam/doc/man/pam_sm_acct_mgmt.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_SM_ACCT_MGMT 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_sm_authenticate.3 b/contrib/openpam/doc/man/pam_sm_authenticate.3 index 695f635a97f9..168e17f43840 100644 --- a/contrib/openpam/doc/man/pam_sm_authenticate.3 +++ b/contrib/openpam/doc/man/pam_sm_authenticate.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_SM_AUTHENTICATE 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_sm_chauthtok.3 b/contrib/openpam/doc/man/pam_sm_chauthtok.3 index 773f54697ec8..9d0f11fe5fb6 100644 --- a/contrib/openpam/doc/man/pam_sm_chauthtok.3 +++ b/contrib/openpam/doc/man/pam_sm_chauthtok.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_SM_CHAUTHTOK 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_sm_close_session.3 b/contrib/openpam/doc/man/pam_sm_close_session.3 index b84b57a17a9d..7879375f2e4d 100644 --- a/contrib/openpam/doc/man/pam_sm_close_session.3 +++ b/contrib/openpam/doc/man/pam_sm_close_session.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_SM_CLOSE_SESSION 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_sm_open_session.3 b/contrib/openpam/doc/man/pam_sm_open_session.3 index 6e3aae42636d..33ff290670f0 100644 --- a/contrib/openpam/doc/man/pam_sm_open_session.3 +++ b/contrib/openpam/doc/man/pam_sm_open_session.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_SM_OPEN_SESSION 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_sm_setcred.3 b/contrib/openpam/doc/man/pam_sm_setcred.3 index 9cc6602252d3..217b1ddc7584 100644 --- a/contrib/openpam/doc/man/pam_sm_setcred.3 +++ b/contrib/openpam/doc/man/pam_sm_setcred.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_SM_SETCRED 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_start.3 b/contrib/openpam/doc/man/pam_start.3 index 99af5edadb98..d40f00dcc393 100644 --- a/contrib/openpam/doc/man/pam_start.3 +++ b/contrib/openpam/doc/man/pam_start.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_START 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_strerror.3 b/contrib/openpam/doc/man/pam_strerror.3 index 0c8314ebc982..d1c1558d6936 100644 --- a/contrib/openpam/doc/man/pam_strerror.3 +++ b/contrib/openpam/doc/man/pam_strerror.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_STRERROR 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_verror.3 b/contrib/openpam/doc/man/pam_verror.3 index c6db52d6e437..d11adbbd1893 100644 --- a/contrib/openpam/doc/man/pam_verror.3 +++ b/contrib/openpam/doc/man/pam_verror.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_VERROR 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_vinfo.3 b/contrib/openpam/doc/man/pam_vinfo.3 index 1b895826fe72..278126ca5b8b 100644 --- a/contrib/openpam/doc/man/pam_vinfo.3 +++ b/contrib/openpam/doc/man/pam_vinfo.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_VINFO 3 .Os .Sh NAME diff --git a/contrib/openpam/doc/man/pam_vprompt.3 b/contrib/openpam/doc/man/pam_vprompt.3 index 7d00070de453..8e7a5e686bcc 100644 --- a/contrib/openpam/doc/man/pam_vprompt.3 +++ b/contrib/openpam/doc/man/pam_vprompt.3 @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd June 30, 2002 +.Dd December 12, 2002 .Dt PAM_VPROMPT 3 .Os .Sh NAME diff --git a/contrib/openpam/include/security/pam_constants.h b/contrib/openpam/include/security/pam_constants.h index 3ce0c325c3f7..788fe3bdb77d 100644 --- a/contrib/openpam/include/security/pam_constants.h +++ b/contrib/openpam/include/security/pam_constants.h @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/include/security/pam_constants.h#18 $ + * $P4: //depot/projects/openpam/include/security/pam_constants.h#19 $ */ #ifndef _PAM_CONSTANTS_H_INCLUDED @@ -76,7 +76,8 @@ enum { PAM_ABORT = 26, PAM_TRY_AGAIN = 27, PAM_MODULE_UNKNOWN = 28, - PAM_DOMAIN_UNKNOWN = 29 + PAM_DOMAIN_UNKNOWN = 29, + PAM_NUM_ERRORS /* OpenPAM extension */ }; /* diff --git a/contrib/openpam/lib/openpam_borrow_cred.c b/contrib/openpam/lib/openpam_borrow_cred.c index fa0ec580b924..ef1a85079ec9 100644 --- a/contrib/openpam/lib/openpam_borrow_cred.c +++ b/contrib/openpam/lib/openpam_borrow_cred.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#2 $ + * $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#3 $ */ #include <sys/param.h> @@ -57,30 +57,31 @@ openpam_borrow_cred(pam_handle_t *pamh, struct pam_saved_cred *scred; int r; + ENTER(); if (geteuid() != 0) - return (PAM_PERM_DENIED); + RETURNC(PAM_PERM_DENIED); scred = calloc(1, sizeof *scred); if (scred == NULL) - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); scred->euid = geteuid(); scred->egid = getegid(); r = getgroups(NGROUPS_MAX, scred->groups); if (r == -1) { free(scred); - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); } scred->ngroups = r; r = pam_set_data(pamh, PAM_SAVED_CRED, scred, &openpam_free_data); if (r != PAM_SUCCESS) { free(scred); - return (r); + RETURNC(r); } if (initgroups(pwd->pw_name, pwd->pw_gid) == -1 || setegid(pwd->pw_gid) == -1 || seteuid(pwd->pw_uid) == -1) { openpam_restore_cred(pamh); - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); } - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } /* diff --git a/contrib/openpam/lib/openpam_configure.c b/contrib/openpam/lib/openpam_configure.c index b0025fea86bb..65844de9cf8f 100644 --- a/contrib/openpam/lib/openpam_configure.c +++ b/contrib/openpam/lib/openpam_configure.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_configure.c#5 $ + * $P4: //depot/projects/openpam/lib/openpam_configure.c#6 $ */ #include <ctype.h> @@ -213,6 +213,7 @@ static const char *openpam_policy_path[] = { "/etc/pam.d/", "/etc/pam.conf", "/usr/local/etc/pam.d/", + "/usr/local/etc/pam.conf", NULL }; diff --git a/contrib/openpam/lib/openpam_dispatch.c b/contrib/openpam/lib/openpam_dispatch.c index d65edee7aeb5..0ff686543d85 100644 --- a/contrib/openpam/lib/openpam_dispatch.c +++ b/contrib/openpam/lib/openpam_dispatch.