Commit Graph

333 Commits

Author SHA1 Message Date
nekral-guest
5ae74603da * libmisc/find_new_ids.c: Change find_new_uid() and find_new_gid()
prototypes to use a bool for their first argument (sys_user /
	sys_group).
2008-06-09 18:13:09 +00:00
nekral-guest
747664ad4f * libmisc/console.c: Change is_listed() prototype to return a bool.
The default parameter should also be a bool.
	* libmisc/console.c: Add brackets and parenthesis.
	* libmisc/console.c: Avoid assignments in comparisons.
	* libmisc/console.c: Change console() prototype to return a bool.
2008-06-09 18:11:20 +00:00
nekral-guest
94b414861d * libmisc/getdate.y: abbrev is a bool.
* libmisc/getdate.y: Avoid implicit conversion of pointers / chars / integers to booleans.
2008-05-26 08:59:54 +00:00
nekral-guest
a24aff2148 checkutmp is implemented twice. I only changed the second one. Now fix the
first one.
2008-05-26 00:26:33 +00:00
nekral-guest
fc6d8e933b * libmisc/isexpired.c: ARGSUSED is no more needed (shadow is always supported).
* libmisc/isexpired.c: Avoid implicit conversion of pointers to booleans.
	* libmisc/isexpired.c: Add brackets and parenthesis.
2008-05-26 00:14:10 +00:00
nekral-guest
c6364944d4 * libmisc/sulog.c (sulog): The success argument is a bool.
* libmisc/sulog.c: The return values of fflush is not checked on purpose.
	* libmisc/sulog.c: Indicate that some return values should be checked.
2008-05-26 00:09:24 +00:00
nekral-guest
70ef747a56 Updated copyright dates. 2008-05-26 00:04:30 +00:00
nekral-guest
3d7aa44c8e * libmisc/ttytype.c: Avoid implicit conversion of pointers / integers to booleans.
* libmisc/ttytype.c: Avoid assignments in comparisons.
	* libmisc/ttytype.c: Add brackets and parenthesis.
	* libmisc/ttytype.c: The return values of fclose is not checked on purpose.
2008-05-26 00:02:15 +00:00
nekral-guest
c249832df1 * libmisc/mail.c: Avoid implicit conversion of pointers to booleans.
* libmisc/mail.c: Avoid assignments in comparisons.
2008-05-25 23:59:05 +00:00
nekral-guest
3169455653 * libmisc/loginprompt.c: Avoid implicit conversion of pointers / chars to booleans.
* libmisc/loginprompt.c: Add brackets.
	* libmisc/loginprompt.c: Avoid assignments in comparisons.
	* libmisc/loginprompt.c: The return values of fclose and fflush are not checked on purpose.
2008-05-25 23:57:41 +00:00
nekral-guest
f7122499a6 Avoid implicit conversion of chars to booleans. 2008-05-25 23:50:03 +00:00
nekral-guest
cc7ac94641 selinux_checked, selinux_enabled, and set_orig are now booleans. 2008-05-25 23:45:21 +00:00
nekral-guest
7f9dfde0dc * libmisc/setugid.c (setup_uid_gid): The is_console argument is now a bool.
* libmisc/setugid.c: Avoid implicit conversion of integers / pointers to booleans.
	* libmisc/setugid.c: Add brackets.
2008-05-25 23:42:39 +00:00
nekral-guest
6fef9f5178 * libmisc/pam_pass.c (do_pam_passwd): The silent and
change_expired are no booleans instead of int.
	* libmisc/pam_pass.c: The return value of pam_end is not checked
	on purpose.
2008-05-25 23:38:05 +00:00
nekral-guest
f9ac07f455 Updated copyright dates. 2008-05-25 23:32:41 +00:00
nekral-guest
175e361a4d Updated copyright dates. 2008-05-25 23:31:10 +00:00
nekral-guest
53bedaa4c1 * libmisc/getlong.c: Avoid implicit conversion of pointers / chars to booleans.
* libmisc/getlong.c: Add brackets.
2008-05-25 23:25:33 +00:00
nekral-guest
1ebf7842f5 * libmisc/valid.c: Avoid implicit conversion of pointers /chars to booleans.
* libmisc/valid.c: Add brackets.
2008-05-25 23:22:15 +00:00
nekral-guest
f14452ec3c * libmisc/yesno.c: yes_or_no returns a bool instead of int.
* libmisc/yesno.c: Avoid implicit conversion of pointers to booleans.
	* libmisc/yesno.c: The return value of fflush is not checked on purpose.
