4.14.0-rc1

Signed-off-by: Serge Hallyn <serge@hallyn.com>

.builds/alpine-edge.yml

@@ -0,0 +1,34 @@
+image: alpine/latest
+# apk add --update alpine-sdk
+packages:
+  - cmd:setcap
+  - autoconf
+  - automake
+  - byacc
+  - expect
+  - gettext
+  - gettext-dev
+  - gettext-lang
+  - libbsd-dev
+  - libcap-dev
+  - libtool
+  - linux-pam-dev
+  - pkgconf
+  - sed
+sources:
+  - https://github.com/shadow-maint/shadow
+tasks:
+  - build: |
+      cd shadow
+      ./autogen.sh --without-selinux --disable-man --disable-nls
+      grep ENABLE_ config.status
+  - tasks: |
+      cd shadow
+      cat /proc/self/uid_map
+      cat /proc/self/status
+      make
+      make DESTDIR=/tmp/shadow-inst install
+      sudo make install
+      #TODO - fix up the tests.  Let's merge what's here now as it
+      #at least tests build.
+      #(cd tests; sudo ./run_some || { cat testsuite.log; false; })

.builds/fedora.yml

@@ -0,0 +1,33 @@
+image: fedora/latest
+packages:
+  - autoconf
+  - automake
+  - byacc
+  - expect
+  - findutils
+  - gettext
+  - gettext-devel
+  - git
+  - libbsd-devel
+  - libselinux-devel
+  - libsemanage-devel
+  - libtool
+  - libxslt
+  - pkgconf
+sources:
+  - https://github.com/shadow-maint/shadow
+tasks:
+  - build: |
+      cd shadow
+      ./autogen.sh --with-selinux --enable-man
+      grep ENABLE_ config.status
+  - tasks: |
+      cd shadow
+      cat /proc/self/uid_map
+      cat /proc/self/status
+      make
+      make DESTDIR=/tmp/shadow-inst install
+      sudo make install
+      #TODO - fix up the tests.  Let's merge what's here now as it
+      #at least tests build.
+      #(cd tests; sudo ./run_some || { cat testsuite.log; false; })

.builds/ubuntu-focal.yml

@@ -0,0 +1,28 @@
+image: ubuntu/focal
+packages:
+  - automake
+  - autopoint
+  - xsltproc
+  - libbsd-dev
+  - libselinux1-dev
+  - gettext
+  - expect
+  - byacc
+  - libtool
+  - pkgconf
+sources:
+  - https://github.com/shadow-maint/shadow
+tasks:
+  - build: |
+      cd shadow
+      ./autogen.sh --without-selinux --disable-man
+      grep ENABLE_ config.status
+  - tasks: |
+      cd shadow
+      cat /proc/self/uid_map
+      cat /proc/self/status
+      systemd-detect-virt
+      make
+      make DESTDIR=/tmp/shadow-inst install
+      sudo make install
+      (cd tests; sudo ./run_some || { cat testsuite.log; false; })

.builds/ubuntu-jammy.yml

@@ -0,0 +1,28 @@
+image: ubuntu/22.04
+packages:
+  - automake
+  - autopoint
+  - xsltproc
+  - libbsd-dev
+  - libselinux1-dev
+  - gettext
+  - expect
+  - byacc
+  - libtool
+  - pkgconf
+sources:
+  - https://github.com/shadow-maint/shadow
+tasks:
+  - build: |
+      cd shadow
+      ./autogen.sh --without-selinux --enable-man
+      grep ENABLE_ config.status
+  - tasks: |
+      cat /proc/self/uid_map
+      cat /proc/self/status
+      systemd-detect-virt
+      cd shadow
+      make
+      make DESTDIR=/tmp/shadow-inst install
+      sudo make install
+      (cd tests; sudo ./run_some || { cat testsuite.log; false; })

.editorconfig

@@ -0,0 +1,4 @@
+root = true
+
+[*.{c,h}]
+indent_style = tab

.github/actions/install-dependencies/action.yml

@@ -0,0 +1,12 @@
+name: 'Install dependencies'
+description: 'Install dependencies to build shadow-utils'
+runs:
+  using: "composite"
+  steps:
+  - shell: bash
+    run: |
+      sudo apt-get update -y
+      sudo apt-get install -y ubuntu-dev-tools libbsd-dev
+      sudo sed -Ei 's/^# deb-src /deb-src /' /etc/apt/sources.list
+      sudo apt-get update -y
+      sudo apt-get -y build-dep shadow

.github/workflows/main.yml

@@ -1,43 +0,0 @@
-name: CI
-
-on:
-  push:
-    branches: [ master ]
-  pull_request:
-    branches: [ master ]
-  # Allows you to run this workflow manually from the Actions tab
-  workflow_dispatch:
-
-jobs:
-  build:
-
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v2
-    - name: debug
-      run: |
-        id
-        which bash
-        whoami
-        env
-        ps -ef
-        pwd
-        cat /proc/self/uid_map
-        cat /proc/self/status
-        systemd-detect-virt
-    - name: Install dependencies
-      run: |
-        sudo apt-get update
-        sudo apt-get -y install automake autopoint xsltproc gettext expect byacc libtool
-    - name: configure
-      run: |
-        ./autogen.sh --without-selinux --disable-man
-        grep ENABLE_ config.status
-    - run: make
-    - run: make install DESTDIR=${HOME}/rootfs
-    - run: sudo make install
-    - run: |
-        cd tests
-        sudo ./run_some
-        cat testsuite.log

.github/workflows/runner.yml

@@ -0,0 +1,76 @@
+name: CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: debug
+      run: |
+        id
+        which bash
+        whoami
+        env
+        ps -ef
+        pwd
+        cat /proc/self/uid_map
+        cat /proc/self/status
+        systemd-detect-virt
+    - name: Install dependencies
+      run: |
+        sudo cat /etc/apt/sources.list
+        sudo sed -i '/deb-src/d' /etc/apt/sources.list
+        sudo sed -i '/^deb /p;s/ /-src /' /etc/apt/sources.list
+        export DEBIAN_PRIORITY=critical
+        export DEBIAN_FRONTEND=noninteractive
+        # let's try to work around upgrade breakage in a pkg we don't care about
+        sudo apt-mark hold grub-efi-amd64-bin grub-efi-amd64-signed
+        sudo apt-get update
+        sudo apt-get -y dist-upgrade
+        sudo apt-get -y install ubuntu-dev-tools automake autopoint xsltproc gettext expect byacc libtool libbsd-dev pkgconf
+        sudo apt-get -y build-dep shadow
+    - name: configure
+      run: |
+        autoreconf -v -f --install
+        ./autogen.sh --without-selinux --disable-man --with-yescrypt
+    - run: make
+    - run: make install DESTDIR=${HOME}/rootfs
+    - run: sudo make install
+    - name: run tests in shell with tty
+      shell: 'script -q -e -c "bash {0}"'
+      run: |
+        set -e
+        cd tests
+        sudo ./run_some
+        cat testsuite.log
+
+  container-build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        os: [alpine, debian, fedora]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Build container
+      run: |
+        docker buildx build -f ./share/containers/${{ matrix.os }}.dockerfile . --output build-out
+
+    - name: Store artifacts
+      uses: actions/upload-artifact@v3
+      with:
+        name: ${{ matrix.os }}-build
+        path: |
+          ./build-out/config.log
+          ./build-out/config.h
+        if-no-files-found: ignore

.github/workflows/static-code-analysis.yml

@@ -0,0 +1,61 @@
+name: "Static code analysis"
+on:
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master]
+  schedule:
+    # Everyday at midnight
+    - cron: '0 0 * * *'
+jobs:
+  codeql:
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Install dependencies
+      id: dependencies
+      uses: ./.github/actions/install-dependencies
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: cpp
+        queries: +security-and-quality
+
+    - name: Configure shadow-utils
+      run: ./autogen.sh --without-selinux --disable-man
+
+    - name: Build shadow-utils
+      run: |
+        PROCESSORS=$(/usr/bin/getconf _NPROCESSORS_ONLN)
+        make -kj$PROCESSORS || true
+
+    - name: Check build errors
+      run: make
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
+
+  differential-shellcheck:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      security-events: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      # Doc: https://github.com/redhat-plumbers-in-action/differential-shellcheck#usage
+      - name: Differential ShellCheck
+        uses: redhat-plumbers-in-action/differential-shellcheck@v3
+        with:
+          severity: warning
+          token: ${{ secrets.GITHUB_TOKEN }}

.travis.yml

@@ -36,7 +36,7 @@ addons:
     notification_email: christian.brauner@ubuntu.com,serge@hallyn.com
 
     build_command_prepend: "./autogen.sh --without-selinux --disable-man"
-    build_command: "make -j4"
+    build_command: "make -kj4 || make"
     branch_pattern: master
 
 script:

AUTHORS.md

@@ -3,87 +3,88 @@ reports and various comments. This list may be incomplete, I received
 a lot of mail...
 
 # Maintainers
-Tomasz Kłoczko <kloczek@pld.org.pl> (2000-2007)
-Nicolas François <nicolas.francois@centraliens.net> (2007-2014)
-Serge E. Hallyn <serge@hallyn.com> (2014-now)
-Christian Brauner <christian@brauner.io> (2019-now)
+* Marek Michałkiewicz <marekm72@gmail.com> (1995-2000)
+* Tomasz Kłoczko <kloczek@pld.org.pl> (2000-2007)
+* Nicolas François <nicolas.francois@centraliens.net> (2007-2014)
+* Serge E. Hallyn <serge@hallyn.com> (2014-now)
+* Christian Brauner <christian@brauner.io> (2019-now)
+* Iker Pedrosa <ipedrosa@redhat.com> (2022-now)
 
