1348980SdesOpenPAM Tabebuia 2019-02-24 2348980Sdes 3348980Sdes - BUGFIX: Fix off-by-one bug in pam_getenv(3) which was introduced in 4348980Sdes OpenPAM Radula. 5348980Sdes 6348980Sdes - ENHANCE: Add unit tests for pam_{get,put,set}env(3). 7348980Sdes============================================================================ 8348980SdesOpenPAM Resedacea 2017-04-30 9348980Sdes 10348980Sdes - BUGFIX: Reinstore the NULL check in pam_end(3) which was removed in 11348980Sdes OpenPAM Radula, as it breaks common error-handling constructs. 12348980Sdes 13348980Sdes - BUGFIX: Return PAM_SYMBOL_ERR instead of PAM_SYSTEM_ERR from the 14348980Sdes dispatcher when the required service function could not be found. 15348980Sdes 16348980Sdes - ENHANCE: Introduce the PAM_BAD_HANDLE error code for when pamh is 17348980Sdes NULL in API functions that have a NULL check. 18348980Sdes 19348980Sdes - ENHANCE: Introduce the PAM_BAD_ITEM, PAM_BAD_FEATURE and 20348980Sdes PAM_BAD_CONSTANT error codes for situations where we previously 21348980Sdes incorrectly used PAM_SYMBOL_ERR to denote that an invalid constant 22348980Sdes had been passed to an API function. 23348980Sdes 24348980Sdes - ENHANCE: Improve the RETURN VALUES section in API man pages, 25348980Sdes especially for functions that cannot fail, which were incorrectly 26348980Sdes documented as returning -1 on failure. 27348980Sdes============================================================================ 28348980SdesOpenPAM Radula 2017-02-19 29348980Sdes 30348980Sdes - BUGFIX: Fix an inverted test which prevented pam_get_authtok(3) and 31348980Sdes pam_get_user(3) from using application-provided custom prompts. 32348980Sdes 33348980Sdes - BUGFIX: Plug a memory leak in pam_set_item(3). 34348980Sdes 35348980Sdes - BUGFIX: Plug a potential memory leak in openpam_readlinev(3). 36348980Sdes 37348980Sdes - BUGFIX: In openpam_readword(3), support line continuations within 38348980Sdes whitespace. 39348980Sdes 40348980Sdes - ENHANCE: Add a feature flag to control fallback to "other" policy. 41348980Sdes 42348980Sdes - ENHANCE: Add a pam_return(8) module which returns an arbitrary 43348980Sdes code specified in the module options. 44348980Sdes 45348980Sdes - ENHANCE: More and better unit tests. 46348980Sdes============================================================================ 47271624SdesOpenPAM Ourouparia 2014-09-12 48271624Sdes 49271624Sdes - ENHANCE: When executing a chain, require at least one service 50271624Sdes function to succeed. This mitigates fail-open scenarios caused by 51271624Sdes misconfigurations or missing modules. 52271624Sdes 53271624Sdes - ENHANCE: Make sure to overwrite buffers which may have contained an 54271624Sdes authentication token when they're no longer needed. 55271624Sdes 56271624Sdes - BUGFIX: Under certain circumstances, specifying a non-existent 57271624Sdes module (or misspelling the name of a module) in a policy could 58271624Sdes result in a fail-open scenario. (CVE-2014-3879) 59271624Sdes 60271624Sdes - FEATURE: Add a search path for modules. This was implemented in 61271624Sdes Nummularia but inadvertently left out of the release notes. 62271624Sdes 63271624Sdes - BUGFIX: The is_upper() predicate only accepted the letter A as an 64271624Sdes upper-case character instead of the entire A-Z range. As a result, 65271624Sdes service and module names containing upper-case letters other than A 66271624Sdes would be rejected. 67271624Sdes============================================================================ 68255376SdesOpenPAM Nummularia 2013-09-07 69255376Sdes 70255376Sdes - ENHANCE: Rewrite the dynamic loader to improve readability and 71255376Sdes reliability. Modules can now be listed without the ".so" suffix in 72255376Sdes the policy file; OpenPAM will automatically add it, just like it 73255376Sdes will automatically add the version number if required. 74255376Sdes 75255376Sdes - ENHANCE: Allow openpam_straddch(3) to be called without a character 76255376Sdes so it can be used to preallocate a string. 