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_dispatch.c#17 $ + * $P4: //depot/projects/openpam/lib/openpam_dispatch.c#18 $ */ #include <sys/param.h> @@ -60,13 +60,18 @@ openpam_dispatch(pam_handle_t *pamh, pam_chain_t *chain; int err, fail, r; + ENTER(); if (pamh == NULL) - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); /* prevent recursion */ if (pamh->current != NULL) { - openpam_log(PAM_LOG_ERROR, "indirect recursion"); - return (PAM_ABORT); + openpam_log(PAM_LOG_ERROR, + "%s() called while %s::%s() is in progress", + _pam_func_name[primitive], + pamh->current->module->path, + _pam_sm_func_name[pamh->primitive]); + RETURNC(PAM_ABORT); } /* pick a chain */ @@ -86,7 +91,7 @@ openpam_dispatch(pam_handle_t *pamh, chain = pamh->chains[PAM_PASSWORD]; break; default: - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); } /* execute */ @@ -98,6 +103,7 @@ openpam_dispatch(pam_handle_t *pamh, chain->module->path, _pam_sm_func_name[primitive]); continue; } else { + pamh->primitive = primitive; pamh->current = chain; r = (chain->module->func[primitive])(pamh, flags, chain->optc, (const char **)chain->optv); @@ -153,8 +159,7 @@ openpam_dispatch(pam_handle_t *pamh, if (!fail && err != PAM_NEW_AUTHTOK_REQD) err = PAM_SUCCESS; - openpam_log(PAM_LOG_DEBUG, "returning: %s", pam_strerror(pamh, err)); - return (err); + RETURNC(err); } #if !defined(OPENPAM_RELAX_CHECKS) diff --git a/contrib/openpam/lib/openpam_findenv.c b/contrib/openpam/lib/openpam_findenv.c index 06b5730b3cdd..2dba88a5b393 100644 --- a/contrib/openpam/lib/openpam_findenv.c +++ b/contrib/openpam/lib/openpam_findenv.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_findenv.c#8 $ + * $P4: //depot/projects/openpam/lib/openpam_findenv.c#9 $ */ #include <string.h> @@ -53,14 +53,14 @@ openpam_findenv(pam_handle_t *pamh, { int i; + ENTER(); if (pamh == NULL) - return (-1); - + RETURNI(-1); for (i = 0; i < pamh->env_count; ++i) if (strncmp(pamh->env[i], name, len) == 0 && pamh->env[i][len] == '=') - return (i); - return (-1); + RETURNI(i); + RETURNI(-1); } /* diff --git a/contrib/openpam/lib/openpam_free_data.c b/contrib/openpam/lib/openpam_free_data.c index 11935f88b653..03766b9f410d 100644 --- a/contrib/openpam/lib/openpam_free_data.c +++ b/contrib/openpam/lib/openpam_free_data.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_free_data.c#2 $ + * $P4: //depot/projects/openpam/lib/openpam_free_data.c#3 $ */ #include <stdlib.h> @@ -50,10 +50,12 @@ void openpam_free_data(pam_handle_t *pamh, void *data, int status) { - /* silence compiler warnings */ - pamh = pamh; - status = status; + + ENTER(); + (void)pamh; + (void)status; free(data); + RETURNV(); } /* diff --git a/contrib/openpam/lib/openpam_get_option.c b/contrib/openpam/lib/openpam_get_option.c index b70b945e7c43..d3993eadee31 100644 --- a/contrib/openpam/lib/openpam_get_option.c +++ b/contrib/openpam/lib/openpam_get_option.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_get_option.c#4 $ + * $P4: //depot/projects/openpam/lib/openpam_get_option.c#5 $ */ #include <sys/param.h> @@ -57,19 +57,20 @@ openpam_get_option(pam_handle_t *pamh, size_t len; int i; + ENTER(); if (pamh == NULL || pamh->current == NULL || option == NULL) - return (NULL); + RETURNS(NULL); cur = pamh->current; len = strlen(option); for (i = 0; i < cur->optc; ++i) { if (strncmp(cur->optv[i], option, len) == 0) { if (cur->optv[i][len] == '\0') - return (&cur->optv[i][len]); + RETURNS(&cur->optv[i][len]); else if (cur->optv[i][len] == '=') - return (&cur->optv[i][len + 1]); + RETURNS(&cur->optv[i][len + 1]); } } - return (NULL); + RETURNS(NULL); } /* diff --git a/contrib/openpam/lib/openpam_impl.h b/contrib/openpam/lib/openpam_impl.h index 23bfc90e2224..9ffcc0a0b9f6 100644 --- a/contrib/openpam/lib/openpam_impl.h +++ b/contrib/openpam/lib/openpam_impl.h @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_impl.h#16 $ + * $P4: //depot/projects/openpam/lib/openpam_impl.h#17 $ */ #ifndef _OPENPAM_IMPL_H_INCLUDED @@ -39,7 +39,9 @@ #include <security/openpam.h> +extern const char *_pam_func_name[PAM_NUM_PRIMITIVES]; extern const char *_pam_sm_func_name[PAM_NUM_PRIMITIVES]; +extern const char *_pam_err_name[PAM_NUM_ERRORS]; /* * Control flags @@ -83,6 +85,7 @@ struct pam_handle { /* chains */ pam_chain_t *chains[PAM_NUM_CHAINS]; pam_chain_t *current; + int primitive; /* items and data */ void *item[PAM_NUM_ITEMS]; @@ -118,4 +121,41 @@ pam_module_t *openpam_static(const char *); #endif pam_module_t *openpam_dynamic(const char *); +#ifdef DEBUG +#define ENTER() openpam_log(PAM_LOG_DEBUG, "entering") +#define RETURNV() openpam_log(PAM_LOG_DEBUG, "returning") +#define RETURNC(c) do { \ + if ((c) >= 0 && (c) < PAM_NUM_ERRORS) + openpam_log(PAM_LOG_DEBUG, "returning %s", _pam_err_name[c]); \ + else \ + openpam_log(PAM_LOG_DEBUG, "returning %d!", (c)); \ + return (c); \ +} while (0) +#define RETURNI(n) do { \ + openpam_log(PAM_LOG_DEBUG, "returning %d", (n)); \ + return (n); \ +} while (0) +#define RETURNP(p) do { \ + if ((p) == NULL) \ + openpam_log(PAM_LOG_DEBUG, "returning NULL"); \ + else \ + openpam_log(PAM_LOG_DEBUG, "returning %p", (p)); \ + return (p); \ +} while (0) +#define RETURNS(s) do { \ + if ((s) == NULL) \ + openpam_log(PAM_LOG_DEBUG, "returning NULL"); \ + else \ + openpam_log(PAM_LOG_DEBUG, "returning '%s'", (s)); \ + return (s); \ +} while (0) +#else +#define ENTER() +#define RETURNV() return +#define RETURNC(c) return (c) +#define RETURNI(n) return (i) +#define RETURNP(p) return (p) +#define RETURNS(s) return (s) +#endif + #endif diff --git a/contrib/openpam/lib/openpam_load.c b/contrib/openpam/lib/openpam_load.c index 717906f3fed1..ef683099cad5 100644 --- a/contrib/openpam/lib/openpam_load.c +++ b/contrib/openpam/lib/openpam_load.