12018-01-02  Sergey Poznyakoff  <gray@gnu.org>
2
3	Version 2.2
4
52018-01-01  Sergey Poznyakoff  <gray@gnu.org>
6
7	Happy GNU Year
8
92017-12-22  Sergey Poznyakoff  <gray@gnu.org.ua>
10
11	pam_fshadow: allow the user to use arbitrary group numbers for username and domain parts.
12
13	New options username-index and domain-index are used to indicate
14	indices of the parenthesized groups used to extract the user and
15	the domain name. The default corresponds to 'user-index=1 domain-index=1'.
16
17	Additionally, change the behavior in case if the user name doesn't
18	match the regexp. Previous versions would fall back to plain authentication
19	in this case. New behavior is to reject access.
20
21	* pam_fshadow/pam_fshadow.c (pam_opt): New options
22	username-index and domain-index.
23	(pam_sm_authenticate): Move username splitting into a separate
24	function.
25	* doc/pam_fshadow.8in: Document the new options.
26
272015-08-04  Sergey Poznyakoff  <gray@gnu.org.ua>
28
29	Version 2.1
30
312015-04-23  Sergey Poznyakoff  <gray@gnu.org.ua>
32
33	minor change
34
35	Fix doc generation.
36
37	Default Config file applied to all output formats, which is wrong.
38	Use a dedicated configuration file for html output formats, and
39	defaults for the rest.
40
41	* doc/Makefile.am (GENDOCS): Add html-specific configuration file.
42	* doc/Config: Rename to doc/html.init (with changes).
43
442015-03-01  Sergey Poznyakoff  <gray@gnu.org>
45
46	Switch to Texinfo 5.0
47
48	* doc/Config: Rewrite.
49	* doc/Makefile.am: Use Makeinfo 5 instead of texi2htm
50	* doc/gendocs_template: Ps is not built
51	* imprimatur: Upgrade.
52
532015-02-26  Sergey Poznyakoff  <gray@gnu.org.ua>
54
55	Version 2.0
56
57	* NEWS: Update version number
58	* configure.ac: Likewise.
59	* doc/pam-modules.texi: Fix a typo.
60	* doc/pam_ldaphome.8in: Likewise.
61	* pamck/pamck.c: Update copyright years.
62
63	* pam_fshadow/pam_fshadow.c: Suppress cc warnings.
64	* pam_groupmember/pam_groupmember.c: Likewise.
65	* pam_ldaphome/pam_ldaphome.c: Likewise.
66	* pam_log/pam_log.c: Likewise.
67	* pam_regex/pam_regex.c: Likewise.
68
692015-01-30  Sergey Poznyakoff  <gray@gnu.org.ua>
70
71	Document user-keys-boundary
72
732015-01-28  Sergey Poznyakoff  <gray@gnu.org.ua>
74
75	Update copyright dates.
76
77	pam_ldaphome: run initrc command as user.
78
79	* examples/usergitconfig: Documentation formatting change.
80	* lib/graypam.h (gray_2nrealloc): New function.
81	* lib/mem.c (gray_2nrealloc): New function.
82	* pam_fshadow/pam_fshadow.c (fgetpwent): Skip malformed entries.
83	* pam_ldaphome/pam_ldaphome.c (runas): New finction.
84	(run_prog): Switch to user privileges unless initrc-root is true.
85
86	* NEWS: Update.
87	* doc/pam-modules.texi: Update.
88	* doc/pam_ldaphome.8in: Update.
89
902014-12-05  Sergey Poznyakoff  <gray@gnu.org>
91
92	Build pam_fshadow even if fgetpwent is not defined.
93
94	* configure.ac: Only check if fgetpwent is defined,
95	don't disable the module if it is not.
96	* pam_fshadow/pam_fshadow.c [!HAVE_FGETPWENT] (fgetpwent): Provide a
97	replacement.
98
992014-12-04  Sergey Poznyakoff  <gray@gnu.org.ua>
100
101	Implement audit option
102
103	Audit is equivalent to debug=100, i.e. it enables logging
104	maximum debugging output.
105
1062014-09-16  Sergey Poznyakoff  <gray@gnu.org.ua>
107
108	pam_ldaphome: Make user-specific key boundary configurable.
109
110	* pam_ldaphome/pam_ldaphome.c (store_pubkeys): Use the value of the
111	user-keys-boundary option as the boundary of user-specific key section.
112
1132014-09-12  Sergey Poznyakoff  <gray@gnu.org.ua>
114
115	Provide a way to keep user-defined pubkeys in file.
116
117	A user can add his public keys to the authorized_keys file without disturbing
118	the key synchronization from the LDAP database.  The #:end comment in the file
119	marks the end of area synchronized with LDAP.  Everything below this comment
120	is preserved intact.
121
122	* pam_ldaphome/pam_ldaphome.c (pubkeyfile): New struct.
123	(pubkeyfile_open,pubkeyfile_read,pubkeyfile_init)
124	(pubkeyfile_write,pubkeyfile_remove_lines)
125	(pubkeyfile_alloc_lines,pubkeyfile_insert_lines)
126	(pubkeyfile_close): New functions.