77255376Sdes 78255376Sdes - ENHANCE: Improve portability by adding simple asprintf(3) and 79255376Sdes vasprintf(3) implementations for platforms that don't have them. 80255376Sdes 81255376Sdes - ENHANCE: Move the libpam sources into a separate subdirectory. 82255376Sdes 83255376Sdes - ENHANCE: Substantial documentation improvements. 84255376Sdes 85255376Sdes - BUGFIX: When openpam_readword(3) encountered an opening quote, it 86255376Sdes would set the first byte in the buffer to '\0', discarding all 87255376Sdes existing text and, unless the buffer was empty to begin with, all 88255376Sdes subsequent text as well. This went unnoticed because none of the 89255376Sdes unit tests for quoted strings had any text preceding the opening 90255376Sdes quote. 91255376Sdes 92255376Sdes - BUGFIX: make --with-modules-dir work the way it was meant to work 93255376Sdes (but never did). 94255376Sdes============================================================================ 95236109SdesOpenPAM Micrampelis 2012-05-26 96236109Sdes 97236109Sdes - FEATURE: Add an openpam_readword(3) function which reads the next 98236109Sdes word from an input stream, applying shell quoting and escaping 99236109Sdes rules. Add numerous unit tests for openpam_readword(3). 100236109Sdes 101236109Sdes - FEATURE: Add an openpam_readlinev(3) function which uses the 102236109Sdes openpam_readword(3) function to read words from an input stream one 103236109Sdes at a time until it reaches an unquoted, unescaped newline, and 104236109Sdes returns an array of those words. Add several unit tests for 105236109Sdes openpam_readlinev(3). 106236109Sdes 107236109Sdes - FEATURE: Add a PAM_HOST item which pam_start(3) initializes to the 108236109Sdes machine's hostname. This was implemented in Lycopsida but 109236109Sdes inadvertantly left out of the release notes. 110236109Sdes 111236109Sdes - FEATURE: In pam_get_authtok(3), if neither the application nor the 112236109Sdes module have specified a prompt and PAM_HOST and PAM_RHOST are both 113236109Sdes defined but not equal, use a different default prompt that includes 114236109Sdes PAM_USER and PAM_HOST. 115236109Sdes 116236109Sdes - ENHANCE: Rewrite the policy parser to used openpam_readlinev(), 117236109Sdes which greatly simplifies the code. 118236109Sdes 119236109Sdes - ENHANCE: The previous implementation of the policy parser relied on 120236109Sdes the openpam_readline(3) function, which (by design) munges 121236109Sdes whitespace and understands neither quotes nor backslash escapes. 122236109Sdes As a result of the aforementioned rewrite, whitespace, quotes and 123236109Sdes backslash escapes in policy files are now handled in a consistent 124236109Sdes and predictable manner. 125236109Sdes 126236109Sdes - ENHANCE: On platforms that have it, use fdlopen(3) to load modules. 127236109Sdes This closes the race between the ownership / permission check and 128236109Sdes the dlopen(3) call. 129236109Sdes 130236109Sdes - ENHANCE: Reduce the amount of pointless error messages generated 131236109Sdes while searching for a module. 132236109Sdes 133236109Sdes - ENHANCE: Numerous documentation improvements, both in content and 134236109Sdes formatting. 135236109Sdes 136236109Sdes - BUGFIX: A patch incorporated in Lycopsida inadvertantly changed 137236109Sdes OpenPAM's behavior when several policies exist for the same 138236109Sdes service, from ignoring all but the first to concatenating them all. 139236109Sdes Revert to the original behavior. 140236109Sdes 141236109Sdes - BUGFIX: Plug a memory leak in the policy parser. 142236109Sdes============================================================================ 143228692SdesOpenPAM Lycopsida 2011-12-18 144228692Sdes 145228692Sdes - ENHANCE: removed static build autodetection, which didn't work 146228692Sdes anyway. Use an explicit, user-specified preprocessor variable 147228692Sdes instead. 148228692Sdes 149228692Sdes - ENHANCE: cleaned up the documentation a bit. 150228692Sdes 151228692Sdes - ENHANCE: added openpam_subst(3), allowing certain PAM items to be 152228692Sdes embedded in strings such as prompts. Apply it to the prompts used 153228692Sdes by pam_get_user(3) and pam_get_authtok(3). 