2008-05-25 23:01:14 +00:00
nekral-guest
78c0edb7c1 (failcheck): The failed argument is a bool. 2008-05-25 22:54:20 +00:00
nekral-guest
f2b4efff20 Avoid implicit conversion of integers to booleans. 2008-05-25 22:51:46 +00:00
nekral-guest
11003f5842 * libmisc/rlogin.c: Avoid assignments in comparisons.
* libmisc/rlogin.c: Avoid implicit conversion of integers to booleans.
	* libmisc/rlogin.c: Add brackets.
2008-05-25 22:49:41 +00:00
nekral-guest
c638c3cc3d * libmisc/failure.c (failcheck): The failed argument is a bool.
* libmisc/failure.c (too_many_failures): too_many_failures returns
	a bool.
	* libmisc/failure.c: Add notes about unchecked return values.
	* libmisc/failure.c: Avoid assignments in comparisons.
	* libmisc/failure.c: Add brackets.
2008-05-25 22:44:44 +00:00
nekral-guest
a2982f0d4e * libmisc/myname.c: Avoid assignments in comparisons.
* libmisc/myname.c: Avoid implicit conversion of pointers / chars
	to booleans.
	* libmisc/myname.c: Add brackets.
2008-05-25 22:15:28 +00:00
nekral-guest
639b2bd8e5 2008-05-25 22:14:19 +00:00
nekral-guest
7069324a20 * libmisc/utmp.c (checkutmp): Change picky argument's type to
bool.
	* libmisc/utmp.c: Use bool when possible (found_utmpx,
	found_utmp).
	* libmisc/utmp.c: Add note about unchecked return values.
2008-05-25 22:11:12 +00:00
nekral-guest
9d331bb32b * Change type of added to bool.
* Avoid implicit conversion of pointers to booleans.
2008-05-25 22:03:09 +00:00
nekral-guest
bc0657d13c * hushed returns a bool instead of int.
* Avoid assignments in comparisons.
* (hushed) Change type of found to bool.
* Add brackets.
* Always check if the user or the shell is in
  the file. Do not check the first character of the line first. This
  is simpler and match better with the HUSHLOGIN_FILE documentation.
2008-05-25 21:52:14 +00:00
nekral-guest
b94825bbad * is_my_tty returns a bool.
* Avoid implicit conversion of integers to booleans.
* Add brackets.
2008-05-25 21:33:38 +00:00
nekral-guest
06d2a32a3e * Avoid assignment in comparisons, implicit comparison of integers to booleans.
* The return value of closedir is not checked on purpose.
* Add brackets.
2008-05-25 21:23:28 +00:00
nekral-guest
623d9e2ab3 * libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp.
check_user_name) renamed to is_valid_user_name (resp.
	is_valid_group_name). is_valid_user_name and is_valid_group_name
	return a bool.
	* src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c,
	src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name
	and is_valid_group_name, following above change.
	* libmisc/chkname.c: Avoid implicit conversion of chars to
	booleans. Add brackets and parenthesis.
2008-05-25 20:58:16 +00:00
nekral-guest
cb8d416b37 Avoid implicit conversion of integers / pointers to booleans. 2008-05-25 20:41:13 +00:00
nekral-guest
de9bee0354 Avoid implicit conversion of integers / pointers to booleans. 2008-05-25 20:39:31 +00:00
nekral-guest
6124b59aff * libmisc/copydir.c (remove_tree): As we always use remove_tree
followed by rmdir to remove the directory itself, delete also the
	root directory in remove_tree.
	* src/userdel.c, src/usermod.c: Do not call rmdir after
	remove_tree.
2008-05-24 15:35:15 +00:00
nekral-guest
9c41a8ad38 * libmisc/fields.c: Avoid assignments in comparisons, assignments
with post increments (x++), use of integers as booleans, and
	explicitly mark blocks with brackets.
	* libmisc/copydir.c: Likewise.
	* libmisc/fields.c: Add comments.
	* libmisc/copydir.c: Mark function whose return value is not
	checked as such.

	* libmisc/copydir.c (remove_tree): Make sure unlink is successful
	when removing files.
2008-05-24 15:19:02 +00:00
nekral-guest
cda1f9a23d Simply passwd_check since it's never used when configured with PAM support. 2008-05-24 14:11:31 +00:00
nekral-guest
0219d72f48 * libmisc/list.c: Avoid assignments in comparisons, assignments
with post increments (x++), use of integers as booleans, and
	explicitly mark blocks with brackets.
2008-05-24 14:09:35 +00:00
nekral-guest
d99423405c Fix compiler warnings:
* libmisc/audit_help.c: Include prototypes.h to get the prototype
	of audit_help_open.
	* libmisc/salt.c: Use booleans instead of negating integers.
	* src/passwd.c: Declare the check_selinux_access prototype and
	avoid name clashes (change_user -> changed_user; change_uid ->
	changed_uid; access -> requested_access)
2008-05-24 13:08:58 +00:00
nekral-guest
eeb9592ded Use fputs rather than fprintf for constant strings. 2008-05-23 20:55:11 +00:00
nekral-guest
a917ba4fb9 *** security:
- generation of SHA encrypted passwords (chpasswd, gpasswd, newusers,
  chgpasswd; and also passwd if configured without PAM support).
  The number of rounds and number of salt bytes was fixed to their lower
  allowed values (resp. configurable and 8), hence voiding some of the
  advantages of this encryption method. Dictionary attacks with
  precomputed tables were easier than expected, but still harder than with
  the MD5 (or DES) methods.

	* NEWS, libmisc/salt.c (SHA_salt_size): Seed the RNG, and fix a
	overflow. These caused the SHA salt size to always be 8 bytes,
	instead of being in the 8-16 range. Thanks to Peter Vrabec
	pvrabec@redhat.com for noticing.
	* NEWS, libmisc/salt.c (SHA_salt_rounds): Seed the RNG with
	seedRNG instead of srand, and fix the same overflow. This caused
	the number of rounds to always be the smallest one.
2008-05-20 13:34:06 +00:00
nekral-guest
337a97ceab Document the sections closed by #endif 2008-05-19 20:56:48 +00:00
nekral-guest
3fed00196c Import Debian patch 487_passwd_chauthtok_failed_message
* libmisc/pam_pass.c: Be more verbose and indicate that the
	password was not changed when pam_chauthtok fails (in addition to
	the PAM error, which may not be comprehensible for the users).
2008-05-18 15:06:51 +00:00
nekral-guest
c7302b61ef Make sure every source files are distributed with a copyright and license.
Files with no license use the default 3-clauses BSD license. The copyright
were mostly not recorded; they were updated according to the Changelog.
"Julianne Frances Haugh and contributors" changed to "copyright holders
and contributors".
2008-04-27 00:40:09 +00:00
nekral-guest
8a8072a563 If the SULOG_FILE does not exist when an su session is logged, make sure
the file is created with group root, instead of using the group of the
caller.
2008-04-27 00:27:59 +00:00
nekral-guest
4196525702 Allow non-US-ASCII characters in the GECOS fields ("name", "room number",
and "other info" fields).
2008-04-27 00:24:49 +00:00
nekral-guest
2542732a0c Fix ident. 2008-04-16 22:03:43 +00:00
nekral-guest
7baffa5e74 Ensure that getpwent() is used in setpwent(), getpwent(),
endpwend() sequences (ditto for getgrent(), getspent(), and
getsgent()). The only real (minor) issue was in login, which kept
the passwd file open.
* libmisc/entry.c: Remove unneeded setspent() and endspent() (only
  getspnam is called in the middle).
* libmisc/find_new_ids.c: Make sure to close the password and
  group files with endpwent() and endgrent().
* libmisc/pwdcheck.c: Remove unneeded endspent() (only getspnam()
  is called before).
* src/lastlog.c, src/passwd.c, src/groupmod.c, src/faillog.c,
  src/groups.c: Make sure to close
  the password file with endpwent().
* src/login.c: Remove unneeded setpwent() (only xgetpwnam is
  called before).
* src/login.c, src/newgrp.c: Fix typos in comments.
2008-04-16 21:52:46 +00:00
nekral-guest
ca2636f08a Re-indent. 2008-02-19 21:02:24 +00:00
nekral-guest
18c914f086 Added new option -r, --system for system accounts in useradd, groupadd,
and newusers.
2008-02-19 21:01:38 +00:00
nekral-guest
65ed10d75c Do not seed the random number generator each time, and use the time in
microseconds to avoid having the same salt for different passwords
generated in the same second.  This permits to avoid using the same salt
for different passwords in newusers.
2008-02-03 17:23:58 +00:00
nekral-guest
aed929ae90 Add libmisc/find_new_ids.c to the sources of the libmisc library. 2008-02-03 16:57:21 +00:00
nekral-guest
e21f90fd68 Add new generic functions to find the next user or group ID available:
find_new_uid() and find_new_gid(). They work the same way as the functions
with the same name of useradd or groupadd, except that they check in the
local database to make sure an ID was not reserved in an uncommitted
change (this is needed to be used in newusers), they report a status
instead of calling exit(), and they can receive a preferred ID. They
should later support system IDs. This should be a little bit slower, but
not too much (if the database is not open the checks against the local
database will exit immediately, and if it is already open, all the checks
will be done regarding the data in memory).
