Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
pam
pam-userdb-upgrade-to-1.3.1.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File pam-userdb-upgrade-to-1.3.1.patch of Package pam
diff -ru Linux-PAM-1.1.8/modules/pam_userdb/pam_userdb.8 /suse/jmoellers/OBS/Linux-PAM/pam/Linux-PAM-1.3.1/modules/pam_userdb/pam_userdb.8 --- Linux-PAM-1.1.8/modules/pam_userdb/pam_userdb.8 2013-06-18 16:26:14.000000000 +0200 +++ /suse/jmoellers/OBS/Linux-PAM/pam/Linux-PAM-1.3.1/modules/pam_userdb/pam_userdb.8 2017-05-18 09:47:35.000000000 +0200 @@ -2,12 +2,12 @@ .\" Title: pam_userdb .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 06/18/2013 +.\" Date: 05/18/2017 .\" Manual: Linux-PAM Manual .\" Source: Linux-PAM Manual .\" Language: English .\" -.TH "PAM_USERDB" "8" "06/18/2013" "Linux-PAM Manual" "Linux\-PAM Manual" +.TH "PAM_USERDB" "8" "05/18/2017" "Linux-PAM Manual" "Linux\-PAM Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -53,7 +53,9 @@ /path/database database for performing lookup\&. There is no default; the module will return \fBPAM_IGNORE\fR -if no database is provided\&. +if no database is provided\&. Note that the path to the database file should be specified without the +\&.db +suffix\&. .RE .PP \fBdebug\fR @@ -139,7 +141,7 @@ .RS 4 .\} .nf -auth sufficient pam_userdb\&.so icase db=/etc/dbtest\&.db +auth sufficient pam_userdb\&.so icase db=/etc/dbtest .fi .if n \{\ diff -ru Linux-PAM-1.1.8/modules/pam_userdb/pam_userdb.8.xml /suse/jmoellers/OBS/Linux-PAM/pam/Linux-PAM-1.3.1/modules/pam_userdb/pam_userdb.8.xml --- Linux-PAM-1.1.8/modules/pam_userdb/pam_userdb.8.xml 2013-06-18 16:11:21.000000000 +0200 +++ /suse/jmoellers/OBS/Linux-PAM/pam/Linux-PAM-1.3.1/modules/pam_userdb/pam_userdb.8.xml 2017-02-10 11:10:15.000000000 +0100 @@ -89,7 +89,8 @@ Use the <filename>/path/database</filename> database for performing lookup. There is no default; the module will return <emphasis remap='B'>PAM_IGNORE</emphasis> if no - database is provided. + database is provided. Note that the path to the database file + should be specified without the <filename>.db</filename> suffix. </para> </listitem> </varlistentry> @@ -260,7 +261,7 @@ <refsect1 id='pam_userdb-examples'> <title>EXAMPLES</title> <programlisting> -auth sufficient pam_userdb.so icase db=/etc/dbtest.db +auth sufficient pam_userdb.so icase db=/etc/dbtest </programlisting> </refsect1> diff -ru Linux-PAM-1.1.8/modules/pam_userdb/pam_userdb.c /suse/jmoellers/OBS/Linux-PAM/pam/Linux-PAM-1.3.1/modules/pam_userdb/pam_userdb.c --- Linux-PAM-1.1.8/modules/pam_userdb/pam_userdb.c 2018-11-26 14:04:37.768275886 +0100 +++ /suse/jmoellers/OBS/Linux-PAM/pam/Linux-PAM-1.3.1/modules/pam_userdb/pam_userdb.c 2017-02-10 11:10:15.000000000 +0100 @@ -213,15 +213,23 @@ /* crypt(3) password storage */ - char *cryptpw; + char *cryptpw = NULL; if (data.dsize < 13) { compare = -2; } else if (ctrl & PAM_ICASE_ARG) { compare = -2; } else { +#ifdef HAVE_CRYPT_R + struct crypt_data *cdata = NULL; + cdata = malloc(sizeof(*cdata)); + if (cdata != NULL) { + cdata->initialized = 0; + cryptpw = crypt_r(pass, data.dptr, cdata); + } +#else cryptpw = crypt (pass, data.dptr); - +#endif if (cryptpw && strlen(cryptpw) == (size_t)data.dsize) { compare = memcmp(data.dptr, cryptpw, data.dsize); } else { @@ -232,9 +240,11 @@ else pam_syslog(pamh, LOG_INFO, "crypt() returned NULL"); } - }; - - }; + } +#ifdef HAVE_CRYPT_R + free(cdata); +#endif + } } else { @@ -324,7 +334,7 @@ /* --- authentication management functions (only) --- */ -PAM_EXTERN int +int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED, int argc, const char **argv) { @@ -387,7 +397,7 @@ return PAM_SERVICE_ERR; case -1: /* incorrect password */ - pam_syslog(pamh, LOG_WARNING, + pam_syslog(pamh, LOG_NOTICE, "user `%s' denied access (incorrect password)", username); return PAM_AUTH_ERR; @@ -413,14 +423,14 @@ return PAM_IGNORE; } -PAM_EXTERN int +int pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED, int argc UNUSED, const char **argv UNUSED) { return PAM_SUCCESS; } -PAM_EXTERN int +int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED, int argc, const char **argv) { @@ -465,23 +475,6 @@ return PAM_SUCCESS; } - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_userdb_modstruct = { - "pam_userdb", - pam_sm_authenticate, - pam_sm_setcred, - pam_sm_acct_mgmt, - NULL, - NULL, - NULL, -}; - -#endif - /* * Copyright (c) Cristian Gafton <gafton@redhat.com>, 1999 * All rights reserved diff -ru Linux-PAM-1.1.8/modules/pam_userdb/README /suse/jmoellers/OBS/Linux-PAM/pam/Linux-PAM-1.3.1/modules/pam_userdb/README --- Linux-PAM-1.1.8/modules/pam_userdb/README 2013-09-19 10:02:21.000000000 +0200 +++ /suse/jmoellers/OBS/Linux-PAM/pam/Linux-PAM-1.3.1/modules/pam_userdb/README 2017-05-18 09:47:35.000000000 +0200 @@ -13,14 +13,15 @@ crypt=[crypt|none] Indicates whether encrypted or plaintext passwords are stored in the - database. If it is crypt, passwords should be stored in the database in + database. If it is crypt, passwords should be stored in the database in crypt(3) form. If none is selected, passwords should be stored in the database as plaintext. db=/path/database Use the /path/database database for performing lookup. There is no default; - the module will return PAM_IGNORE if no database is provided. + the module will return PAM_IGNORE if no database is provided. Note that the + path to the database file should be specified without the .db suffix. debug @@ -65,7 +66,7 @@ EXAMPLES -auth sufficient pam_userdb.so icase db=/etc/dbtest.db +auth sufficient pam_userdb.so icase db=/etc/dbtest AUTHOR
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor