Commit 95b464f841 ("configure.ac: add --with-systemdunitdir option")
aka v1.5.2~51 introduced a regression: if --with-systemdunitdir is not
specified, then the pam_namespace service file is no longer installed.
Fixes: 95b464f841 ("configure.ac: add --with-systemdunitdir option")
This way it is visibly different from the configure variable SCONFIGDIR,
which is helpful, because their values are slightly different:
the macro is quoted while the configure variable is not quoted,
and this difference may cause problems with other build systems.
Introduce a new internal header file that is going to be used for
i18n definitions instead of providing those definitions via config.h.
providing convenient assertion testing functionality.
* libpam/include/pam_i18n.h: New file.
* libpam/Makefile.am (noinst_HEADERS): Add include/pam_i18n.h.
The includedir variable in pkgconfig files used to erroneously contain
"security" subsirectory, e.g. /usr/include/security, which led to Cflags
tag containing wrong -I compiler option, e.g. -I/usr/include/security.
Fixes: b4f0e2e1f7 ("Add pkgconfig files for provided libraries")
These macros provide fallback definitions for uid_t, gid_t, off_t,
pid_t, and size_t types which are defined in standard headers anyway.
* configure.ac (AC_TYPE_UID_T, AC_TYPE_OFF_T, AC_TYPE_PID_T,
AC_TYPE_SIZE_T): Remove.
According to the GNU Automake manual, this macro is obsolescent,
and its explicit use should no longer be required.
* configure.ac (AM_PROG_CC_C_O): Remove.
Given that SET_MAKE defined by AC_PROG_MAKE_SET has never been
used directly, and AM_INIT_AUTOMAKE that needs this also calls
AC_PROG_MAKE_SET itself, there is no point in using this macro.
* configure.ac (AC_PROG_MAKE_SET): Remove.
According to the GNU Autoconf manual, this macro is obsolescent,
since current versions of the GNU C compiler fix the header files
automatically when installed.
* configure.ac (AC_PROG_GCC_TRADITIONAL): Remove.
Given that GETGROUPS_T defined by AC_TYPE_GETGROUPS has never been
checked, there is no point in using this macro.
* configure.ac (AC_TYPE_GETGROUPS): Remove.
Given that TM_IN_SYS_TIME that might be defined by AC_STRUCT_TM
has never been checked, there is no point in using this obsolescent
macro.
* configure.ac (AC_STRUCT_TM): Remove.
Given that utmp.h is included unconditionally in other modules,
and neither utmpx.h nor lastlog.h is used nowadays, remove obsolete
checks.
* configure.ac (AC_CHECK_HEADERS): Remove lastlog.h, utmp.h, and utmpx.h.
* modules/pam_lastlog/pam_lastlog.c: Include <utmp.h> unconditionally.
Use the canonical terminal mode (line mode) and set ECHOCTL to prevent
cursor escape from the login prompt using arrows or escape sequences.
ICANON is the default in most cases anyway. ECHOCTL is default on tty, but
for example not on pty, allowing cursor to escape.
Stanislav Brabec <sbrabec@suse.com>
Since audit_log_acct_message() was decorated with warn_unused_result
attribute, compilation of faillock helper produces the following
diagnostics:
main.c: In function 'do_user':
main.c:250:25: warning: ignoring return value of 'audit_log_acct_message' declared with attribute 'warn_unused_result' [-Wunused-result]
Given that this helper has never been picky about audit, e.g.
audit_open() errors do not affect its exit status, just silence this
new warning.
* modules/pam_faillock/main.c [HAVE_LIBAUDIT] (do_user): Silence
compilation warning.
* modules/pam_namespace/pam_namespace.c [WITH_SELINUX] (form_context):
Free SELinux context before returning.
```
Error: RESOURCE_LEAK (CWE-772):
Linux-PAM-1.6.0/modules/pam_namespace/pam_namespace.c:928: alloc_arg: "getexeccon" allocates memory that is stored into "scon".