2008-02-03 16:53:07 +00:00
nekral-guest
57f713e426 * libmisc/age.c, libmisc/yesno.c, src/lastlog.c, src/grpck.c,
src/chfn.c, src/passwd.c, src/chage.c, src/login.c, src/sulogin.c,
   src/chsh.c: Fix call to puts (remove end of line, or use fputs).
 * po/*.po: Unfuzzy PO files according to above change.
2008-02-03 16:28:03 +00:00
nekral-guest
ae99674e9b Fix build failures with --disable-shadowgrp. Thanks to Jürgen
Daubert for the patch.
* libmisc/salt.c: Include <stdio.h>, needed for stderr and printf
  functions.
* lib/encrypt.c: Include <stdio.h>, needed for perror, stderr and
  printf functions
* src/usermod.c: sgr_locked exists only if SHADOWGRP is defined.
* src/chgpasswd.c: Only check is the gshadow file exists if
  SHADOWGRP is defined.
2008-01-26 17:41:20 +00:00
nekral-guest
28a9441f4f Replace printf by puts for fixed strings. This would avoid issues caused
by formats introduced in translated strings.
2008-01-24 21:07:14 +00:00
nekral-guest
e663f6c0b4 * libmisc/salt.c: Add prototype for l64a(), gensalt(),
SHA_salt_size(), and SHA_salt_rounds().
* libmisc/salt.c: l64a() and gensalt() are static.
* libmisc/salt.c: The `meth' parameter of crypt_make_salt() is a
  const. (ditto for the method variable).
* libmisc/salt.c: SHA_salt_rounds returns a const string.
* libmisc/salt.c: Avoid warnings with cast of random() to double.
* libmisc/salt.c: Replace rand() by random().
2008-01-06 14:50:26 +00:00
nekral-guest
1520a0ae3e * libmisc/obscure.c: Tag the `old' parameter of palindrome(),
similar(), and simple() as unused.
* libmisc/loginprompt.c: Tag the `sig' parameter of login_exit()
  as unused.
* src/expiry.c: Tag the `sig' parameter of catch_signals() as
  unused.
* src/su.c: Tag the `sig' parameter of catch_signals() as unused.
* src/su.c: Add int parameter to the prototype of oldsig().
* src/login.c: Tag the `sig' parameter of alarm_handler() as
  unused.
* src/sulogin.c: Tag the `sig' parameter of catch_signals() as
  unused.
* libmisc/getdate.y: Tag the `string' parameter of yyerror() as
  unused.
* libmisc/getdate.y: The string provided to yyerror() is const.
* libmisc/getdate.y: Fix the prototypes of yylex() and yyerror().
2008-01-06 13:20:25 +00:00
nekral-guest
0e07f3e48d Remove the src parameter of copy_special().
The entry's information are taken from the stat structure.
2008-01-06 12:02:24 +00:00
nekral-guest
569a3b8e59 * libmisc/console.c, libmisc/ulimit.c, lib/sgetgrent.c,
lib/sgetpwent.c: Include "prototypes.h" to make
  sure the exported prototypes are the ones used for the definition
  of functions.
* lib/prototypes.h: Added prototypes for __gr_del_entry(),
  __gr_get_db(), __gr_get_head(), __gr_set_changed(), __gr_dup(),
  __pw_del_entry(), __pw_get_db(), __pw_get_head(), __pw_dup(),
  sgetgrent(), sgetpwent(), __sgr_del_entry(), __sgr_dup(),
  __sgr_get_head(), __sgr_set_changed(), __spw_get_head(),
  __spw_del_entry(), __spw_dup().
* lib/prototypes.h: Removed prototype for is_listed().
* lib/prototypes.h: Added name of the check_su_auth()'s parameters.
* lib/groupio.h: Removed prototypes for __gr_dup() and
  __gr_set_changed().
* lib/sgroupio.c: Removed prototypes for putsgent(), sgetsgent(),
  and __gr_get_db().
* lib/sgroupio.h: Removed prototypes for __sgr_dup() and
  __sgr_set_changed().
* lib/shadowio.c: Removed prototype for __pw_get_db().
* lib/pwio.c: Removed prototype for sgetpwent() and putpwent().
* lib/shadowio.h: Removed prototypes for __spw_dup() and
  __spw_set_changed().
* lib/pwio.h: Removed prototypes for __pw_dup() and
  __pw_set_changed().
* lib/commonio.h: Add protection against multiple inclusions.
