| History log of /src/external/bsd/openpam/dist/include/security/pam_constants.h |
| Revision | | Date | Author | Comments |
| 1.8 |
| 30-Jun-2023 |
christos | merge openpam ximenia
|
| 1.7 |
| 08-Mar-2021 |
christos | Appease new lint enum errors
|
| 1.6 |
| 06-May-2017 |
christos | merge conflicts
|
| 1.5 |
| 24-Oct-2014 |
christos | branches: 1.5.6;
merge conflicts
|
| 1.4 |
| 27-Dec-2013 |
christos | merge conflicts
|
| 1.3 |
| 06-Apr-2013 |
christos | merge conflicts
|
| 1.2 |
| 25-Dec-2011 |
christos | branches: 1.2.4; 1.2.8;
apply our changes.
|
| 1.1 |
| 25-Dec-2011 |
christos | branches: 1.1.1;
Initial revision
|
| 1.1.1.8 |
| 03-Sep-2025 |
christos | Import zingiber-2025-05-31 (previous was ximenia-2023-06-27)
- BUGFIX In openpam_borrow_cred(3), the wrong debugging macro was
being used, which resulted in an attempt to interpret the target
UID as an item identifier.
- ENHANCE Allow missing modules or subpolicies to be ignored.
- ENHANCE Previously, OpenPAM was hardcoded to look for policies
in /usr/local/etc in addition to /etc and modules in /usr/local/lib
in addition to /usr/lib. This is now configurable at compile time.
|
| 1.1.1.7 |
| 03-Sep-2025 |
christos | Import zingiber-2025-05-31 (previous was ximenia-2023-06-27)
- BUGFIX In openpam_borrow_cred(3), the wrong debugging macro was
being used, which resulted in an attempt to interpret the target
UID as an item identifier.
- ENHANCE Allow missing modules or subpolicies to be ignored.
- ENHANCE Previously, OpenPAM was hardcoded to look for policies
in /usr/local/etc in addition to /etc and modules in /usr/local/lib
in addition to /usr/lib. This is now configurable at compile time.
|
| 1.1.1.6 |
| 30-Jun-2023 |
christos | Import ximenia (last was tabebuia)
- BUGFIX: Fix race condition in openpam_ttyconv(3) when used with
expect scripts.
- BUGFIX: In openpam_set_option(3), when removing an option, properly
decrement the option count.
- BUGFIX: In openpam_subst(3), avoid incrementing past the end of the
template.
|
| 1.1.1.5 |
| 06-May-2017 |
christos | OpenPAM Resedacea 2017-04-30
- BUGFIX: Reinstore the NULL check in pam_end(3) which was removed in
OpenPAM Radula, as it breaks common error-handling constructs.
- BUGFIX: Return PAM_SYMBOL_ERR instead of PAM_SYSTEM_ERR from the
dispatcher when the required service function could not be found.
- ENHANCE: Introduce the PAM_BAD_HANDLE error code for when pamh is
NULL in API functions that have a NULL check.
- ENHANCE: Introduce the PAM_BAD_ITEM, PAM_BAD_FEATURE and
PAM_BAD_CONSTANT error codes for situations where we previously
incorrectly used PAM_SYMBOL_ERR to denote that an invalid constant
had been passed to an API function.
- ENHANCE: Improve the RETURN VALUES section in API man pages,
especially for functions that cannot fail, which were incorrectly
documented as returning -1 on failure.
|
| 1.1.1.4 |
| 24-Oct-2014 |
christos | OpenPAM Ourouparia 2014-09-12
- ENHANCE: When executing a chain, require at least one service
function to succeed. This mitigates fail-open scenarios caused by
misconfigurations or missing modules.
- ENHANCE: Make sure to overwrite buffers which may have contained an
authentication token when they're no longer needed.
- BUGFIX: Under certain circumstances, specifying a non-existent
module (or misspelling the name of a module) in a policy could
result in a fail-open scenario. (CVE-2014-3879)
- FEATURE: Add a search path for modules. This was implemented in
Nummularia but inadvertently left out of the release notes.
- BUGFIX: The is_upper() predicate only accepted the letter A as an
upper-case character instead of the entire A-Z range. As a result,
service and module names containing upper-case letters other than A
would be rejected.
|
| 1.1.1.3 |
| 27-Dec-2013 |
christos | Import openpam-20130907
|
| 1.1.1.2 |
| 06-Apr-2013 |
christos | Import openpam-20120526
|
| 1.1.1.1 |
| 25-Dec-2011 |
christos | from sourceforge
ENHANCE: removed static build autodetection, which didn't work anyway.
Use an explicit, user-specified preprocessor variable instead.
ENHANCE: cleaned up the documentation a bit.
ENHANCE: added openpam_subst(3), allowing certain PAM items to be embedded
in strings such as prompts. Apply it to the prompts used by
pam_get_user(3) and pam_get_authtok(3).
ENHANCE: added support for the user_prompt, authtok_prompt and
oldauthtok_prompt module options, which override the prompts passed
by the module to pam_set_user(3) and pam_get_authtok(3).
ENHANCE: rewrote the policy parser to support quoted option values.
ENHANCE: added pamtest(1), a tool for testing modules and policies.
ENHANCE: added code to check the ownership and permissions of a module before
loading it.
ENHANCE: added / improved input validation in many cases, including the policy
file and some function arguments.
|
| 1.2.8.2 |
| 19-Aug-2014 |
tls | Rebase to HEAD as of a few days ago.
|
| 1.2.8.1 |
| 23-Jun-2013 |
tls | resync from head
|
| 1.2.4.3 |
| 22-May-2014 |
yamt | sync with head.
for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
|
| 1.2.4.2 |
| 17-Apr-2012 |
yamt | sync with head
|
| 1.2.4.1 |
| 25-Dec-2011 |
yamt | file pam_constants.h was added on branch yamt-pagecache on 2012-04-17 00:03:58 +0000
|
| 1.5.6.1 |
| 11-May-2017 |
pgoyette | Sync with HEAD
|