127	(store_pubkeys): Use pubkeyfile functions to operate on
128	the authorized_keys file.
129
1302014-09-11  Sergey Poznyakoff  <gray@gnu.org>
131
132	Bugfixes
133
134	* pam_ldaphome/pam_ldaphome.c (check_groups): Take into account primary
135	group.
136	* doc/pam_regex.8: Fix escaping.
137
1382014-07-26  Sergey Poznyakoff  <gray@gnu.org.ua>
139
140	Improve docstrings in examples.
141
1422014-07-25  Sergey Poznyakoff  <gray@gnu.org.ua>
143
144	Implement TLS in perl utilities.
145
146	Raise version number to 1.9.90
147
148	pam_ldaphome: read /etc/ldap.conf file.
149
150	* lib/env.c (gray_env_read_tr): New function.
151	(gray_env_read): Rewrite using gray_env_read_tr.
152	(gray_env_merge): New function.
153	* lib/escape.c (gray_escape_string): Remove useless typecasts.
154	* lib/graypam.h (gray_env_read_tr)
155	(gray_env_merge): New protos.
156	* pam_ldaphome/pam_ldaphome.c (ldap_config_name): New variable.
157	(ldap_connect): Use 'ssl' keyword, if 'tls' is not defined.
158	(ldaphome_main): New keyword ldap-config
159
160	* doc/pam-modules.texi: Document reading system-wide ldap.conf
161	* doc/pam_ldaphome.8in: Likewise.
162
1632014-07-24  Sergey Poznyakoff  <gray@gnu.org.ua>
164
165	pam_ldaphome: provide an option to specify CA certificate file for TLS
166
167	* pam_ldaphome/pam_ldaphome.c (ldap_connect): New option tls-cacert
168	* doc/pam-modules.texi: Document tls-cacert
169	* doc/pam_ldaphome.8in: Likewise.
170
1712014-05-21  Sergey Poznyakoff  <gray@gnu.org>
172
173	Version 1.9
174
175	* NEWS: Update version number.
176	* configure.ac: Likewise.
177	* doc/pam_ldaphome.8in: Reorder configuration statements.
178	* pamck/pamck.c: Update copyright years.
179
1802014-05-21  Sergey Poznyakoff  <gray@gnu.org.ua>
181
182	Fix docs.
183
184	* doc/Makefile.am (check-ldaphome-config): Take into account
185	gray_env_get_bool (see 7636fa3e).
186	* doc/pam-modules.texi: Update; final check.
187	* NEWS: Update.
188
189	Remove deprecated use of INCLUDES from Makefiles.
190
191	* Make.rules: Use AM_CPPFLAGS instead of INCLUDES.
192	* Makefile.am (SUBDIRS): Add examples.
193	(dist-hook): Remove.
194	* configure.ac: Build examples/Makefile.
195	* examples/Makefile.am: New file.
196	* pam_fshadow/Makefile.am: Include Make.rules on top.
197	Use += to set AM_CPPFLAGS
198	* pam_groupmember/Makefile.am: Likewise.
199	* pam_ldaphome/Makefile.am: Likewise.
200	* pam_log/Makefile.am: Likewise.
201	* pam_regex/Makefile.am: Likewise.
202	* pam_sql/Makefile.am: Likewise.
203	* pam_umotd/Makefile.am: Likewise.
204
205	Document the use of ldappubkey
206
2072014-05-20  Sergey Poznyakoff  <gray@gnu.org.ua>
208
209	pam_ldaphome: don't run initrc program if the home dir already exists.
210
211	* pam_ldaphome/pam_ldaphome.c (create_exists): New return code.
212	(create_home_dir): Return create_exists if the directory already
213	exists.
214	(ldaphome_main): Run initrc only after creating the home dir.
215
216	Version 1.8.93
217
2182014-05-19  Sergey Poznyakoff  <gray@gnu.org.ua>
219
220	New utility "ldappubkey".
221
222	* NEWS: Document new features.
223	* doc/pam-modules.texi: Document usergitconfig.
224	* doc/pam_ldaphome.8in: Update.
225	* examples/ldappubkey: New file.
226	* examples/usergitconfig: Refer to perldoc on error.
227	* lib/env.c (gray_env_get_bool): New function.
228	* lib/graypam.h (gray_env_get_bool): New proto.
229	* pam_ldaphome/pam_ldaphome.c (import_public_key): Do nothing if
230	"import-public-keys" is set to "no".
231	(pam_sm_authenticate): New function.
232
2332014-05-11  Sergey Poznyakoff  <gray@gnu.org.ua>
234
235	Allow to modify environment of initrc-command
236
237	* pam_ldaphome/pam_ldaphome.c (find_env,locate_unset)
238	(env_concat,parsenv,env_setup): New statics.
239	(run_prog): Use execve and env_setup to set up the
240	environment.
241
242	* doc/pam-modules.texi: Document new statements.
