12018-01-02 Sergey Poznyakoff <gray@gnu.org> 2 3 Version 2.2 4 52018-01-01 Sergey Poznyakoff <gray@gnu.org> 6 7 Happy GNU Year 8 92017-12-22 Sergey Poznyakoff <gray@gnu.org.ua> 10 11 pam_fshadow: allow the user to use arbitrary group numbers for username and domain parts. 12 13 New options username-index and domain-index are used to indicate 14 indices of the parenthesized groups used to extract the user and 15 the domain name. The default corresponds to 'user-index=1 domain-index=1'. 16 17 Additionally, change the behavior in case if the user name doesn't 18 match the regexp. Previous versions would fall back to plain authentication 19 in this case. New behavior is to reject access. 20 21 * pam_fshadow/pam_fshadow.c (pam_opt): New options 22 username-index and domain-index. 23 (pam_sm_authenticate): Move username splitting into a separate 24 function. 25 * doc/pam_fshadow.8in: Document the new options. 26 272015-08-04 Sergey Poznyakoff <gray@gnu.org.ua> 28 29 Version 2.1 30 312015-04-23 Sergey Poznyakoff <gray@gnu.org.ua> 32 33 minor change 34 35 Fix doc generation. 36 37 Default Config file applied to all output formats, which is wrong. 38 Use a dedicated configuration file for html output formats, and 39 defaults for the rest. 40 41 * doc/Makefile.am (GENDOCS): Add html-specific configuration file. 42 * doc/Config: Rename to doc/html.init (with changes). 43 442015-03-01 Sergey Poznyakoff <gray@gnu.org> 45 46 Switch to Texinfo 5.0 47 48 * doc/Config: Rewrite. 49 * doc/Makefile.am: Use Makeinfo 5 instead of texi2htm 50 * doc/gendocs_template: Ps is not built 51 * imprimatur: Upgrade. 52 532015-02-26 Sergey Poznyakoff <gray@gnu.org.ua> 54 55 Version 2.0 56 57 * NEWS: Update version number 58 * configure.ac: Likewise. 59 * doc/pam-modules.texi: Fix a typo. 60 * doc/pam_ldaphome.8in: Likewise. 61 * pamck/pamck.c: Update copyright years. 62 63 * pam_fshadow/pam_fshadow.c: Suppress cc warnings. 64 * pam_groupmember/pam_groupmember.c: Likewise. 65 * pam_ldaphome/pam_ldaphome.c: Likewise. 66 * pam_log/pam_log.c: Likewise. 67 * pam_regex/pam_regex.c: Likewise. 68 692015-01-30 Sergey Poznyakoff <gray@gnu.org.ua> 70 71 Document user-keys-boundary 72 732015-01-28 Sergey Poznyakoff <gray@gnu.org.ua> 74 75 Update copyright dates. 76 77 pam_ldaphome: run initrc command as user. 78 79 * examples/usergitconfig: Documentation formatting change. 80 * lib/graypam.h (gray_2nrealloc): New function. 81 * lib/mem.c (gray_2nrealloc): New function. 82 * pam_fshadow/pam_fshadow.c (fgetpwent): Skip malformed entries. 83 * pam_ldaphome/pam_ldaphome.c (runas): New finction. 84 (run_prog): Switch to user privileges unless initrc-root is true. 85 86 * NEWS: Update. 87 * doc/pam-modules.texi: Update. 88 * doc/pam_ldaphome.8in: Update. 89 902014-12-05 Sergey Poznyakoff <gray@gnu.org> 91 92 Build pam_fshadow even if fgetpwent is not defined. 93 94 * configure.ac: Only check if fgetpwent is defined, 95 don't disable the module if it is not. 96 * pam_fshadow/pam_fshadow.c [!HAVE_FGETPWENT] (fgetpwent): Provide a 97 replacement. 98 992014-12-04 Sergey Poznyakoff <gray@gnu.org.ua> 100 101 Implement audit option 102 103 Audit is equivalent to debug=100, i.e. it enables logging 104 maximum debugging output. 105 1062014-09-16 Sergey Poznyakoff <gray@gnu.org.ua> 107 108 pam_ldaphome: Make user-specific key boundary configurable. 109 110 * pam_ldaphome/pam_ldaphome.c (store_pubkeys): Use the value of the 111 user-keys-boundary option as the boundary of user-specific key section. 112 1132014-09-12 Sergey Poznyakoff <gray@gnu.org.ua> 114 115 Provide a way to keep user-defined pubkeys in file. 116 117 A user can add his public keys to the authorized_keys file without disturbing 118 the key synchronization from the LDAP database. The #:end comment in the file 119 marks the end of area synchronized with LDAP. Everything below this comment 120 is preserved intact. 121 122 * pam_ldaphome/pam_ldaphome.c (pubkeyfile): New struct. 123 (pubkeyfile_open,pubkeyfile_read,pubkeyfile_init) 124 (pubkeyfile_write,pubkeyfile_remove_lines) 125 (pubkeyfile_alloc_lines,pubkeyfile_insert_lines) 126 (pubkeyfile_close): New functions. 127 (store_pubkeys): Use pubkeyfile functions to operate on 128 the authorized_keys file. 129 1302014-09-11 Sergey Poznyakoff <gray@gnu.org> 131 132 Bugfixes 133 134 * pam_ldaphome/pam_ldaphome.c (check_groups): Take into account primary 135 group. 136 * doc/pam_regex.8: Fix escaping. 137 1382014-07-26 Sergey Poznyakoff <gray@gnu.org.ua> 139 140 Improve docstrings in examples. 141 1422014-07-25 Sergey Poznyakoff <gray@gnu.org.ua> 143 144 Implement TLS in perl utilities. 145 146 Raise version number to 1.9.90 147 148 pam_ldaphome: read /etc/ldap.conf file. 149 150 * lib/env.c (gray_env_read_tr): New function. 151 (gray_env_read): Rewrite using gray_env_read_tr. 152 (gray_env_merge): New function. 153 * lib/escape.c (gray_escape_string): Remove useless typecasts. 154 * lib/graypam.h (gray_env_read_tr) 155 (gray_env_merge): New protos. 156 * pam_ldaphome/pam_ldaphome.c (ldap_config_name): New variable. 157 (ldap_connect): Use 'ssl' keyword, if 'tls' is not defined. 158 (ldaphome_main): New keyword ldap-config 159 160 * doc/pam-modules.texi: Document reading system-wide ldap.conf 161 * doc/pam_ldaphome.8in: Likewise. 162 1632014-07-24 Sergey Poznyakoff <gray@gnu.org.ua> 164 165 pam_ldaphome: provide an option to specify CA certificate file for TLS 166 167 * pam_ldaphome/pam_ldaphome.c (ldap_connect): New option tls-cacert 168 * doc/pam-modules.texi: Document tls-cacert 169 * doc/pam_ldaphome.8in: Likewise. 170 1712014-05-21 Sergey Poznyakoff <gray@gnu.org> 172 173 Version 1.9 174 175 * NEWS: Update version number. 176 * configure.ac: Likewise. 177 * doc/pam_ldaphome.8in: Reorder configuration statements. 178 * pamck/pamck.c: Update copyright years. 179 1802014-05-21 Sergey Poznyakoff <gray@gnu.org.ua> 181 182 Fix docs. 183 184 * doc/Makefile.am (check-ldaphome-config): Take into account 185 gray_env_get_bool (see 7636fa3e). 186 * doc/pam-modules.texi: Update; final check. 187 * NEWS: Update. 188 189 Remove deprecated use of INCLUDES from Makefiles. 190 191 * Make.rules: Use AM_CPPFLAGS instead of INCLUDES. 192 * Makefile.am (SUBDIRS): Add examples. 193 (dist-hook): Remove. 194 * configure.ac: Build examples/Makefile. 195 * examples/Makefile.am: New file. 196 * pam_fshadow/Makefile.am: Include Make.rules on top. 197 Use += to set AM_CPPFLAGS 198 * pam_groupmember/Makefile.am: Likewise. 199 * pam_ldaphome/Makefile.am: Likewise. 200 * pam_log/Makefile.am: Likewise. 201 * pam_regex/Makefile.am: Likewise. 202 * pam_sql/Makefile.am: Likewise. 203 * pam_umotd/Makefile.am: Likewise. 204 205 Document the use of ldappubkey 206 2072014-05-20 Sergey Poznyakoff <gray@gnu.org.ua> 208 209 pam_ldaphome: don't run initrc program if the home dir already exists. 210 211 * pam_ldaphome/pam_ldaphome.c (create_exists): New return code. 212 (create_home_dir): Return create_exists if the directory already 213 exists. 214 (ldaphome_main): Run initrc only after creating the home dir. 215 216 Version 1.8.93 217 2182014-05-19 Sergey Poznyakoff <gray@gnu.org.ua> 219 220 New utility "ldappubkey". 221 222 * NEWS: Document new features. 223 * doc/pam-modules.texi: Document usergitconfig. 224 * doc/pam_ldaphome.8in: Update. 225 * examples/ldappubkey: New file. 226 * examples/usergitconfig: Refer to perldoc on error. 227 * lib/env.c (gray_env_get_bool): New function. 228 * lib/graypam.h (gray_env_get_bool): New proto. 229 * pam_ldaphome/pam_ldaphome.c (import_public_key): Do nothing if 230 "import-public-keys" is set to "no". 231 (pam_sm_authenticate): New function. 232 2332014-05-11 Sergey Poznyakoff <gray@gnu.org.ua> 234 235 Allow to modify environment of initrc-command 236 237 * pam_ldaphome/pam_ldaphome.c (find_env,locate_unset) 238 (env_concat,parsenv,env_setup): New statics. 239 (run_prog): Use execve and env_setup to set up the 240 environment. 241 242 * doc/pam-modules.texi: Document new statements. 243 * doc/pam_ldaphome.8in: Likewise. 244 245 Minor fix 246 247 * examples/usergitconfig: Use bindpw attribute. 248 2492014-05-10 Sergey Poznyakoff <gray@gnu.org.ua> 250 251 pam_ldaphome: optionally run external program after populating home directory. 252 253 This allows for dynamic modifications of the initial directory contents, 254 depending on the login name of the user. The name of the external program 255 is given with the initrc-command configuration statement. It is invoked 256 with the single argument, specifying the login name. The standard input 257 is closed, standard output is diverted to standard error. Standard error 258 can be diverted to a file using the initrc-log statement. 259 260 * Makefile.am (EXTRA_DIST): Add examples. 261 * examples/usergitconfig: New file. 262 * pam_ldaphome/pam_ldaphome.c (run_prog, run_initrc): New statics. 263 (pam_sm_authenticate): Call run_initrc prior to calling 264 import_public_key. 265 2662014-05-06 Sergey Poznyakoff <gray@gnu.org.ua> 267 268 New module: pam_groupmember 269 270 * Makefile.am: Add pam_groupmember. 271 * configure.ac: Likewise. 272 * NEWS: Update. 273 274 * pam_groupmember/Makefile.am: New file. 275 * pam_groupmember/pam_groupmember.c: New file, 276 277 * doc/Makefile.am: Add pam_groupmember.8 278 * doc/pam-modules.texi: Document pam_groupmember 279 * doc/pam_groupmember.8: New file. 280 281 * lib/graypam.h (gray_calloc, gray_strdup): New protos. 282 * lib/mem.c (gray_calloc, gray_strdup): New functions. 283 2842014-04-04 Sergey Poznyakoff <gray@gnu.org.ua> 285 286 Escape dashes in pam_ldaphome.8in 287 288 Add pam_ldaphome(8) manpage. 289 2902014-04-02 Sergey Poznyakoff <gray@gnu.org.ua> 291 292 Fix pam-modules.texi 293 294 Add manpages; remove invariant sections from pam-modules.texi 295 2962014-03-28 Sergey Poznyakoff <gray@gnu.org.ua> 297 298 Fix docs, raise version number to get in synch with the ftp. 299 300 Bugfix. 301 302 * lib/transform.c (gray_free_transform_expr): Fix the loop. 303 3042014-02-11 Sergey Poznyakoff <gray@gnu.org.ua> 305 306 Update copyright years, set version 1.7.92 307 308 pam_ldaphome: control where home directories can be created 309 310 * pam_ldaphome/pam_ldaphome.c (create_interdir): Fail if unable to chown, 311 (store_pubkeys): Log error if fchown or ftruncate fails. 312 (dir_in_path): New static function. 313 (create_home_dir): Return enum create_status. 314 If allow-home-dir statement is present, create directory only if 315 it is located in one of the directories listed in it, otherwise 316 return create_skip. 317 (pam_sm_authenticate): Import keys only if home dir exists. 318 * doc/pam-modules.texi: Document allow-home-dir. 319 3202013-04-16 Sergey Poznyakoff <gray@gnu.org.ua> 321 322 Bugfixes. 323 324 * configure.ac: Do not call PM_ENABLE within a conditional. 325 * pam_ldaphome/pam_ldaphome.c (import_public_key): Exit 326 gracefully if keys == NULL. 327 3282012-12-08 Sergey Poznyakoff <gray@gnu.org.ua> 329 330 Make pam_fshadow reentrant. 331 332 * pam_fshadow/pam_fshadow.c (_pam_parse): Initialize global 333 variables, in case pam_fshadow is called twice in the same 334 stack. Do not register rexp in pam data, this hurts 335 reentrability. 336 (pam_sm_authenticate): Free rexp. 337 3382012-08-01 Sergey Poznyakoff <gray@gnu.org.ua> 339 340 Improve pam_ldaphome 341 342 New keywords: bindpwfile and keyfile-mode. 343 344 * doc/pam-modules.texi: Document bindpwfile and keyfile-mode. 345 * pam_ldaphome/pam_ldaphome.c (ldap_bind): Read password from 346 file, if bindpwfile is given. 347 (store_pubkeys): Optionally enforce file mode, given by the 348 keyfile-mode configuration statement. 349 * pamck/pamck.c (main): Fix a typo. 350 3512012-07-30 Sergey Poznyakoff <gray@gnu.org.ua> 352 353 Merge branch 'master' of ssh://git.gnu.org.ua/gitroot/pam-modules 354 3552012-07-15 Sergey Poznyakoff <gray@gnu.org.ua> 356 357 Upgrade imprimatur. 