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_load.c#14 $ + * $P4: //depot/projects/openpam/lib/openpam_load.c#15 $ */ #include <dlfcn.h> @@ -42,6 +42,15 @@ #include "openpam_impl.h" +const char *_pam_func_name[PAM_NUM_PRIMITIVES] = { + "pam_authenticate", + "pam_setcred", + "pam_acct_mgmt", + "pam_open_session", + "pam_close_session", + "pam_chauthtok" +}; + const char *_pam_sm_func_name[PAM_NUM_PRIMITIVES] = { "pam_sm_authenticate", "pam_sm_setcred", diff --git a/contrib/openpam/lib/openpam_log.c b/contrib/openpam/lib/openpam_log.c index f512c62779b1..23a51d5c432c 100644 --- a/contrib/openpam/lib/openpam_log.c +++ b/contrib/openpam/lib/openpam_log.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_log.c#16 $ + * $P4: //depot/projects/openpam/lib/openpam_log.c#17 $ */ #include <ctype.h> @@ -64,9 +64,10 @@ _openpam_log(int level, const char *func, const char *fmt, ...) case PAM_LOG_DEBUG: #ifndef DEBUG return; -#endif +#else priority = LOG_DEBUG; break; +#endif case PAM_LOG_VERBOSE: priority = LOG_INFO; break; @@ -109,9 +110,10 @@ openpam_log(int level, const char *fmt, ...) case PAM_LOG_DEBUG: #ifndef DEBUG return; -#endif +#else priority = LOG_DEBUG; break; +#endif case PAM_LOG_VERBOSE: priority = LOG_INFO; break; diff --git a/contrib/openpam/lib/openpam_nullconv.c b/contrib/openpam/lib/openpam_nullconv.c index 59811e9856da..94a99361bf8d 100644 --- a/contrib/openpam/lib/openpam_nullconv.c +++ b/contrib/openpam/lib/openpam_nullconv.c @@ -31,13 +31,14 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_nullconv.c#3 $ + * $P4: //depot/projects/openpam/lib/openpam_nullconv.c#4 $ */ #include <sys/types.h> #include <security/pam_appl.h> -#include <security/openpam.h> + +#include "openpam_impl.h" /* * OpenPAM extension @@ -52,11 +53,12 @@ openpam_nullconv(int n, void *data) { + ENTER(); (void)n; (void)msg; (void)resp; (void)data; - return (PAM_CONV_ERR); + RETURNC(PAM_CONV_ERR); } /* diff --git a/contrib/openpam/lib/openpam_restore_cred.c b/contrib/openpam/lib/openpam_restore_cred.c index f5acff8095ed..75ebe5efc7e3 100644 --- a/contrib/openpam/lib/openpam_restore_cred.c +++ b/contrib/openpam/lib/openpam_restore_cred.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_restore_cred.c#2 $ + * $P4: //depot/projects/openpam/lib/openpam_restore_cred.c#3 $ */ #include <sys/param.h> @@ -56,17 +56,18 @@ openpam_restore_cred(pam_handle_t *pamh) struct pam_saved_cred *scred; int r; + ENTER(); r = pam_get_data(pamh, PAM_SAVED_CRED, (const void **)&scred); if (r != PAM_SUCCESS) - return (r); + RETURNC(r); if (scred == NULL) - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); if (seteuid(scred->euid) == -1 || setgroups(scred->ngroups, scred->groups) == -1 || setegid(scred->egid) == -1) - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); pam_set_data(pamh, PAM_SAVED_CRED, NULL, NULL); - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } /* diff --git a/contrib/openpam/lib/openpam_set_option.c b/contrib/openpam/lib/openpam_set_option.c index 2862b0ba38fb..f65733b7fc64 100644 --- a/contrib/openpam/lib/openpam_set_option.c +++ b/contrib/openpam/lib/openpam_set_option.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_set_option.c#5 $ + * $P4: //depot/projects/openpam/lib/openpam_set_option.c#6 $ */ #include <sys/param.h> @@ -61,8 +61,9 @@ openpam_set_option(pam_handle_t *pamh, size_t len; int i; + ENTER(); if (pamh == NULL || pamh->current == NULL || option == NULL) - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); cur = pamh->current; for (len = 0; option[len] != '\0'; ++len) if (option[len] == '=') @@ -75,21 +76,21 @@ openpam_set_option(pam_handle_t *pamh, if (value == NULL) { /* remove */ if (i == cur->optc) - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); for (free(cur->optv[i]); i < cur->optc; ++i) cur->optv[i] = cur->optv[i + 1]; cur->optv[i] = NULL; - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } if ((opt = malloc(len + strlen(value) + 2)) == NULL) - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); sprintf(opt, "%.*s=%s", (int)len, option, value); if (i == cur->optc) { /* add */ optv = realloc(cur->optv, sizeof(char *) * (cur->optc + 2)); if (optv == NULL) { free(opt); - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); } optv[i] = opt; optv[i + 1] = NULL; @@ -100,7 +101,7 @@ openpam_set_option(pam_handle_t *pamh, free(cur->optv[i]); cur->optv[i] = opt; } - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } /* diff --git a/contrib/openpam/lib/openpam_ttyconv.c b/contrib/openpam/lib/openpam_ttyconv.c index fc40618a0c87..d3fdde16a4b8 100644 --- a/contrib/openpam/lib/openpam_ttyconv.c +++ b/contrib/openpam/lib/openpam_ttyconv.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#13 $ + * $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#14 $ */ #include <sys/types.h> @@ -46,7 +46,8 @@ #include <unistd.h> #include <security/pam_appl.h> -#include <security/openpam.h> + +#include "openpam_impl.h" int openpam_ttyconv_timeout = 0; static jmp_buf jmpenv; @@ -139,11 +140,12 @@ openpam_ttyconv(int n, { int i; - data = data; + ENTER(); + (void)data; if (n <= 0 || n > PAM_MAX_NUM_MSG) - return (PAM_CONV_ERR); + RETURNC(PAM_CONV_ERR); if ((*resp = calloc(n, sizeof **resp)) == NULL) - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); for (i = 0; i < n; ++i) { resp[i]->resp_retcode = 0; resp[i]->resp = NULL; @@ -174,13 +176,13 @@ openpam_ttyconv(int n, goto fail; } } - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); fail: while (i) free(resp[--i]); free(*resp); *resp = NULL; - return (PAM_CONV_ERR); + RETURNC(PAM_CONV_ERR); } /* diff --git a/contrib/openpam/lib/pam_acct_mgmt.c b/contrib/openpam/lib/pam_acct_mgmt.c index 35e24d8e075b..4adfe53cbd8f 100644 --- a/contrib/openpam/lib/pam_acct_mgmt.c +++ b/contrib/openpam/lib/pam_acct_mgmt.