Hello community, here is the log from the commit of package pam_wrapper for openSUSE:Factory checked in at 2017-04-11 09:46:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pam_wrapper (Old) and /work/SRC/openSUSE:Factory/.pam_wrapper.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam_wrapper" Tue Apr 11 09:46:47 2017 rev:4 rq:486451 version:1.0.3 Changes: -------- --- /work/SRC/openSUSE:Factory/pam_wrapper/pam_wrapper.changes 2016-06-09 16:16:22.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.pam_wrapper.new/pam_wrapper.changes 2017-04-11 09:46:49.071056426 +0200 @@ -1,0 +2,7 @@ +Fri Apr 7 14:22:09 UTC 2017 - a...@cryptomilk.org + +- Update to version 1.0.3 + * Fixed some build issues with strict compiler flags + * Logging to syslog is disabled by default + +------------------------------------------------------------------- Old: ---- pam_wrapper-1.0.2.tar.gz New: ---- pam_wrapper-1.0.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam_wrapper.spec ++++++ --- /var/tmp/diff_new_pack.OZZkK9/_old 2017-04-11 09:46:50.086912923 +0200 +++ /var/tmp/diff_new_pack.OZZkK9/_new 2017-04-11 09:46:50.086912923 +0200 @@ -1,7 +1,7 @@ # # spec file for package pam_wrapper # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ ############################# NOTE ################################## Name: pam_wrapper -Version: 1.0.2 +Version: 1.0.3 Release: 0 Summary: A tool to test PAM applications and PAM modules ++++++ pam_wrapper-1.0.2.tar.gz -> pam_wrapper-1.0.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_wrapper-1.0.2/CMakeLists.txt new/pam_wrapper-1.0.3/CMakeLists.txt --- old/pam_wrapper-1.0.2/CMakeLists.txt 2016-05-24 08:00:43.000000000 +0200 +++ new/pam_wrapper-1.0.3/CMakeLists.txt 2017-04-06 13:42:21.000000000 +0200 @@ -8,7 +8,7 @@ set(APPLICATION_VERSION_MAJOR "1") set(APPLICATION_VERSION_MINOR "0") -set(APPLICATION_VERSION_PATCH "2") +set(APPLICATION_VERSION_PATCH "3") set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINOR}.${APPLICATION_VERSION_PATCH}") @@ -47,7 +47,7 @@ find_package(Threads) find_package(PythonInterp) -set(Python_ADDITIONAL_VERSIONS 2.6 2.7 3.3 3.4) +set(Python_ADDITIONAL_VERSIONS 2.6 2.7 3.3 3.4 3.6) find_package(PythonLibs) find_package(PythonSiteLibs) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_wrapper-1.0.2/ChangeLog new/pam_wrapper-1.0.3/ChangeLog --- old/pam_wrapper-1.0.2/ChangeLog 2016-05-24 08:00:21.000000000 +0200 +++ new/pam_wrapper-1.0.3/ChangeLog 2017-04-06 13:42:21.000000000 +0200 @@ -1,6 +1,10 @@ ChangeLog ========== +version 1.0.3 (released 2017-04-06) + * Fixed some build issues with strict compiler flags + * Logging to syslog is disabled by default + version 1.0.2 (released 2016-05-24) * Fixed pam_wrapper on some BSDs * Fixed simple conversation in libpamtest diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_wrapper-1.0.2/ConfigureChecks.cmake new/pam_wrapper-1.0.3/ConfigureChecks.cmake --- old/pam_wrapper-1.0.2/ConfigureChecks.cmake 2015-12-10 16:38:34.000000000 +0100 +++ new/pam_wrapper-1.0.3/ConfigureChecks.cmake 2017-04-06 08:36:08.000000000 +0200 @@ -46,11 +46,6 @@ check_function_exists(vsnprintf HAVE_VSNPRINTF) check_function_exists(snprintf HAVE_SNPRINTF) -set(CMAKE_REQUIRED_LIBRARIES pam) -check_function_exists(pam_vsyslog HAVE_PAM_VSYSLOG) -check_function_exists(pam_syslog HAVE_PAM_SYSLOG) -set(CMAKE_REQUIRED_LIBRARIES) - check_prototype_definition(pam_vprompt "int pam_vprompt(const pam_handle_t *_pamh, int _style, char **_resp, const char *_fmt, va_list _ap)" "-1" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_wrapper-1.0.2/config.h.cmake new/pam_wrapper-1.0.3/config.h.cmake --- old/pam_wrapper-1.0.2/config.h.cmake 2015-12-10 16:38:34.000000000 +0100 +++ new/pam_wrapper-1.0.3/config.h.cmake 2017-04-06 08:36:08.000000000 +0200 @@ -20,14 +20,9 @@ #cmakedefine HAVE_SECURITY_PAM_MODULES_H 1 #cmakedefine HAVE_SECURITY_PAM_EXT_H 1 #cmakedefine HAVE_OPENPAM ${HAVE_OPENPAM} -#cmakedefine HAVE_PAM_SYSLOG 1 -#cmakedefine HAVE_PAM_VSYSLOG 1 /*************************** FUNCTIONS ***************************/ -/* Define to 1 if you have the `seteuid' function. */ -#cmakedefine HAVE_SETEUID 1 - #cmakedefine HAVE_PAM_VSYSLOG 1 #cmakedefine HAVE_PAM_SYSLOG 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_wrapper-1.0.2/doc/pam_wrapper.1 new/pam_wrapper-1.0.3/doc/pam_wrapper.1 --- old/pam_wrapper-1.0.2/doc/pam_wrapper.1 2015-12-10 16:38:34.000000000 +0100 +++ new/pam_wrapper-1.0.3/doc/pam_wrapper.1 2017-04-06 13:42:21.000000000 +0200 @@ -1,13 +1,13 @@ '\" t .\" Title: pam_wrapper .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 2015-11-04 +.\" Generator: DocBook XSL Stylesheets v1.79.0 <http://docbook.sf.net/> +.\" Date: 2017-04-06 .\" Manual: \ \& .\" Source: \ \& .\" Language: English .\" -.TH "PAM_WRAPPER" "1" "2015\-11\-04" "\ \&" "\ \&" +.TH "PAM_WRAPPER" "1" "2017\-04\-06" "\ \&" "\ \&" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -100,6 +100,11 @@ .RE .RE .PP +\fBPAM_WRAPPER_USE_SYSLOG\fR +.RS 4 +By default pam logs will go to the pam_wrapper DEBUG log level and will not be sent to the syslog\&. If you want to log to the syslog to you can set this variable to 1\&. +.RE +.PP \fBPAM_WRAPPER_KEEP_DIR\fR .RS 4 If this option is set to 1, then pam_wrapper won\(cqt delete its temporary directories\&. Mostly useful for pam_wrapper development\&. @@ -123,7 +128,7 @@ .sp The name of the file should represent the service name used by your PAM application\&. .sp -LD_PRELOAD=\&./libpam_wrapper\&.so PAM_WRAPPER=1 PAM_WRAPPER_SERVICE_DIR=pam_services/ \&./my_pam_app +LD_PRELOAD=\&./libpam_wrapper\&.so PAM_WRAPPER=1 PAM_WRAPPER_SERVICE_DIR=\&./pam_services \&./my_pam_app .SH "PAM_MATRIX" .sp We offer a module to make testing of PAM applications easier\&. You find more information in the pam_matrix(8) manpage\&. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_wrapper-1.0.2/doc/pam_wrapper.1.txt new/pam_wrapper-1.0.3/doc/pam_wrapper.1.txt --- old/pam_wrapper-1.0.2/doc/pam_wrapper.1.txt 2015-12-10 16:38:34.000000000 +0100 +++ new/pam_wrapper-1.0.3/doc/pam_wrapper.1.txt 2017-04-06 13:42:21.000000000 +0200 @@ -1,6 +1,6 @@ pam_wrapper(1) ============== -:revdate: 2015-11-04 +:revdate: 2017-04-06 NAME ---- @@ -52,6 +52,12 @@ - 2 = DEBUG - 3 = TRACE +*PAM_WRAPPER_USE_SYSLOG*:: + +By default pam logs will go to the pam_wrapper DEBUG log level and will not +be sent to the syslog. If you want to log to the syslog to you can set this +variable to 1. + *PAM_WRAPPER_KEEP_DIR*:: If this option is set to 1, then pam_wrapper won't delete its temporary diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_wrapper-1.0.2/src/libpamtest.c new/pam_wrapper-1.0.3/src/libpamtest.c --- old/pam_wrapper-1.0.2/src/libpamtest.c 2016-05-23 09:24:23.000000000 +0200 +++ new/pam_wrapper-1.0.3/src/libpamtest.c 2017-04-06 09:20:44.000000000 +0200 @@ -117,11 +117,13 @@ void pamtest_free_env(char **envlist) { + size_t i; + if (envlist == NULL) { return; } - for (size_t i = 0; envlist[i] != NULL; i++) { + for (i = 0; envlist[i] != NULL; i++) { free(envlist[i]); } free(envlist); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_wrapper-1.0.2/src/pam_wrapper.c new/pam_wrapper-1.0.3/src/pam_wrapper.c --- old/pam_wrapper-1.0.2/src/pam_wrapper.c 2016-05-23 09:24:23.000000000 +0200 +++ new/pam_wrapper-1.0.3/src/pam_wrapper.c 