243	* doc/pam_ldaphome.8in: Likewise.
244
245	Minor fix
246
247	* examples/usergitconfig: Use bindpw attribute.
248
2492014-05-10  Sergey Poznyakoff  <gray@gnu.org.ua>
250
251	pam_ldaphome: optionally run external program after populating home directory.
252
253	This allows for dynamic modifications of the initial directory contents,
254	depending on the login name of the user.  The name of the external program
255	is given with the initrc-command configuration statement.  It is invoked
256	with the single argument, specifying the login name.  The standard input
257	is closed, standard output is diverted to standard error.  Standard error
258	can be diverted to a file using the initrc-log statement.
259
260	* Makefile.am (EXTRA_DIST): Add examples.
261	* examples/usergitconfig: New file.
262	* pam_ldaphome/pam_ldaphome.c (run_prog, run_initrc): New statics.
263	(pam_sm_authenticate): Call run_initrc prior to calling
264	import_public_key.
265
2662014-05-06  Sergey Poznyakoff  <gray@gnu.org.ua>
267
268	New module: pam_groupmember
269
270	* Makefile.am: Add pam_groupmember.
271	* configure.ac: Likewise.
272	* NEWS: Update.
273
274	* pam_groupmember/Makefile.am: New file.
275	* pam_groupmember/pam_groupmember.c: New file,
276
277	* doc/Makefile.am: Add pam_groupmember.8
278	* doc/pam-modules.texi: Document pam_groupmember
279	* doc/pam_groupmember.8: New file.
280
281	* lib/graypam.h (gray_calloc, gray_strdup): New protos.
282	* lib/mem.c (gray_calloc, gray_strdup): New functions.
283
2842014-04-04  Sergey Poznyakoff  <gray@gnu.org.ua>
285
286	Escape dashes in pam_ldaphome.8in
287
288	Add pam_ldaphome(8) manpage.
289
2902014-04-02  Sergey Poznyakoff  <gray@gnu.org.ua>
291
292	Fix pam-modules.texi
293
294	Add manpages; remove invariant sections from pam-modules.texi
295
2962014-03-28  Sergey Poznyakoff  <gray@gnu.org.ua>
297
298	Fix docs, raise version number to get in synch with the ftp.
299
300	Bugfix.
301
302	* lib/transform.c (gray_free_transform_expr): Fix the loop.
303
3042014-02-11  Sergey Poznyakoff  <gray@gnu.org.ua>
305
306	Update copyright years, set version 1.7.92
307
308	pam_ldaphome: control where home directories can be created
309
310	* pam_ldaphome/pam_ldaphome.c (create_interdir): Fail if unable to chown,
311	(store_pubkeys): Log error if fchown or ftruncate fails.
312	(dir_in_path): New static function.
313	(create_home_dir): Return enum create_status.
314	If allow-home-dir statement is present, create directory only if
315	it is located in one of the directories listed in it, otherwise
316	return create_skip.
317	(pam_sm_authenticate): Import keys only if home dir exists.
318	* doc/pam-modules.texi: Document allow-home-dir.
319
3202013-04-16  Sergey Poznyakoff  <gray@gnu.org.ua>
321
322	Bugfixes.
323
324	* configure.ac: Do not call PM_ENABLE within a conditional.
325	* pam_ldaphome/pam_ldaphome.c (import_public_key): Exit
326	gracefully if keys == NULL.
327
3282012-12-08  Sergey Poznyakoff  <gray@gnu.org.ua>
329
330	Make pam_fshadow reentrant.
331
332	* pam_fshadow/pam_fshadow.c (_pam_parse): Initialize global
333	variables, in case pam_fshadow is called twice in the same
334	stack. Do not register rexp in pam data, this hurts
335	reentrability.
336	(pam_sm_authenticate): Free rexp.
337
3382012-08-01  Sergey Poznyakoff  <gray@gnu.org.ua>
339
340	Improve pam_ldaphome
341
342	New keywords: bindpwfile and keyfile-mode.
343
344	* doc/pam-modules.texi: Document bindpwfile and keyfile-mode.
345	* pam_ldaphome/pam_ldaphome.c (ldap_bind): Read password from
346	file, if bindpwfile is given.
347	(store_pubkeys): Optionally enforce file mode, given by the
348	keyfile-mode configuration statement.
349	* pamck/pamck.c (main): Fix a typo.
350
3512012-07-30  Sergey Poznyakoff  <gray@gnu.org.ua>
352
353	Merge branch 'master' of ssh://git.gnu.org.ua/gitroot/pam-modules
354
3552012-07-15  Sergey Poznyakoff  <gray@gnu.org.ua>
356
357	Upgrade imprimatur.
358
3592012-07-05  Sergey Poznyakoff  <gray@gnu.org.ua>
360
361	Version 1.7.91
362
363	Document pam_umotd.
364
365	pam_umotd: control the LA value.
366
367	* pam_umotd/pam_umotd.c: New option max-la.
368	(pam_sm_open_session): Return PAM_IGNORE if the 5 minute LA
369	is greater than the max-la value.