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_acct_mgmt.c#9 $ + * $P4: //depot/projects/openpam/lib/pam_acct_mgmt.c#10 $ */ #include <sys/param.h> @@ -51,8 +51,11 @@ int pam_acct_mgmt(pam_handle_t *pamh, int flags) { + int pam_err; - return (openpam_dispatch(pamh, PAM_SM_ACCT_MGMT, flags)); + ENTER(); + pam_err = openpam_dispatch(pamh, PAM_SM_ACCT_MGMT, flags); + RETURNC(pam_err); } /* diff --git a/contrib/openpam/lib/pam_authenticate.c b/contrib/openpam/lib/pam_authenticate.c index 6cc2563c8949..f2884f72ec4a 100644 --- a/contrib/openpam/lib/pam_authenticate.c +++ b/contrib/openpam/lib/pam_authenticate.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_authenticate.c#11 $ + * $P4: //depot/projects/openpam/lib/pam_authenticate.c#12 $ */ #include <sys/param.h> @@ -53,11 +53,12 @@ pam_authenticate(pam_handle_t *pamh, { int pam_err; + ENTER(); if (flags & ~(PAM_SILENT|PAM_DISALLOW_NULL_AUTHTOK)) - return (PAM_SYMBOL_ERR); + RETURNC(PAM_SYMBOL_ERR); pam_err = openpam_dispatch(pamh, PAM_SM_AUTHENTICATE, flags); pam_set_item(pamh, PAM_AUTHTOK, NULL); - return (pam_err); + RETURNC(pam_err); } /* diff --git a/contrib/openpam/lib/pam_authenticate_secondary.c b/contrib/openpam/lib/pam_authenticate_secondary.c index 363645ebe99d..b266f196449b 100644 --- a/contrib/openpam/lib/pam_authenticate_secondary.c +++ b/contrib/openpam/lib/pam_authenticate_secondary.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_authenticate_secondary.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_authenticate_secondary.c#7 $ */ #include <security/pam_appl.h> @@ -53,7 +53,8 @@ pam_authenticate_secondary(pam_handle_t *pamh, int flags) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_chauthtok.c b/contrib/openpam/lib/pam_chauthtok.c index 774eee57bfd3..68fa483e1a1a 100644 --- a/contrib/openpam/lib/pam_chauthtok.c +++ b/contrib/openpam/lib/pam_chauthtok.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_chauthtok.c#12 $ + * $P4: //depot/projects/openpam/lib/pam_chauthtok.c#13 $ */ #include <sys/param.h> @@ -53,8 +53,9 @@ pam_chauthtok(pam_handle_t *pamh, { int pam_err; + ENTER(); if (flags & ~(PAM_SILENT|PAM_CHANGE_EXPIRED_AUTHTOK)) - return (PAM_SYMBOL_ERR); + RETURNC(PAM_SYMBOL_ERR); pam_err = openpam_dispatch(pamh, PAM_SM_CHAUTHTOK, flags | PAM_PRELIM_CHECK); if (pam_err == PAM_SUCCESS) @@ -62,7 +63,7 @@ pam_chauthtok(pam_handle_t *pamh, flags | PAM_UPDATE_AUTHTOK); pam_set_item(pamh, PAM_OLDAUTHTOK, NULL); pam_set_item(pamh, PAM_AUTHTOK, NULL); - return (pam_err); + RETURNC(pam_err); } /* diff --git a/contrib/openpam/lib/pam_close_session.c b/contrib/openpam/lib/pam_close_session.c index 00bfb556fd48..9c6276ca2fd5 100644 --- a/contrib/openpam/lib/pam_close_session.c +++ b/contrib/openpam/lib/pam_close_session.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_close_session.c#9 $ + * $P4: //depot/projects/openpam/lib/pam_close_session.c#10 $ */ #include <sys/param.h> @@ -52,9 +52,10 @@ pam_close_session(pam_handle_t *pamh, int flags) { + ENTER(); if (flags & ~(PAM_SILENT)) - return (PAM_SYMBOL_ERR); - return (openpam_dispatch(pamh, PAM_SM_CLOSE_SESSION, flags)); + RETURNC(PAM_SYMBOL_ERR); + RETURNC(openpam_dispatch(pamh, PAM_SM_CLOSE_SESSION, flags)); } /* diff --git a/contrib/openpam/lib/pam_end.c b/contrib/openpam/lib/pam_end.c index 2c2b2a33b909..5fb1fb68611f 100644 --- a/contrib/openpam/lib/pam_end.c +++ b/contrib/openpam/lib/pam_end.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_end.c#10 $ + * $P4: //depot/projects/openpam/lib/pam_end.c#11 $ */ #include <stdlib.h> @@ -54,8 +54,9 @@ pam_end(pam_handle_t *pamh, pam_data_t *dp; int i; + ENTER(); if (pamh == NULL) - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); /* clear module data */ while ((dp = pamh->module_data) != NULL) { @@ -80,7 +81,7 @@ pam_end(pam_handle_t *pamh, free(pamh); - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } /* diff --git a/contrib/openpam/lib/pam_get_authtok.c b/contrib/openpam/lib/pam_get_authtok.c index 7d41f910efc1..896f059ccad3 100644 --- a/contrib/openpam/lib/pam_get_authtok.c +++ b/contrib/openpam/lib/pam_get_authtok.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#19 $ + * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#20 $ */ #include <sys/param.h> @@ -65,9 +65,9 @@ pam_get_authtok(pam_handle_t *pamh, char *resp, *resp2; int pitem, r, style, twice; + ENTER(); if (pamh == NULL || authtok == NULL) - return (PAM_SYSTEM_ERR); - + RETURNC(PAM_SYSTEM_ERR); *authtok = NULL; twice = 0; switch (item) { @@ -86,16 +86,15 @@ pam_get_authtok(pam_handle_t *pamh, twice = 0; break; default: - return (PAM_SYMBOL_ERR); + RETURNC(PAM_SYMBOL_ERR); } - if (openpam_get_option(pamh, "try_first_pass") || openpam_get_option(pamh, "use_first_pass")) { r = pam_get_item(pamh, item, (const void **)authtok); if (r == PAM_SUCCESS && *authtok != NULL) - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); else if (openpam_get_option(pamh, "use_first_pass")) - return (r == PAM_SUCCESS ? PAM_AUTH_ERR : r); + RETURNC(r == PAM_SUCCESS ? PAM_AUTH_ERR : r); } if (prompt == NULL) { r = pam_get_item(pamh, pitem, (const void **)&prompt); @@ -106,12 +105,12 @@ pam_get_authtok(pam_handle_t *pamh, PAM_PROMPT_ECHO_ON : PAM_PROMPT_ECHO_OFF; r = pam_prompt(pamh, style, &resp, "%s", prompt); if (r != PAM_SUCCESS) - return (r); + RETURNC(r); if (twice) { r = pam_prompt(pamh, style, &resp2, "Retype %s", prompt); if (r != PAM_SUCCESS) { free(resp); - return (r); + RETURNC(r); } if (strcmp(resp, resp2) != 0) { free(resp); @@ -120,12 +119,12 @@ pam_get_authtok(pam_handle_t *pamh, free(resp2); } if (resp == NULL) - return (PAM_TRY_AGAIN); + RETURNC(PAM_TRY_AGAIN); r = pam_set_item(pamh, item, resp); free(resp); if (r != PAM_SUCCESS) - return (r); - return (pam_get_item(pamh, item, (const void **)authtok)); + RETURNC(r); + RETURNC(pam_get_item(pamh, item, (const void **)authtok)); } /* diff --git a/contrib/openpam/lib/pam_get_data.c b/contrib/openpam/lib/pam_get_data.c index 8f1bc5225d5a..96038ca82560 100644 --- a/contrib/openpam/lib/pam_get_data.c +++ b/contrib/openpam/lib/pam_get_data.