358 3592012-07-05 Sergey Poznyakoff <gray@gnu.org.ua> 360 361 Version 1.7.91 362 363 Document pam_umotd. 364 365 pam_umotd: control the LA value. 366 367 * pam_umotd/pam_umotd.c: New option max-la. 368 (pam_sm_open_session): Return PAM_IGNORE if the 5 minute LA 369 is greater than the max-la value. 370 3712012-07-04 Sergey Poznyakoff <gray@gnu.org.ua> 372 373 Fix the congfigure script. 374 375 * acinclude.m4 (PM_ENABLE): Revamp. Change meaning of the second argument. 376 * configure.ac: Reflect the above change. 377 * pam_umotd/pam_umotd.c: Remove unused includes. 378 379 Bugfixes. 380 381 * acinclude.m4 (PM_ENABLE): Don't test $build_$1 variable 382 before its initialization. 383 * pam_umotd/pam_umotd.c: Remove unnecessary includes. 384 (exec_file): Argv is not const. 385 (pam_sm_open_session): PAM does not guarantee that 386 argv[] is null-terminated. Create a null-terminated copy 387 for use by exec_file. 388 389 Bugfixes. 390 391 * pam_umotd/pam_umotd.c (logfile_name): Static. 392 (max_output_size): New variable. 393 (pam_opt): New option max-size. 394 (read_fd): Limit output size. 395 (exec_file): Likewise. 396 397 Update copyright years. 398 399 Add pam_umotd module. 400 401 * Makefile.am [PAM_COND_UMOTD] (UMOTD_DIR): New variable. 402 (SUBDIRS): Add $(UMOTD_DIR). 403 * configure.ac: Check for security/pam_ext.h. 404 Add pam_umotd module. 405 * lib/graypam.h (pam_opt_type)<pam_opt_rest>: New type. 406 * lib/parseopt.c (gray_parseopt): Upon encoutnering pam_opt_rest parameter, 407 stop further processing and return the index of the next argument. 408 * pam_umotd/Makefile.am: New file. 409 * pam_umotd/pam_umotd.c: New file. 410 4112012-05-23 Sergey Poznyakoff <gray@gnu.org.ua> 412 413 Bugfixes. 414 415 * configure.ac: Version 1.7.90. 416 * NEWS: Update. 417 * doc/Makefile.am (EXTRA_DIST): Remove leftover files. 418 * pam_ldaphome/pam_ldaphome.c (ldap_connect): Set LDAP version 419 before enforcing TLS. 420 4212012-05-18 Sergey Poznyakoff <gray@gnu.org.ua> 422 423 Enable fine-grained control over TLS. 424 425 * doc/pam-modules.texi: Document new tls values. 426 * pam_ldaphome/pam_ldaphome.c (ldap_connect): The tls 427 keyword is tri-state. Allowed values are: "yes", "no" 428 and "only". 429 430 Improve the docs. 431 432 * doc/Makefile.am (check-all-options): Check ldaphome options. 433 (check-ldaphome-config): New rule. 434 (check-options): Add check-ldaphome-config. 435 * doc/pam-modules.texi: Add missing documentation. 436 437 Improve configuration for pam_ldaphome. 438 439 * doc/pam-modules.texi: Document new configuration keywords. 440 * pam_ldaphome/pam_ldaphome.c (get_intval): Take additional 441 "base" argument. Return 1 if the requested keyword is not 442 present in the database, -1 on error and 0 on success. 443 (ldap_connect): Consult the "ldap-version" configuration 444 variable for the LDAP version to use. 445 (create_home_dir): Read mode for the home directory from 446 the configuration variable "home-dir-mode". 447 4482012-05-17 Sergey Poznyakoff <gray@gnu.org.ua> 449 450 Document pam-modules.texi 451 4522012-05-16 Sergey Poznyakoff <gray@gnu.org.ua> 453 454 Minor improvements. 455 456 * pam_ldaphome/pam_ldaphome.c (get_ldap_attrs): restore pubkey 457 debug output. 458 (pam_sm_authenticate): New keyword "authorized_keys" 459 4602012-05-15 Sergey Poznyakoff <gray@gnu.org.ua> 461 462 Improve handling of multiple keys. 463 464 * pam_ldaphome/pam_ldaphome.c (get_ldap_attrs): return array of values. 465 (store_pubkeys): Fix key comparison. 466 467 Allow for multiple authorized keys. 468 469 * pam_ldaphome/pam_ldaphome.c (argcvz_free,trimnl): New functions. 470 (get_ldap_attr): Trim trailing newlines from the return value. 471 (ldap_search): Rename to get_pubkeys. Return null-terminated array 472 of sorted lexicographically keys. 473 (store_pubkey): Rename to store_pubkeys, take char ** as its 474 first argument. Store all keys unless the file already contains 475 exactly that set of keys. 476 (import_public_key): Call store_pubkeys. Use argcvz_free to 477 free the keys. 478 479 Bugfixes. 