 # Authors and contributors
-Adam Rudnicki <adam@v-lo.krakow.pl>
-Alan Curry <pacman@tardis.mars.net>
-Aleksa Sarai <cyphar@cyphar.com>
-Alexander O. Yuriev <alex@bach.cis.temple.edu>
-Algis Rudys <arudys@rice.edu>
-Andreas Jaeger <aj@arthur.rhein-neckar.de>
-Andy Zaugg <andy.zaugg@gmail.com>
-Aniello Del Sorbo <anidel@edu-gw.dia.unisa.it>
-Anton Gluck <gluc@midway.uchicago.edu>
-Arkadiusz Miskiewicz <misiek@pld.org.pl>
-Ben Collins <bcollins@debian.org>
-Brian R. Gaeke <brg@dgate.org>
-Calle Karlsson <ckn@kash.se>
-Chip Rosenthal <chip@unicom.com>
-Chris Evans <lady0110@sable.ox.ac.uk>
-Chris Lamb <chris@chris-lamb.co.uk>
-Cristian Gafton <gafton@sorosis.ro>
-Dan Walsh <dwalsh@redhat.com>
-Darcy Boese <possum@chardonnay.niagara.com>
-Dave Hagewood <admin@arrowweb.com>
-David A. Holland <dholland@hcs.harvard.edu>
-David Frey <David.Frey@lugs.ch>
-Ed Carp <ecarp@netcom.com>
-Ed Neville <ed@s5h.net>
-Eric W. Biederman" <ebiederm@xmission.com>
-Floody <flood@evcom.net>
-Frank Denis <j@4u.net>
-George Kraft IV <gk4@us.ibm.com>
-Greg Mortensen <loki@world.std.com>
-Guido van Rooij
-Guy Maor <maor@debian.org>
-Hrvoje Dogan <hdogan@bjesomar.srce.hr>
-Iker Pedrosa <ipedrosa@redhat.com>
-Jakub Hrozek <jhrozek@redhat.com>
-Janos Farkas <chexum@bankinf.banki.hu>
-Jason Franklin <jason.franklin@quoininc.com>
-Jay Soffian <jay@lw.net>
-Jesse Thilo <Jesse.Thilo@pobox.com>
-Joey Hess <joey@kite.ml.org>
-John Adelsberger <jja@umr.edu>
-Jonathan Hankins <jhankins@mailserv.homewood.k12.al.us>
-Jon Lewis <jlewis@lewis.org>
-Joshua Cowan <jcowan@hermit.reslife.okstate.edu>
-Judd Bourgeois <shagboy@bluesky.net>
-Juergen Heinzl <unicorn@noris.net>
-Juha Virtanen <jiivee@iki.fi>
-Julian Pidancet <julian.pidancet@gmail.com>
-Julianne Frances Haugh <julie78787@gmail.com>
-Leonard N. Zubkoff <lnz@dandelion.com>
-Luca Berra <bluca@www.polimi.it>
-Lukáš Kuklínek <lkukline@redhat.com>
-Lutz Schwalowsky <schwalow@mineralogie.uni-hamburg.de>
-Marc Ewing <marc@redhat.com>
-Martin Bene <mb@sime.com>
-Martin Mares <mj@gts.cz>
-Michael Meskes <meskes@topsystem.de>
-Michael Talbot-Wilson <mike@calypso.bns.com.au>
-Michael Vetter <jubalh@iodoru.org>
-Mike Frysinger <vapier@gentoo.org>
-Mike Pakovic <mpakovic@users.southeast.net>
-Nicolas François <nicolas.francois@centraliens.net>
-Nikos Mavroyanopoulos <nmav@i-net.paiko.gr>
-Pavel Machek <pavel@bug.ucw.cz>
-Peter Vrabec <pvrabec@redhat.com>
-Phillip Street
-Rafał Maszkowski <rzm@icm.edu.pl>
-Rani Chouha <ranibey@smartec.com>
-Sami Kerola <kerolasa@rocketmail.com>
-Scott Garman <scott.a.garman@intel.com>
-Sebastian Rick Rijkers <srrijkers@gmail.com>
-Seraphim Mellos <mellos@ceid.upatras.gr>
-Shane Watts <shane@nexus.mlckew.edu.au>
-Steve M. Robbins <steve@nyongwa.montreal.qc.ca>
-Thorsten Kukuk <kukuk@suse.de>
-Tim Hockin <thockin@eagle.ais.net>
-Timo Karjalainen <timok@iki.fi>
-Ulisses Alonso Camaro <ulisses@pusa.eleinf.uv.es>
-Werner Fink <werner@suse.de>
+* Adam Rudnicki <adam@v-lo.krakow.pl>
+* Alan Curry <pacman@tardis.mars.net>
+* Aleksa Sarai <cyphar@cyphar.com>
+* Alexander O. Yuriev <alex@bach.cis.temple.edu>
+* Algis Rudys <arudys@rice.edu>
+* Andreas Jaeger <aj@arthur.rhein-neckar.de>
+* Andy Zaugg <andy.zaugg@gmail.com>
+* Aniello Del Sorbo <anidel@edu-gw.dia.unisa.it>
+* Anton Gluck <gluc@midway.uchicago.edu>
+* Arkadiusz Miskiewicz <misiek@pld.org.pl>
+* Ben Collins <bcollins@debian.org>
+* Brian R. Gaeke <brg@dgate.org>
+* Calle Karlsson <ckn@kash.se>
+* Chip Rosenthal <chip@unicom.com>
+* Chris Evans <lady0110@sable.ox.ac.uk>
+* Chris Lamb <chris@chris-lamb.co.uk>
+* Cristian Gafton <gafton@sorosis.ro>
+* Dan Walsh <dwalsh@redhat.com>
+* Darcy Boese <possum@chardonnay.niagara.com>
+* Dave Hagewood <admin@arrowweb.com>
+* David A. Holland <dholland@hcs.harvard.edu>
+* David Frey <David.Frey@lugs.ch>
+* Ed Carp <ecarp@netcom.com>
+* Ed Neville <ed@s5h.net>
+* Eric W. Biederman" <ebiederm@xmission.com>
+* Floody <flood@evcom.net>
+* Frank Denis <j@4u.net>
+* George Kraft IV <gk4@us.ibm.com>
+* Greg Mortensen <loki@world.std.com>
+* Guido van Rooij
+* Guy Maor <maor@debian.org>
+* Hrvoje Dogan <hdogan@bjesomar.srce.hr>
+* Jakub Hrozek <jhrozek@redhat.com>
+* Janos Farkas <chexum@bankinf.banki.hu>
+* Jason Franklin <jason.franklin@quoininc.com>
+* Jay Soffian <jay@lw.net>
+* Jesse Thilo <Jesse.Thilo@pobox.com>
+* Joey Hess <joey@kite.ml.org>
+* John Adelsberger <jja@umr.edu>
+* Jonathan Hankins <jhankins@mailserv.homewood.k12.al.us>
+* Jon Lewis <jlewis@lewis.org>
+* Joshua Cowan <jcowan@hermit.reslife.okstate.edu>
+* Judd Bourgeois <shagboy@bluesky.net>
+* Juergen Heinzl <unicorn@noris.net>
+* Juha Virtanen <jiivee@iki.fi>
+* Julian Pidancet <julian.pidancet@gmail.com>
+* Julianne Frances Haugh <julie78787@gmail.com>
+* Leonard N. Zubkoff <lnz@dandelion.com>
+* Luca Berra <bluca@www.polimi.it>
+* Lukáš Kuklínek <lkukline@redhat.com>
+* Lutz Schwalowsky <schwalow@mineralogie.uni-hamburg.de>
+* Marc Ewing <marc@redhat.com>
+* Martin Bene <mb@sime.com>
+* Martin Mares <mj@gts.cz>
+* Michael Meskes <meskes@topsystem.de>
+* Michael Talbot-Wilson <mike@calypso.bns.com.au>
+* Michael Vetter <jubalh@iodoru.org>
+* Mike Frysinger <vapier@gentoo.org>
+* Mike Pakovic <mpakovic@users.southeast.net>
+* Nicolas François <nicolas.francois@centraliens.net>
+* Nikos Mavroyanopoulos <nmav@i-net.paiko.gr>
+* Pavel Machek <pavel@bug.ucw.cz>
+* Peter Vrabec <pvrabec@redhat.com>
+* Phillip Street
+* Rafał Maszkowski <rzm@icm.edu.pl>
+* Rani Chouha <ranibey@smartec.com>
+* Sami Kerola <kerolasa@rocketmail.com>
+* Scott Garman <scott.a.garman@intel.com>
+* Sebastian Rick Rijkers <srrijkers@gmail.com>
+* Seraphim Mellos <mellos@ceid.upatras.gr>
+* Shane Watts <shane@nexus.mlckew.edu.au>
+* Steve M. Robbins <steve@nyongwa.montreal.qc.ca>
+* Thorsten Kukuk <kukuk@suse.de>
+* Tim Hockin <thockin@eagle.ais.net>
+* Timo Karjalainen <timok@iki.fi>
+* Ulisses Alonso Camaro <ulisses@pusa.eleinf.uv.es>
+* Werner Fink <werner@suse.de>

COPYING

@@ -1,118 +1,41 @@
-NOTE:
-  This license has been obsoleted by the change to the BSD-style copyright.
-  You may continue to use this license if you wish, but you are under no
-  obligation to do so.
+SPDX-License-Identifier: BSD-3-Clause
 
-(*
-This document is freely plagiarised from the 'Artistic Licence',
-distributed as part of the Perl v4.0 kit by Larry Wall, which is
-available from most major archive sites.  I stole it from CrackLib.
+All files under this project either
 
-	$Id$
-*)
+1. fall under the BSD 3 clause license (by default).
 
-This documents purpose is to state the conditions under which this
-Package (See definition below) viz: "Shadow", the Shadow Password Suite
-which is held by Julianne Frances Haugh, may be copied, such that the
-copyright holder maintains some semblance of artistic control over the
-development of the package, while giving the users of the package the
-right to use and distribute the Package in a more-or-less customary
-fashion, plus the right to make reasonable modifications.
+2. carry an SPDX header declaring what license applies.
 
-So there.
+or
 
-***************************************************************************
+3. list a full custom license
 
-Definitions:
+This software is originally
 
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
 
-A "Package" refers to the collection of files distributed by the
-Copyright Holder, and derivatives of that collection of files created
-through textual modification, or segments thereof.
-
-"Standard Version" refers to such a Package if it has not been modified,
-or has been modified in accordance with the wishes of the Copyright
-Holder.
-
-"Copyright Holder" is whoever is named in the copyright or copyrights
-for the package.
-
-"You" is you, if you're thinking about copying or distributing this
-Package.
-
-"Reasonable copying fee" is whatever you can justify on the basis of
-media cost, duplication charges, time of people involved, and so on.
-(You will not be required to justify it to the Copyright Holder, but
-only to the computing community at large as a market that must bear the
-fee.)
-
-"Freely Available" means that no fee is charged for the item itself,
-though there may be fees involved in handling the item.  It also means
-that recipients of the item may redistribute it under the same
-conditions they received it.
-
-
-1.  You may make and give away verbatim copies of the source form of the
-Standard Version of this Package without restriction, provided that you
-duplicate all of the original copyright notices and associated
-disclaimers.
-
-2.  You may apply bug fixes, portability fixes and other modifications
-derived from the Public Domain or from the Copyright Holder.  A Package
-modified in such a way shall still be considered the Standard Version.
-
-3.  You may otherwise modify your copy of this Package in any way,
-provided that you insert a prominent notice in each changed file stating
-how and when AND WHY you changed that file, and provided that you do at
-least ONE of the following:
-
-a) place your modifications in the Public Domain or otherwise make them
-Freely Available, such as by posting said modifications to Usenet or an
-equivalent medium, or placing the modifications on a major archive site
-such as uunet.uu.net, or by allowing the Copyright Holder to include
-your modifications in the Standard Version of the Package.
-
-b) use the modified Package only within your corporation or organization.
-
-c) rename any non-standard executables so the names do not conflict with
-standard executables, which must also be provided, and provide separate
-documentation for each non-standard executable that clearly documents
-how it differs from the Standard Version.
-
-d) make other distribution arrangements with the Copyright Holder.
-
-4.  You may distribute the programs of this Package in object code or
-executable form, provided that you do at least ONE of the following:
-
-a) distribute a Standard Version of the executables and library files,
-together with instructions (in the manual page or equivalent) on where
-to get the Standard Version.
-
-b) accompany the distribution with the machine-readable source of the
-Package with your modifications.
-
-c) accompany any non-standard executables with their corresponding
-Standard Version executables, giving the non-standard executables
-non-standard names, and clearly documenting the differences in manual
-pages (or equivalent), together with instructions on where to get the
-Standard Version.
-
-d) make other distribution arrangements with the Copyright Holder.
-
-5.  You may charge a reasonable copying fee for any distribution of this
-Package.  You may charge any fee you choose for support of this Package.
-YOU MAY NOT CHARGE A FEE FOR THIS PACKAGE ITSELF.  However, you may
-distribute this Package in aggregate with other (possibly commercial)
-programs as part of a larger (possibly commercial) software distribution
-provided that YOU DO NOT ADVERTISE this package as a product of your
-own.
-
-6.  The name of the Copyright Holder may not be used to endorse or
-promote products derived from this software without specific prior
-written permission.
-
-7.  THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
-WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
-MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
-
-				The End
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

