Lines Matching +full:mixed +full:- +full:signals
1 OpenPAM Zingiber 2025-05-31
3 - BUGFIX: In openpam_borrow_cred(3), the wrong debugging macro was
7 - ENHANCE: Allow missing modules or subpolicies to be ignored.
9 - ENHANCE: Previously, OpenPAM was hardcoded to look for policies in
13 OpenPAM Ximenia 2023-06-27
15 - BUGFIX: Fix race condition in openpam_ttyconv(3) when used with
18 - BUGFIX: In openpam_set_option(3), when removing an option, properly
21 - BUGFIX: In openpam_subst(3), avoid incrementing past the end of the
24 OpenPAM Tabebuia 2019-02-24
26 - BUGFIX: Fix off-by-one bug in pam_getenv(3) which was introduced in
29 - ENHANCE: Add unit tests for pam_{get,put,set}env(3).
31 OpenPAM Resedacea 2017-04-30
33 - BUGFIX: Reinstore the NULL check in pam_end(3) which was removed in
34 OpenPAM Radula, as it breaks common error-handling constructs.
36 - BUGFIX: Return PAM_SYMBOL_ERR instead of PAM_SYSTEM_ERR from the
39 - ENHANCE: Introduce the PAM_BAD_HANDLE error code for when pamh is
42 - ENHANCE: Introduce the PAM_BAD_ITEM, PAM_BAD_FEATURE and
47 - ENHANCE: Improve the RETURN VALUES section in API man pages,
49 documented as returning -1 on failure.
51 OpenPAM Radula 2017-02-19
53 - BUGFIX: Fix an inverted test which prevented pam_get_authtok(3) and
54 pam_get_user(3) from using application-provided custom prompts.
56 - BUGFIX: Plug a memory leak in pam_set_item(3).
58 - BUGFIX: Plug a potential memory leak in openpam_readlinev(3).
60 - BUGFIX: In openpam_readword(3), support line continuations within
63 - ENHANCE: Add a feature flag to control fallback to "other" policy.
65 - ENHANCE: Add a pam_return(8) module which returns an arbitrary
68 - ENHANCE: More and better unit tests.
70 OpenPAM Ourouparia 2014-09-12
72 - ENHANCE: When executing a chain, require at least one service
73 function to succeed. This mitigates fail-open scenarios caused by
76 - ENHANCE: Make sure to overwrite buffers which may have contained an
79 - BUGFIX: Under certain circumstances, specifying a non-existent
81 result in a fail-open scenario. (CVE-2014-3879)
83 - FEATURE: Add a search path for modules. This was implemented in
86 - BUGFIX: The is_upper() predicate only accepted the letter A as an
87 upper-case character instead of the entire A-Z range. As a result,
88 service and module names containing upper-case letters other than A
91 OpenPAM Nummularia 2013-09-07
93 - ENHANCE: Rewrite the dynamic loader to improve readability and
98 - ENHANCE: Allow openpam_straddch(3) to be called without a character
101 - ENHANCE: Improve portability by adding simple asprintf(3) and
104 - ENHANCE: Move the libpam sources into a separate subdirectory.
106 - ENHANCE: Substantial documentation improvements.
108 - BUGFIX: When openpam_readword(3) encountered an opening quote, it
115 - BUGFIX: make --with-modules-dir work the way it was meant to work
118 OpenPAM Micrampelis 2012-05-26
120 - FEATURE: Add an openpam_readword(3) function which reads the next
124 - FEATURE: Add an openpam_readlinev(3) function which uses the
130 - FEATURE: Add a PAM_HOST item which pam_start(3) initializes to the
134 - FEATURE: In pam_get_authtok(3), if neither the application nor the
139 - ENHANCE: Rewrite the policy parser to used openpam_readlinev(),
142 - ENHANCE: The previous implementation of the policy parser relied on
149 - ENHANCE: On platforms that have it, use fdlopen(3) to load modules.
153 - ENHANCE: Reduce the amount of pointless error messages generated
156 - ENHANCE: Numerous documentation improvements, both in content and
159 - BUGFIX: A patch incorporated in Lycopsida inadvertantly changed
164 - BUGFIX: Plug a memory leak in the policy parser.
166 OpenPAM Lycopsida 2011-12-18
168 - ENHANCE: removed static build autodetection, which didn't work
169 anyway. Use an explicit, user-specified preprocessor variable
172 - ENHANCE: cleaned up the documentation a bit.
174 - ENHANCE: added openpam_subst(3), allowing certain PAM items to be
178 - ENHANCE: added support for the user_prompt, authtok_prompt and
182 - ENHANCE: rewrote the policy parser to support quoted option values.
184 - ENHANCE: added pamtest(1), a tool for testing modules and policies.