2017-04-06 13:42:21.000000000 +0200 @@ -103,58 +103,70 @@ PWRAP_LOG_TRACE }; -#ifdef NDEBUG -# define PWRAP_LOG(...) -#else /* NDEBUG */ static void pwrap_log(enum pwrap_dbglvl_e dbglvl, const char *function, const char *format, ...) PRINTF_ATTRIBUTE(3, 4); # define PWRAP_LOG(dbglvl, ...) pwrap_log((dbglvl), __func__, __VA_ARGS__) -static void pwrap_log(enum pwrap_dbglvl_e dbglvl, - const char *function, - const char *format, ...) +static void pwrap_vlog(enum pwrap_dbglvl_e dbglvl, + const char *function, + const char *format, + va_list args) PRINTF_ATTRIBUTE(3, 0); + +static void pwrap_vlog(enum pwrap_dbglvl_e dbglvl, + const char *function, + const char *format, + va_list args) { char buffer[1024]; - va_list va; const char *d; unsigned int lvl = 0; + const char *prefix = "PWRAP"; d = getenv("PAM_WRAPPER_DEBUGLEVEL"); if (d != NULL) { lvl = atoi(d); } - va_start(va, format); - vsnprintf(buffer, sizeof(buffer), format, va); - va_end(va); + if (lvl < dbglvl) { + return; + } - if (lvl >= dbglvl) { - const char *prefix = "PWRAP"; - switch (dbglvl) { - case PWRAP_LOG_ERROR: - prefix = "PWRAP_ERROR"; - break; - case PWRAP_LOG_WARN: - prefix = "PWRAP_WARN"; - break; - case PWRAP_LOG_DEBUG: - prefix = "PWRAP_DEBUG"; - break; - case PWRAP_LOG_TRACE: - prefix = "PWRAP_TRACE"; - break; - } + vsnprintf(buffer, sizeof(buffer), format, args); - fprintf(stderr, - "%s(%d) - %s: %s\n", - prefix, - (int)getpid(), - function, - buffer); + switch (dbglvl) { + case PWRAP_LOG_ERROR: + prefix = "PWRAP_ERROR"; + break; + case PWRAP_LOG_WARN: + prefix = "PWRAP_WARN"; + break; + case PWRAP_LOG_DEBUG: + prefix = "PWRAP_DEBUG"; + break; + case PWRAP_LOG_TRACE: + prefix = "PWRAP_TRACE"; + break; } + + fprintf(stderr, + "%s(%d) - %s: %s\n", + prefix, + (int)getpid(), + function, + buffer); +} + +static void pwrap_log(enum pwrap_dbglvl_e dbglvl, + const char *function, + const char *format, ...) +{ + va_list va; + + va_start(va, format); + pwrap_vlog(dbglvl, function, format, va); + va_end(va); } -#endif /* NDEBUG */ /***************** * LIBC @@ -496,7 +508,6 @@ return pwrap.libpam.symbols._libpam_pam_strerror.f(discard_const_p(pam_handle_t, pamh), errnum); } -#ifdef HAVE_PAM_VSYSLOG static void libpam_pam_vsyslog(const pam_handle_t *pamh, int priority, const char *fmt, @@ -509,7 +520,6 @@ fmt, args); } -#endif /********************************************************* * PWRAP INIT @@ -1203,55 +1213,55 @@ case PAM_USER: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_get_item PAM_USER=%s", - (char *) *item); + (const char *)*item); break; case PAM_SERVICE: svc = pwrap_get_service((const char *) *item); PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_get_item PAM_SERVICE=%s", - (char *) svc); + svc); *item = svc; break; case PAM_USER_PROMPT: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_get_item PAM_USER_PROMPT=%s", - (char *) *item); + (const char *)*item); break; case PAM_TTY: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_get_item PAM_TTY=%s", - (char *) *item); + (const char *)*item); break; case PAM_RUSER: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_get_item PAM_RUSER=%s", - (char *) *item); + (const char *)*item); break; case PAM_RHOST: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_get_item PAM_RHOST=%s", - (char *) *item); + (const char *)*item); break; case PAM_AUTHTOK: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_get_item PAM_AUTHTOK=%s", - (char *) *item); + (const char *)*item); break; case PAM_OLDAUTHTOK: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_get_item PAM_OLDAUTHTOK=%s", - (char *) *item); + (const char *)*item); break; case