ChangeLog

@@ -1,3 +1,118 @@
+2022-11-08  Serge Hallyn <serge@hallyn.com>
+
+	* useradd.8: fix default group ID (Tim Biermann)
+	* Revert drop of subid_init() (Serge Hallyn)
+	* Georgian translation (NorwayFun)
+	* useradd: Avoid taking unneeded space: do not reset non-existent data
+	  in lastlog (David Kalnischkies)
+	* relax username restrictions (Alexander Kanavin)
+	* selinux: check MLS enabled before setting serange (genBTC)
+	* copy_tree: use fchmodat instead of chmod (Samanta Navarro)
+	* copy_tree: don't block on FIFOs (Samanta Navarro)
+	* add shell linter (Jan Macku)
+	* copy_tree: carefully treat permissions (Samanta Navarro)
+	* lib/commonio: make lock failures more detailed (Luca BRUNO)
+	* lib: use strzero and memzero where applicable (Christian Göttsche)
+	* Update Dutch translation (Frans Spiesschaert)
+	* Don't test for NULL before calling free (Alex Colomar)
+	* Use libc MAX() and MIN() (Alejandro Colomar)
+	* chage: Fix regression in print_date (Xiami)
+	* usermod: report error if homedir does not exist (Iker Pedrosa)
+	* libmisc: minimum id check for system accounts (Iker Pedrosa)
+	* fix usermod -rG x y wrongly adding a group (xyz)
+	* man: add missing space in useradd.8.xml (Iker Pedrosa)
+	* lastlog: check for localtime() return value (Iker Pedrosa)
+	* Raise limit for passwd and shadow entry length (Iker Pedrosa)
+	* Remove adduser-old.c (Alejandro Colomar)
+	* useradd: Fix buffer overflow when using a prefix (David Michael)
+	* Don't warn when failed to open /etc/nsswitch.conf (Serge Hallyn)
+
+2022-08-15  Serge Hallyn <serge@hallyn.com>
+
+	* Address CVE-2013-4235 (TOCTTOU when copying directories)
+	  (Christian Göttsche)
+
+2022-08-15  Serge Hallyn <serge@hallyn.com>
+
+	* Fix uk manpages
+
+2022-08-08  Serge Hallyn <serge@hallyn.com>
+
+	* Add absolute path hint to --root (Celeste Liu)
+	* Various cleanups (Christian Göttsche)
+	* Fix Ubuntu release used in CI tests (Jeremy Whiting)
+	* add -F options to useradd (and tests) (Masatake YAMATO)
+	* useradd manpage updates (Masatake YAMATO and Alexander Zhang))
+	* Check for ownerid (not just username) in subid ranges (Iker Pedrosa)
+
+2022-07-04  Serge Hallyn <serge@hallyn.com>
+
+	* Declare file local functions static (Christian Göttsche)
+	* Use strict prototypes (Christian Göttsche)
+	* Do not drop const qualifier for Basename (Christian Göttsche)
+	* Constify various pointers (Christian Göttsche)
+	* Don't return uninitialized memory (Christian Göttsche)
+	* Don't let compiler optimize away memory cleaning (Christian Göttsche)
+	* Remove many obsolete compatibility checks  and defines (Alejandro Colomar)
+	* Modify ID range check in useradd (Iker Pedrosa)
+	* Use "extern "C"" to make libsubid easier to use from C++ (Alois Wohlschlager)
+	* French translation updates (bubu)
+	* Fix s/with-pam/with-libpam/ (serge)
+	* Spanish translation updates (Fernando)
+	* French translation fixes (Balint Reczey)
+	* Default max group name length to 32 (Jami Kettunen)
+	* Fix PAM service files without-selinux (Ali Riza KESKIN)
+	* Improve manpages (Markus Hiereth)
+	  - groupadd, useradd, usermod
+	  - groups and id
+	  - pwck
+	* Add fedora to CI builds (Iker Pedrosa)
+	* Fix condition under which pw_dir check happens (Ed Neville)
+	* logoutd: switch to strncat (Steve Grubb)
+	* AUTHORS: improve markdown output (Iker Pedrosa)
+	* Handle ERANGE errors correctly (Niko)
+	* Check for fopen NULL return (juyin)
+	* Split get_salt() into its own fn juyin)
+	* Get salt before chroot to ensure /dev/urandom. (juyin)
+	* Chpasswd code cleanup (juyin)
+	* Work around git safe.directory enforcement (serge)
+	* Alphabetize order in usermod help (Matheus Marques)
+	* Erase password copy on error branches (Christian Göttsche)
+	* Suggest using --badname if needed (Iker Pedrosa)
+	* Update translation files (Iker Pedrosa)
+	* Correct badnames option to badname (Iker Pedrosa)
+	* configure: replace obsolete autoconf macros (Christian Göttsche)
+	* tests: replace egrep with grep -E (Sam James)
+	* Update Ukrainian translations (Yuri Chornoivan)
+	* Cleanups (Iker Pedrosa)
+	  - Remove redeclared variable
+	  - Remove commented out code and FIXMEs
+	  - Add header guards
+	  - Initialize local variables
+	* CI updates (Iker Pedrosa)
+	  - Create github workflow to install dependencies
+	  - Enable CodeQL
+	  - Update actions version
+	* libmisc: use /dev/urandom as fallback if other methods fail (Xi Ruoyao)
+
+
+2022-01-02  Serge Hallyn <serge@hallyn.com>
+
+	* build: include lib/shadowlog_internal.h in dist tarballs (Sam James)
+
+2022-01-02  Serge Hallyn <serge@hallyn.com>
+
+	* Handle possible TOCTTOU issues in usermod/userdel (edneville)
+	  * (CVE-2013-4235)
+	  * Use O_NOFOLLOW when copying file
+	  * Kill all user tasks in userdel
+	* Fix useradd -D segfault (Xi Ruoyao)
+	* Clean up obsolete libc feature-check ifdefs (Alejandro Colomar)
+	* Fix -fno-common build breaks due to duplicate Prog declarations
+	  (Adam Sampson)
+	* Have single date_to_str definition (Alejandro Colomar)
+	* Fix libsubid SONAME version (Sam James)
+
 2021-12-19  Serge Hallyn <serge@hallyn.com>
 
 	Note: From this release forward, su from this package should be
@@ -9443,7 +9558,7 @@
 	* NEWS: release date corrected.
 
 	* NEWS, src/su.c:
-	fixed set enviroment too early when using PAM, so move it to !USE_PAM
+	fixed set environment too early when using PAM, so move it to !USE_PAM
 	(patch submitted by Mike Frysinger <vapier@gentoo.org>).
 
 2006-07-30  Tomasz Kłoczko  <kloczek@pld.org.pl>
@@ -10130,7 +10245,7 @@
 	* NEWS: cleanups.
 
 	* autogen.sh:
-	by default in development enviroment use CFLAGS="-O2 -Wall".
+	by default in development environment use CFLAGS="-O2 -Wall".
 
 	* src/chgpasswd.c (main): remove two unused variables (newgr and now).
 
@@ -11539,7 +11654,7 @@
 	in OPTIONS section). Describe -a and -k options.
 
 	* NEWS, src/su.c:
-	fixed twice copy enviroment which causes auth problems (bug was introduced in 4.0.12;
+	fixed twice copy environment which causes auth problems (bug was introduced in 4.0.12;
 	fix by Nicolas François <nicolas.francois@centraliens.net>).
 
 	* src/passwd.c, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po:
@@ -12469,7 +12584,7 @@
 	http://bugs.debian.org/48002
 
 	* src/login.c, NEWS:
-	fixed loggin of username on succesful login (was using the normal username,
+	fixed loggin of username on successful login (was using the normal username,
 	when it should have used pam_user) http://bugs.debian.org/47819
 
 2005-06-02  Tomasz Kłoczko  <kloczek@pld.org.pl>
@@ -12914,7 +13029,7 @@
 	* man/pl/usermod.8: finish sync with english version.
 
 	* man/hu/login.1, man/pl/login.1, NEWS, man/Attic/login.1, man/de/login.1:
-	removed fragment about abilities pass enviroment variables in login prompt.
+	removed fragment about abilities pass environment variables in login prompt.
 
 	* man/Attic/gpasswd.1, man/Attic/newgrp.1:
 	fixes by Nicolas Nicolas François <nicolas.francois@centraliens.net> (not all
@@ -13393,7 +13508,7 @@
 	removed not used translations.
 
 	* NEWS, src/su.c:
-	fix adding of pam_env env variables to enviroment (Martin Schlemmer <azarah@nosferatu.za.org>).
+	fix adding of pam_env env variables to environment (Martin Schlemmer <azarah@nosferatu.za.org>).
 
 	* NEWS, configure.in:
 	fixed filling MAIL_SPOOL_DIR and MAIL_SPOOL_FILE variables which was allways
@@ -13490,7 +13605,7 @@
 
 	* NEWS, src/su.c:
 	add pam_open_session() support. If builded without PAM support
-	propagate $DISPLAY and $XAUTHORITY enviroment variables.
+	propagate $DISPLAY and $XAUTHORITY environment variables.
 	Based on http://www.gentoo.org/cgi-bin/viewcvs.cgi/sys-apps/shadow/files/shadow-4.0.4.1-su-pam_open_session.patch?rev=1.1
 
 2004-10-23  Tomasz Kłoczko  <kloczek@pld.org.pl>

NEWS

@@ -696,7 +696,7 @@ shadow-4.0.18 -> shadow-4.0.18.1					03-08-2006
 shadow-4.0.17 -> shadow-4.0.18						01-08-2006
 
 *** general:
-- su: fixed set enviroment too early when using PAM, so move it to !USE_PAM
+- su: fixed set environment too early when using PAM, so move it to !USE_PAM
   (patch submitted by Mike Frysinger <vapier@gentoo.org>),
 - groupadd, groupmod, useradd, usermod: fixed UID/GID overflow (fixed
   http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198920)
@@ -855,7 +855,7 @@ shadow-4.0.14 -> shadow-4.0.15						13-03-2006
 - su: move exit() outside libmisc/shell.c::shell() for handle shell() errors
   on higher level (now is better visable where some programs exit with 126
   and 127 exit codes); added new shell() parameter (char *const envp[])
-  which allow fix preserving enviroment in su on using -p, (patch by
+  which allow fix preserving environment in su on using -p, (patch by
   Alexander Gattin <xrgtn@yandex.ru>),
 - su: added handle -c,--command option for GNU su compliance (merge
   437_su_-c_option Debian patch),
@@ -966,7 +966,7 @@ shadow-4.0.12 -> shadow-4.0.13						10-10-2005
   to example described in ident(1) man page (modern compilers like latest GCC
   removes not used functions by global optimization).
   So "ident /usr/bin/passwd" will show again some useable informations
-- su: fixed twice copy enviroment which causes auth problems
+- su: fixed twice copy environment which causes auth problems
   (bug was introduced in 4.0.12; fix by Nicolas François <nicolas.francois@centraliens.net>),
 - chage: differentiate the different failure causes by the exit value
   This will permit to adduser Debian script to detect if chage failed because the
@@ -1133,7 +1133,7 @@ shadow-4.0.9 -> shadow-4.0.10						28-06-2005
   http://bugs.debian.org/53702
 - login: check for hushed login and pass PAM_SILENT if true,
   http://bugs.debian.org/48002
-- login: fixed username on succesful login (was using the normal username,
+- login: fixed username on successful login (was using the normal username,
   when it should have used pam_user) http://bugs.debian.org/47819
 - remove using SHADOWPWD #define so now shadow is always built with shadow
   password support,
@@ -1212,7 +1212,7 @@ shadow-4.0.7 -> shadow-4.0.8						26-04-2005
   (without gshadow) doesn't permit to use newgrp,
 - newgrp(1): newgrp uses /bin/sh (not bash),
 - faillog(8): updated after rewritten faillog command for use getopt_long(),
-- login(1): removed fragment about abilities pass enviroment variables in login prompt,
+- login(1): removed fragment about abilities pass environment variables in login prompt,
 - gshadow(5): new file (by Nicolas Nicolas François <nicolas.francois@centraliens.net>),
 - usermod(8): fixed #302388 Debian bug: added separated -o option description,
 