154228692Sdes 155228692Sdes - ENHANCE: added support for the user_prompt, authtok_prompt and 156228692Sdes oldauthtok_prompt module options, which override the prompts passed 157228692Sdes by the module to pam_set_user(3) and pam_get_authtok(3). 158228692Sdes 159228692Sdes - ENHANCE: rewrote the policy parser to support quoted option values. 160228692Sdes 161228692Sdes - ENHANCE: added pamtest(1), a tool for testing modules and policies. 162228692Sdes 163228692Sdes - ENHANCE: added code to check the ownership and permissions of a 164228692Sdes module before loading it. 165228692Sdes 166228692Sdes - ENHANCE: added / improved input validation in many cases, including 167271624Sdes the policy file and some function arguments. (CVE-2011-4122) 168228692Sdes============================================================================ 169174832SdesOpenPAM Hydrangea 2007-12-21 170147455Sdes 171174832Sdes - ENHANCE: when compiling with GCC, mark up API functions with GCC 172174832Sdes attributes where appropriate. 173174832Sdes 174174832Sdes - BUGFIX: fixed numerous warnings uncovered by GCC 4. 175174832Sdes 176174832Sdes - ENHANCE: building the documentation is now optional. 177174832Sdes 178174832Sdes - ENHANCE: corrected a number of mistakes and style issues in the 179174832Sdes build system. 180174832Sdes 181174832Sdes - ENHANCE: API function arguments are now const where appropriate, to 182174832Sdes match corresponding changes in the Solaris PAM and Linux-PAM APIs. 183174832Sdes 184174832Sdes - ENHANCE: corrected a number of C namespace violations. 185174832Sdes 186174832Sdes - ENHANCE: the module cache has been removed, allowing long-lived 187174832Sdes applications to pick up module changes. This also allows multiple 188174832Sdes threads to use PAM simultaneously (as long as they use separate PAM 189174832Sdes contexts), since the module cache was the only part of OpenPAM that 190174832Sdes was not thread-safe. 191174832Sdes============================================================================ 192228692SdesOpenPAM Figwort 2005-06-16 193174832Sdes 194147455Sdes - BUGFIX: Correct several small signedness and initialization bugs 195147455Sdes discovered during review by the NetBSD team. 196147455Sdes 197147455Sdes - BUGFIX: Modify gendoc.pl to sort cross-references in dictionary 198147455Sdes order within each section. 199147455Sdes 200147455Sdes - ENHANCE: if a policy specifies a relative module path, prepend the 201147455Sdes module directory so we never call dlopen(3) with a relative path. 202147455Sdes 203147455Sdes - ENHANCE: add a pam.conf(5) manual page. 204147455Sdes============================================================================ 205141098SdesOpenPAM Feterita 2005-02-01 206141098Sdes 207141098Sdes - BUGFIX: Correct numerous markup errors, invalid cross-references, 208141098Sdes and other issues in the manual pages, with kind assistance from 209141098Sdes Ruslan Ermilov <ru@freebsd.org>. 210141098Sdes 211141098Sdes - BUGFIX: Avoid multiple evaluation of macro arguments in ENTERX() 212141098Sdes and RETURNX() macros. 213141098Sdes 214141098Sdes - BUGFIX: Remove an unnecessary and non-portable pointer cast in 215141098Sdes pam_get_data(3). 216141098Sdes 217141098Sdes - BUGFIX: Fix identical typos in PAM_ACCT_EXPIRED case in 218141098Sdes pam_strerror(3) and gendoc.pl. 219141098Sdes 220141098Sdes - ENHANCE: Minor overhaul of the autoconf / build system. 221141098Sdes 222141098Sdes - ENHANCE: Add openpam_free_envlist(3). 223141098Sdes============================================================================ 224125647SdesOpenPAM Eelgrass 2004-02-10 225125647Sdes 226125647Sdes - BUGFIX: Correct array handling bugs in conversation code. 227125647Sdes 228125647Sdes - BUGFIX: In openpam_ttyconv(3), don't strip trailing linear 229125647Sdes whitespace from the user's response. 230125647Sdes 231125647Sdes - BUGFIX: Many constness issues addressed. 232125647Sdes============================================================================ 233117610SdesOpenPAM Dogwood 2003-07-15 234117610Sdes 235117610Sdes - ENHANCE: Use the GNU autotools. 