Version 2.0

* NEWS: Update version number
* configure.ac: Likewise.
* doc/pam-modules.texi: Fix a typo.
* doc/pam_ldaphome.8in: Likewise.
* pamck/pamck.c: Update copyright years.

* pam_fshadow/pam_fshadow.c: Suppress cc warnings.
* pam_groupmember/pam_groupmember.c: Likewise.
* pam_ldaphome/pam_ldaphome.c: Likewise.
* pam_log/pam_log.c: Likewise.
* pam_regex/pam_regex.c: Likewise.

NEWS

@@ -1,11 +1,11 @@
-pam-modules -- history of user-visible changes. 2015-01-30
+pam-modules -- history of user-visible changes. 2015-02-26
 Copyright (C) 2001, 2004-2005, 2007-2012, 2015 Sergey Poznyakoff
 See the end of file for copying conditions.
 
 Please send pam-modules bug reports to <bug-pam-modules@gnu.org.ua>
 
 
-Version 1.9.90 (Git)
+Version 2.0, 2015-02-26
 
 * pam_ldaphome reads LDAP configuration from /etc/ldap.conf
 
@@ -32,6 +32,14 @@ configuration file contains:
 
 then the line '#:user' can be used to delimit ldap-synchronized
 and user-specific keys.
+
+* audit option
+
+All modules now support 'audit' option, which is equivalent to
+debug=100, i.e. it enables logging maximum debugging output.
+
+* pam_fshadow is built on all systems
+
 
 Version 1.9, 2014-05-21
 

configure.ac

@@ -16,7 +16,7 @@
 
 AC_PREREQ(2.63)
 
-AC_INIT(pam-modules, 1.9.90, bug-pam-modules@gnu.org.ua)
+AC_INIT(pam-modules, 2.0, bug-pam-modules@gnu.org.ua)
 AC_CONFIG_SRCDIR(pam_fshadow/pam_fshadow.c)
 AC_CONFIG_AUX_DIR([build-aux])
 AC_CONFIG_MACRO_DIR([m4])

doc/pam-modules.texi

@@ -1215,7 +1215,7 @@ From @file{/etc/ldap.conf}, the following statements are used:
 
 In general, all statements defined below can appear in both files.
 However, since @file{/etc/ldap.conf} is read by other system utilities
-as well, we do not recomment using @command{pam_ldaphome}-specific
+as well, we do not recommend using @command{pam_ldaphome}-specific
 keywords in it.
 
 The values read from @command{pam_ldaphome} configuration file

doc/pam_ldaphome.8in

@@ -14,7 +14,7 @@
 .\" You should have received a copy of the GNU General Public License
 .\" along with PAM-Modules.  If not, see <http://www.gnu.org/licenses/>.
 .so config.so
-.TH PAM_LDAPHOME 8 "January 30, 2015" "PAM-MODULES" "Pam-Modules User Reference"
+.TH PAM_LDAPHOME 8 "February 26, 2015" "PAM-MODULES" "Pam-Modules User Reference"
 .SH NAME
 pam_ldaphome \- create and populate user home directories
 .SH SYNOPSIS
@@ -50,7 +50,7 @@ The system-wide configuration file
 is parsed after processing the main configuration file.  In general,
 all statements defined below can appear in both files.  However, since
 .B /etc/ldap.conf
-is read by other system utilities as well, we do not recomment using
+is read by other system utilities as well, we do not recommend using
 .BR pam_ldaphome -specific 
 keywords in it.
 .PP

pam_fshadow/pam_fshadow.c

@@ -124,19 +124,21 @@ struct pam_opt pam_opt[] = {
 	{ PAM_OPTSTR(sysconfdir), pam_opt_string, &sysconfdir },
 	{ PAM_OPTSTR(regex), pam_opt_string, &regex_str },
 	{ PAM_OPTSTR(extended), pam_opt_bitmask, &regex_flags,
-	  REG_EXTENDED },
+	  { .value = REG_EXTENDED } },
 	{ PAM_OPTSTR(basic), pam_opt_bitmask_rev, &regex_flags,
-	  REG_EXTENDED },
+	  { .value = REG_EXTENDED } },
 	{ PAM_OPTSTR(icase), pam_opt_bitmask, &regex_flags,
-	  REG_ICASE },
+	  { .value = REG_ICASE } },
 	{ PAM_OPTSTR(ignore-case), pam_opt_bitmask, &regex_flags,
-	  REG_ICASE },
+	  { .value = REG_ICASE } },
 	{ PAM_OPTSTR(case), pam_opt_bitmask_rev, &regex_flags,
-	  REG_ICASE },
-	{ PAM_OPTSTR(passwd), pam_opt_bool, &cntl_flags, CNTL_PASSWD },
-	{ PAM_OPTSTR(shadow), pam_opt_bool, &cntl_flags, CNTL_SHADOW },
+	  { .value = REG_ICASE } },
+	{ PAM_OPTSTR(passwd), pam_opt_bool, &cntl_flags,
+	  { .value = CNTL_PASSWD } },
+	{ PAM_OPTSTR(shadow), pam_opt_bool, &cntl_flags,
+	  { .value = CNTL_SHADOW } },
 	{ PAM_OPTSTR(revert-index), pam_opt_bool, &cntl_flags,
-	  CNTL_REVERT_INDEX },
+	  { .value = CNTL_REVERT_INDEX } },
  	{ NULL }
 };
 