186 - ENHANCE: added code to check the ownership and permissions of a
189 - ENHANCE: added / improved input validation in many cases, including
190 the policy file and some function arguments. (CVE-2011-4122)
192 OpenPAM Hydrangea 2007-12-21
194 - ENHANCE: when compiling with GCC, mark up API functions with GCC
197 - BUGFIX: fixed numerous warnings uncovered by GCC 4.
199 - ENHANCE: building the documentation is now optional.
201 - ENHANCE: corrected a number of mistakes and style issues in the
204 - ENHANCE: API function arguments are now const where appropriate, to
205 match corresponding changes in the Solaris PAM and Linux-PAM APIs.
207 - ENHANCE: corrected a number of C namespace violations.
209 - ENHANCE: the module cache has been removed, allowing long-lived
213 was not thread-safe.
215 OpenPAM Figwort 2005-06-16
217 - BUGFIX: Correct several small signedness and initialization bugs
220 - BUGFIX: Modify gendoc.pl to sort cross-references in dictionary
223 - ENHANCE: if a policy specifies a relative module path, prepend the
226 - ENHANCE: add a pam.conf(5) manual page.
228 OpenPAM Feterita 2005-02-01
230 - BUGFIX: Correct numerous markup errors, invalid cross-references,
234 - BUGFIX: Avoid multiple evaluation of macro arguments in ENTERX()
237 - BUGFIX: Remove an unnecessary and non-portable pointer cast in
240 - BUGFIX: Fix identical typos in PAM_ACCT_EXPIRED case in
243 - ENHANCE: Minor overhaul of the autoconf / build system.
245 - ENHANCE: Add openpam_free_envlist(3).
247 OpenPAM Eelgrass 2004-02-10
249 - BUGFIX: Correct array handling bugs in conversation code.
251 - BUGFIX: In openpam_ttyconv(3), don't strip trailing linear
254 - BUGFIX: Many constness issues addressed.
256 OpenPAM Dogwood 2003-07-15
258 - ENHANCE: Use the GNU autotools.
260 - ENHANCE: Constify the msg field in struct pam_message.
262 - BUGFIX: Remove left-over debugging output
264 - BUGFIX: Avoid side effects in arguments to the FREE() macro
266 - ENHANCE: Make openpam_ttyconv(3) use read(2) rather than fgets(3).
268 - BUGFIX: Staticize some variables which shouldn't be global.
270 - BUGFIX: Correcly anticipate a NULL user in pam_get_user(3).
272 - ENHANCE: Various minor documentation improvements.
277 OpenPAM Digitalis 2003-06-01
279 - ENHANCE: Completely rewrite the configuration parser and add
282 - ENHANCE: Improve portability to NetBSD, OpenBSD and Linux.
284 - ENHANCE: Lots of additional paranoia.
286 - BUGFIX: The sample su(1) application dropped privileges before
289 - ENHANCE: Document openpam_log(3).
291 - ENHANCE: Other minor documentation fixes.
296 OpenPAM Dianthus 2003-05-02
298 - BUGFIX: Initialize some potentially uninitialized variables.
300 - BUGFIX: Silence some warnings emitted by gcc -std=iso9899:1999.
302 - BUGFIX: In pam_getenv(), return a pointer to the stored variable
305 - ENHANCE: Detect recursion in openpam_borrow_cred()
307 - ENHANCE: Make borrowing one's own credentials a no-op.
309 - ENHANCE: Further improve debugging support.
311 - ENHANCE: Clean up some variable names.
313 OpenPAM Daffodil 2003-01-06
315 - ENHANCE: Document dependency on <sys/types.h> (for size_t)
317 - ENHANCE: Slightly improve error detection in openpam_ttyconv().
319 - BUGFIX: Fix several typos in debugging macros.
321 OpenPAM Cyclamen 2002-12-12
323 - ENHANCE: Improve recursion detection in openpam_dispatch().
325 - ENHANCE: Add debugging messages at entry and exit points of most
328 - ENHANCE: Fix some minor style issues.
330 - BUGFIX: Add default cases to the switches in openpam_log.c.
332 - ENHANCE: Add /usr/local/etc/pam.conf to policy search path.
334 - BUGFIX: In openpam_ttyconv(3), print the prompt to stdout rather
337 OpenPAM Citronella 2002-06-30
339 - ENHANCE: Add the "binding" control flag (from Solaris 9).
341 - ENHANCE: Define struct pam_repository and PAM_REPOSITORY (from
344 - ENHANCE: Flesh out the pam(3) man page.
346 - ENHANCE: Add an openpam(3) page with cross-references to all the
349 - ENHANCE: Add a pam_conv(3) man page describing the conversation
352 - ENHANCE: Improved sample application.
354 - ENHANCE: Added sample pam_unix module.
356 - BUGFIX: Various documentation nits.