236117610Sdes 237117610Sdes - ENHANCE: Constify the msg field in struct pam_message. 238117610Sdes 239117610Sdes - BUGFIX: Remove left-over debugging output 240117610Sdes 241117610Sdes - BUGFIX: Avoid side effects in arguments to the FREE() macro 242117610Sdes 243117610Sdes - ENHANCE: Make openpam_ttyconv(3) use read(2) rather than fgets(3). 244117610Sdes 245117610Sdes - BUGFIX: Staticize some variables which shouldn't be global. 246117610Sdes 247117610Sdes - BUGFIX: Correcly anticipate a NULL user in pam_get_user(3). 248117610Sdes 249117610Sdes - ENHANCE: Various minor documentation improvements. 250117610Sdes 251117610SdesThanks to Dmitry V. Levin <ldv@altlinux.org> for considerable 252117610Sdesassistance with this release. 253117610Sdes============================================================================ 254115619SdesOpenPAM Digitalis 2003-06-01 255115619Sdes 256115619Sdes - ENHANCE: Completely rewrite the configuration parser and add 257115619Sdes support for the "include" control flag. 258115619Sdes 259115619Sdes - ENHANCE: Improve portability to NetBSD, OpenBSD and Linux. 260115619Sdes 261115619Sdes - ENHANCE: Lots of additional paranoia. 262115619Sdes 263115619Sdes - BUGFIX: The sample su(1) application dropped privileges before 264115619Sdes forking instead of after. 265115619Sdes 266115619Sdes - ENHANCE: Document openpam_log(3). 267115619Sdes 268115619Sdes - ENHANCE: Other minor documentation fixes. 269115619Sdes 270115619SdesThanks to Dmitry V. Levin <ldv@altlinux.org> for considerable 271115619Sdesassistance with this release. 272115619Sdes============================================================================ 273114536SdesOpenPAM Dianthus 2003-05-02 274114536Sdes 275114536Sdes - BUGFIX: Initialize some potentially uninitialized variables. 276114536Sdes 277114536Sdes - BUGFIX: Silence some warnings emitted by gcc -std=iso9899:1999. 278114536Sdes 279114536Sdes - BUGFIX: In pam_getenv(), return a pointer to the stored variable 280114536Sdes instead of a freshly allocated copy. 281114536Sdes 282114536Sdes - ENHANCE: Detect recursion in openpam_borrow_cred() 283114536Sdes 284114536Sdes - ENHANCE: Make borrowing one's own credentials a no-op. 285114536Sdes 286114536Sdes - ENHANCE: Further improve debugging support. 287114536Sdes 288114536Sdes - ENHANCE: Clean up some variable names. 289114536Sdes============================================================================ 290108794SdesOpenPAM Daffodil 2003-01-06 291108794Sdes 292108794Sdes - ENHANCE: Document dependency on <sys/types.h> (for size_t) 293108794Sdes 294108794Sdes - ENHANCE: Slightly improve error detection in openpam_ttyconv(). 295108794Sdes 296108794Sdes - BUGFIX: Fix several typos in debugging macros. 297108794Sdes============================================================================ 298107937SdesOpenPAM Cyclamen 2002-12-12 299107937Sdes 300107937Sdes - ENHANCE: Improve recursion detection in openpam_dispatch(). 301107937Sdes 302107937Sdes - ENHANCE: Add debugging messages at entry and exit points of most 303107937Sdes functions. 304107937Sdes 305107937Sdes - ENHANCE: Fix some minor style issues. 306107937Sdes 307107937Sdes - BUGFIX: Add default cases to the switches in openpam_log.c. 308107937Sdes 309107937Sdes - ENHANCE: Add /usr/local/etc/pam.conf to policy search path. 310107937Sdes 311107937Sdes - BUGFIX: In openpam_ttyconv(3), print the prompt to stdout rather 312107937Sdes than stderr. 31391094Sdes============================================================================ 31499158SdesOpenPAM Citronella 2002-06-30 31599158Sdes 31699158Sdes - ENHANCE: Add the "binding" control flag (from Solaris 9). 31799158Sdes 31899158Sdes - ENHANCE: Define struct pam_repository and PAM_REPOSITORY (from 31999158Sdes Solaris 9). 32099158Sdes 321107937Sdes - ENHANCE: Flesh out the pam(3) man page. 32299158Sdes 32399158Sdes - ENHANCE: Add an openpam(3) page with cross-references to all the 32499158Sdes documented OpenPAM API extensions. 32599158Sdes 32699158Sdes - ENHANCE: Add a pam_conv(3) man page describing the conversation 32799158Sdes system. 