pam_groupmember/pam_groupmember.c

@@ -40,7 +40,6 @@
 const char *sense_choice[] = { "allow", "deny", NULL };
 
 static int sense;
-static int cntl_flags;
 static long debug_level;
 static char *groups;
 

pam_ldaphome/pam_ldaphome.c

@@ -628,6 +628,10 @@ get_ldap_attrs(LDAP *ld, LDAPMessage *msg, const char *attr)
 	struct berval **values;
 	
 	rc = ldap_get_dn_ber(ld, msg, &ber, &bv);
+	if (rc != LDAP_SUCCESS) {
+		_pam_log(LOG_ERR, "ldap_get_dn_ber: %s", ldap_err2string(rc));
+		return NULL;
+	}
 	ufn = ldap_dn2ufn(bv.bv_val);
 	DEBUG(2, ("INFO: %s", ufn));
 	ldap_memfree(ufn);

pam_log/pam_log.c

@@ -18,7 +18,6 @@
 
 
 /* Command line parsing */
-static int cntl_flags;
 static long debug_level;
 
 static int xargc;

pam_regex/pam_regex.c

@@ -43,7 +43,6 @@
 const char *sense_choice[] = { "allow", "deny", NULL };
 
 static int sense;
-static int cntl_flags;
 static long debug_level;
 static const char *regex = NULL;
 static int regex_flags = REG_NOSUB|REG_EXTENDED;
@@ -56,20 +55,21 @@ struct pam_opt pam_opt[] = {
 	{ PAM_OPTSTR(audit), pam_opt_const, &debug_level, { 100 } },
 	{ PAM_OPTSTR(waitdebug), pam_opt_null, NULL, { 0 },
 	  gray_wait_debug_fun },
-	{ PAM_OPTSTR(sense), pam_opt_enum, &sense, { sense_choice } },
+	{ PAM_OPTSTR(sense), pam_opt_enum, &sense,
+	  { .enumstr = sense_choice } },
 	{ PAM_OPTSTR(transform), pam_opt_string, &transform },
 	{ PAM_OPTSTR(user), pam_opt_string, &user_name },
 	{ PAM_OPTSTR(regex), pam_opt_string, &regex },
 	{ PAM_OPTSTR(extended), pam_opt_bitmask, &regex_flags,
-	  { REG_EXTENDED } },
+	  { .value = REG_EXTENDED } },
 	{ PAM_OPTSTR(basic), pam_opt_bitmask_rev, &regex_flags,
-	  { REG_EXTENDED } },
+	  { .value = REG_EXTENDED } },
 	{ PAM_OPTSTR(icase), pam_opt_bitmask, &regex_flags,
-	  { REG_ICASE } },
+	  { .value = REG_ICASE } },
 	{ PAM_OPTSTR(ignore-case), pam_opt_bitmask, &regex_flags,
-	  { REG_ICASE } },
+	  { .value = REG_ICASE } },
 	{ PAM_OPTSTR(case), pam_opt_bitmask_rev, &regex_flags,
-	  { REG_ICASE } },
+	  { .value = REG_ICASE } },
 	
 	{ NULL }
 };

pamck/pamck.c

@@ -39,7 +39,7 @@ version()
 {
 	printf("%s (%s) %s\n", program_name, PACKAGE, PACKAGE_VERSION);
 	fputs ("\
-Copyright (C) 2009-2012, 2014 Sergey Poznyakoff\n\
+Copyright (C) 2009-2015 Sergey Poznyakoff\n\
 \n\
 License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.\n\
 This is free software: you are free to change and redistribute it.\n\