480 481 * pam_ldaphome/pam_ldaphome.c (argcv_free): Fix multiple free 482 (argcv_concat): Fix overly conservative size calculation and 483 concatenation loop. 484 (parse_ldap_uri): Fix URI reconstruction. 485 (dir_copy_loop): Remove unused variable. 486 (store_pubkey): Return meaningful error code. 487 (import_public_key): Propagate return code from store_pubkey. 488 (create_home_dir): Return meaningful error code. 489 (pam_sm_authenticate): Propagate return code from create_home_dir 490 and import_public_key to the caller. 491 * pam_log/Makefile.am: Remove BUILD_PAM_LOG substitution 492 (complements 1a80b647). 493 494 pam_ldaphome: implement populate_homedir. 495 4962012-05-14 Sergey Poznyakoff <gray@gnu.org.ua> 497 498 Initialize submodules in autogen.sh 499 5002012-05-13 Sergey Poznyakoff <gray@gnu.org.ua> 501 502 Add a placeholder for pam_ldaphome documentation. 503 504 Use imprimatur to maintain docs. 505 506 Generate ChangeLog automatically from git log. 507 508 Migrate to git. 509 510 Fix a typo 511 512 Revamp build system. Add pam_ldaphome module. 513 514 * configure.ac: Test for ldap. 515 (AC_OUTPUT): Create pam_ldaphome/Makefile. 516 * acinclude.m4 (PM_ENABLE): Declare PAM_COND_<item> 517 conditional in addition to BUILD_PAM_<item> substitution 518 variable. 519 * Makefile.am (SUBDIRS): Include most modules via 520 conditionally defined Makefile variables. 521 522 * lib/graypam.h (gray_env): New struct. 523 (gray_env_get,gray_env_free,gray_env_read) 524 (gray_boolean_true_p): New protos. 525 * lib/env.c: New file. 526 * lib/Makefile.am (libgraypam_la_SOURCES): Add env.c 527 528 * pam_fshadow/Makefile.am: Remove BUILD_PAM_FSHADOW 529 substitution. 530 * pam_regex/Makefile.am: Remove BUILD_PAM_REGEX 531 substitution. 532 * pam_sql/pam_sql.c (free_config, boolean_true_p) 533 (read_config): Remove. Use gray_env_* functions 534 instead. All uses updated. 535 * pam_regex/pam_regex.c: Fix typo. 536 537 * pam_ldaphome/Makefile.am: New file. 538 5392012-05-13 Sergey Poznyakoff <gray@gnu.org.ua> 540 541 Revamp build system. Add pam_ldaphome module. 542 543 * configure.ac: Test for ldap. 544 (AC_OUTPUT): Create pam_ldaphome/Makefile. 545 * acinclude.m4 (PM_ENABLE): Declare PAM_COND_<item> 546 conditional in addition to BUILD_PAM_<item> substitution 547 variable. 548 * Makefile.am (SUBDIRS): Include most modules via 549 conditionally defined Makefile variables. 550 551 * lib/graypam.h (gray_env): New struct. 552 (gray_env_get,gray_env_free,gray_env_read) 553 (gray_boolean_true_p): New protos. 554 * lib/env.c: New file. 555 * lib/Makefile.am (libgraypam_la_SOURCES): Add env.c 556 557 * pam_fshadow/Makefile.am: Remove BUILD_PAM_FSHADOW 558 substitution. 559 * pam_regex/Makefile.am: Remove BUILD_PAM_REGEX 560 substitution. 561 * pam_sql/pam_sql.c (free_config, boolean_true_p) 562 (read_config): Remove. Use gray_env_* functions 563 instead. All uses updated. 564 * pam_regex/pam_regex.c: Fix typo. 565 566 * pam_ldaphome/Makefile.am: New file. 567 5682011-09-29 Sergey Poznyakoff <gray@gnu.org.ua> 569 570 Allow installers to link modules with alternative crypt(3) 571 implementations. 572 573 * configure.ac: New option --with-crypt-lib. 574 * README: Update. 575 5762011-08-31 Sergey Poznyakoff <gray@gnu.org.ua> 577 578 Various bugfixes. 579 580 * pam_fshadow/pam_fshadow.c (pam_sm_authenticate): Fix 581 erroneous conditional, which allowed for logins with 582 arbitrary passwords if `nopasswd' option was given. 583 * lib/graypam.h (gray_free_transform_expr): New proto. 584 * lib/transform.c (transform) <has_regex>: New member. 585 (free_transform,free_segment): New statics. 586 (gray_free_transform_expr): New function. 587 * pam_regex/pam_regex.c (pam_sm_authenticate): Free slist and 588 transform expression. 589 5902011-04-08 Sergey Poznyakoff <gray@gnu.org.ua> 591 592 Version 1.7 593 594 * configure.ac: Enable silent rules. 