32899158Sdes 32999158Sdes - ENHANCE: Improved sample application. 33099158Sdes 33199158Sdes - ENHANCE: Added sample pam_unix module. 33299158Sdes 33399158Sdes - BUGFIX: Various documentation nits. 33499158Sdes============================================================================ 33597241SdesOpenPAM Cinquefoil 2002-05-24 33697241Sdes 33797241Sdes - BUGFIX: Various warnings uncovered by gcc 3.1. 33897241Sdes 33997241Sdes - ENHANCE: Add a null conversation function, openpam_nullconv(3). 34097241Sdes 34197241Sdes - BUGFIX: Initialize the "other" chain to all zeroes. 34297241Sdes 34397241Sdes - ENHANCE: Document openpam_ttyconv(3). 34497241Sdes============================================================================ 34595908SdesOpenPAM Cinnamon 2002-05-02 34695908Sdes 34795908Sdes - ENHANCE: Add a null conversation function, openpam_nullconv(). 34895908Sdes 34995908Sdes - BUGFIX: Various markup bugs in the documentation. 35095908Sdes 35195908Sdes - BUGFIX: Document <security/openpam.h>. 35295908Sdes 35395908Sdes - BUGFIX: Duplicate expansion of openpam_log() macro arguments. 35495908Sdes 35595908Sdes - ENHANCE: Restructure the policy-loading code and align our use of 35695908Sdes the "other" policy with Solaris and Linux-PAM. 35795908Sdes 35895908Sdes - ENHANCE: Log dlopen() and dlsym() failures. 35995908Sdes 36095908Sdes - ENHANCE: In openpam_ttyconv(), emit a newline after error and info 36195908Sdes messages unless the message contains one already. 36295908Sdes 36395908Sdes - BUGFIX: In pam_vprompt(), initialize the response pointer to NULL 36495908Sdes so we can detect whether the conversation function touched it. 36595908Sdes============================================================================ 36694670SdesOpenPAM Cineraria 2002-04-14 36794670Sdes 36895908Sdes - BUGFIX: Fix confusion between token and prompt in 36995908Sdes pam_get_authtok(3). 37095908Sdes 37194670Sdes - ENHANCE: Improved documentation. 37294670Sdes 37394670Sdes - ENHANCE: Adopt the same preprocessor tricks that were used in 37494670Sdes FreeBSD's version of Linux-PAM to simplify static linking without 37594670Sdes requiring dummy primitives. 37694670Sdes 37795908Sdes - ENHANCE: Move the policy-loading code out of pam_start.c. 37894670Sdes 37994670Sdes - BUGFIX: Fix typo in one of the versions of the openpam_log macro. 38094670Sdes 38194670Sdes - ENHANCE: Add versioning macros. 38294670Sdes============================================================================ 38394209SdesOpenPAM Cinchona 2002-04-08 38494209Sdes 38594209Sdes - ENHANCE: Improved documentation for several API functions. 38694209Sdes 38794209Sdes - BUGFIX: Fix bug in pam_set_data() that would result in corruption 38894209Sdes of the module data list. 38994209Sdes 39094209Sdes - BUGFIX: Allocate the correct amount of memory for the environment 39194209Sdes list in pam_putenv(). 39294209Sdes 39394209Sdes - ENHANCE: Change pam_get_authtok()'s prototype so the caller can 39494209Sdes specify what token it wants. Also introduce PAM_OLDAUTHTOK_PROMPT. 39594209Sdes 39694209Sdes - BUGFIX: Plug memory leak in pam_get_user() / pam_get_authtok(), and 39794209Sdes reduce differences between these very similar functions. 39894209Sdes 39994209Sdes - ENHANCE: Check flags carefully in pam_authenticate() and 40094209Sdes pam_chauthtok(). 40194209Sdes 40294209Sdes - BUGFIX: Fix bugs in portability code; libpam now builds on NetBSD. 40394209Sdes 40494209Sdes - ENHANCE: In pam_get_authtok(), if PAM_OLDAUTHTOK is set, we're 40594209Sdes asked for PAM_AUTHTOK, and we have to prompt the user, prompt her 40694209Sdes twice and compare the responses. 40794209Sdes 40894209Sdes - ENHANCE: Add openpam_{borrow,restore}_cred(), for temporarily 40994209Sdes switching to user credentials. 41094209Sdes 41194209Sdes - ENHANCE: Add openpam_free_data(), a generic cleanup function for 41294209Sdes pam_set_data() consumers. 41394209Sdes============================================================================ 414236109SdesOpenPAM Centaury 2002-03-14 41591684Sdes 41692289Sdes - BUGFIX: Add missing #include <string.h> to openpam_log.c. 41792289Sdes 41892289Sdes - BUGFIX: s/PAM_REINITIALISE_CRED/PAM_REINITIALIZE_CRED/. XSSO uses 41992289Sdes the former, but Solaris and Linux-PAM use the latter. 