Linux-PAM-1.6.0/modules/pam_namespace/pam_namespace.c:1004: leaked_storage: Variable "scon" going out of scope leaks the storage it points to.
1002| }
1003| /* Should never get here */
1004|-> return PAM_SUCCESS;
1005| }
1006| #endif
```
Resolves: https://issues.redhat.com/browse/RHEL-36475
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
* modules/pam_timestamp/pam_timestamp.c (pam_sm_authenticate)
[WITH_OPENSSL]: Close the timestamp file if hmac_size returned
an error.
```
Error: RESOURCE_LEAK (CWE-772):
Linux-PAM-1.6.0/modules/pam_timestamp/pam_timestamp.c:450: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.]
Linux-PAM-1.6.0/modules/pam_timestamp/pam_timestamp.c:450: var_assign: Assigning: "fd" = handle returned from "open(path, 131072)".
Linux-PAM-1.6.0/modules/pam_timestamp/pam_timestamp.c:460: noescape: Resource "fd" is not freed or pointed-to in "fstat".
Linux-PAM-1.6.0/modules/pam_timestamp/pam_timestamp.c:484: leaked_handle: Handle variable "fd" going out of scope leaks the handle.
482| #ifdef WITH_OPENSSL
483| if (hmac_size(pamh, debug, &maclen)) {
484|-> return PAM_AUTH_ERR;
485| }
486| #else
```
Resolves: https://issues.redhat.com/browse/RHEL-36475
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
* modules/pam_faillock/pam_faillock.c (check_tally): Close the audit
socket when it will no longer be used.
```
Error: RESOURCE_LEAK (CWE-772):
Linux-PAM-1.6.0/modules/pam_faillock/pam_faillock.c:247: open_fn: Returning handle opened by "audit_open".
Linux-PAM-1.6.0/modules/pam_faillock/pam_faillock.c:247: var_assign: Assigning: "audit_fd" = handle returned from "audit_open()".
Linux-PAM-1.6.0/modules/pam_faillock/pam_faillock.c:256: noescape: Resource "audit_fd" is not freed or pointed-to in "audit_log_user_message".
Linux-PAM-1.6.0/modules/pam_faillock/pam_faillock.c:258: leaked_handle: Handle variable "audit_fd" going out of scope leaks the handle.
256| audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf,
257| rhost, NULL, tty, 1);
258|-> }
259| #endif
260| opts->flags |= FAILLOCK_FLAG_UNLOCKED;
```
Resolves: https://issues.redhat.com/browse/RHEL-36475
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
* modules/pam_env/pam_env.c [USE_ECONF] (econf_read_file): Make sure
the returned array of strings is properly initialized
when econf_getStringValue() fails to return a value.
Since 2011, ChangeLog file is generated from git log history.
ChangeLog-CVS is a historic changelog file that was maintained before
the project was migrated from cvs to git.
CHANGELOG is another historic changelog file that was replaced by
ChangeLog in 2005.
modules/pam_unix/CHANGELOG is the oldest of historic changelog files,
it is not maintained since 1999.
All these historic changelog files are no longer relevant, so they are
no longer included into release tarballs.
libpam/pam_modutil_check_user.c: explicitly convert the character
read from /etc/passwd to type "char" to get the same signedness
as the one compared with. Otherwise the functionality will depend
on the (implementation defined) signedness of "char" on the
platform built for.
Dag-Erling Smørgrav's name was encoded using some encoding other than
UTF-8 (that line predates the UTF-8 consensus). This changes it to use
UTF-8, so that it renders properly and so that editors that guess the
file is UTF-8 do not get confused about it.
Add a helper function to compare two strings for equality, that performs
the same amount of operations based on the first argument, regardless of
the length of the second argument, or the position of the first
difference.
This can be used as defense-in-depth mitigation against timing attacks
of password comparisons.