595 Require autoconf 2.63, automake 1.11. 596 * pam_log/pam_log.c: Suppress a gcc warning. 597 * NEWS: Update. 598 5992011-04-05 Sergey Poznyakoff <gray@gnu.org.ua> 600 601 Allow for the use of `CALL proc' in MySQL queries. 602 603 * pam_sql/pam_mysql.c (flush_result): New static. 604 (mysql_do_query): Call mysql_real_connect with the 605 CLIENT_MULTI_RESULTS flag. 606 (check_query_result, mysql_setenv, gpam_sql_acct): Call flush_result 607 after freeing the result. 608 6092009-02-27 Sergey Poznyakoff <gray@gnu.org.ua> 610 611 Minor changes 612 613 * pam_fshadow/pam_fshadow.c: Protect shadow-related code with 614 ifdefs. 615 * configure.ac: Check for shadow.h, struct spwd and fgetspent. Do 616 not disable pam_fshadow.c if they are not present. 617 618 Rewrite Makefile.am's in a clearer and simpler way 619 620 * configure.ac: Require libtool 2.2.5a 621 * Make.rules (.c.lo, .lo.la): Remove 622 (AM_LDFLAGS, INCLUDES, LIBS): New assignments. 623 * pam_sql/Makefile.am, pam_fshadow/Makefile.am, 624 pam_sql/Makefile.am, pam_regex/Makefile.am, 625 pam_log/Makefile.am: Rewrite. 626 * pam_sql/pam_sql.h, pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c. 627 pam_sql/pam_sql.c: Rewrite. 628 * pam_sql/sha1.h, pam_sql/md5.c, pam_sql/md5.h, pam_sql/sha1.c 629 * pam_fshadow/pam_fshadow.c: New option [no]shadow 630 * doc/pam-modules.texi: Update. 631 632 * lib/graypam.h (gray_trim_ws): New proto 633 * lib/strutil.c: New file. 634 * lib/Makefile.am: Add strutil.c 635 6362009-02-17 Sergey Poznyakoff <gray@gnu.org.ua> 637 638 * pam_fshadow/Makefile.am: Build the module conditionally. 639 * pam_regex/Makefile.am: Likewise. 640 * pam_log/Makefile.am: Likewise. 641 * NEWS, README: Update. 642 * configure.ac: Raise version number to 1.5. Update bug-report 643 address. 644 Add options for disabling fshadow, log and regex. 645 * acinclude.m4: Prefix all macros with PM_ 646 (PM_CHECK_LIB): Rewrite. 647 6482008-03-20 Sergey Poznyakoff <gray@gnu.org.ua> 649 650 * configure.ac, NEWS: Version 1.4 651 * doc/pam-modules.texi: Update. 652 * doc/macros.texi (opsummary,kwsummary): Remove anchor 653 definitions, they cause grief in texi2html. 654 6552008-03-19 Sergey Poznyakoff <gray@gnu.org.ua> 656 657 * doc/pam-modules.texi: Improve docs. 658 659 Documentation checking framework: 660 661 * doc/macros.texi, doc/check-docs.sh, doc/mastermenu.el, 662 doc/untabify.el, doc/rendition.texi: New files. 663 * pam_regex/pam_regex.c: Remove useless use_authtok option. 664 * pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c, 665 pam_sql/pam_sql.c: Pacify `make check-sql-config' in doc. 666 * doc/Makefile.am: Add check-* rules. 667 * doc/pam-modules.texi: Update. 668 669 * configure.ac: Check for pam libraries and header files. 670 * pam_sql/pam_mysql.c (mysql_setenv): Protect by #ifdef 671 HAVE_PAM_MISC_SETENV. Prevent coredumps on NULL values. 672 * pam_sql/pam_pgsql.c (pgsql_setenv): Likewise. 673 * pam_sql/Makefile.am (pam_mysql_la_LDADD,pam_pgsql_la_LDADD): Add 674 @PAM_MISC@. 675 * pam_sql/pam_sql.c (read_config): Read lines of arbitrary length. 676 677 * pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c: Implement `setenv' 678 method. 679 * pam_sql/pam_sql.c, pam_fshadow/pam_fshadow (_pam_get_password): 680 Set PAM_AUTHTOK. 681 6822008-03-17 Sergey Poznyakoff <gray@gnu.org.ua> 683 684 * doc/pam-modules.texi: Update. 685 686 * pam_fshadow/pam_fshadow.c, pam_sql/pam_mysql.c, 687 pam_sql/pam_sql.c, pam_regex/pam_regex.c: Ensure passwords might 688 get divulged only at debugging level 100. 689 6902008-03-16 Sergey Poznyakoff <gray@gnu.org.ua> 691 692 Add session management to pam_sql. 693 694 * NEWS, configure.ac: Updated. Set version to 1.3.90. 695 696 * lib/escape.c, lib/vartab.c: New files. 697 * lib/graypam.h (gray_expand_argv) 698 (gray_expand_string, gray_escape_string): New functions. 699 (struct keyword): New declaration. 700 (gray_find_keyword): New function. 