370
3712012-07-04  Sergey Poznyakoff  <gray@gnu.org.ua>
372
373	Fix the congfigure script.
374
375	* acinclude.m4 (PM_ENABLE): Revamp. Change meaning of the second argument.
376	* configure.ac: Reflect the above change.
377	* pam_umotd/pam_umotd.c: Remove unused includes.
378
379	Bugfixes.
380
381	* acinclude.m4 (PM_ENABLE): Don't test $build_$1 variable
382	before its initialization.
383	* pam_umotd/pam_umotd.c: Remove unnecessary includes.
384	(exec_file): Argv is not const.
385	(pam_sm_open_session): PAM does not guarantee that
386	argv[] is null-terminated. Create a null-terminated copy
387	for use by exec_file.
388
389	Bugfixes.
390
391	* pam_umotd/pam_umotd.c (logfile_name): Static.
392	(max_output_size): New variable.
393	(pam_opt): New option max-size.
394	(read_fd): Limit output size.
395	(exec_file): Likewise.
396
397	Update copyright years.
398
399	Add pam_umotd module.
400
401	* Makefile.am [PAM_COND_UMOTD] (UMOTD_DIR): New variable.
402	(SUBDIRS): Add $(UMOTD_DIR).
403	* configure.ac: Check for security/pam_ext.h.
404	Add pam_umotd module.
405	* lib/graypam.h (pam_opt_type)<pam_opt_rest>: New type.
406	* lib/parseopt.c (gray_parseopt): Upon encoutnering pam_opt_rest parameter,
407	stop further processing and return the index of the next argument.
408	* pam_umotd/Makefile.am: New file.
409	* pam_umotd/pam_umotd.c: New file.
410
4112012-05-23  Sergey Poznyakoff  <gray@gnu.org.ua>
412
413	Bugfixes.
414
415	* configure.ac: Version 1.7.90.
416	* NEWS: Update.
417	* doc/Makefile.am (EXTRA_DIST): Remove leftover files.
418	* pam_ldaphome/pam_ldaphome.c (ldap_connect): Set LDAP version
419	before enforcing TLS.
420
4212012-05-18  Sergey Poznyakoff  <gray@gnu.org.ua>
422
423	Enable fine-grained control over TLS.
424
425	* doc/pam-modules.texi: Document new tls values.
426	* pam_ldaphome/pam_ldaphome.c (ldap_connect): The tls
427	keyword is tri-state.  Allowed values are: "yes", "no"
428	and "only".
429
430	Improve the docs.
431
432	* doc/Makefile.am (check-all-options): Check ldaphome options.
433	(check-ldaphome-config): New rule.
434	(check-options): Add check-ldaphome-config.
435	* doc/pam-modules.texi: Add missing documentation.
436
437	Improve configuration for pam_ldaphome.
438
439	* doc/pam-modules.texi: Document new configuration keywords.
440	* pam_ldaphome/pam_ldaphome.c (get_intval): Take additional
441	"base" argument. Return 1 if the requested keyword is not
442	present in the database, -1 on error and 0 on success.
443	(ldap_connect): Consult the "ldap-version" configuration
444	variable for the LDAP version to use.
445	(create_home_dir): Read mode for the home directory from
446	the configuration variable "home-dir-mode".
447
4482012-05-17  Sergey Poznyakoff  <gray@gnu.org.ua>
449
450	Document pam-modules.texi
451
4522012-05-16  Sergey Poznyakoff  <gray@gnu.org.ua>
453
454	Minor improvements.
455
456	* pam_ldaphome/pam_ldaphome.c (get_ldap_attrs): restore pubkey
457	debug output.
458	(pam_sm_authenticate): New keyword "authorized_keys"
459
4602012-05-15  Sergey Poznyakoff  <gray@gnu.org.ua>
461
462	Improve handling of multiple keys.
463
464	* pam_ldaphome/pam_ldaphome.c (get_ldap_attrs): return array of values.
465	(store_pubkeys): Fix key comparison.
466
467	Allow for multiple authorized keys.
468
469	* pam_ldaphome/pam_ldaphome.c (argcvz_free,trimnl): New functions.
470	(get_ldap_attr): Trim trailing newlines from the return value.
471	(ldap_search): Rename to get_pubkeys. Return null-terminated array
472	of sorted lexicographically keys.
473	(store_pubkey): Rename to store_pubkeys, take char ** as its
474	first argument. Store all keys unless the file already contains
475	exactly that set of keys.
476	(import_public_key): Call store_pubkeys. Use argcvz_free to
477	free the keys.
478
479	Bugfixes.
480
481	* pam_ldaphome/pam_ldaphome.c (argcv_free): Fix multiple free
482	(argcv_concat): Fix overly conservative size calculation and
483	concatenation loop.
484	(parse_ldap_uri): Fix URI reconstruction.
485	(dir_copy_loop): Remove unused variable.
486	(store_pubkey): Return meaningful error code.
487	(import_public_key): Propagate return code from store_pubkey.