@@ -1242,7 +1242,7 @@ shadow-4.0.6 -> shadow-4.0.7						26-01-2005
 
 shadow-4.0.5 -> shadow-4.0.6						08-11-2004
 
-- su: fixed adding of pam_env env variables to enviroment
+- su: fixed adding of pam_env env variables to environment
   (Martin Schlemmer <azarah@nosferatu.za.org>),
 - autoconf: fixed filling MAIL_SPOOL_DIR and MAIL_SPOOL_FILE variables
   which was always empty (Gregorio Guidi <g.guidi@sns.it>),
@@ -1275,7 +1275,7 @@ shadow-4.0.4.1 -> shadow-4.0.5						27-10-2004
   including symlinks placed into /etc/skel/public_html for example.
   http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=66819
 - su: add pam_open_session() support. If built without PAM support
-  propagate $DISPLAY and $XAUTHORITY enviroment variables.
+  propagate $DISPLAY and $XAUTHORITY environment variables.
   Based on http://www.gentoo.org/cgi-bin/viewcvs.cgi/sys-apps/shadow/files/shadow-4.0.4.1-su-pam_open_session.patch?rev=1.1
 - applied 036_pam_access_with_preauth.patch Debian patch submited by Bjorn
   Torkelsson <Bjorn.Torkelsson@hpc2n.umu.se>: add support for PAM account

README.md

@@ -31,6 +31,11 @@ There are several ways to contact us:
   https://alioth-lists-archive.debian.net/pipermail/pkg-shadow-commits/),
   only used for historical purposes
 
+## Contributions
+
+Contributions are welcome. Follow the
+[guidelines](doc/contributions/introduction.md) before posting any patches.
+
 ## Authors and maintainers
 Authors and maintainers are listed in [AUTHORS.md](
 https://github.com/shadow-maint/shadow/blob/master/AUTHORS.md).

SECURITY.md

@@ -9,3 +9,4 @@ At the moment only the latest release is supported.
 Security vulnerabilities may be reported to
 * Serge Hallyn <serge@hallyn.com> (B175CFA98F192AF2)
 * Christian Brauner <christian@brauner.io> (4880B8C9BD0E5106FC070F4F7B3C391EFEA93624)
+* Iker Pedrosa <ipedrosa@redhat.com> (4E80EF49C7987B6DE2F81F5005079C6C3A653E57)

acinclude.m4

@@ -6,7 +6,7 @@ AC_DEFUN([JH_PATH_XML_CATALOG],
 [
   # check for the presence of the XML catalog
   AC_ARG_WITH([xml-catalog],
-              AC_HELP_STRING([--with-xml-catalog=CATALOG],
+              AS_HELP_STRING([--with-xml-catalog=CATALOG],
                              [path to xml catalog to use]),,
               [with_xml_catalog=/etc/xml/catalog])
   jh_found_xmlcatalog=true

configure.ac

@@ -4,7 +4,7 @@ m4_define([libsubid_abi_major], 4)
 m4_define([libsubid_abi_minor], 0)
 m4_define([libsubid_abi_micro], 0)
 m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
-AC_INIT([shadow], [4.10], [pkg-shadow-devel@lists.alioth.debian.org], [],
+AC_INIT([shadow], [4.14.0-rc1], [pkg-shadow-devel@lists.alioth.debian.org], [],
 	[https://github.com/shadow-maint/shadow])
 AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
 AC_CONFIG_MACRO_DIRS([m4])
@@ -20,59 +20,41 @@ dnl Some hacks...
 test "$prefix" = "NONE" && prefix="/usr"
 test "$prefix" = "/usr" && exec_prefix=""
 
-AC_GNU_SOURCE
+AC_USE_SYSTEM_EXTENSIONS
 
-AM_ENABLE_STATIC
-AM_ENABLE_SHARED
+AC_ENABLE_STATIC
+AC_ENABLE_SHARED
 
 AM_MAINTAINER_MODE
 
 dnl Checks for programs.
 AC_PROG_CC
-AC_ISC_POSIX
 AC_PROG_LN_S
 AC_PROG_YACC
-AM_PROG_LIBTOOL
+LT_INIT
 
 dnl Checks for libraries.
 
 dnl Checks for header files.
-AC_HEADER_DIRENT
-AC_HEADER_STDC
-AC_HEADER_SYS_WAIT
-AC_HEADER_STDBOOL
-
-AC_CHECK_HEADERS(crypt.h errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
-	utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
-	utime.h ulimit.h sys/capability.h sys/random.h sys/resource.h \
-	gshadow.h lastlog.h locale.h rpc/key_prot.h netdb.h acl/libacl.h \
+AC_CHECK_HEADERS(crypt.h utmp.h \
+	termio.h sgtty.h sys/ioctl.h paths.h \
+	sys/capability.h sys/random.h \
+	gshadow.h lastlog.h rpc/key_prot.h acl/libacl.h \
 	attr/libattr.h attr/error_context.h)
 
 dnl shadow now uses the libc's shadow implementation
 AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
 
-AC_CHECK_FUNCS(arc4random_buf l64a fchmod fchown fsync futimes getgroups \
-	gethostname getentropy getrandom getspnam gettimeofday getusershell \
-	getutent initgroups lchown lckpwdf lstat lutimes memcpy memset \
-	setgroups sigaction strchr updwtmp updwtmpx innetgr getpwnam_r \
-	getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo ruserok \
-	dlopen)
+AC_CHECK_FUNCS(arc4random_buf futimes \
+	getentropy getrandom getspnam getusershell \
+	initgroups lckpwdf lutimes mempcpy \
+	setgroups updwtmp updwtmpx innetgr \
+	getspnam_r \
+	rpmatch \
+	memset_explicit explicit_bzero stpecpy stpeprintf)
 AC_SYS_LARGEFILE
 
 dnl Checks for typedefs, structures, and compiler characteristics.
-AC_C_CONST
-AC_TYPE_UID_T
-AC_TYPE_OFF_T
-AC_TYPE_PID_T
-AC_TYPE_MODE_T
-AC_HEADER_STAT
-AC_CHECK_MEMBERS([struct stat.st_rdev])
-AC_CHECK_MEMBERS([struct stat.st_atim])
-AC_CHECK_MEMBERS([struct stat.st_atimensec])
-AC_CHECK_MEMBERS([struct stat.st_mtim])
-AC_CHECK_MEMBERS([struct stat.st_mtimensec])
-AC_HEADER_TIME
-AC_STRUCT_TM
 
 AC_CHECK_MEMBERS([struct utmp.ut_type,
                   struct utmp.ut_id,
@@ -86,39 +68,11 @@ AC_CHECK_MEMBERS([struct utmp.ut_type,
                   struct utmp.ut_xtime,
                   struct utmp.ut_tv],,,[[#include <utmp.h>]])
 
-AC_CHECK_MEMBERS([struct utmpx.ut_name,
-                  struct utmpx.ut_host,
-                  struct utmpx.ut_syslen,
-                  struct utmpx.ut_addr,
-                  struct utmpx.ut_addr_v6,
-                  struct utmpx.ut_time,
-                  struct utmpx.ut_xtime],,,[[#include <utmpx.h>]])
-
-if test "$ac_cv_header_lastlog_h" = "yes"; then
-	AC_CACHE_CHECK(for ll_host in struct lastlog,
-		ac_cv_struct_lastlog_ll_host,
-		AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <lastlog.h>],
-					[struct lastlog ll; char *cp = ll.ll_host;]
-				)],
-			[ac_cv_struct_lastlog_ll_host=yes],
-			[ac_cv_struct_lastlog_ll_host=no]
-		)
-	)
-
-	if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then
-		AC_DEFINE(HAVE_LL_HOST, 1,
-			[Define if struct lastlog has ll_host])
-	fi
-fi
-
 dnl Checks for library functions.
 AC_TYPE_GETGROUPS
-AC_TYPE_SIGNAL
 AC_FUNC_UTIME_NULL
-AC_FUNC_STRFTIME
-AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir)
+AC_REPLACE_FUNCS(putgrent putpwent putspent)
 AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent)
-AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr)
 
 AC_CHECK_FUNC(setpgrp)
 AC_CHECK_FUNC(secure_getenv, [AC_DEFINE(HAS_SECURE_GETENV,
@@ -130,6 +84,10 @@ if test "$ac_cv_header_shadow_h" = "yes"; then
 		ac_cv_libc_shadowgrp,
 		AC_RUN_IFELSE([AC_LANG_SOURCE([
 				#include <shadow.h>
+				#ifdef HAVE_GSHADOW_H
+				#include <gshadow.h>
+				#endif
+				int
 				main()
 				{
 					struct sgrp *sg = sgetsgent("test:x::");
@@ -205,14 +163,14 @@ AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
 	[Path to passwd program.])
 
 dnl XXX - quick hack, should disappear before anyone notices :).
-AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
+dnl XXX - I just read the above message :).
 if test "$ac_cv_func_ruserok" = "yes"; then
 	AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
 	AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
 fi
 
 AC_ARG_ENABLE(shadowgrp,
-	[AC_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
+	[AS_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
 	[case "${enableval}" in
 	 yes) enable_shadowgrp="yes" ;;
 	  no) enable_shadowgrp="no" ;;
@@ -222,15 +180,15 @@ AC_ARG_ENABLE(shadowgrp,
 )
 
 AC_ARG_ENABLE(man,
-	[AC_HELP_STRING([--enable-man],
+	[AS_HELP_STRING([--enable-man],
 		[regenerate roff man pages from Docbook @<:@default=no@:>@])],
 	[enable_man="${enableval}"],
 	[enable_man="no"]
 )
 
 AC_ARG_ENABLE(account-tools-setuid,
-	[AC_HELP_STRING([--enable-account-tools-setuid],
-		[Install the user and group management tools setuid and authenticate the callers. This requires --with-pam.])],
+	[AS_HELP_STRING([--enable-account-tools-setuid],
+		[Install the user and group management tools setuid and authenticate the callers. This requires --with-libpam.])],
 	[case "${enableval}" in
 	 yes) enable_acct_tools_setuid="yes" ;;
 	  no) enable_acct_tools_setuid="no" ;;
@@ -240,77 +198,80 @@ AC_ARG_ENABLE(account-tools-setuid,
 	[enable_acct_tools_setuid="no"]
 )
 