701 * lib/Makefile.am (libgraypam_la_SOURCES): Add vartab.c and 702 escape.c. 703 704 * pam_log/pam_log.c: Use gray_find_keyword and gray_expand_argv. 705 706 * pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c (verify_user_pass): 707 Change signature. 708 (sql_acct): New function. 709 * pam_sql/pam_sql.c (verify_user_pass): Change signature. 710 (_pam_parse): Initialize globals. 711 (free_config): Reset config_env to NULL. 712 (read_config): Set config_env to NULL. 713 (get_query,get_query2): New functions. 714 (pam_sm_authenticate): Call gray_pam_init, update call to 715 verify_user_pass. 716 (sql_session_mgmt,pam_sm_open_session,pam_sm_close_session): New 717 functions. 718 7192008-03-15 Sergey Poznyakoff <gray@gnu.org.ua> 720 721 * pam_regex/pam_regex.c (pam_opt): Fix a typo: rename "user_name" 722 option to "user". 723 (pam_sm_authenticate): Bugfix 724 7252008-03-15 Sergey Poznyakoff <gray@gnu.org.ua> 726 727 -= Release 1.3 =- 728 7292008-03-15 Sergey Poznyakoff <gray@gnu.org.ua> 730 731 Initial framework for LDAP-style password hashes. 732 733 * pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c: Call 734 gray_check_ldap_pass if configuration variable allow-ldap-pass is 735 set. 736 * lib/graypam.h (gray_base64_decode, gray_check_ldap_pass): New 737 prototypes. 738 * lib/Makefile.am (libgraypam_la_SOURCES): Add new files. 739 * lib/sha1.h, lib/base64.c, lib/md5.c, lib/ldappass.c, lib/md5.h, 740 lib/sha1.c: New files. 741 7422008-03-14 Sergey Poznyakoff <gray@gnu.org.ua> 743 744 * doc/Makefile.am: Use texi2html to produce html files. 745 * doc/gendocs_template: Use latest version from Texinfo. 746 747 -= Release 1.2 =- 748 749 * lib/graypam.h: Minor change. 750 * pam_sql/pam_pgsql.c (verify_user_pass): port is optional. 751 Fix erroneous argument to PQsetdbLogin. 752 * pam_sql/pam_sql.c (pam_opt): Bugfix. 753 754 * doc/pam-modules.texi: Minor change. 755 756 * NEWS, doc/pam-modules.texi: Document new regexp default for 757 pam_fshadow.c 758 759 * lib/parseopt.c: New file. 760 * lib/Makefile.am (libgraypam_la_SOURCES): Add parseopt.c 761 * lib/graypam.h (gray_parseopt, gray_wait_debug_fun): New 762 functions 763 (CNTL_DEBUG_LEV, CNTL_SET_DEBUG_LEV): Removed. 764 * lib/log.c (gray_wait_debug): New functions. 765 * pam_fshadow/pam_fshadow.c, pam_sql/pam_sql.c, 766 pam_regex/pam_regex.c, pam_log/pam_log.c: Use gray_parseopt for 767 command line parsing. 768 7692008-03-13 Sergey Poznyakoff <gray@gnu.org.ua> 770 771 * configure.ac (PAM_COMMON_INCLUDES): Add -I${top_srcdir}/lib. 772 (AC_OUTPUT): Add lib/Makefile. 773 * doc/pam-modules.texi: Document `transform' option. 774 * Make.rules: New file. 775 776 * lib/mem.c, lib/slist.c, lib/log.c, lib/converse.c, 777 lib/graypam.h, lib/Makefile.am, lib/transform.c. 778 779 * pam_regex/pam_regex.c: Implement user name transformations. 780 781 * pam_fshadow/Makefile.am, pam_sql/Makefile.am: 782 Add ../lib/libgraypam.la to LDADD 783 * pam_fshadow/pam_fshadow.c, pam_sql/pam_mysql.c, 784 pam_sql/pam_pgsql.c, pam_sql/pam_sql.c: Use functions from ../lib. 785 7862007-08-28 Sergey Poznyakoff <gray@gnu.org.ua> 787 788 * pam_fshadow/Makefile.am, pam_regex/Makefile.am, 789 pam_log/Makefile.am: Place INCLUDES in front of CPPFLAGS 790 791 * pam_sql/Makefile.am: Place INCLUDES in front of CPPFLAGS 792 (pam_mysql.la): Redo rule 793 794 * pam_sql/sha1.h, pam_sql/sha1.c, pam_sql/md5.h, pam_sql/md5.c: 795 Replace with another version 796 797 * pam_fshadow/pam_fshadow.c: Minor change 798 * pam_sql/pam_mysql.c (sql_expand_query): Bugfix 799 Implement pure md5 passwords 800 (verify_user_pass): Lots of bugfixes 801 * pam_sql/pam_sql.c (read_config): Lots of bugfixes 802 (pam_sm_setcred,pam_sm_acct_mgmt): Add required functions 803 8042007-08-14 Sergey Poznyakoff <gray@gnu.org.ua> 805 806 * NEWS, configure.ac: Version 1.2 807 808 * pam_fshadow/pam_fshadow.c: Include config.h and time.h 809 * pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c, pam_sql/pam_sql.c: Use 810 _pam_log for diagnostics. 