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_data.c#8 $ + * $P4: //depot/projects/openpam/lib/pam_get_data.c#9 $ */ #include <string.h> @@ -54,16 +54,15 @@ pam_get_data(pam_handle_t *pamh, { pam_data_t *dp; + ENTER(); if (pamh == NULL) - return (PAM_SYSTEM_ERR); - + RETURNC(PAM_SYSTEM_ERR); for (dp = pamh->module_data; dp != NULL; dp = dp->next) if (strcmp(dp->name, module_data_name) == 0) { *data = dp->data; - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } - - return (PAM_NO_MODULE_DATA); + RETURNC(PAM_NO_MODULE_DATA); } /* diff --git a/contrib/openpam/lib/pam_get_item.c b/contrib/openpam/lib/pam_get_item.c index da2970e38cf1..f3e8c9b4144e 100644 --- a/contrib/openpam/lib/pam_get_item.c +++ b/contrib/openpam/lib/pam_get_item.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_item.c#13 $ + * $P4: //depot/projects/openpam/lib/pam_get_item.c#14 $ */ #include <sys/param.h> @@ -52,9 +52,10 @@ pam_get_item(pam_handle_t *pamh, int item_type, const void **item) { - if (pamh == NULL) - return (PAM_SYSTEM_ERR); + ENTER(); + if (pamh == NULL) + RETURNC(PAM_SYSTEM_ERR); switch (item_type) { case PAM_SERVICE: case PAM_USER: @@ -69,9 +70,9 @@ pam_get_item(pam_handle_t *pamh, case PAM_OLDAUTHTOK_PROMPT: case PAM_REPOSITORY: *item = pamh->item[item_type]; - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); default: - return (PAM_SYMBOL_ERR); + RETURNC(PAM_SYMBOL_ERR); } } diff --git a/contrib/openpam/lib/pam_get_mapped_authtok.c b/contrib/openpam/lib/pam_get_mapped_authtok.c index 0b22d8f4d0d5..e42954f251ec 100644 --- a/contrib/openpam/lib/pam_get_mapped_authtok.c +++ b/contrib/openpam/lib/pam_get_mapped_authtok.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_mapped_authtok.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_get_mapped_authtok.c#7 $ */ #include <security/pam_appl.h> @@ -52,7 +52,8 @@ pam_get_mapped_authtok(pam_handle_t *pamh, unsigned char **target_module_authtok) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_get_mapped_username.c b/contrib/openpam/lib/pam_get_mapped_username.c index 644ada248bd5..dc63aa0524e0 100644 --- a/contrib/openpam/lib/pam_get_mapped_username.c +++ b/contrib/openpam/lib/pam_get_mapped_username.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_mapped_username.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_get_mapped_username.c#7 $ */ #include <security/pam_appl.h> @@ -53,7 +53,8 @@ pam_get_mapped_username(pam_handle_t *pamh, char **target_module_username) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_get_user.c b/contrib/openpam/lib/pam_get_user.c index f0dc28224189..f35a887fe71a 100644 --- a/contrib/openpam/lib/pam_get_user.c +++ b/contrib/openpam/lib/pam_get_user.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_user.c#12 $ + * $P4: //depot/projects/openpam/lib/pam_get_user.c#13 $ */ #include <sys/param.h> @@ -60,12 +60,12 @@ pam_get_user(pam_handle_t *pamh, char *resp; int r; + ENTER(); if (pamh == NULL || user == NULL) - return (PAM_SYSTEM_ERR); - + RETURNC(PAM_SYSTEM_ERR); r = pam_get_item(pamh, PAM_USER, (const void **)user); if (r == PAM_SUCCESS) - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); if (prompt == NULL) { r = pam_get_item(pamh, PAM_USER_PROMPT, (const void **)&prompt); if (r != PAM_SUCCESS || prompt == NULL) @@ -73,12 +73,12 @@ pam_get_user(pam_handle_t *pamh, } r = pam_prompt(pamh, PAM_PROMPT_ECHO_ON, &resp, "%s", prompt); if (r != PAM_SUCCESS) - return (r); + RETURNC(r); r = pam_set_item(pamh, PAM_USER, resp); free(resp); if (r != PAM_SUCCESS) - return (r); - return (pam_get_item(pamh, PAM_USER, (const void **)user)); + RETURNC(r); + RETURNC(pam_get_item(pamh, PAM_USER, (const void **)user)); } /* diff --git a/contrib/openpam/lib/pam_getenv.c b/contrib/openpam/lib/pam_getenv.c index e8f363502520..1b4fd15eea3b 100644 --- a/contrib/openpam/lib/pam_getenv.c +++ b/contrib/openpam/lib/pam_getenv.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_getenv.c#7 $ + * $P4: //depot/projects/openpam/lib/pam_getenv.c#8 $ */ #include <stdlib.h> @@ -54,16 +54,14 @@ pam_getenv(pam_handle_t *pamh, { int i; + ENTER(); if (pamh == NULL) - return (NULL); - - /* sanity checks */ + RETURNC(NULL); if (name == NULL || strchr(name, '=') != NULL) - return (NULL); - + RETURNC(NULL); if ((i = openpam_findenv(pamh, name, strlen(name))) == -1) - return (NULL); - return (strdup(pamh->env[i])); + RETURNC(NULL); + RETURNC(strdup(pamh->env[i])); } /** diff --git a/contrib/openpam/lib/pam_getenvlist.c b/contrib/openpam/lib/pam_getenvlist.c index 37ec6225361e..7c63bcee8065 100644 --- a/contrib/openpam/lib/pam_getenvlist.c +++ b/contrib/openpam/lib/pam_getenvlist.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_getenvlist.c#9 $ + * $P4: //depot/projects/openpam/lib/pam_getenvlist.c#10 $ */ #include <stdlib.h> @@ -54,14 +54,14 @@ pam_getenvlist(pam_handle_t *pamh) char **envlist; int i; + ENTER(); if (pamh == NULL) - return (NULL); - + RETURNP(NULL); envlist = malloc(sizeof(char *) * (pamh->env_count + 1)); if (envlist == NULL) { openpam_log(PAM_LOG_ERROR, "%s", pam_strerror(pamh, PAM_BUF_ERR)); - return (NULL); + RETURNP(NULL); } for (i = 0; i < pamh->env_count; ++i) { if ((envlist[i] = strdup(pamh->env[i])) == NULL) { @@ -70,12 +70,11 @@ pam_getenvlist(pam_handle_t *pamh) free(envlist); openpam_log(PAM_LOG_ERROR, "%s", pam_strerror(pamh, PAM_BUF_ERR)); - return (NULL); + RETURNP(NULL); } } envlist[i] = NULL; - openpam_log(PAM_LOG_DEBUG, "returning %d variables\n", pamh->env_count); - return (envlist); + RETURNP(envlist); } /** diff --git a/contrib/openpam/lib/pam_open_session.c b/contrib/openpam/lib/pam_open_session.c index afae0dcc7138..508ad5cb137e 100644 --- a/contrib/openpam/lib/pam_open_session.c +++ b/contrib/openpam/lib/pam_open_session.