488	(create_home_dir): Return meaningful error code.
489	(pam_sm_authenticate): Propagate return code from create_home_dir
490	and import_public_key to the caller.
491	* pam_log/Makefile.am: Remove BUILD_PAM_LOG substitution
492	(complements 1a80b647).
493
494	pam_ldaphome: implement populate_homedir.
495
4962012-05-14  Sergey Poznyakoff  <gray@gnu.org.ua>
497
498	Initialize submodules in autogen.sh
499
5002012-05-13  Sergey Poznyakoff  <gray@gnu.org.ua>
501
502	Add a placeholder for pam_ldaphome documentation.
503
504	Use imprimatur to maintain docs.
505
506	Generate ChangeLog automatically from git log.
507
508	Migrate to git.
509
510	Fix a typo
511
512	Revamp build system. Add pam_ldaphome module.
513
514	* configure.ac: Test for ldap.
515	(AC_OUTPUT): Create pam_ldaphome/Makefile.
516	* acinclude.m4 (PM_ENABLE): Declare PAM_COND_<item>
517	conditional in addition to BUILD_PAM_<item> substitution
518	variable.
519	* Makefile.am (SUBDIRS): Include most modules via
520	conditionally defined Makefile variables.
521
522	* lib/graypam.h (gray_env): New struct.
523	(gray_env_get,gray_env_free,gray_env_read)
524	(gray_boolean_true_p): New protos.
525	* lib/env.c: New file.
526	* lib/Makefile.am (libgraypam_la_SOURCES): Add env.c
527
528	* pam_fshadow/Makefile.am: Remove BUILD_PAM_FSHADOW
529	substitution.
530	* pam_regex/Makefile.am: Remove BUILD_PAM_REGEX
531	substitution.
532	* pam_sql/pam_sql.c (free_config, boolean_true_p)
533	(read_config): Remove. Use gray_env_* functions
534	instead. All uses updated.
535	* pam_regex/pam_regex.c: Fix typo.
536
537	* pam_ldaphome/Makefile.am: New file.
538
5392012-05-13  Sergey Poznyakoff  <gray@gnu.org.ua>
540
541	Revamp build system. Add pam_ldaphome module.
542
543	* configure.ac: Test for ldap.
544	(AC_OUTPUT): Create pam_ldaphome/Makefile.
545	* acinclude.m4 (PM_ENABLE): Declare PAM_COND_<item>
546	conditional in addition to BUILD_PAM_<item> substitution
547	variable.
548	* Makefile.am (SUBDIRS): Include most modules via
549	conditionally defined Makefile variables.
550
551	* lib/graypam.h (gray_env): New struct.
552	(gray_env_get,gray_env_free,gray_env_read)
553	(gray_boolean_true_p): New protos.
554	* lib/env.c: New file.
555	* lib/Makefile.am (libgraypam_la_SOURCES): Add env.c
556
557	* pam_fshadow/Makefile.am: Remove BUILD_PAM_FSHADOW
558	substitution.
559	* pam_regex/Makefile.am: Remove BUILD_PAM_REGEX
560	substitution.
561	* pam_sql/pam_sql.c (free_config, boolean_true_p)
562	(read_config): Remove. Use gray_env_* functions
563	instead. All uses updated.
564	* pam_regex/pam_regex.c: Fix typo.
565
566	* pam_ldaphome/Makefile.am: New file.
567
5682011-09-29  Sergey Poznyakoff  <gray@gnu.org.ua>
569
570	Allow installers to link modules with alternative crypt(3)
571	implementations.
572
573	* configure.ac: New option --with-crypt-lib.
574	* README: Update.
575
5762011-08-31  Sergey Poznyakoff  <gray@gnu.org.ua>
577
578	Various bugfixes.
579
580	* pam_fshadow/pam_fshadow.c (pam_sm_authenticate): Fix
581	erroneous conditional, which allowed for logins with
582	arbitrary passwords if `nopasswd' option was given.
583	* lib/graypam.h (gray_free_transform_expr): New proto.
584	* lib/transform.c (transform) <has_regex>: New member.
585	(free_transform,free_segment): New statics.
586	(gray_free_transform_expr): New function.
587	* pam_regex/pam_regex.c (pam_sm_authenticate): Free slist and
588	transform expression.
589
5902011-04-08  Sergey Poznyakoff  <gray@gnu.org.ua>
591
592	Version 1.7
593
594	* configure.ac: Enable silent rules.
595	Require autoconf 2.63, automake 1.11.
596	* pam_log/pam_log.c: Suppress a gcc warning.
597	* NEWS: Update.
598
5992011-04-05  Sergey Poznyakoff  <gray@gnu.org.ua>
600
601	Allow for the use of `CALL proc' in MySQL queries.
602
603	* pam_sql/pam_mysql.c (flush_result): New static.
604	(mysql_do_query): Call mysql_real_connect with the
605	CLIENT_MULTI_RESULTS flag.
606	(check_query_result, mysql_setenv, gpam_sql_acct): Call flush_result
607	after freeing the result.