* lib/prototypes.h: Include commonio.h (needed for the
  __xx_del_entry() functions).
2008-01-06 11:59:01 +00:00
nekral-guest
462be08456 * lib/prototypes.h: Add the dolastlog() prototype.
* lib/prototypes.h: Typo: login.c -> loginprompt.c
* src/login.c: Remove declaration of dolastlog().
* libmisc/log.c: dolastlog() should not have been changed to static.
  Include prototypes.h instead.
2008-01-05 16:44:28 +00:00
nekral-guest
db0dddc6e9 * libmisc/pwdcheck.c: Do not include <pwd.h>. Include <shadow.h>
and "pwauth.h" only when compiled without PAM support.
* src/chfn.c, src/chsh.c: Do not include <shadow.h>
* lib/commonio.c: Do not include <shadow.h>. Do not include
  <pwd.h>. Include "nscd.h" instead of <nscd.h>.
* configure.in: Do not check if shadow.h exist, but make sure it
  exists.
* libmisc/pwdcheck.c, src/chfn.c, src/chsh.c, lib/defines.h,
  lib/shadowmem.c, lib/shadowio.c, lib/commonio.c:
  HAVE_SHADOW_H is no more needed (shadow.h should always exist).
2008-01-05 16:33:43 +00:00
nekral-guest
5a4848c8cc do_pam_passwd should not have been defined static, prototypes.h needed
to be included instead.
2008-01-05 15:41:58 +00:00
nekral-guest
e94d2da45e Remove the declaration of getutent(), getutline(), setutent(), and
endutent() which are declared in <utmp.h>
2008-01-05 14:09:56 +00:00
nekral-guest
83b7153b40 Add missing include "shadowio.h". (This was OK as long as prototypes.h included this file.) 2008-01-05 13:40:49 +00:00
nekral-guest
53b075a760 * libmisc/pam_pass.c: Define do_pam_passwd() as static and add its prototype.
* libmisc/log.c: Define dolastlog() as static and add its prototype.
* src/chage.c: Define isnum() as static and add its prototype.
2008-01-05 13:37:32 +00:00
nekral-guest
b8ce324a66 Include config.h as a system include, as recommended by the autoconf documentation. 2008-01-05 13:32:32 +00:00
nekral-guest
99dc2b1abf Define is_listed() as static and add its prototype. 2008-01-05 13:29:24 +00:00
nekral-guest
96bca84ca4 Include "prototypes.h" to make sure the exported prototypes are
the ones used for the definition of functions.
2008-01-05 13:23:22 +00:00
nekral-guest
a3501dfd95 De-comment code (duplicate the entry when the _R function is not present on the system). 2008-01-01 14:48:04 +00:00
nekral-guest
b681e50ff2 * libmisc/copydir.c, src/usermod.c, lib/prototypes.h: The uid and
gid parameters can be set to -1 to indicate that the original
  owners must be kept. Change the types from uid_t/gid_t to a
  long int (signed).
* libmisc/copydir.c: Change the copy_entry(), copy_dir(),
  copy_symlink(), copy_special(), and copy_file() prototypes
  accordingly.
* lib/prototypes.h: Add the parameters' name for the
  libmisc/copydir.c functions.
2008-01-01 14:31:00 +00:00
nekral-guest
bb8af02978 Avoid empty file when WITH_AUDIT is not set. 2008-01-01 14:20:36 +00:00
nekral-guest
bca732693b * libmisc/limits.c, libmisc/obscure.c, src/login_nopam.c,
lib/pwauth.c: Avoid empty file when USE_PAM is set.
* src/login_nopam.c: Fix warnings: resolve_hostname takes and
  returns a constant string.
2008-01-01 14:18:55 +00:00
nekral-guest
b8650378c1 Document the new functions. 2007-12-28 00:35:41 +00:00
nekral-guest
9a9a9c0414 Other cleanups and documentation.
Do the checks, then build the filenames. Do not mix both.
2007-12-28 00:23:33 +00:00
nekral-guest
523392dc0b Stop at the first error. 2007-12-28 00:08:16 +00:00
nekral-guest
ed1dd1bb99 Avoid assignement in comparison. 2007-12-28 00:04:46 +00:00
nekral-guest
6987e6f12a Avoid implicit conversions to booleans. 2007-12-28 00:03:26 +00:00
nekral-guest
9c79c77de4 Avoid implicit casts. 2007-12-27 23:41:36 +00:00
nekral-guest
7f5a4e15c6 Avoid implicit brackets. 2007-12-27 23:40:00 +00:00
nekral-guest
6bc43fea06 Document selinux_file_context. 2007-12-27 23:32:47 +00:00
nekral-guest
cc4b37f65c Avoid assignment in comparisons. 2007-12-27 23:30:36 +00:00
nekral-guest
dfb6416a5b libmisc/copydir.c cleanup
* libmisc/copydir.c: Split copy_tree() in more maintainable functions:
	copy_entry(), copy_dir(), copy_symlink(), copy_hardlink(),
	copy_special(), and copy_file().