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_open_session.c#9 $ + * $P4: //depot/projects/openpam/lib/pam_open_session.c#10 $ */ #include <sys/param.h> @@ -52,9 +52,10 @@ pam_open_session(pam_handle_t *pamh, int flags) { + ENTER(); if (flags & ~(PAM_SILENT)) - return (PAM_SYMBOL_ERR); - return (openpam_dispatch(pamh, PAM_SM_OPEN_SESSION, flags)); + RETURNC(PAM_SYMBOL_ERR); + RETURNC(openpam_dispatch(pamh, PAM_SM_OPEN_SESSION, flags)); } /* diff --git a/contrib/openpam/lib/pam_putenv.c b/contrib/openpam/lib/pam_putenv.c index 9c7df0e82022..d3c220f1f56e 100644 --- a/contrib/openpam/lib/pam_putenv.c +++ b/contrib/openpam/lib/pam_putenv.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_putenv.c#8 $ + * $P4: //depot/projects/openpam/lib/pam_putenv.c#9 $ */ #include <stdlib.h> @@ -55,20 +55,21 @@ pam_putenv(pam_handle_t *pamh, char **env, *p; int i; + ENTER(); if (pamh == NULL) - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); /* sanity checks */ if (namevalue == NULL || (p = strchr(namevalue, '=')) == NULL) - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); /* see if the variable is already in the environment */ if ((i = openpam_findenv(pamh, namevalue, p - namevalue)) != -1) { if ((p = strdup(namevalue)) == NULL) - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); free(pamh->env[i]); pamh->env[i] = p; - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } /* grow the environment list if necessary */ @@ -76,16 +77,16 @@ pam_putenv(pam_handle_t *pamh, env = realloc(pamh->env, sizeof(char *) * (pamh->env_size * 2 + 1)); if (env == NULL) - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); pamh->env = env; pamh->env_size = pamh->env_size * 2 + 1; } /* add the variable at the end */ if ((pamh->env[pamh->env_count] = strdup(namevalue)) == NULL) - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); ++pamh->env_count; - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } /* diff --git a/contrib/openpam/lib/pam_set_data.c b/contrib/openpam/lib/pam_set_data.c index 371e8efb61ba..c944e0f46378 100644 --- a/contrib/openpam/lib/pam_set_data.c +++ b/contrib/openpam/lib/pam_set_data.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_set_data.c#10 $ + * $P4: //depot/projects/openpam/lib/pam_set_data.c#11 $ */ #include <stdlib.h> @@ -58,30 +58,29 @@ pam_set_data(pam_handle_t *pamh, { pam_data_t *dp; + ENTER(); if (pamh == NULL) - return (PAM_SYSTEM_ERR); - + RETURNC(PAM_SYSTEM_ERR); for (dp = pamh->module_data; dp != NULL; dp = dp->next) { if (strcmp(dp->name, module_data_name) == 0) { if (dp->cleanup) (dp->cleanup)(pamh, dp->data, PAM_SUCCESS); dp->data = data; dp->cleanup = cleanup; - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } } - if ((dp = malloc(sizeof *dp)) == NULL) - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); if ((dp->name = strdup(module_data_name)) == NULL) { free(dp); - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); } dp->data = data; dp->cleanup = cleanup; dp->next = pamh->module_data; pamh->module_data = dp; - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } /* diff --git a/contrib/openpam/lib/pam_set_item.c b/contrib/openpam/lib/pam_set_item.c index b34bc78cfb58..42653b165245 100644 --- a/contrib/openpam/lib/pam_set_item.c +++ b/contrib/openpam/lib/pam_set_item.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_set_item.c#15 $ + * $P4: //depot/projects/openpam/lib/pam_set_item.c#16 $ */ #include <sys/param.h> @@ -58,9 +58,9 @@ pam_set_item(pam_handle_t *pamh, void **slot, *tmp; size_t nsize, osize; + ENTER(); if (pamh == NULL) - return (PAM_SYSTEM_ERR); - + RETURNC(PAM_SYSTEM_ERR); slot = &pamh->item[item_type]; switch (item_type) { case PAM_SERVICE: @@ -85,7 +85,7 @@ pam_set_item(pam_handle_t *pamh, osize = nsize = sizeof(struct pam_conv); break; default: - return (PAM_SYMBOL_ERR); + RETURNC(PAM_SYMBOL_ERR); } if (*slot != NULL) { memset(*slot, 0xd0, osize); @@ -93,13 +93,13 @@ pam_set_item(pam_handle_t *pamh, } if (item != NULL) { if ((tmp = malloc(nsize)) == NULL) - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); memcpy(tmp, item, nsize); } else { tmp = NULL; } *slot = tmp; - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); } /* diff --git a/contrib/openpam/lib/pam_set_mapped_authtok.c b/contrib/openpam/lib/pam_set_mapped_authtok.c index ec18579792f4..5ea3aa083b98 100644 --- a/contrib/openpam/lib/pam_set_mapped_authtok.c +++ b/contrib/openpam/lib/pam_set_mapped_authtok.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_set_mapped_authtok.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_set_mapped_authtok.c#7 $ */ #include <security/pam_appl.h> @@ -52,7 +52,8 @@ pam_set_mapped_authtok(pam_handle_t *pamh, const char *target_authn_domain) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_set_mapped_username.c b/contrib/openpam/lib/pam_set_mapped_username.c index eedefe45c8b7..51394ac5d832 100644 --- a/contrib/openpam/lib/pam_set_mapped_username.c +++ b/contrib/openpam/lib/pam_set_mapped_username.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_set_mapped_username.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_set_mapped_username.c#7 $ */ #include <security/pam_appl.h> @@ -53,7 +53,8 @@ pam_set_mapped_username(pam_handle_t *pamh, char *target_authn_domain) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_setcred.c b/contrib/openpam/lib/pam_setcred.c index 1621baabd786..16848802fbb9 100644 --- a/contrib/openpam/lib/pam_setcred.c +++ b/contrib/openpam/lib/pam_setcred.