608
6092009-02-27  Sergey Poznyakoff  <gray@gnu.org.ua>
610
611	Minor changes
612
613	* pam_fshadow/pam_fshadow.c: Protect shadow-related code with
614	ifdefs.
615	* configure.ac: Check for shadow.h, struct spwd and fgetspent. Do
616	not disable pam_fshadow.c if they are not present.
617
618	Rewrite Makefile.am's in a clearer and simpler way
619
620	* configure.ac: Require libtool 2.2.5a
621	* Make.rules (.c.lo, .lo.la): Remove
622	(AM_LDFLAGS, INCLUDES, LIBS): New assignments.
623	* pam_sql/Makefile.am, pam_fshadow/Makefile.am,
624	pam_sql/Makefile.am, pam_regex/Makefile.am,
625	pam_log/Makefile.am: Rewrite.
626	* pam_sql/pam_sql.h, pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c.
627	pam_sql/pam_sql.c: Rewrite.
628	* pam_sql/sha1.h, pam_sql/md5.c, pam_sql/md5.h, pam_sql/sha1.c
629	* pam_fshadow/pam_fshadow.c: New option [no]shadow
630	* doc/pam-modules.texi: Update.
631
632	* lib/graypam.h (gray_trim_ws): New proto
633	* lib/strutil.c: New file.
634	* lib/Makefile.am: Add strutil.c
635
6362009-02-17  Sergey Poznyakoff  <gray@gnu.org.ua>
637
638	* pam_fshadow/Makefile.am: Build the module conditionally.
639	* pam_regex/Makefile.am: Likewise.
640	* pam_log/Makefile.am: Likewise.
641	* NEWS, README: Update.
642	* configure.ac: Raise version number to 1.5. Update bug-report
643	address.
644	Add options for disabling fshadow, log and regex.
645	* acinclude.m4: Prefix all macros with PM_
646	(PM_CHECK_LIB): Rewrite.
647
6482008-03-20  Sergey Poznyakoff  <gray@gnu.org.ua>
649
650	* configure.ac, NEWS: Version 1.4
651	* doc/pam-modules.texi: Update.
652	* doc/macros.texi (opsummary,kwsummary): Remove anchor
653	definitions, they cause grief in texi2html.
654
6552008-03-19  Sergey Poznyakoff  <gray@gnu.org.ua>
656
657	* doc/pam-modules.texi: Improve docs.
658
659	Documentation checking framework:
660
661	* doc/macros.texi, doc/check-docs.sh, doc/mastermenu.el,
662	doc/untabify.el, doc/rendition.texi: New files.
663	* pam_regex/pam_regex.c: Remove useless use_authtok option.
664	* pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c,
665	pam_sql/pam_sql.c: Pacify `make check-sql-config' in doc.
666	* doc/Makefile.am: Add check-* rules.
667	* doc/pam-modules.texi: Update.
668
669	* configure.ac: Check for pam libraries and header files.
670	* pam_sql/pam_mysql.c (mysql_setenv): Protect by #ifdef
671	HAVE_PAM_MISC_SETENV.  Prevent coredumps on NULL values.
672	* pam_sql/pam_pgsql.c (pgsql_setenv): Likewise.
673	* pam_sql/Makefile.am (pam_mysql_la_LDADD,pam_pgsql_la_LDADD): Add
674	@PAM_MISC@.
675	* pam_sql/pam_sql.c (read_config): Read lines of arbitrary length.
676
677	* pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c: Implement `setenv'
678	method.
679	* pam_sql/pam_sql.c, pam_fshadow/pam_fshadow (_pam_get_password):
680	Set PAM_AUTHTOK.
681
6822008-03-17  Sergey Poznyakoff  <gray@gnu.org.ua>
683
684	* doc/pam-modules.texi: Update.
685
686	* pam_fshadow/pam_fshadow.c, pam_sql/pam_mysql.c,
687	pam_sql/pam_sql.c, pam_regex/pam_regex.c: Ensure passwords might
688	get divulged only at debugging level 100.
689
6902008-03-16  Sergey Poznyakoff  <gray@gnu.org.ua>
691
692	Add session management to pam_sql.
693
694	* NEWS, configure.ac: Updated. Set version to 1.3.90.
695
696	* lib/escape.c, lib/vartab.c: New files.
697	* lib/graypam.h (gray_expand_argv)
698	(gray_expand_string, gray_escape_string): New functions.
699	(struct keyword): New declaration.
700	(gray_find_keyword): New function.
701	* lib/Makefile.am (libgraypam_la_SOURCES): Add vartab.c and
702	escape.c.
703
704	* pam_log/pam_log.c: Use gray_find_keyword and gray_expand_argv.
705
706	* pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c (verify_user_pass):
707	Change signature.
708	(sql_acct): New function.
709	* pam_sql/pam_sql.c (verify_user_pass): Change signature.
710	(_pam_parse): Initialize globals.
711	(free_config): Reset config_env to NULL.
712	(read_config): Set config_env to NULL.