-AC_ARG_ENABLE(utmpx,
-	[AC_HELP_STRING([--enable-utmpx],
-	                [enable loggin in utmpx / wtmpx @<:@default=no@:>@])],
-	[case "${enableval}" in
-	 yes) enable_utmpx="yes" ;;
-	  no) enable_utmpx="no" ;;
-	   *) AC_MSG_ERROR(bad value ${enableval} for --enable-utmpx) ;;
-	 esac],
-	[enable_utmpx="no"]
-)
-
 AC_ARG_ENABLE(subordinate-ids,
-	[AC_HELP_STRING([--enable-subordinate-ids],
+	[AS_HELP_STRING([--enable-subordinate-ids],
 		[support subordinate ids @<:@default=yes@:>@])],
 	[enable_subids="${enableval}"],
 	[enable_subids="maybe"]
 )
 
+AC_ARG_ENABLE(lastlog,
+	[AS_HELP_STRING([--enable-lastlog],
+		[enable lastlog @<:@default=no@:>@])],
+	[enable_lastlog="${enableval}"],
+	[enable_lastlog="no"]
+)
+
+AC_ARG_ENABLE(logind,
+	[AS_HELP_STRING([--enable-logind],
+		[enable logind @<:@default=yes@:>@])],
+	[enable_logind="${enableval}"],
+	[enable_logind="yes"]
+)
+
 AC_ARG_WITH(audit,
-	[AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
+	[AS_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
 	[with_audit=$withval], [with_audit=maybe])
 AC_ARG_WITH(libpam,
-	[AC_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])],
+	[AS_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])],
 	[with_libpam=$withval], [with_libpam=maybe])
 AC_ARG_WITH(btrfs,
-	[AC_HELP_STRING([--with-btrfs], [add BtrFS support @<:@default=yes if found@:>@])],
+	[AS_HELP_STRING([--with-btrfs], [add BtrFS support @<:@default=yes if found@:>@])],
 	[with_btrfs=$withval], [with_btrfs=maybe])
 AC_ARG_WITH(selinux,
-	[AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])],
+	[AS_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])],
 	[with_selinux=$withval], [with_selinux=maybe])
 AC_ARG_WITH(acl,
-	[AC_HELP_STRING([--with-acl], [use ACL support @<:@default=yes if found@:>@])],
+	[AS_HELP_STRING([--with-acl], [use ACL support @<:@default=yes if found@:>@])],
 	[with_acl=$withval], [with_acl=maybe])
 AC_ARG_WITH(attr,
-	[AC_HELP_STRING([--with-attr], [use Extended Attribute support @<:@default=yes if found@:>@])],
+	[AS_HELP_STRING([--with-attr], [use Extended Attribute support @<:@default=yes if found@:>@])],
 	[with_attr=$withval], [with_attr=maybe])
 AC_ARG_WITH(skey,
-	[AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])],
+	[AS_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])],
 	[with_skey=$withval], [with_skey=no])
 AC_ARG_WITH(tcb,
-	[AC_HELP_STRING([--with-tcb], [use tcb support (incomplete) @<:@default=yes if found@:>@])],
+	[AS_HELP_STRING([--with-tcb], [use tcb support (incomplete) @<:@default=yes if found@:>@])],
 	[with_tcb=$withval], [with_tcb=maybe])
 AC_ARG_WITH(libcrack,
-	[AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=no@:>@])],
+	[AS_HELP_STRING([--with-libcrack], [use libcrack @<:@default=no@:>@])],
 	[with_libcrack=$withval], [with_libcrack=no])
 AC_ARG_WITH(sha-crypt,
-	[AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
+	[AS_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
 	[with_sha_crypt=$withval], [with_sha_crypt=yes])
 AC_ARG_WITH(bcrypt,
-	[AC_HELP_STRING([--with-bcrypt], [allow the bcrypt password encryption algorithm @<:@default=no@:>@])],
+	[AS_HELP_STRING([--with-bcrypt], [allow the bcrypt password encryption algorithm @<:@default=no@:>@])],
 	[with_bcrypt=$withval], [with_bcrypt=no])
 AC_ARG_WITH(yescrypt,
-	[AC_HELP_STRING([--with-yescrypt], [allow the yescrypt password encryption algorithm @<:@default=no@:>@])],
+	[AS_HELP_STRING([--with-yescrypt], [allow the yescrypt password encryption algorithm @<:@default=no@:>@])],
 	[with_yescrypt=$withval], [with_yescrypt=no])
 AC_ARG_WITH(nscd,
-	[AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
+	[AS_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
 	[with_nscd=$withval], [with_nscd=yes])
 AC_ARG_WITH(sssd,
-	[AC_HELP_STRING([--with-sssd], [enable support for flushing sssd caches @<:@default=yes@:>@])],
+	[AS_HELP_STRING([--with-sssd], [enable support for flushing sssd caches @<:@default=yes@:>@])],
 	[with_sssd=$withval], [with_sssd=yes])
 AC_ARG_WITH(group-name-max-length,
-	[AC_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=16@:>@])],
+	[AS_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=32@:>@])],
 	[with_group_name_max_length=$withval], [with_group_name_max_length=yes])
 AC_ARG_WITH(su,
-	[AC_HELP_STRING([--with-su], [build and install su program and man page @<:@default=yes@:>@])],
+	[AS_HELP_STRING([--with-su], [build and install su program and man page @<:@default=yes@:>@])],
 	[with_su=$withval], [with_su=yes])
 
 if test "$with_group_name_max_length" = "no" ; then
 	with_group_name_max_length=0
 elif test "$with_group_name_max_length" = "yes" ; then
-	with_group_name_max_length=16
+	with_group_name_max_length=32
 fi
 AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max group name length])
 AC_SUBST(GROUP_NAME_MAX_LENGTH)
@@ -321,8 +282,6 @@ if test "$with_sha_crypt" = "yes"; then
 	AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
 fi
 
-AM_CONDITIONAL(ENABLE_SHARED, test "x$enable_shared" = "xyes")
-
 AM_CONDITIONAL(USE_BCRYPT, test "x$with_bcrypt" = "xyes")
 if test "$with_bcrypt" = "yes"; then
 	AC_DEFINE(USE_BCRYPT, 1, [Define to allow the bcrypt password encryption algorithm])
@@ -352,12 +311,12 @@ dnl Check for some functions in libc first, only if not found check for
 dnl other libraries.  This should prevent linking libnsl if not really
 dnl needed (Linux glibc, Irix), but still link it if needed (Solaris).
 
-AC_SEARCH_LIBS(inet_ntoa, inet)
-AC_SEARCH_LIBS(socket, socket)
 AC_SEARCH_LIBS(gethostbyname, nsl)
 
 AC_CHECK_LIB([econf],[econf_readDirs],[LIBECONF="-leconf"],[LIBECONF=""])
 if test -n "$LIBECONF"; then
+        AC_DEFINE_UNQUOTED([VENDORDIR], ["$enable_vendordir"],
+					[Directory for distribution provided configuration files])
 	ECONF_CPPFLAGS="-DUSE_ECONF=1"
 	AC_ARG_ENABLE([vendordir],
 		AS_HELP_STRING([--enable-vendordir=DIR], [Directory for distribution provided configuration files]),,[])
@@ -365,6 +324,9 @@ fi
 AC_SUBST(ECONF_CPPFLAGS)
 AC_SUBST(LIBECONF)
 AC_SUBST([VENDORDIR], [$enable_vendordir])
+if test "x$enable_vendordir" != x; then
+	AC_DEFINE(HAVE_VENDORDIR, 1, [Define to support vendor settings.])
+fi
 AM_CONDITIONAL([HAVE_VENDORDIR], [test "x$enable_vendordir" != x])
 
 if test "$enable_shadowgrp" = "yes"; then
@@ -409,6 +371,39 @@ if test "$enable_subids" != "no"; then
 fi
 AM_CONDITIONAL(ENABLE_SUBIDS, test "x$enable_subids" != "xno")
 
+if test "$enable_lastlog" = "yes" && test "$ac_cv_header_lastlog_h" = "yes"; then
+	AC_CACHE_CHECK(for ll_host in struct lastlog,
+		ac_cv_struct_lastlog_ll_host,
+		AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <lastlog.h>],
+					[struct lastlog ll; char *cp = ll.ll_host;]
+				)],
+			[ac_cv_struct_lastlog_ll_host=yes],
+			[ac_cv_struct_lastlog_ll_host=no]
+		)
+	)
+
+	if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then
+		AC_DEFINE(HAVE_LL_HOST, 1,
+			[Define if struct lastlog has ll_host])
+		AC_DEFINE(ENABLE_LASTLOG, 1, [Define to support lastlog.])
+		enable_lastlog="yes"
+	else
+		AC_MSG_ERROR([Cannot enable support for lastlog on systems where the data structures aren't available])
+		enable_subids="no"
+	fi
+fi
+AM_CONDITIONAL(ENABLE_LASTLOG, test "x$enable_lastlog" != "xno")
+
+AC_SUBST(LIBSYSTEMD)
+if test "$enable_logind" = "yes"; then
+	AC_CHECK_LIB(systemd, sd_session_get_remote_host,
+		[enable_logind="yes"; [LIBSYSTEMD=-lsystemd];
+		AC_DEFINE(ENABLE_LOGIND, 1,
+			[Define to manage session support with logind.])],
+		[enable_logind="no"])
+fi
+AM_CONDITIONAL(ENABLE_LOGIND, test "x$enable_logind" != "xno")
+
 AC_SUBST(LIBCRYPT)
 AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
 	[AC_MSG_ERROR([crypt() not found])])
@@ -417,6 +412,21 @@ AC_SUBST(LIYESCRYPT)
 AC_CHECK_LIB(crypt, crypt, [LIYESCRYPT=-lcrypt],
 	[AC_MSG_ERROR([crypt() not found])])
 
+AC_SEARCH_LIBS([readpassphrase], [bsd], [], [
+	AC_MSG_ERROR([readpassphrase() is missing, either from libc or libbsd])
+])
+AS_IF([test "$ac_cv_search_readpassphrase" = "-lbsd"], [
+	PKG_CHECK_MODULES([LIBBSD], [libbsd-overlay])
+])
+dnl Make sure either the libc or libbsd provide the header.
+save_CFLAGS="$CFLAGS"
+CFLAGS="$CFLAGS $LIBBSD_CFLAGS"
+AC_CHECK_HEADERS([readpassphrase.h])
+AS_IF([test "$ac_cv_header_readpassphrase_h" != "yes"], [
+	AC_MSG_ERROR([readpassphrase.h is missing])
+])
+CFLAGS="$save_CFLAGS"
+
 AC_SUBST(LIBACL)
 if test "$with_acl" != "no"; then
 	AC_CHECK_HEADERS(acl/libacl.h attr/error_context.h, [acl_header="yes"], [acl_header="no"])
@@ -672,7 +682,7 @@ AM_CONDITIONAL(ACCT_TOOLS_SETUID, test "x$enable_acct_tools_setuid" = "xyes")
 
 
 AC_ARG_WITH(fcaps,
-	[AC_HELP_STRING([--with-fcaps], [use file capabilities instead of suid binaries for newuidmap/newgidmap @<:@default=no@:>@])],
+	[AS_HELP_STRING([--with-fcaps], [use file capabilities instead of suid binaries for newuidmap/newgidmap @<:@default=no@:>@])],
 	[with_fcaps=$withval], [with_fcaps=no])
 AM_CONDITIONAL(FCAPS, test "x$with_fcaps" = "xyes")
 
@@ -690,26 +700,19 @@ if test "$with_skey" = "yes"; then
 	AC_CHECK_LIB(skey, skeychallenge, [LIBSKEY=-lskey],
 		[AC_MSG_ERROR([liskey missing. You can download S/Key source code from http://rsync1.it.gentoo.org/gentoo/distfiles/skey-1.1.5.tar.bz2])])
 	AC_DEFINE(SKEY, 1, [Define to support S/Key logins.])
-	AC_TRY_COMPILE([
+	AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
 		#include <stdio.h>
 		#include <skey.h>
-	],[
+	]], [[
 		skeychallenge((void*)0, (void*)0, (void*)0, 0);
-	],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])])
+	]])],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])],[])
 fi
 
-if test "$enable_utmpx" = "yes"; then
-	if test "$ac_cv_header_utmpx_h" != "yes"; then
-		AC_MSG_ERROR([The utmpx.h header file is required for utmpx support.])
-	fi
-	AC_DEFINE(USE_UTMPX,
-	          1,
-	          [Define if utmpx should be used])
-fi
+AC_CHECK_FUNC(fgetpwent_r, [AC_DEFINE(HAVE_FGETPWENT_R, 1, [Defined to 1 if you have the declaration of 'fgetpwent_r'])])
 
 AC_DEFINE_UNQUOTED(SHELL, ["$SHELL"], [The default shell.])
 