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_setcred.c#10 $ + * $P4: //depot/projects/openpam/lib/pam_setcred.c#11 $ */ #include <sys/param.h> @@ -52,11 +52,12 @@ pam_setcred(pam_handle_t *pamh, int flags) { + ENTER(); if (flags & ~(PAM_SILENT|PAM_ESTABLISH_CRED|PAM_DELETE_CRED| PAM_REINITIALIZE_CRED|PAM_REFRESH_CRED)) - return (PAM_SYMBOL_ERR); + RETURNC(PAM_SYMBOL_ERR); /* XXX enforce exclusivity */ - return (openpam_dispatch(pamh, PAM_SM_SETCRED, flags)); + RETURNC(openpam_dispatch(pamh, PAM_SM_SETCRED, flags)); } /* diff --git a/contrib/openpam/lib/pam_setenv.c b/contrib/openpam/lib/pam_setenv.c index d1c865fcc2a5..f516a1b6c6aa 100644 --- a/contrib/openpam/lib/pam_setenv.c +++ b/contrib/openpam/lib/pam_setenv.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_setenv.c#7 $ + * $P4: //depot/projects/openpam/lib/pam_setenv.c#8 $ */ #include <stdlib.h> @@ -58,24 +58,25 @@ pam_setenv(pam_handle_t *pamh, char *env; int r; + ENTER(); if (pamh == NULL) - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); /* sanity checks */ if (name == NULL || value == NULL || strchr(name, '=') != NULL) - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); /* is it already there? */ if (!overwrite && openpam_findenv(pamh, name, strlen(name)) != -1) - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); /* set it... */ if ((env = malloc(strlen(name) + strlen(value) + 2)) == NULL) - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); sprintf(env, "%s=%s", name, value); r = pam_putenv(pamh, env); free(env); - return (r); + RETURNC(r); } /* diff --git a/contrib/openpam/lib/pam_sm_acct_mgmt.c b/contrib/openpam/lib/pam_sm_acct_mgmt.c index e70ab2c684e7..8351fcae15e1 100644 --- a/contrib/openpam/lib/pam_sm_acct_mgmt.c +++ b/contrib/openpam/lib/pam_sm_acct_mgmt.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_acct_mgmt.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_acct_mgmt.c#5 $ */ #include <sys/param.h> @@ -53,7 +53,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, const char **argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_sm_authenticate.c b/contrib/openpam/lib/pam_sm_authenticate.c index 9d9c55d2027b..50cceef96891 100644 --- a/contrib/openpam/lib/pam_sm_authenticate.c +++ b/contrib/openpam/lib/pam_sm_authenticate.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_authenticate.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_authenticate.c#5 $ */ #include <sys/param.h> @@ -53,7 +53,8 @@ pam_sm_authenticate(pam_handle_t *pamh, const char **argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_sm_authenticate_secondary.c b/contrib/openpam/lib/pam_sm_authenticate_secondary.c index e694de2818a2..b25e02802f81 100644 --- a/contrib/openpam/lib/pam_sm_authenticate_secondary.c +++ b/contrib/openpam/lib/pam_sm_authenticate_secondary.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_authenticate_secondary.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_authenticate_secondary.c#5 $ */ #include <sys/param.h> @@ -58,7 +58,8 @@ pam_sm_authenticate_secondary(pam_handle_t *pamh, const char **argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_sm_chauthtok.c b/contrib/openpam/lib/pam_sm_chauthtok.c index 34d652ff29a8..b4ede724ce1b 100644 --- a/contrib/openpam/lib/pam_sm_chauthtok.c +++ b/contrib/openpam/lib/pam_sm_chauthtok.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_chauthtok.c#5 $ + * $P4: //depot/projects/openpam/lib/pam_sm_chauthtok.c#6 $ */ #include <sys/param.h> @@ -53,7 +53,8 @@ pam_sm_chauthtok(pam_handle_t *pamh, const char **argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_sm_close_session.c b/contrib/openpam/lib/pam_sm_close_session.c index 1644ec826dea..e27274f3d8f1 100644 --- a/contrib/openpam/lib/pam_sm_close_session.c +++ b/contrib/openpam/lib/pam_sm_close_session.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_close_session.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_close_session.c#5 $ */ #include <sys/param.h> @@ -53,7 +53,8 @@ pam_sm_close_session(pam_handle_t *pamh, const char **argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_sm_get_mapped_authtok.c b/contrib/openpam/lib/pam_sm_get_mapped_authtok.c index c4ae55f5fe26..2f35e549dd89 100644 --- a/contrib/openpam/lib/pam_sm_get_mapped_authtok.c +++ b/contrib/openpam/lib/pam_sm_get_mapped_authtok.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_get_mapped_authtok.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_get_mapped_authtok.c#5 $ */ #include <sys/param.h> @@ -57,7 +57,8 @@ pam_sm_get_mapped_authtok(pam_handle_t *pamh, char *argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_sm_get_mapped_username.c b/contrib/openpam/lib/pam_sm_get_mapped_username.c index 6c3f86e077cb..1956acf6b6fd 100644 --- a/contrib/openpam/lib/pam_sm_get_mapped_username.c +++ b/contrib/openpam/lib/pam_sm_get_mapped_username.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_get_mapped_username.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_get_mapped_username.c#5 $ */ #include <sys/param.h> @@ -58,7 +58,8 @@ pam_sm_get_mapped_username(pam_handle_t *pamh, const char **argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_sm_open_session.c b/contrib/openpam/lib/pam_sm_open_session.c index d1092dcfeca9..161344f4aa10 100644 --- a/contrib/openpam/lib/pam_sm_open_session.c +++ b/contrib/openpam/lib/pam_sm_open_session.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_open_session.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_open_session.c#5 $ */ #include <sys/param.h> @@ -53,7 +53,8 @@ pam_sm_open_session(pam_handle_t *pamh, const char **argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_sm_set_mapped_authtok.c b/contrib/openpam/lib/pam_sm_set_mapped_authtok.c index cb4f1137c86e..a875e1af24d0 100644 --- a/contrib/openpam/lib/pam_sm_set_mapped_authtok.c +++ b/contrib/openpam/lib/pam_sm_set_mapped_authtok.