713	(get_query,get_query2): New functions.
714	(pam_sm_authenticate): Call gray_pam_init, update call to
715	verify_user_pass.
716	(sql_session_mgmt,pam_sm_open_session,pam_sm_close_session): New
717	functions.
718
7192008-03-15  Sergey Poznyakoff  <gray@gnu.org.ua>
720
721	* pam_regex/pam_regex.c (pam_opt): Fix a typo: rename "user_name"
722	option to "user".
723	(pam_sm_authenticate): Bugfix
724
7252008-03-15  Sergey Poznyakoff  <gray@gnu.org.ua>
726
727	-= Release 1.3 =-
728
7292008-03-15  Sergey Poznyakoff  <gray@gnu.org.ua>
730
731	Initial framework for LDAP-style password hashes.
732
733	* pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c: Call
734	gray_check_ldap_pass if configuration variable allow-ldap-pass is
735	set.
736	* lib/graypam.h (gray_base64_decode, gray_check_ldap_pass): New
737	prototypes.
738	* lib/Makefile.am (libgraypam_la_SOURCES): Add new files.
739	* lib/sha1.h, lib/base64.c, lib/md5.c, lib/ldappass.c, lib/md5.h,
740	lib/sha1.c: New files.
741
7422008-03-14  Sergey Poznyakoff  <gray@gnu.org.ua>
743
744	* doc/Makefile.am: Use texi2html to produce html files.
745	* doc/gendocs_template: Use latest version from Texinfo.
746
747	-= Release 1.2 =-
748
749	* lib/graypam.h: Minor change.
750	* pam_sql/pam_pgsql.c (verify_user_pass): port is optional.
751	Fix erroneous argument to PQsetdbLogin.
752	* pam_sql/pam_sql.c (pam_opt): Bugfix.
753
754	* doc/pam-modules.texi: Minor change.
755
756	* NEWS, doc/pam-modules.texi: Document new regexp default for
757	pam_fshadow.c
758
759	* lib/parseopt.c: New file.
760	* lib/Makefile.am (libgraypam_la_SOURCES): Add parseopt.c
761	* lib/graypam.h (gray_parseopt, gray_wait_debug_fun): New
762	functions
763	(CNTL_DEBUG_LEV, CNTL_SET_DEBUG_LEV): Removed.
764	* lib/log.c (gray_wait_debug): New functions.
765	* pam_fshadow/pam_fshadow.c, pam_sql/pam_sql.c,
766	pam_regex/pam_regex.c, pam_log/pam_log.c: Use gray_parseopt for
767	command line parsing.
768
7692008-03-13  Sergey Poznyakoff  <gray@gnu.org.ua>
770
771	* configure.ac (PAM_COMMON_INCLUDES): Add -I${top_srcdir}/lib.
772	(AC_OUTPUT): Add lib/Makefile.
773	* doc/pam-modules.texi: Document `transform' option.
774	* Make.rules: New file.
775
776	* lib/mem.c, lib/slist.c, lib/log.c, lib/converse.c,
777	lib/graypam.h, lib/Makefile.am, lib/transform.c.
778
779	* pam_regex/pam_regex.c: Implement user name transformations.
780
781	* pam_fshadow/Makefile.am, pam_sql/Makefile.am:
782	Add ../lib/libgraypam.la to LDADD
783	* pam_fshadow/pam_fshadow.c, pam_sql/pam_mysql.c,
784	pam_sql/pam_pgsql.c, pam_sql/pam_sql.c: Use functions from ../lib.
785
7862007-08-28  Sergey Poznyakoff  <gray@gnu.org.ua>
787
788	* pam_fshadow/Makefile.am, pam_regex/Makefile.am,
789	pam_log/Makefile.am: Place INCLUDES in front of CPPFLAGS
790
791	* pam_sql/Makefile.am: Place INCLUDES in front of CPPFLAGS
792	(pam_mysql.la): Redo rule
793
794	* pam_sql/sha1.h, pam_sql/sha1.c, pam_sql/md5.h, pam_sql/md5.c:
795	Replace with another version
796
797	* pam_fshadow/pam_fshadow.c: Minor change
798	* pam_sql/pam_mysql.c (sql_expand_query): Bugfix
799	Implement pure md5 passwords
800	(verify_user_pass): Lots of bugfixes
801	* pam_sql/pam_sql.c (read_config): Lots of bugfixes
802	(pam_sm_setcred,pam_sm_acct_mgmt): Add required functions
803
8042007-08-14  Sergey Poznyakoff  <gray@gnu.org.ua>
805
806	* NEWS, configure.ac: Version 1.2
807
808	* pam_fshadow/pam_fshadow.c: Include config.h and time.h
809	* pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c, pam_sql/pam_sql.c: Use
810	_pam_log for diagnostics.
811	* pam_regex/pam_regex.c (pam_sm_authenticate): Remove unused variable.
812	* configure.ac: New option --enable-debug
813	* common.c (wait_debug): Bugfix
814	* pam_log/pam_log.c: Include ctype.h
815	(parse_priority): Change return type.