	* libmisc/copydir.c: -1 is used to indicate an error, directly set err
	to -1, instead of incrementing it, and checking if not nul at the
	end.
2007-12-27 23:23:51 +00:00
nekral-guest
5cbc86b7d9 Merge Debian's patch 451_login_PATH
* NEWS, libmisc/setupenv.c: Export PATH according to ENV_PATH and
	ENV_SUPATH, as for su. This impacts login.
	* man/login.1.xml: PATH and SUPATH are now used both when PAM support
	is disabled and enabled.
2007-12-26 23:15:43 +00:00
nekral-guest
fd970ab62c Merge Debian's patch 466_fflush-prompt
* libmisc/Makefile.am, lib/prototypes.h, libmisc/yesno.c, src/grpck.c,
	src/pwck.c: move yes_or_no() from grpck/pwck to a separate
	libmisc/yesno.c (with a read_only argument).
	* libmisc/fields.c, libmisc/yesno.c: Make sure stdout is flushed before
	reading the user's answer.
2007-12-26 16:50:38 +00:00
nekral-guest
65d0682647 Merge RedHat's patch shadow-4.0.18.1-mtime.patch:
* NEWS: Document that usermod will now preserve user's file modification
    and access time.
    * libmisc/copydir.c: Preserve the access and modification time of copied
    files. This is important for usermod. This will also impact useradd, for
    the skeleton files, but this is not important.
    * libmisc/copydir.c: Stop and return an error if a file could not be
    closed after during a copy.
2007-12-26 13:54:23 +00:00
nekral-guest
462794685f Fix time () prototype. 2007-12-08 23:25:52 +00:00
nekral-guest
4d606cc690 * configure.in: New configure option: --with-sha-crypt enabled by
default. Keeping the feature enabled is safe. Disabling it permits
  to disable the references to the SHA256 and SHA512 password
  encryption algorithms from the usage help and manuals (in addition
  to the support for these algorithms in the code).
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
  src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is
  always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT
  preprocessor condition.
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
  src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and
  SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a
  subset of the ENCRYPTMETHOD_SELECT sections).
2007-11-24 13:08:08 +00:00
nekral-guest
e1e619074c Re-indent. 2007-11-24 00:00:12 +00:00
nekral-guest
a99bec34a9 Make sure method is not NULL, defaulting to DES. Thanks to Dan Kopecek <dkopecek@redhat.com>. 2007-11-23 23:57:47 +00:00
nekral-guest
963bfaf521 * Move the srandom call to gensalt.
* Replace the test on salt_size by an assert.
2007-11-23 21:04:43 +00:00
nekral-guest
43b10b311a Applied patch shadow-utils-4.0.18.2-salt.patch. Thanks to Dan Kopecek <dkopecek@redhat.com> 2007-11-23 20:51:43 +00:00
nekral-guest
add1c18b2e * src/chpasswd.c: Added crypt method: NONE.
* src/chpasswd.c: Added --sha-rounds to the usage().
* libmisc/Makefile.am, libmisc/getlong.c, src/chgpasswd.c,
  src/chpasswd.c: New getlong function. Replace chpasswd's and
  chgpasswd's getnumber.
2007-11-23 20:09:57 +00:00
nekral-guest
9aa40bb96d * libmisc/obscure.c, libmisc/salt.c, src/passwd.c: Match DES, MD5,
SHA256, and SHA512 exactly (not only the first 3/6 chars).
* libmisc/salt.c (SHA_salt_rounds): Set rounds to the specified
  prefered_rounds value, if specified.
* src/gpasswd.c, libmisc/salt.c: Fix compilation warnings (use
  size_t for lengths).
* src/chpasswd.c, src/chgpasswd.c: Add missing parenthesis.
2007-11-20 20:00:16 +00:00
nekral-guest
0b695f5a76 * lib/prototypes.h, libmisc/salt.c: Add parameters to
crypt_make_salt to force the crypt method and number of rounds.
* libmisc/salt.c: Add parameter to SHA_salt_rounds to force the
  number of rounds.
* libmisc/salt.c, lib/getdef.c: ENCRYPT_METHOD and MD5_CRYPT_ENAB
  are needed also when USE_PAM (e.g. for chpasswd).
* src/newusers.c, src/gpasswd.c: Use the new crypt_make_salt prototype.