42092289Sdes 42192289Sdes - BUGFIX: The dynamic loader and the module cache contained a number 42292289Sdes of bugs which would cause a segmentation fault if pam_start(3) was 42392289Sdes called again after pam_end(3), as happens in login(1), xdm(1) etc. 42492289Sdes after a failed login. 42592289Sdes 42692289Sdes - BUGFIX: Refer to a module by the name used in the policy file, even 42792289Sdes if the module that was actually loaded was versioned. 42892289Sdes 42992289Sdes - ENHANCE: Suppress debugging logs, unless compiled with -DDEBUG. 43092289Sdes============================================================================ 43194209SdesOpenPAM Celandine 2002-03-05 43292289Sdes 43391684Sdes - BUGFIX: PAM_TRY_AGAIN is a valid return value for pam_chauthtok(). 43491684Sdes 43591684Sdes - BUGFIX: Run passwd chain twice, first with the PAM_PRELIM_CHECK 43691684Sdes flag set, then with the PAM_UPDATE_AUTHTOK flag set. 43791684Sdes 43891684Sdes - BUGFIX: Failure of a "sufficient" module should not terminate the 43991684Sdes passwd chain if the PAM_PRELIM_CHECK flag is set. 44091684Sdes 44191684Sdes - BUGFIX: Clear PAM_AUTHTOK after running the service modules. 44291684Sdes 44391684Sdes - ENHANCE: Prevent applications from specifying the PAM_PRELIM_CHECK 44491684Sdes or PAM_UPDATE_AUTHTOK flags themselves. 44591684Sdes 44691684Sdes - BUGFIX: openpam_set_option() did not support changing the value of 44791684Sdes an existing option. 44891684Sdes 44991684Sdes - ENHANCE: Add support for module versioning. OpenPAM will prefer a 45091684Sdes module with the same version number as the library itself to one 45191684Sdes with no version number at all. 45291684Sdes============================================================================ 453236109SdesOpenPAM Cantaloupe 2002-02-22 45491100Sdes 45591100Sdes - BUGFIX: The proper use of PAM_SYMBOL_ERR is to indicate an invalid 45691100Sdes argument to pam_[gs]et_item(3), not to indicate dlsym(3) failures. 45791100Sdes 45891100Sdes - ENHANCE: Add in-line documentation in most source files, and a Perl 45991100Sdes script that generates mdoc code from that. 46091100Sdes 46191100Sdes - BUGFIX: The environment list was not properly NULL-terminated. 46291100Sdes 46391100Sdes - ENHANCE: Allow the PAM_AUTHTOK_PROMPT item to override the prompt 46491100Sdes specified by the module. 46591100Sdes 46691100Sdes - BUGFIX: PAM_NUM_ITEMS was set too low. It has been moved to 46791100Sdes pam_constants.h to avoid it going stale again. 46891100Sdes 46991100Sdes - ENHANCE: Move all code related to static modules into a separate 47091100Sdes file. 47191100Sdes 47291100Sdes - ENHANCE: openpam_ttyconv() now masks most signals while prompting the 47391100Sdes user, and supports setting a timeout (which defaults to off). 47491100Sdes 47591100Sdes - BUGFIX: Some manual pages referenced XSSO even though they 47691100Sdes documented OpenPAM-specific functions. 47791100Sdes 47891100Sdes - ENHANCE: Added openpam_get_option() and openpam_set_option(). 47991100Sdes 48091100Sdes - ENHANCE: openpam_get_authtok() now respects the echo_pass, 48191100Sdes try_first_pass, and use_first_pass options. 48291100Sdes============================================================================ 483236109SdesOpenPAM Caliopsis 2002-02-13 48491097Sdes 48591097SdesFixed a number of bugs in the previous release, including: 48691097Sdes - a number of bugs in and related to pam_[gs]et_item(3) 48791097Sdes - off-by-one bug in pam_start.c would trim last character off certain 48891097Sdes configuration lines 48991097Sdes - incorrect ordering of an array in openpam_load.c would cause service 49091097Sdes module functions to get mixed up 49191097Sdes - missing 'continue' in openpam_dispatch.c caused successes to be 49291097Sdes counted as failures 49391097Sdes============================================================================ 494236109SdesOpenPAM Calamite 2002-02-09 49591094Sdes 49691094SdesFirst (beta) release. 497