811 * pam_regex/pam_regex.c (pam_sm_authenticate): Remove unused variable. 812 * configure.ac: New option --enable-debug 813 * common.c (wait_debug): Bugfix 814 * pam_log/pam_log.c: Include ctype.h 815 (parse_priority): Change return type. 816 * pam_fshadow/Makefile.am, pam_log/Makefile.am, 817 pam_regex/Makefile.am, pam_sql/Makefile.am: Use CPPFLAGS in cc rules. 818 8192007-08-06 Sergey Poznyakoff <gray@gnu.org.ua> 820 821 Relicense under GPLv3. 822 8232007-08-05 Sergey Poznyakoff <gray@gnu.org.ua> 824 825 * NEWS: Update 826 * configure.ac: Version 1.0.90 827 * common.c: Include regex.h; 828 (_cleanup_regex, make_str): New functions 829 * doc/pam-modules.texi: Update 830 * pam_fshadow/Makefile.am (pam_fshadow_la_LDADD): Add @LIBS@ 831 * pam_fshadow/pam_fshadow.c: Implement virtual domain 832 authentication. 833 * pam_regex/pam_regex.c (make_str): Moved to ../common.c 834 * pam_sql/pam_sql.c (verify_user_pass): static 835 8362006-09-06 Sergey Poznyakoff <gray@gnu.org.ua> 837 838 * configure.ac: New option --without-sql 839 840 * doc/pam-modules.texi: Updated 841 * common.c: Moved here syslog-reporting and debugging functions 842 * pam_fshadow/Makefile.am (AM_CPPFLAGS): Define MODULE_NAME 843 * pam_log/Makefile.am: Likewise 844 * pam_regex/Makefile.am: Likewise 845 846 * pam_fshadow/pam_fshadow.c: Update 847 * pam_regex/pam_regex.c: Update 848 * pam_sql/pam_sql.c: Update 849 850 * pam_sql/pam_mysql.c (sql_expand_query): Bugfix 851 * pam_sql/pam_pgsql.c (sql_expand_query): Bugfix 852 853 * pam_log/pam_log.c: Implemented 854 8552006-09-06 Sergey Poznyakoff <gray@gnu.org.ua> 856 857 * acinclude.m4: New file 858 * common.c: New file 859 * pam_log: New directory 860 * pam_log/pam_log.c: New file 861 * pam_log/Makefile.am: New file 862 * pam_log/.cvsignore: New file 863 864 * pam_sql: New directory 865 * pam_sql/Makefile.am: New file 866 * pam_sql/pam_mysql.c: New file 867 * pam_sql/pam_pgsql.c: New file 868 * pam_sql/pam_sql.c: New file 869 * pam_sql/pam_sql.h: New file 870 * pam_sql/sha1.c: New file 871 * pam_sql/sha1.h: New file 872 * pam_sql/.cvsignore: New file 873 874 * Makefile.am (SUBDIRS): Add pam_log pam_sql 875 * configure.ac: Add library versioning. Check for libmysqlclient 876 and libpq. Create pam_log/Makefile and pam_sql/Makefile 877 * pam_fshadow/Makefile.am, pam_regex/Makefile.am: Update 878 * pam_fshadow/pam_fshadow.c, pam_regex/pam_regex.c: Include <common.c> 879 8802006-09-04 Sergey Poznyakoff <gray@gnu.org.ua> 881 882 * pam_regex/pam_regex.c: New option 'user=[arg]' 883 * doc/pam-modules.texi: Update 884 8852005-08-18 Sergey Poznyakoff <gray@gnu.org.ua> 886 887 * autogen.sh: Updated 888 * pam_regex/pam_regex.c: Use stdarg.h 889 (regex): Made const 890 891 * NEWS: Updated 892 * README: Updated 893 * configure.ac: Change auxiliary directory to build-aux, change 894 version number to 1.0, change bug report address. 895 896 * doc: New directory 897 * doc/Makefile.am: New file 898 * doc/pam-modules.texi: New file 899 * doc/gendocs_template: New file 900 * doc/fdl.texi: New file 901 * doc/.cvsignore: New file 902 903 * configure.ac: Add doc/ 904 * Makefile.am: Likewise 905 * pam_fshadow/pam_fshadow.c: Updated copyright statement 906 * pam_regex/pam_regex.c: Likewise 907 9082004-05-27 Sergey Poznyakoff <gray@Mirddin.farlep.net> 909 910 * INSTALL: Removed 911 * Makefile.in: Removed 912 * pam_fshadow/Makefile.in: Removed 913 * pam_regex/Makefile.in: Removed 914 * .cvsignore: New file 915 * pam_fshadow/.cvsignore: New file 916 * pam_regex/.cvsignore: New file 917 * pam_fshadow/pam_fshadow.c: Minor fixes. 918 * README: Updated 919 * autogen.sh: Updated 920 9212004-02-09 Sergey Poznyakoff <gray@Mirddin.farlep.net> 922 923 * Put the two modules in a single packet and imported them 924 to CVS. 925 9262001-09-22 Sergey Poznyakoff <gray@mirddin.farlep.net> 927 928 First release. 929 930 931 932Local Variables: 933mode: change-log 934version-control: never 935buffer-read-only: t 936End: 937