PAM_CONV: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_get_item PAM_CONV=%p", - (void *) *item); + (const void *)*item); break; default: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_get_item item_type=%d item=%p", - item_type, (void *) *item); + item_type, (const void *)*item); break; } } else { @@ -1280,42 +1290,42 @@ case PAM_USER: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_set_item PAM_USER=%s", - (char *)item); + (const char *)item); break; case PAM_SERVICE: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_set_item PAM_SERVICE=%s", - (char *)item); + (const char *)item); break; case PAM_USER_PROMPT: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_set_item PAM_USER_PROMPT=%s", - (char *)item); + (const char *)item); break; case PAM_TTY: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_set_item PAM_TTY=%s", - (char *)item); + (const char *)item); break; case PAM_RUSER: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_set_item PAM_RUSER=%s", - (char *)item); + (const char *)item); break; case PAM_RHOST: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_set_item PAM_RHOST=%s", - (char *)item); + (const char *)item); break; case PAM_AUTHTOK: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_set_item PAM_AUTHTOK=%s", - (char *)item); + (const char *)item); break; case PAM_OLDAUTHTOK: PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_set_item PAM_OLDAUTHTOK=%s", - (char *)item); + (const char *)item); break; case PAM_CONV: PWRAP_LOG(PWRAP_LOG_TRACE, @@ -1474,16 +1484,54 @@ errnum); } -#ifdef HAVE_PAM_VSYSLOG +static void pwrap_pam_vsyslog(const pam_handle_t *pamh, + int priority, + const char *fmt, + va_list args) PRINTF_ATTRIBUTE(3, 0); + static void pwrap_pam_vsyslog(const pam_handle_t *pamh, int priority, const char *fmt, va_list args) { + const char *d; + char syslog_str[32] = {0}; + enum pwrap_dbglvl_e dbglvl = PWRAP_LOG_TRACE; + PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_pam_vsyslog called"); - libpam_pam_vsyslog(pamh, priority, fmt, args); + + d = getenv("PAM_WRAPPER_USE_SYSLOG"); + if (d != NULL && d[0] == '1') { + libpam_pam_vsyslog(pamh, priority, fmt, args); + return; + } + + switch(priority) { + case 0: /* LOG_EMERG */ + case 1: /* LOG_ALERT */ + case 2: /* LOG_CRIT */ + case 3: /* LOG_ERR */ + dbglvl = PWRAP_LOG_ERROR; + break; + case 4: /* LOG_WARN */ + dbglvl = PWRAP_LOG_WARN; + break; + case 5: /* LOG_NOTICE */ + case 6: /* LOG_INFO */ + case 7: /* LOG_DEBUG */ + dbglvl = PWRAP_LOG_DEBUG; + break; + default: + dbglvl = PWRAP_LOG_TRACE; + break; + } + + snprintf(syslog_str, sizeof(syslog_str), "SYSLOG(%d)", priority); + + pwrap_vlog(dbglvl, syslog_str, fmt, args); } +#ifdef HAVE_PAM_VSYSLOG void pam_vsyslog(const pam_handle_t *pamh, int priority, const char *fmt, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pam_wrapper-1.0.2/src/python/pypamtest.c new/pam_wrapper-1.0.3/src/python/pypamtest.c --- old/pam_wrapper-1.0.2/src/python/pypamtest.c 2016-01-15 10:55:15.000000000 +0100 +++ new/pam_wrapper-1.0.3/src/python/pypamtest.c 2017-04-06 09:20:44.000000000 +0200 @@ -133,9 +133,18 @@ PyMem_Free(list); } -static char **new_conv_list(const int list_size) +static char **new_conv_list(const size_t list_size) { char **list; + size_t i; + + if (list_size == 0) { + return NULL; + } + + if (list_size + 1 < list_size) { + return NULL; + } list = PyMem_New(char *, list_size + 1); if (list == NULL) { @@ -143,7 +152,7 @@ } list[list_size] = NULL; - for (int i =0; i < list_size; i++) { + for (i = 0; i < list_size; i++) { list[i] = PyMem_New(char, PAM_MAX_MSG_SIZE); if (list[i] == NULL) { PyMem_Free(list);