816	* pam_fshadow/Makefile.am, pam_log/Makefile.am,
817	pam_regex/Makefile.am, pam_sql/Makefile.am: Use CPPFLAGS in cc rules.
818
8192007-08-06  Sergey Poznyakoff  <gray@gnu.org.ua>
820
821        Relicense under GPLv3.
822
8232007-08-05  Sergey Poznyakoff  <gray@gnu.org.ua>
824
825	* NEWS: Update
826	* configure.ac: Version 1.0.90
827	* common.c: Include regex.h;
828	(_cleanup_regex, make_str): New functions
829	* doc/pam-modules.texi: Update
830	* pam_fshadow/Makefile.am (pam_fshadow_la_LDADD): Add @LIBS@
831	* pam_fshadow/pam_fshadow.c: Implement virtual domain
832	authentication.
833	* pam_regex/pam_regex.c (make_str): Moved to ../common.c
834	* pam_sql/pam_sql.c (verify_user_pass): static
835
8362006-09-06  Sergey Poznyakoff  <gray@gnu.org.ua>
837
838	* configure.ac: New option --without-sql
839
840	* doc/pam-modules.texi: Updated
841	* common.c: Moved here syslog-reporting and debugging functions
842	* pam_fshadow/Makefile.am (AM_CPPFLAGS): Define MODULE_NAME
843	* pam_log/Makefile.am: Likewise
844	* pam_regex/Makefile.am: Likewise
845
846	* pam_fshadow/pam_fshadow.c: Update
847	* pam_regex/pam_regex.c: Update
848	* pam_sql/pam_sql.c: Update
849
850	* pam_sql/pam_mysql.c (sql_expand_query): Bugfix
851	* pam_sql/pam_pgsql.c (sql_expand_query): Bugfix
852
853	* pam_log/pam_log.c: Implemented
854
8552006-09-06  Sergey Poznyakoff  <gray@gnu.org.ua>
856
857	* acinclude.m4: New file
858	* common.c: New file
859	* pam_log: New directory
860	* pam_log/pam_log.c: New file
861	* pam_log/Makefile.am: New file
862	* pam_log/.cvsignore: New file
863
864	* pam_sql: New directory
865	* pam_sql/Makefile.am: New file
866	* pam_sql/pam_mysql.c: New file
867	* pam_sql/pam_pgsql.c: New file
868	* pam_sql/pam_sql.c: New file
869	* pam_sql/pam_sql.h: New file
870	* pam_sql/sha1.c: New file
871	* pam_sql/sha1.h: New file
872	* pam_sql/.cvsignore: New file
873
874	* Makefile.am (SUBDIRS): Add pam_log pam_sql
875	* configure.ac: Add library versioning. Check for libmysqlclient
876	and libpq. Create pam_log/Makefile and pam_sql/Makefile
877	* pam_fshadow/Makefile.am, pam_regex/Makefile.am: Update
878	* pam_fshadow/pam_fshadow.c, pam_regex/pam_regex.c: Include <common.c>
879
8802006-09-04  Sergey Poznyakoff  <gray@gnu.org.ua>
881
882	* pam_regex/pam_regex.c: New option 'user=[arg]'
883	* doc/pam-modules.texi: Update
884
8852005-08-18  Sergey Poznyakoff  <gray@gnu.org.ua>
886
887	* autogen.sh: Updated
888	* pam_regex/pam_regex.c: Use stdarg.h
889	(regex): Made const
890
891	* NEWS: Updated
892	* README: Updated
893	* configure.ac: Change auxiliary directory to build-aux, change
894	version number to 1.0, change bug report address.
895
896	* doc: New directory
897	* doc/Makefile.am: New file
898	* doc/pam-modules.texi: New file
899	* doc/gendocs_template: New file
900	* doc/fdl.texi: New file
901	* doc/.cvsignore: New file
902
903	* configure.ac: Add doc/
904	* Makefile.am: Likewise
905	* pam_fshadow/pam_fshadow.c: Updated copyright statement
906	* pam_regex/pam_regex.c: Likewise
907
9082004-05-27  Sergey Poznyakoff  <gray@Mirddin.farlep.net>
909
910	* INSTALL: Removed
911	* Makefile.in: Removed
912	* pam_fshadow/Makefile.in: Removed
913	* pam_regex/Makefile.in: Removed
914	* .cvsignore: New file
915	* pam_fshadow/.cvsignore: New file
916	* pam_regex/.cvsignore: New file
917	* pam_fshadow/pam_fshadow.c: Minor fixes.
918	* README: Updated
919	* autogen.sh: Updated
920
9212004-02-09  Sergey Poznyakoff  <gray@Mirddin.farlep.net>
922
923	* Put the two modules in a single packet and imported them
924	to CVS.
925
9262001-09-22  Sergey Poznyakoff <gray@mirddin.farlep.net>
927
928	First release.
929
930
931
932Local Variables:
933mode: change-log
934version-control: never
935buffer-read-only: t
936End:
937