-AM_GNU_GETTEXT_VERSION(0.16)
+AM_GNU_GETTEXT_VERSION([0.19])
 AM_GNU_GETTEXT([external], [need-ngettext])
 AM_CONDITIONAL(USE_NLS, test "x$USE_NLS" = "xyes")
 
@@ -736,6 +739,7 @@ AC_CONFIG_FILES([
 	man/ru/Makefile
 	man/sv/Makefile
 	man/tr/Makefile
+	man/uk/Makefile
 	man/zh_CN/Makefile
 	man/zh_TW/Makefile
 	libmisc/Makefile
@@ -772,6 +776,9 @@ echo "	yescrypt passwords encryption:	$with_yescrypt"
 echo "	nscd support:			$with_nscd"
 echo "	sssd support:			$with_sssd"
 echo "	subordinate IDs support:	$enable_subids"
+echo "	enable lastlog:			$enable_lastlog"
+echo "	enable logind:			$enable_logind"
 echo "	use file caps:			$with_fcaps"
 echo "	install su:			$with_su"
+echo "	enabled vendor dir:             $enable_vendordir"
 echo

contrib/Makefile.am

@@ -1,6 +1,6 @@
 # This is a dummy Makefile.am to get automake work flawlessly,
 # and also cooperate to make a distribution for `make dist'
 
-EXTRA_DIST = README adduser.c adduser-old.c adduser.sh adduser2.sh \
- atudel groupmems.shar pwdauth.c shadow-anonftp.patch \
+EXTRA_DIST = README adduser.c adduser.sh adduser2.sh \
+ atudel groupmems.shar shadow-anonftp.patch \
  udbachk.tgz

contrib/adduser-old.c

@@ -1,300 +0,0 @@
-/****
-** 03/17/96
-** hacked a bit more, removed unused code, cleaned up for gcc -Wall.
-** --marekm
-**
-** 02/26/96
-** modified to call shadow utils (useradd,chage,passwd) on shadowed
-** systems - Cristian Gafton, gafton@sorosis.ro
-**
-** 6/27/95
-** shadow-adduser 1.4:
-**
-** now it copies the /etc/skel dir into the person's dir,
-** makes the mail folders, changed some defaults and made a 'make
-** install' just for the hell of it.
-**
-** Greg Gallagher
-** CIN.Net
-**
-** 1/28/95
-** shadow-adduser 1.3:
-**
-** Basically a bug-fix on my additions in 1.2.  Thanks to Terry Stewart
-** (stew@texas.net) for pointing out one of the many idiotic bugs I introduced.
-** It was such a stupid bug that I would have never seen it myself.
-**
-**                                Brandon
-*****
-** 01/27/95
-**
-** shadow-adduser 1.2:
-** I took the C source from adduser-shadow (credits are below) and made
-** it a little more worthwhile.  Many small changes... Here's
-** the ones I can remember:
-**
-** Removed support for non-shadowed systems (if you don't have shadow,
-**     use the original adduser, don't get this shadow version!)
-** Added support for the correct /etc/shadow fields (Min days before
-**     password change, max days before password change, Warning days,
-**     and how many days from expiry date does the account go invalid)
-**     The previous version just left all of those fields blank.
-**     There is still one field left (expiry date for the account, period)
-**     which I have left blank because I do not use it and didn't want to
-**     spend any more time on this.  I'm sure someone will put it in and
-**     tack another plethora of credits on here. :)
-** Added in the password date field, which should always reflect the last
-**     date the password was changed, for expiry purposes.  "passwd" always
-**     updates this field, so the adduser program should set it up right
-**     initially (or a user could keep thier initial password forever ;)
-**     The number is in days since Jan 1st, 1970.
-**
-**                       Have fun with it, and someone please make
-**                       a real version(this is still just a hack)
-**                       for us all to use (and Email it to me???)
-**
-**                               Brandon
-**                                  photon@usis.com
-**
-*****
-** adduser 1.0: add a new user account (For systems not using shadow)
-** With a nice little interface and a will to do all the work for you.
-**
-** Craig Hagan
-** hagan@opine.cs.umass.edu
-**
-** Modified to really work, look clean, and find unused uid by Chris Cappuccio
-** chris@slinky.cs.umass.edu
-**
-*****
-**
-** 01/19/95
-**
-** FURTHER modifications to enable shadow passwd support (kludged, but
-** no more so than the original)  by Dan Crowson - dcrowson@mo.net
-**
-** Search on DAN for all changes...
-**
-*****
-**
-** cc -O -o adduser adduser.c
-** Use gcc if you have it... (political reasons beyond my control) (chris)
-**
-** I've gotten this program to work with success under Linux (without
-** shadow) and SunOS 4.1.3. I would assume it should work pretty well
-** on any system that uses no shadow. (chris)
-**
-** If you have no crypt() then try
-** cc -DNO_CRYPT -O -o adduser adduser.c xfdes.c
-** I'm not sure how login operates with no crypt()... I guess
-** the same way we're doing it here.
-*/
-
-#include <pwd.h>
-#include <grp.h>
-#include <ctype.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <time.h>
-#include <sys/types.h>
-#include <sys/timeb.h>
-#include <sys/time.h>
-#include <sys/stat.h>
-
-#define DEFAULT_SHELL	"/bin/bash"  /* because BASH is your friend */
-#define DEFAULT_HOME	"/home"
-#define USERADD_PATH	"/usr/sbin/useradd"
-#define CHAGE_PATH	"/usr/sbin/chage"
-#define PASSWD_PATH	"/usr/bin/passwd"
-#define DEFAULT_GROUP	100
-
-#define DEFAULT_MAX_PASS 60
-#define DEFAULT_WARN_PASS 10
-/* if you use this feature, you will get a lot of complaints from users
-   who rarely use their accounts :)  (something like 3 months would be
-   more reasonable)  --marekm */
-#define DEFAULT_USER_DIE /* 10 */ 0
-
-void main()
-{
-	char foo[32];
-	char uname[9],person[32],dir[32],shell[32];
-	unsigned int group,min_pass,max_pass,warn_pass,user_die;
-	/* the group and uid of the new user */
-	int bad=0,done=0,correct=0,gets_warning=0;
-	char cmd[255];
-	struct group *grp;
-
-	/* flags, in order:
-	* bad to see if the username is in /etc/passwd, or if strange stuff has
-	* been typed if the user might be put in group 0
-	* done allows the program to exit when a user has been added
-	* correct loops until a password is found that isn't in /etc/passwd
-	* gets_warning allows the fflush to be skipped for the first gets
-	* so that output is still legible
-	*/
-
-	/* The real program starts HERE! */
-
-	if(geteuid()!=0)
-	{
-		printf("It seems you don't have access to add a new user.  Try\n");
-		printf("logging in as root or su root to gain super-user access.\n");
-		exit(1);
-	}
-
-	/* Sanity checks
-	*/
-
-	if (!(grp=getgrgid(DEFAULT_GROUP))){
-		printf("Error: the default group %d does not exist on this system!\n",
-				DEFAULT_GROUP);
-		printf("adduser must be recompiled.\n");
-		exit(1);
-	};
-
-	while(!correct) {		/* loop until a "good" uname is chosen */
-		while(!done) {
-			printf("\nLogin to add (^C to quit): ");
-			if(gets_warning)	/* if the warning was already shown */
-				fflush(stdout);	/* fflush stdout, otherwise set the flag */
-			else
-				gets_warning=1;
-
-			gets(uname);
-			if(!strlen(uname)) {
-				printf("Empty input.\n");
-				done=0;
-				continue;
-			};
-
-			/* what I saw here before made me think maybe I was running DOS */
-			/* might this be a solution? (chris) */
-			if (getpwnam(uname) != NULL) {
-				printf("That name is in use, choose another.\n");
-				done=0;
-			} else
-				done=1;
-		}; /* done, we have a valid new user name */
-
-		/* all set, get the rest of the stuff */
-		printf("\nEditing information for new user [%s]\n",uname);
-
-		printf("\nFull Name [%s]: ",uname);
-		gets(person);
-		if (!strlen(person)) {
-			bzero(person,sizeof(person));
-			strcpy(person,uname);
-		};
-
-		do {
-			bad=0;
-			printf("GID [%d]: ",DEFAULT_GROUP);
-			gets(foo);
-			if (!strlen(foo))
-				group=DEFAULT_GROUP;
-			else
-				if (isdigit (*foo)) {
-					group = atoi(foo);
-					if (! (grp = getgrgid (group))) {
-						printf("unknown gid %s\n",foo);
-						group=DEFAULT_GROUP;
-						bad=1;
-					};
-			} else
-				if ((grp = getgrnam (foo)))
-					group = grp->gr_gid;
-				else {
-					printf("unknown group %s\n",foo);
-					group=DEFAULT_GROUP;
-					bad=1;
-				}
-			if (group==0){	/* You're not allowed to make root group users! */
-				printf("Creation of root group users not allowed (must be done by hand)\n");
-				group=DEFAULT_GROUP;
-				bad=1;
-			};
-		} while(bad);
-
-
-		fflush(stdin);
-
-		printf("\nIf home dir ends with a / then [%s] will be appended to it\n",uname);
-		printf("Home Directory [%s/%s]: ",DEFAULT_HOME,uname);
-		fflush(stdout);
-		gets(dir);
-		if (!strlen(dir)) { /* hit return */
-			sprintf(dir,"%s/%s",DEFAULT_HOME,uname);
-			fflush(stdin);
-		} else
-			if (dir[strlen(dir)-1]=='/')
-				sprintf(dir+strlen(dir),"%s",uname);
-
-		printf("\nShell [%s]: ",DEFAULT_SHELL);
-		fflush(stdout);
-		gets(shell);
-		if (!strlen(shell))
-			sprintf(shell,"%s",DEFAULT_SHELL);
-
-		printf("\nMin. Password Change Days [0]: ");
-		gets(foo);
-		min_pass=atoi(foo);
-
-		printf("Max. Password Change Days [%d]: ",DEFAULT_MAX_PASS);
-		gets(foo);
-		if (strlen(foo) > 1)
-			max_pass = atoi(foo);
-		else
-			max_pass = DEFAULT_MAX_PASS;
-
-		printf("Password Warning Days [%d]: ",DEFAULT_WARN_PASS);
-		gets(foo);
-		warn_pass = atoi(foo);
-		if (warn_pass==0)
-			warn_pass = DEFAULT_WARN_PASS;
-
-		printf("Days after Password Expiry for Account Locking [%d]: ",DEFAULT_USER_DIE);
-		gets(foo);
-		user_die = atoi(foo);
-		if (user_die == 0)
-			user_die = DEFAULT_USER_DIE;
-
-		printf("\nInformation for new user [%s] [%s]:\n",uname,person);
-		printf("Home directory: [%s] Shell: [%s]\n",dir,shell);
-		printf("GID: [%d]\n",group);
-		printf("MinPass: [%d] MaxPass: [%d] WarnPass: [%d] UserExpire: [%d]\n",
-				min_pass,max_pass,warn_pass,user_die);
-		printf("\nIs this correct? [y/N]: ");
-		fflush(stdout);
-		gets(foo);
-
-		done=bad=correct=(foo[0]=='y'||foo[0]=='Y');
-
-		if(bad!=1)
-			printf("\nUser [%s] not added\n",uname);
-    }
-
-	bzero(cmd,sizeof(cmd));
-	sprintf(cmd,"%s -g %d -d %s -s %s -c \"%s\" -m -k /etc/skel %s",
-			USERADD_PATH,group,dir,shell,person,uname);
-	printf("Calling useradd to add new user:\n%s\n",cmd);
-	if(system(cmd)){
-		printf("User add failed!\n");
-		exit(errno);
-	};
-	bzero(cmd,sizeof(cmd));
-	sprintf(cmd,"%s -m %d -M %d -W %d -I %d %s", CHAGE_PATH,
-			min_pass,max_pass,warn_pass,user_die,uname);
-	printf("%s\n",cmd);
-	if(system(cmd)){
-		printf("There was an error setting password expire values\n");
-		exit(errno);
-	};
-	bzero(cmd,sizeof(cmd));
-	sprintf(cmd,"%s %s",PASSWD_PATH,uname);
-	system(cmd);
-	printf("\nDone.\n");
-}
-

