- BUGFIX: Fix race condition in openpam_ttyconv(3) when used with
expect scripts.
- BUGFIX: In openpam_set_option(3), when removing an option, properly
decrement the option count.
- BUGFIX: In openpam_subst(3), avoid incrementing past the end of the
template.
- BUGFIX: Reinstore the NULL check in pam_end(3) which was removed in
OpenPAM Radula, as it breaks common error-handling constructs.
- BUGFIX: Return PAM_SYMBOL_ERR instead of PAM_SYSTEM_ERR from the
dispatcher when the required service function could not be found.
- ENHANCE: Introduce the PAM_BAD_HANDLE error code for when pamh is
NULL in API functions that have a NULL check.
- ENHANCE: Introduce the PAM_BAD_ITEM, PAM_BAD_FEATURE and
PAM_BAD_CONSTANT error codes for situations where we previously
incorrectly used PAM_SYMBOL_ERR to denote that an invalid constant
had been passed to an API function.
- ENHANCE: Improve the RETURN VALUES section in API man pages,
especially for functions that cannot fail, which were incorrectly
documented as returning -1 on failure.
============================================================================
OpenPAM Radula 2017-02-19
- BUGFIX: Fix an inverted test which prevented pam_get_authtok(3) and
pam_get_user(3) from using application-provided custom prompts.
- BUGFIX: Plug a memory leak in pam_set_item(3).
- BUGFIX: Plug a potential memory leak in openpam_readlinev(3).
- BUGFIX: In openpam_readword(3), support line continuations within
whitespace.
- ENHANCE: Add a feature flag to control fallback to "other" policy.
- ENHANCE: Add a pam_return(8) module which returns an arbitrary
code specified in the module options.
- ENHANCE: More and better unit tests.
- ENHANCE: When executing a chain, require at least one service
function to succeed. This mitigates fail-open scenarios caused by
misconfigurations or missing modules.
- ENHANCE: Make sure to overwrite buffers which may have contained an
authentication token when they're no longer needed.
- BUGFIX: Under certain circumstances, specifying a non-existent
module (or misspelling the name of a module) in a policy could
result in a fail-open scenario. (CVE-2014-3879)
- FEATURE: Add a search path for modules. This was implemented in
Nummularia but inadvertently left out of the release notes.
- BUGFIX: The is_upper() predicate only accepted the letter A as an
upper-case character instead of the entire A-Z range. As a result,
service and module names containing upper-case letters other than A
would be rejected.
why pam is failing in the case of an included pam config file missing.
example: instead of logging with the default log settings:
Jun 17 08:49:37 tucana su: pam_start failed: system error
it will log:
Jun 17 08:55:49 tucana su: in openpam_parse_chain(): failed loading include for service gibbetnich in /etc/pam.d/su(15): No such file or directory
Jun 17 08:55:49 tucana su: pam_start failed: system error
Missing module files were treated as soft failures leading to
unexpected behavior if policy files were copied between hosts with
differently installed modules or in the short period during upgrades
when module files were being replaced.
module link failed, instead of printing "Undefined error 0".
- don't print free'd variable on error, restructure so that we free at the
end and print the consistent name of the path dlopened.
- downgrade the error of not finding a file to load to a debug message.
Statically linked OpenPAM (like on sun2) does not have shared objects.
- make sure we preserve errno around dlclose() which will call munmap()
XXX: Pullup to 6
ENHANCE: removed static build autodetection, which didn't work anyway.
Use an explicit, user-specified preprocessor variable instead.
ENHANCE: cleaned up the documentation a bit.
ENHANCE: added openpam_subst(3), allowing certain PAM items to be embedded
in strings such as prompts. Apply it to the prompts used by
pam_get_user(3) and pam_get_authtok(3).
ENHANCE: added support for the user_prompt, authtok_prompt and
oldauthtok_prompt module options, which override the prompts passed
by the module to pam_set_user(3) and pam_get_authtok(3).
ENHANCE: rewrote the policy parser to support quoted option values.
ENHANCE: added pamtest(1), a tool for testing modules and policies.
ENHANCE: added code to check the ownership and permissions of a module before
loading it.
ENHANCE: added / improved input validation in many cases, including the policy
file and some function arguments.
christos