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_set_mapped_authtok.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_set_mapped_authtok.c#5 $ */ #include <sys/param.h> @@ -57,7 +57,8 @@ pam_sm_set_mapped_authtok(pam_handle_t *pamh, const char *argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_sm_set_mapped_username.c b/contrib/openpam/lib/pam_sm_set_mapped_username.c index b8b1f0a0a116..8c0774d24307 100644 --- a/contrib/openpam/lib/pam_sm_set_mapped_username.c +++ b/contrib/openpam/lib/pam_sm_set_mapped_username.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_set_mapped_username.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_set_mapped_username.c#5 $ */ #include <sys/param.h> @@ -55,7 +55,8 @@ pam_sm_set_mapped_username(pam_handle_t *pamh, const char **argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } /* diff --git a/contrib/openpam/lib/pam_sm_setcred.c b/contrib/openpam/lib/pam_sm_setcred.c index b4940ad989e5..90e571c59431 100644 --- a/contrib/openpam/lib/pam_sm_setcred.c +++ b/contrib/openpam/lib/pam_sm_setcred.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_sm_setcred.c#4 $ + * $P4: //depot/projects/openpam/lib/pam_sm_setcred.c#5 $ */ #include <sys/param.h> @@ -53,7 +53,8 @@ pam_sm_setcred(pam_handle_t *pamh, const char **argv) { - return (PAM_SYSTEM_ERR); + ENTER(); + RETURNC(PAM_SYSTEM_ERR); } diff --git a/contrib/openpam/lib/pam_start.c b/contrib/openpam/lib/pam_start.c index 1711759ad2c9..c43b19273cf7 100644 --- a/contrib/openpam/lib/pam_start.c +++ b/contrib/openpam/lib/pam_start.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_start.c#16 $ + * $P4: //depot/projects/openpam/lib/pam_start.c#17 $ */ #include <stdlib.h> @@ -56,8 +56,9 @@ pam_start(const char *service, struct pam_handle *ph; int r; + ENTER(); if ((ph = calloc(1, sizeof *ph)) == NULL) - return (PAM_BUF_ERR); + RETURNC(PAM_BUF_ERR); if ((r = pam_set_item(ph, PAM_SERVICE, service)) != PAM_SUCCESS) goto fail; if ((r = pam_set_item(ph, PAM_USER, user)) != PAM_SUCCESS) @@ -71,11 +72,11 @@ pam_start(const char *service, *pamh = ph; openpam_log(PAM_LOG_DEBUG, "pam_start(\"%s\") succeeded", service); - return (PAM_SUCCESS); + RETURNC(PAM_SUCCESS); fail: pam_end(ph, r); - return (r); + RETURNC(r); } /* diff --git a/contrib/openpam/lib/pam_strerror.c b/contrib/openpam/lib/pam_strerror.c index f32f737b2b47..2e875139091c 100644 --- a/contrib/openpam/lib/pam_strerror.c +++ b/contrib/openpam/lib/pam_strerror.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_strerror.c#10 $ + * $P4: //depot/projects/openpam/lib/pam_strerror.c#11 $ */ #include <stdio.h> @@ -40,6 +40,39 @@ #include "openpam_impl.h" +const char *_pam_err_name[PAM_NUM_ERRORS] = { + "PAM_SUCCESS", + "PAM_OPEN_ERR", + "PAM_SYMBOL_ERR", + "PAM_SERVICE_ERR", + "PAM_SYSTEM_ERR", + "PAM_BUF_ERR", + "PAM_CONV_ERR", + "PAM_PERM_DENIED", + "PAM_MAXTRIES", + "PAM_AUTH_ERR", + "PAM_NEW_AUTHTOK_REQD", + "PAM_CRED_INSUFFICIENT", + "PAM_AUTHINFO_UNAVAIL", + "PAM_USER_UNKNOWN", + "PAM_CRED_UNAVAIL", + "PAM_CRED_EXPIRED", + "PAM_CRED_ERR", + "PAM_ACCT_EXPIRED", + "PAM_AUTHTOK_EXPIRED", + "PAM_SESSION_ERR", + "PAM_AUTHTOK_ERR", + "PAM_AUTHTOK_RECOVERY_ERR", + "PAM_AUTHTOK_LOCK_BUSY", + "PAM_AUTHTOK_DISABLE_AGING", + "PAM_NO_MODULE_DATA", + "PAM_IGNORE", + "PAM_ABORT", + "PAM_TRY_AGAIN", + "PAM_MODULE_UNKNOWN", + "PAM_DOMAIN_UNKNOWN" +}; + /* * XSSO 4.2.1 * XSSO 6 page 92 @@ -53,7 +86,7 @@ pam_strerror(pam_handle_t *pamh, { static char unknown[16]; - pamh = pamh; + (void)pamh; switch (error_number) { case PAM_SUCCESS: diff --git a/contrib/openpam/lib/pam_vprompt.c b/contrib/openpam/lib/pam_vprompt.c index d92768c6edcd..15fdc8176998 100644 --- a/contrib/openpam/lib/pam_vprompt.c +++ b/contrib/openpam/lib/pam_vprompt.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_vprompt.c#7 $ + * $P4: //depot/projects/openpam/lib/pam_vprompt.c#8 $ */ #include <stdarg.h> @@ -39,7 +39,8 @@ #include <stdlib.h> #include <security/pam_appl.h> -#include <security/openpam.h> + +#include "openpam_impl.h" /* * OpenPAM extension @@ -61,12 +62,13 @@ pam_vprompt(pam_handle_t *pamh, struct pam_conv *conv; int r; + ENTER(); r = pam_get_item(pamh, PAM_CONV, (const void **)&conv); if (r != PAM_SUCCESS) - return (r); + RETURNC(r); if (conv == NULL) { openpam_log(PAM_LOG_ERROR, "no conversation function"); - return (PAM_SYSTEM_ERR); + RETURNC(PAM_SYSTEM_ERR); } vsnprintf(msgbuf, PAM_MAX_MSG_SIZE, fmt, ap); msg.msg_style = style; @@ -76,7 +78,7 @@ pam_vprompt(pam_handle_t *pamh, r = (conv->conv)(1, &msgp, &rsp, conv->appdata_ptr); *resp = rsp == NULL ? NULL : rsp->resp; free(rsp); - return (r); + RETURNC(r); } /* diff --git a/contrib/openpam/modules/Makefile b/contrib/openpam/modules/Makefile index e14652ba6438..9b17f2fe1081 100644 --- a/contrib/openpam/modules/Makefile +++ b/contrib/openpam/modules/Makefile @@ -31,12 +31,11 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/modules/Makefile#7 $ +# $P4: //depot/projects/openpam/modules/Makefile#8 $ # SUBDIR = SUBDIR += pam_deny -SUBDIR += pam_dummy SUBDIR += pam_permit SUBDIR += pam_unix diff --git a/contrib/openpam/modules/pam_unix/pam_unix.c b/contrib/openpam/modules/pam_unix/pam_unix.c index 7d25d8aed58d..ddcd81bf8022 100644 --- a/contrib/openpam/modules/pam_unix/pam_unix.c +++ b/contrib/openpam/modules/pam_unix/pam_unix.c @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/modules/pam_unix/pam_unix.c#2 $ + * $P4: //depot/projects/openpam/modules/pam_unix/pam_unix.c#3 $ */ #include <sys/param.h> @@ -43,6 +43,7 @@ #include <unistd.h> #include <security/pam_modules.h> +#include <security/pam_appl.h> #ifndef _OPENPAM static char password_prompt[] = "Password:"; |