contrib/adduser.c

@@ -60,7 +60,7 @@
 ** Added in the password date field, which should always reflect the last
 **     date the password was changed, for expiry purposes.  "passwd" always
 **     updates this field, so the adduser program should set it up right
-**     initially (or a user could keep thier initial password forever ;)
+**     initially (or a user could keep their initial password forever ;)
 **     The number is in days since Jan 1st, 1970.
 **
 **                       Have fun with it, and someone please make
@@ -489,7 +489,7 @@ safeget (char *buf, int maxlen)
   while ((c = getc (stdin)) != EOF && (c != '\n') && (++i < maxlen))
     {
       bad = (!isalnum (c) && (c != '_') && (c != ' '));
-      *(buf++) = (char) c;
+      *(buf++) = c;
     }
   *buf = '\0';
 

contrib/atudel

@@ -1,34 +1,7 @@
 #!/usr/bin/perl
 #
-# Copyright (c) 1996 Brian R. Gaeke
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in the
-#    documentation and/or other materials provided with the distribution.
-# 3. All advertising materials mentioning features or use of this software
-#    must display the following acknowledgement:
-#    This product includes software developed by Brian R. Gaeke.
-# 4. The name of the author, Brian R. Gaeke, may not be used to endorse
-#    or promote products derived from this software without specific
-#    prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY BRIAN R. GAEKE ``AS IS'' AND ANY EXPRESS
-# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-# DISCLAIMED.  IN NO EVENT SHALL BRIAN R. GAEKE BE LIABLE FOR ANY DIRECT,
-# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
-# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
+# SPDX-FileCopyrightText: 1996 Brian R. Gaeke
+# SPDX-License-Identifier: BSD-4-Clause
 #
 # Additionally:
 #

contrib/groupmems.shar

@@ -76,36 +76,9 @@ else
   $echo 'x -' extracting 'Makefile' '(text)'
   sed 's/^X//' << 'SHAR_EOF' > 'Makefile' &&
 /*
-# Copyright 2000, International Business Machines, Inc.
-# All rights reserved.
-#
-# original author: George Kraft IV, gk4@us.ibm.com
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in the
-#    documentation and/or other materials provided with the distribution.
-# 3. Neither the name of International Business Machines, Inc., nor the 
-#    names of its contributors may be used to endorse or promote products 
-#    derived from this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
-# CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, 
-# BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL 
-# INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
-# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-# SUCH DAMAGE.
+# SPDX-FileCopyrightText: 2000, International Business Machines, Inc.
+# SPDX-FileCopyrightText: 2000, George Kraft IV, gk4@us.ibm.com
+# SPDX-License-Identifier: BSD-3-Clause
 # 
 X
 all: groupmems
@@ -143,36 +116,9 @@ else
   $echo 'x -' extracting 'groupmems.c' '(text)'
   sed 's/^X//' << 'SHAR_EOF' > 'groupmems.c' &&
 /*
-X * Copyright 2000, International Business Machines, Inc.
-X * All rights reserved.
-X *
-X * original author: George Kraft IV, gk4@us.ibm.com
-X *
-X * Redistribution and use in source and binary forms, with or without
-X * modification, are permitted provided that the following conditions
-X * are met:
-X *
-X * 1. Redistributions of source code must retain the above copyright
-X *    notice, this list of conditions and the following disclaimer.
-X * 2. Redistributions in binary form must reproduce the above copyright
-X *    notice, this list of conditions and the following disclaimer in the
-X *    documentation and/or other materials provided with the distribution.
-X * 3. Neither the name of International Business Machines, Inc., nor the 
-X *    names of its contributors may be used to endorse or promote products 
-X *    derived from this software without specific prior written permission.
-X *
-X * THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
-X * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, 
-X * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
-X * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL 
-X * INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
-X * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-X * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-X * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-X * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-X * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-X * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-X * SUCH DAMAGE.
+X * SPDX-FileCopyrightText: 2000, International Business Machines, Inc.
+X * SPDX-FileCopyrightText: 2000, George Kraft IV, gk4@us.ibm.com
+X * SPDX-License-Identifier: BSD-3-Clause
 X */
 /*
 **
@@ -436,36 +382,9 @@ else
   $echo 'x -' extracting 'groupmems.8' '(text)'
   sed 's/^X//' << 'SHAR_EOF' > 'groupmems.8' &&
 X.\"
-X.\" Copyright 2000, International Business Machines, Inc.
-X.\" All rights reserved.
-X.\"
-X.\" original author: George Kraft IV, gk4@us.ibm.com
-X.\"
-X.\" Redistribution and use in source and binary forms, with or without
-X.\" modification, are permitted provided that the following conditions
-X.\" are met:
-X.\"
-X.\" 1. Redistributions of source code must retain the above copyright
-X.\"    notice, this list of conditions and the following disclaimer.
-X.\" 2. Redistributions in binary form must reproduce the above copyright
-X.\"    notice, this list of conditions and the following disclaimer in the
-X.\"    documentation and/or other materials provided with the distribution.
-X.\" 3. Neither the name of International Business Machines, Inc., nor the 
-X.\"    names of its contributors may be used to endorse or promote products 
-X.\"    derived from this software without specific prior written permission.
-X.\"
-X.\" THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
-X.\" CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, 
-X.\" BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
-X.\" FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL 
-X.\" INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
-X.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-X.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-X.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-X.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-X.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-X.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-X.\" SUCH DAMAGE.
+X.\" SPDX-FileCopyrightText: 2000, International Business Machines, Inc.
+X.\" SPDX-FileCopyrightText: 2000, George Kraft IV, gk4@us.ibm.com
+X.\" SPDX-License-Identifier: BSD-3-Clause
 X.\"
 X.\" $Id$
 X.\"

