Group :: System/Base
RPM: tcb
Main Changelog Spec Patches Sources Download Gear Bugs and FR Repocop
Patch: tcb-0.9.8.8-alt-openpam.patch
Download
Download
diff -uprk.orig tcb-0.9.8.8.orig/Make.defs tcb-0.9.8.8/Make.defs
--- tcb-0.9.8.8.orig/Make.defs 2002-05-19 07:54:50 +0400
+++ tcb-0.9.8.8/Make.defs 2005-04-23 14:10:33 +0400
@@ -3,7 +3,7 @@ DBGFLAG = #-ggdb
ifndef CFLAGS
CFLAGS = -O2
endif
-CFLAGS += $(DBGFLAG) -I../include -Wall -DLINUX_PAM
+CFLAGS += $(DBGFLAG) -I../include -Wall
#CFLAGS += -DFAIL_RECORD
LDFLAGS += $(DBGFLAG) -L../libs
diff -uprk.orig tcb-0.9.8.8.orig/pam_tcb/pam_unix_acct.c tcb-0.9.8.8/pam_tcb/pam_unix_acct.c
--- tcb-0.9.8.8.orig/pam_tcb/pam_unix_acct.c 2005-04-23 13:53:58 +0400
+++ tcb-0.9.8.8/pam_tcb/pam_unix_acct.c 2005-04-23 14:10:33 +0400
@@ -1,6 +1,7 @@
#define _GNU_SOURCE
#include <stdio.h>
#include <unistd.h>
+#include <syslog.h>
#include <time.h>
#include <pwd.h>
#include <shadow.h>
diff -uprk.orig tcb-0.9.8.8.orig/pam_tcb/pam_unix_auth.c tcb-0.9.8.8/pam_tcb/pam_unix_auth.c
--- tcb-0.9.8.8.orig/pam_tcb/pam_unix_auth.c 2005-04-23 13:53:58 +0400
+++ tcb-0.9.8.8/pam_tcb/pam_unix_auth.c 2005-04-23 14:10:33 +0400
@@ -1,5 +1,6 @@
#include <ctype.h>
#include <unistd.h>
+#include <syslog.h>
#include <security/_pam_macros.h>
#define PAM_SM_AUTH
@@ -60,6 +61,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
} else {
D(("trouble reading username"));
user = "UNKNOWN USER";
+#if defined(PAM_CONV_AGAIN) && defined(PAM_INCOMPLETE)
if (retval == PAM_CONV_AGAIN) {
D(("pam_get_user: conv() function is not ready yet"));
/*
@@ -69,6 +71,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
*/
retval = PAM_INCOMPLETE;
}
+#endif
goto out_save_retval;
}
@@ -83,6 +86,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
DATA_AUTHTOK, &pass);
if (retval != PAM_SUCCESS) {
+#if defined(PAM_CONV_AGAIN) && defined(PAM_INCOMPLETE)
if (retval == PAM_CONV_AGAIN) {
_log_err(LOG_CRIT, "Unable to identify password");
} else {
@@ -94,6 +98,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
*/
retval = PAM_INCOMPLETE;
}
+#endif
pass = NULL;
return retval;
}
@@ -153,7 +158,7 @@ PAM_EXTERN int pam_sm_setcred(pam_handle
return PAM_ABORT;
if (on(UNIX_LIKE_AUTH)) {
- const void *item;
+ pam_data_t item;
D(("recovering return code from auth call"));
pam_get_data(pamh, DATA_AUTH_RETVAL, &item);
diff -uprk.orig tcb-0.9.8.8.orig/pam_tcb/pam_unix_passwd.c tcb-0.9.8.8/pam_tcb/pam_unix_passwd.c
--- tcb-0.9.8.8.orig/pam_tcb/pam_unix_passwd.c 2005-04-23 13:53:58 +0400
+++ tcb-0.9.8.8/pam_tcb/pam_unix_passwd.c 2005-04-23 14:12:34 +0400
@@ -4,6 +4,7 @@
#include <string.h>
#include <ctype.h>
#include <unistd.h>
+#include <syslog.h>
#include <pwd.h>
#include <shadow.h>
#include <errno.h>
@@ -607,7 +608,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
int retval, retry;
char oldprefix[HASH_PREFIX_SIZE];
/* <DO NOT free() THESE> */
- const void *item;
const char *user, *oldpass, *newpass;
/* </DO NOT free() THESE> */
char *newhash;
@@ -666,15 +666,20 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
* previous call to this function).