358 OpenPAM Cinquefoil 2002-05-24
360 - BUGFIX: Various warnings uncovered by gcc 3.1.
362 - ENHANCE: Add a null conversation function, openpam_nullconv(3).
364 - BUGFIX: Initialize the "other" chain to all zeroes.
366 - ENHANCE: Document openpam_ttyconv(3).
368 OpenPAM Cinnamon 2002-05-02
370 - ENHANCE: Add a null conversation function, openpam_nullconv().
372 - BUGFIX: Various markup bugs in the documentation.
374 - BUGFIX: Document <security/openpam.h>.
376 - BUGFIX: Duplicate expansion of openpam_log() macro arguments.
378 - ENHANCE: Restructure the policy-loading code and align our use of
379 the "other" policy with Solaris and Linux-PAM.
381 - ENHANCE: Log dlopen() and dlsym() failures.
383 - ENHANCE: In openpam_ttyconv(), emit a newline after error and info
386 - BUGFIX: In pam_vprompt(), initialize the response pointer to NULL
389 OpenPAM Cineraria 2002-04-14
391 - BUGFIX: Fix confusion between token and prompt in
394 - ENHANCE: Improved documentation.
396 - ENHANCE: Adopt the same preprocessor tricks that were used in
397 FreeBSD's version of Linux-PAM to simplify static linking without
400 - ENHANCE: Move the policy-loading code out of pam_start.c.
402 - BUGFIX: Fix typo in one of the versions of the openpam_log macro.
404 - ENHANCE: Add versioning macros.
406 OpenPAM Cinchona 2002-04-08
408 - ENHANCE: Improved documentation for several API functions.
410 - BUGFIX: Fix bug in pam_set_data() that would result in corruption
413 - BUGFIX: Allocate the correct amount of memory for the environment
416 - ENHANCE: Change pam_get_authtok()'s prototype so the caller can
419 - BUGFIX: Plug memory leak in pam_get_user() / pam_get_authtok(), and
422 - ENHANCE: Check flags carefully in pam_authenticate() and
425 - BUGFIX: Fix bugs in portability code; libpam now builds on NetBSD.
427 - ENHANCE: In pam_get_authtok(), if PAM_OLDAUTHTOK is set, we're
431 - ENHANCE: Add openpam_{borrow,restore}_cred(), for temporarily
434 - ENHANCE: Add openpam_free_data(), a generic cleanup function for
437 OpenPAM Centaury 2002-03-14
439 - BUGFIX: Add missing #include <string.h> to openpam_log.c.
441 - BUGFIX: s/PAM_REINITIALISE_CRED/PAM_REINITIALIZE_CRED/. XSSO uses
442 the former, but Solaris and Linux-PAM use the latter.
444 - BUGFIX: The dynamic loader and the module cache contained a number
449 - BUGFIX: Refer to a module by the name used in the policy file, even
452 - ENHANCE: Suppress debugging logs, unless compiled with -DDEBUG.
454 OpenPAM Celandine 2002-03-05
456 - BUGFIX: PAM_TRY_AGAIN is a valid return value for pam_chauthtok().
458 - BUGFIX: Run passwd chain twice, first with the PAM_PRELIM_CHECK
461 - BUGFIX: Failure of a "sufficient" module should not terminate the
464 - BUGFIX: Clear PAM_AUTHTOK after running the service modules.
466 - ENHANCE: Prevent applications from specifying the PAM_PRELIM_CHECK
469 - BUGFIX: openpam_set_option() did not support changing the value of
472 - ENHANCE: Add support for module versioning. OpenPAM will prefer a
476 OpenPAM Cantaloupe 2002-02-22
478 - BUGFIX: The proper use of PAM_SYMBOL_ERR is to indicate an invalid
481 - ENHANCE: Add in-line documentation in most source files, and a Perl
484 - BUGFIX: The environment list was not properly NULL-terminated.
486 - ENHANCE: Allow the PAM_AUTHTOK_PROMPT item to override the prompt
489 - BUGFIX: PAM_NUM_ITEMS was set too low. It has been moved to
492 - ENHANCE: Move all code related to static modules into a separate
495 - ENHANCE: openpam_ttyconv() now masks most signals while prompting the
498 - BUGFIX: Some manual pages referenced XSSO even though they
499 documented OpenPAM-specific functions.
501 - ENHANCE: Added openpam_get_option() and openpam_set_option().
503 - ENHANCE: openpam_get_authtok() now respects the echo_pass,
506 OpenPAM Caliopsis 2002-02-13
509 - a number of bugs in and related to pam_[gs]et_item(3)
510 - off-by-one bug in pam_start.c would trim last character off certain
512 - incorrect ordering of an array in openpam_load.c would cause service
513 module functions to get mixed up
514 - missing 'continue' in openpam_dispatch.c caused successes to be
517 OpenPAM Calamite 2002-02-09