* src/chpasswd.c, src/chgpasswd.c: Add option -c, --crypt-method
  and -s, --sha-rounds to specify the crypt method and number of
  rounds in case of one of the SHA methods. The new prototype of
  crypt_make_salt simplifies the handling of -m, --md5.
2007-11-20 09:33:52 +00:00
nekral-guest
eb23bbfd98 Hopefully, I review my commits in the morning... 2007-11-20 09:20:34 +00:00
nekral-guest
e406b7fe4a * libmisc/salt.c: The salt has a random size (between 8 and 16
bytes).
* lib/getdef.c, etc/login.defs: Add definitions for
  SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS.
* libmisc/salt.c: Use SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS
  to add a random number of rounds if needed.
2007-11-20 00:05:54 +00:00
nekral-guest
c214b26ee6 * libmisc/salt.c (MAGNUM): Terminate the array with nul (the array
is then used with strcat).
* libmisc/salt.c (crypt_make_salt): Initialize result[0] to nul at
  the beginning (was not initialized when USE_PAM).
* libmisc/salt.c (crypt_make_salt): Check that ENCRYPT_METHOD is a
  valid crypt method.
2007-11-19 22:34:48 +00:00
nekral-guest
65f536165d Fix typo introduced while merging RedHat patch shadow-4.0.18.1-sha256.patch. 2007-11-19 22:16:50 +00:00
nekral-guest
b8d8d0de00 Add support for SHA256 and SHA512 encrypt methods. Apply RedHat's patch
shadow-4.0.18.1-sha256.patch. Thanks to Peter Vrabec. Hardly no changes
except re-indent and changes related to recent modifications (max_salt_len
in crypt_make_salt). Changes in lib/defines.h not applied (definition of
ENCRYPTMETHOD_SELECT). I will add a configure check or flag.
2007-11-19 22:14:19 +00:00
nekral-guest
39e5c0a1ab Fix some compilation warnings:
* src/login.c: "dereferencing type-punned pointer will break
   strict-aliasing rules", add a variable indirection: ptr_pam_user.
 * lib/commonio.c: do not initialize the sb stat structure.
 * lib/pwio.c, lib/shadowio.c, lib/sgroupio.c, lib/groupio.c:
   initialize the security context if WITH_SELINUX.
 * lib/nscd.c: The service argument is not const (used in the exec*
   parameters). This matches with the prototype definition.
 * src/groupmems.c: Avoid ++i when i is also used in the same line.
 * src/newusers.c: i is positive every time it is compared. Add
   cast to unsigned int.
 * src/nologin.c: Use a main() prototype with no arguments.
 * libmisc/getdate.y: Initialize the type and value fields of the
   terminating entry for each TABLE.
 * libmisc/tz.c: Use "TZ=CST6CDT" as the default timezone.
2007-11-19 20:25:36 +00:00
nekral-guest
9adfc136b6 * lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
  libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
  Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
  xgetgrgid(), and xgetspnam(). They allocate memory for the
  returned structure and are more robust to successive calls. They
  are implemented with the libc's getxxyyy_r() functions if
  available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
  libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
  libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
  src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
  src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
  src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
  src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
  src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
  src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
  usage of one of the getpwnam(), getpwuid(), getgrnam(),
  getgrgid(), and getspnam() functions. It was noticed on
  http://bugs.debian.org/341230 that chfn and chsh use a passwd
  structure after calling a pam function, which result in using
  information from the passwd structure requested by pam, not the
  original one. It is much easier to use the new xget... functions
  to avoid these issues. I've checked which call to the original
  get... functions could be left (reducing the scope of the
  structure if possible), and I've left comments to ease future
  reviews (e.g. /* local, no need for xgetpwnam */).
  Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
  lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
  functions (used by the xget... functions) from the <xx>io.c files
  to the new <xx>mem.c files. This avoid linking some utils against
  the SELinux library.
2007-11-18 23:15:26 +00:00
nekral-guest
ce579ac6d2 Fix typo: EXTRA_DOST -> EXTRA_DIST. 2007-11-18 01:21:43 +00:00
nekral-guest
449f17385a * libmisc/salt.c: Make sure the salt string is terminated at the
right place (either 8th, or 11th position).
 * NEWS, src/chgpasswd.c, src/chpasswd.c: The protocol + salt does
   not need 15 chars. No need for a temporary buffer.
   This change the fix committed on 2007-11-10. The salt provided to
   pw_encrypt could have been too long.