*/
if (off(UNIX_NOT_SET_PASS)) {
+ const void *item;
+
retval = pam_get_item(pamh, PAM_OLDAUTHTOK, &item);
+ oldpass = item;
} else {
+ pam_data_t item;
+
retval = pam_get_data(pamh, DATA_OLD_AUTHTOK, &item);
if (retval == PAM_NO_MODULE_DATA) {
retval = PAM_SUCCESS;
item = NULL;
}
+ oldpass = item;
}
- oldpass = item;
D(("oldpass=[%s]", oldpass));
if (retval != PAM_SUCCESS) {
@@ -755,6 +760,8 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
_pam_delete(newhash);
if (retval == PAM_SUCCESS) {
+ const void *item;
+
if (pam_get_item(pamh, PAM_SERVICE, &item) != PAM_SUCCESS)
item = NULL;
service = item;
diff -uprk.orig tcb-0.9.8.8.orig/pam_tcb/pam_unix_sess.c tcb-0.9.8.8/pam_tcb/pam_unix_sess.c
--- tcb-0.9.8.8.orig/pam_tcb/pam_unix_sess.c 2005-04-23 13:53:58 +0400
+++ tcb-0.9.8.8/pam_tcb/pam_unix_sess.c 2005-04-23 14:10:33 +0400
@@ -1,4 +1,5 @@
#include <unistd.h>
+#include <syslog.h>
#include <security/_pam_macros.h>
#define PAM_SM_SESSION
diff -uprk.orig tcb-0.9.8.8.orig/pam_tcb/support.c tcb-0.9.8.8/pam_tcb/support.c
--- tcb-0.9.8.8.orig/pam_tcb/support.c 2005-04-23 13:53:58 +0400
+++ tcb-0.9.8.8/pam_tcb/support.c 2005-04-23 14:10:33 +0400
@@ -4,6 +4,7 @@
#include <stdarg.h>
#include <fcntl.h>
#include <unistd.h>
+#include <syslog.h>
#include <limits.h>
#include <errno.h>
#include <signal.h>
@@ -17,6 +18,9 @@
#include <security/_pam_macros.h>
#ifndef LINUX_PAM
#include <security/pam_appl.h>
+#ifndef PAM_AUTHTOK_RECOVER_ERR
+#define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR
+#endif
#endif
#include <security/pam_modules.h>
@@ -72,7 +76,11 @@ static int converse(pam_handle_t * pamh,
_log_err(LOG_DEBUG, "Conversation failure: %s",
pam_strerror(pamh, retval));
}
- } else if (retval != PAM_CONV_AGAIN) {
+ } else
+#if defined(PAM_CONV_AGAIN)
+ if (retval != PAM_CONV_AGAIN)
+#endif
+ {
_log_err(LOG_ERR, "Failed to obtain conversation function: %s",
pam_strerror(pamh, retval));
}
@@ -708,7 +716,7 @@ static int do_record_failure(pam_handle_
new = (struct failed_auth *)malloc(sizeof(struct failed_auth));
if (new) {
- const void *item;
+ pam_data_t item;
const struct failed_auth *old;
/* possible strdup() failures; nothing we can do;
@@ -729,6 +737,7 @@ static int do_record_failure(pam_handle_
if (new->count >= TRIES)
retval = PAM_MAXTRIES;
} else {
+ const void *item;
const char *service;
if (pam_get_item(pamh, PAM_SERVICE, &item)
diff -uprk.orig tcb-0.9.8.8.orig/pam_tcb/support.h tcb-0.9.8.8/pam_tcb/support.h
--- tcb-0.9.8.8.orig/pam_tcb/support.h 2005-04-23 13:53:58 +0400
+++ tcb-0.9.8.8/pam_tcb/support.h 2005-04-23 14:10:33 +0400
@@ -154,6 +154,12 @@ struct unix_verify_password_param {
_pam_drop(xx); \
}
+#if defined(__sun) || defined(__hpux) || defined(_OPENPAM)
+typedef void *pam_data_t;
+#else
+typedef const void *pam_data_t;
+#endif
+
extern int _unix_user_in_db(const char *, char *);
typedef int (*cb_func) (const void *);