2007-11-16 19:02:00 +00:00
nekral-guest
f55e00dc4e Add support for uClibc with no l64a(). 2007-11-16 12:36:21 +00:00
nekral-guest
b2120265fd Added the subversion svn:keywords property (Id) for proper identification. 2007-11-10 23:46:11 +00:00
nekral-guest
16285e6768 Add support for 2 new resource limits. Thanks to Justin Bronder for the
patch. This was reported in the Debian bug #442334.
This only impact shadow when it is not compiled with PAM support.
2007-10-27 19:45:21 +00:00
nekral-guest
79bf2081fe Commit the last version from the PLD CVS repository.
(last changelog entry: 2007-02-01)
This also adds the files which were present in the CVS repository, but not
present in the shadow archives.
2007-10-07 14:36:51 +00:00
nekral-guest
0d93a36930 Remove generated files present in the shadow archives but not in the CVS
repository.
2007-10-07 13:59:23 +00:00
nekral-guest
5e20c4359f [svn-upgrade] Integrating new upstream version, shadow (4.0.18) 2007-10-07 11:47:57 +00:00
nekral-guest
8a78a8d68c [svn-upgrade] Integrating new upstream version, shadow (4.0.17) 2007-10-07 11:47:45 +00:00
nekral-guest
0fa9083026 [svn-upgrade] Integrating new upstream version, shadow (4.0.16) 2007-10-07 11:47:33 +00:00
nekral-guest
591830e43b [svn-upgrade] Integrating new upstream version, shadow (4.0.15) 2007-10-07 11:47:22 +00:00
nekral-guest
24178ad677 [svn-upgrade] Integrating new upstream version, shadow (4.0.14) 2007-10-07 11:47:11 +00:00
nekral-guest
8451bed8b0 [svn-upgrade] Integrating new upstream version, shadow (4.0.13) 2007-10-07 11:47:01 +00:00
nekral-guest
e89f3546f2 [svn-upgrade] Integrating new upstream version, shadow (4.0.12) 2007-10-07 11:46:52 +00:00
nekral-guest
1de90a599c [svn-upgrade] Integrating new upstream version, shadow (4.0.11.1) 2007-10-07 11:46:43 +00:00
nekral-guest
b48129fcbb [svn-upgrade] Integrating new upstream version, shadow (4.0.11) 2007-10-07 11:46:34 +00:00
nekral-guest
8c50e06102 [svn-upgrade] Integrating new upstream version, shadow (4.0.10) 2007-10-07 11:46:25 +00:00
nekral-guest
7c47e0fde3 [svn-upgrade] Integrating new upstream version, shadow (4.0.9) 2007-10-07 11:46:16 +00:00
nekral-guest
8e167d28af [svn-upgrade] Integrating new upstream version, shadow (4.0.8) 2007-10-07 11:46:07 +00:00
nekral-guest
0ee095abd8 [svn-upgrade] Integrating new upstream version, shadow (4.0.7) 2007-10-07 11:45:58 +00:00
nekral-guest
164b557066 [svn-upgrade] Integrating new upstream version, shadow (4.0.6) 2007-10-07 11:45:49 +00:00
nekral-guest
b0e078d9c8 [svn-upgrade] Integrating new upstream version, shadow (4.0.5) 2007-10-07 11:45:40 +00:00
nekral-guest
effd479bff [svn-upgrade] Integrating new upstream version, shadow (4.0.4) 2007-10-07 11:45:23 +00:00
nekral-guest
4903ce068e [svn-upgrade] Integrating new upstream version, shadow (4.0.3) 2007-10-07 11:45:14 +00:00
nekral-guest
37dc61340b [svn-upgrade] Integrating new upstream version, shadow (4.0.2) 2007-10-07 11:45:07 +00:00
nekral-guest
9db6abfa42 [svn-upgrade] Integrating new upstream version, shadow (4.0.1) 2007-10-07 11:44:59 +00:00
nekral-guest
3bc4996775 [svn-upgrade] Integrating new upstream version, shadow (4.0.0) 2007-10-07 11:44:51 +00:00
nekral-guest
8fee8c57ae [svn-upgrade] Integrating new upstream version, shadow (20001016) 2007-10-07 11:44:44 +00:00
nekral-guest
4e3fe42600 [svn-upgrade] Integrating new upstream version, shadow (20001012) 2007-10-07 11:44:38 +00:00
nekral-guest
efd7efa9f1 [svn-upgrade] Integrating new upstream version, shadow (20000826) 2007-10-07 11:44:14 +00:00
nekral-guest
446e664caa [svn-upgrade] Integrating new upstream version, shadow (19990827) 2007-10-07 11:44:08 +00:00
nekral-guest
45c6603cc8 [svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 11:44:02 +00:00