contrib/pwdauth.c

@@ -1,308 +0,0 @@
-/*
- * pwdauth.c - program to verify a given username/password pair.
- *
- * Run it with username in argv[1] (may be omitted - default is the
- * current user), and send it the password over a pipe on stdin.
- * Exit status: 0 - correct password, 1 - wrong password, >1 - other
- * errors.  For use with shadow passwords, this program should be
- * installed setuid root.
- *
- * This can be used, for example, by xlock - you don't have to install
- * this large and complex (== possibly insecure) program setuid root,
- * just modify it to run this simple program to do the authentication.
- *
- * Recent versions (xlockmore-3.9) are cleaner, and drop privileges as
- * soon as possible after getting the user's encrypted password.
- * Using this program probably doesn't make it more secure, and has one
- * disadvantage: since we don't get the encrypted user's password at
- * startup (but at the time the user is authenticated), it is not clear
- * how we should handle errors (like getpwnam() returning NULL).
- * - fail the authentication?  Problem: no way to unlock (other than kill
- *   the process from somewhere else) if the NIS server stops responding.
- * - succeed and unlock?  Problem: it's too easy to unlock by unplugging
- *   the box from the network and waiting until NIS times out...
- *
- * This program is Copyright (C) 1996 Marek Michalkiewicz
- * <marekm@i17linuxb.ists.pwr.wroc.pl>.
- *
- * It may be used and distributed freely for any purposes.  There is no
- * warranty - use at your own risk.  I am not liable for any damages etc.
- * If you improve it, please send me your changes.
- */
-
-static char rcsid[] = "$Id$";
-
-/*
- * Define USE_SYSLOG to use syslog() to log successful and failed
- * authentication.  This should be safe even if your system has
- * the infamous syslog buffer overrun security problem...
- */
-#define USE_SYSLOG
-
-/*
- * Define HAVE_GETSPNAM to get shadow passwords using getspnam().
- * Some systems don't have getspnam(), but getpwnam() returns
- * encrypted passwords only if running as root.
- *
- * According to the xlock source (not tested, except Linux) -
- * define: Linux, Solaris 2.x, SVR4, ...
- * undef: HP-UX with Secured Passwords, FreeBSD, NetBSD, QNX.
- * Known not supported (yet): Ultrix, OSF/1, SCO.
- */
-#define HAVE_GETSPNAM
-
-/*
- * Define HAVE_PW_ENCRYPT to use pw_encrypt() instead of crypt().
- * pw_encrypt() is like the standard crypt(), except that it may
- * support better password hashing algorithms.
- *
- * Define if linking with libshadow.a from the shadow password
- * suite (Linux, SunOS 4.x?).
- */
-#undef HAVE_PW_ENCRYPT
-
-/*
- * Define HAVE_AUTH_METHODS to support the shadow suite specific
- * extension: the encrypted password field contains a list of
- * administrator defined authentication methods, separated by
- * semicolons.  This program only supports the standard password
- * authentication method (a string that doesn't start with '@').
- */
-#undef HAVE_AUTH_METHODS
-
-/*
- * FAIL_DELAY - number of seconds to sleep before exiting if the
- * password was wrong, to slow down password guessing attempts.
- */
-#define FAIL_DELAY 2
-
-/* No user-serviceable parts below :-).  */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <unistd.h>
-#include <pwd.h>
-
-#ifdef USE_SYSLOG
-#include <syslog.h>
-#ifndef LOG_AUTHPRIV
-#define LOG_AUTHPRIV LOG_AUTH
-#endif
-#endif
-
-#ifdef HAVE_GETSPNAM
-#include <shadow.h>
-#endif
-
-#ifdef HAVE_PW_ENCRYPT
-extern char *pw_encrypt();
-#define crypt pw_encrypt
-#endif
-
-/*
- * Read the password (one line) from fp.  We don't turn off echo
- * because we expect input from a pipe.
- */
-static char *
-get_line(fp)
-	FILE *fp;
-{
-	static char buf[128];
-	char *cp;
-	int ch;
-
-	cp = buf;
-	while ((ch = getc(fp)) != EOF && ch != '\0' && ch != '\n') {
-		if (cp >= buf + sizeof buf - 1)
-			break;
-		*cp++ = ch;
-	}
-	*cp = '\0';
-	return buf;
-}
-
-/*
- * Get the password file entry for the current user.  If the name
- * returned by getlogin() is correct (matches the current real uid),
- * return the entry for that user.  Otherwise, return the entry (if
- * any) matching the current real uid.  Return NULL on failure.
- */
-static struct passwd *
-get_my_pwent()
-{
-	uid_t uid = getuid();
-	char *name = getlogin();
-
-	if (name && *name) {
-		struct passwd *pw = getpwnam(name);
-
-		if (pw && pw->pw_uid == uid)
-			return pw;
-	}
-	return getpwuid(uid);
-}
-
-/*
- * Verify the password.  The system-dependent shadow support is here.
- */
-static int
-password_auth_ok(pw, pass)
-	const struct passwd *pw;
-	const char *pass;
-{
-	int result;
-	char *cp;
-#ifdef HAVE_AUTH_METHODS
-	char *buf;
-#endif
-#ifdef HAVE_GETSPNAM
-	struct spwd *sp;
-#endif
-
-	if (pw) {
-#ifdef HAVE_GETSPNAM
-		sp = getspnam(pw->pw_name);
-		if (sp)
-			cp = sp->sp_pwdp;
-		else
-#endif
-			cp = pw->pw_passwd;
-	} else
-		cp = "xx";
-
-#ifdef HAVE_AUTH_METHODS
-	buf = strdup(cp);  /* will be modified by strtok() */
-	if (!buf) {
-		fprintf(stderr, "Out of memory.\n");
-		exit(13);
-	}
-	cp = strtok(buf, ";");
-	while (cp && *cp == '@')
-		cp = strtok(NULL, ";");
-
-	/* fail if no password authentication for this user */
-	if (!cp)
-		cp = "xx";
-#endif
-
-	if (*pass || *cp)
-		result = (strcmp(crypt(pass, cp), cp) == 0);
-	else
-		result = 1;  /* user with no password */
-
-#ifdef HAVE_AUTH_METHODS
-	free(buf);
-#endif
-	return result;
-}
-
-/*
- * Main program.
- */
-int
-main(argc, argv)
-	int argc;
-	char **argv;
-{
-	struct passwd *pw;
-	char *pass, *name;
-	char myname[32];
-
-#ifdef USE_SYSLOG
-	openlog("pwdauth", LOG_PID | LOG_CONS, LOG_AUTHPRIV);
-#endif
-	pw = get_my_pwent();
-	if (!pw) {
-#ifdef USE_SYSLOG
-		syslog(LOG_ERR, "can't get login name for uid %d.\n",
-		       (int) getuid());
-#endif
-		fprintf(stderr, "Who are you?\n");
-		exit(2);
-	}
-	strncpy(myname, pw->pw_name, sizeof myname - 1);
-	myname[sizeof myname - 1] = '\0';
-	name = myname;
-
-	if (argc > 1) {
-		name = argv[1];
-		pw = getpwnam(name);
-	}
-
-	pass = get_line(stdin);
-	if (password_auth_ok(pw, pass)) {
-#ifdef USE_SYSLOG
-		syslog(pw->pw_uid ? LOG_INFO : LOG_NOTICE,
-		       "user `%s' entered correct password for `%.32s'.\n",
-		       myname, name);
-#endif
-		exit(0);
-	}
-#ifdef USE_SYSLOG
-	/* be careful not to overrun the syslog buffer */
-	syslog((!pw || pw->pw_uid) ? LOG_NOTICE : LOG_WARNING,
-	       "user `%s' entered incorrect password for `%.32s'.\n",
-	       myname, name);
-#endif
-#ifdef FAIL_DELAY
-	sleep(FAIL_DELAY);
-#endif
-	fprintf(stderr, "Wrong password.\n");
-	exit(1);
-}
-
-#if 0
-/*
- * You can use code similar to the following to run this program.
- * Return values: >=0 - program exit status (use the <sys/wait.h>
- * macros to get the exit code, it is shifted left by 8 bits),
- * -1 - check errno.
- */
-int
-verify_password(const char *username, const char *password)
-{
-	int pipe_fd[2];
-	int pid, wpid, status;
-
-	if (pipe(pipe_fd))
-		return -1;
-	
-	if ((pid = fork()) == 0) {
-		char *arg[3];
-		char *env[1];
-
-		/* child */
-		close(pipe_fd[1]);
-		if (pipe_fd[0] != 0) {
-			if (dup2(pipe_fd[0], 0) != 0)
-				_exit(127);
-			close(pipe_fd[0]);
-		}
-		arg[0] = "/usr/bin/pwdauth";
-		arg[1] = username;
-		arg[2] = NULL;
-		env[0] = NULL;
-		execve(arg[0], arg, env);
-		_exit(127);
-	} else if (pid == -1) {
-		/* error */
-		close(pipe_fd[0]);
-		close(pipe_fd[1]);
-		return -1;
-	}
-	/* parent */
-	close(pipe_fd[0]);
-	write(pipe_fd[1], password, strlen(password));
-	write(pipe_fd[1], "\n", 1);
-	close(pipe_fd[1]);
-
-	while ((wpid = wait(&status)) != pid) {
-		if (wpid == -1)
-			return -1;
-	}
-	return status;
-}
-#endif

doc/WISHLIST

@@ -26,7 +26,6 @@ New ideas to add to this list are welcome, too.  --marekm
 - vipw: check password files for errors after editing
 - add "maximum time users allowed to stay logged in" limit option to logoutd
 - handle quotes in /etc/environment like the shell does (but sshd doesn't...)
-- better utmpx support (logoutd, ...)
 - better OPIE support (report number of logins left, etc.)
 - new option for /etc/suauth: don't load user's environment (force "su -")
   suggested by Ulisses Alonso Camaro

doc/contributions/build_install.md

@@ -0,0 +1,73 @@
+# Build & install
+
+The following page explains how to build and install the shadow project.
+Additional information on how to do this in a container environment is provided
+at the end of the page.
+
+## Local
+
+### Dependency installation
+
+This projects depends on other software packages that need to be installed
+before building it. We recommend using the dependency installation commands
+provided by the distributions to install them. Some examples below.
+
+Debian:
+```
+apt-get build-dep shadow
+```
+
+Fedora:
+```
+dnf builddep shadow-utils
+```
+
+An alternative would be to take a look at the CI workflow [file](../../.github/workflows/runner.yml)
+and get the package names from there. This has the advantage that it
+also includes new dependencies needed for the development version
+which might have not been present in the last release.
+
+### Configure
+
+The first step is to configure it. You can use the
+`autogen.sh` script provided by the project. Example:
+
+```
+./autogen.sh --without-selinux --enable-man --with-yescrypt
+```
+
+### Build
+
+The next step is to build the project:
+
+```
+make -j4
+```
+
+### Install
+
+The last step is to install it. We recommend avoiding this step and using a
+disposable system like a VM or a container instead.
+
+```
+make install
+```
+
+## Containers
+
+Alternatively, you can use any of the preconfigured container images builders
+to build and install shadow.
+
+You can either generate a single image by running the following command from
+the root folder of the project (i.e. Alpine):
+
+```
+docker build -f share/containers/alpine.dockerfile . --output build-out/alpine
+```
+
+Or generate all of the images with the `container-build.sh` script, as if you
+were running some of the CI checks locally:
+
+```
+share/container-build.sh
+```

doc/contributions/ci.md

@@ -0,0 +1,25 @@
+# Continuous Integration (CI)
+
+Shadow runs a CI workflow every time a pull-request (PR) is updated. This
+workflow contains several checks to assure the quality of the project, and
+only pull-requests with green results are merged.
+
+## Build & install
+
+The project is built & installed on Ubuntu, Alpine, Debian and Fedora. The last
+three distributions are built & installed on containers, and the workflow can
+be triggered locally by following the instructions specified in the
+[Build & install](build_install.md#containers) page.
+
+## System tests
+
+The project is tested on Ubuntu. For that purpose it is built & installed in
+this distribution in a VM. You can run this step locally by following the
+instructions provided in the [Tests](tests.md#system-tests) page.
+
+## Static code analysis
+
+C and shell static code analysis is also executed. For that purpose
+[CodeQL](https://codeql.github.com/) and
+[Differential ShellCheck](https://github.com/marketplace/actions/differential-shellcheck)
+are used.

doc/contributions/coding_style.md

@@ -0,0 +1,12 @@
+# Coding style
+
+* For a general guidance refer to the
+[Linux kernel coding style](https://www.kernel.org/doc/html/latest/process/coding-style.html)
+
+* Patches that change the existing coding style are not welcome, as they make
+downstream porting harder for the distributions
+
+## Indentation
+
+Tabs are preferred over spaces for indentation. Loading the `.editorconfig`
+file in your preferred IDE may help you configure it.

doc/contributions/introduction.md

@@ -0,0 +1,77 @@
+# Introduction
+
+## Git and Github
+
+We recommend you to get familiar with the
+[git](https://guides.github.com/introduction/git-handbook) and
+[Github](https://guides.github.com) workflows before posting any changes.
+
+### Set up in a nut shell
+
+The following steps describe the process in a nut shell to provide you a basic
+template:
+
+* Create an account on [GitHub](https://github.com)
+* Fork the [shadow repository](https://github.com/shadow-maint/shadow)
+* Clone the shadow repository
+
+```
+git clone https://github.com/shadow-maint/shadow.git
+```
+
+* Add your fork as an extra remote
+
+```
+git remote add $ghusername git@github.com:$ghusername/shadow.git
+```
+
+* Setup your name contact e-mail that you want to use for the development
+
+```
+git config user.name "John Smith"
+git config user.email "john.smith@home.com"
+```
+
+**Note**: this will setup the user information only for this repository. You
+can also add `--global` switch to the `git config` command to setup these
+options globally and thus making them available in every git repository.
+
+* Create a working branch
+
+```
+git checkout -b my-changes
+```
+
+* Commit changes
+
+```
+vim change-what-you-need
+git commit -s
+```
+
+Check
+[the kernel patches guide](https://www.kernel.org/doc/html/v4.14/process/submitting-patches.html#describe-your-changes)
+to get an idea on how to write a good commit message.
+
+* Push your changes to your GitHub repository
+
+```
+git push $ghusername my-changes --force
+```
+
+* Open a Pull Request against shadow project by clicking on the link provided
+in the output of the previous step
+
+* Make sure that all Continuous Integration checks are green and wait review
+
+## Internal guidelines
+
+Additionally, you should also check the following internal guidelines to
+understand the project's development model:
+
+* [Build & install](build_install.md)
+* [Coding style](coding_style.md)
+* [Tests](tests.md)
+* [Continuous Integration](CI.md)
+* [Releases](releases.md)
+* [License](license.md)

doc/contributions/license.md

@@ -0,0 +1,10 @@
+# License
+
+All new source code committed to the shadow project is assumed to be made
+available under the [BSD-3-Clause](../../COPYING) license unless the submitter
+specifies another license at that time. The shadow maintainers reserve the
+right to refuse a submission if the license is deemed incompatible with the
+goals of the project.
+
+**Note**: old code may be made available under another license, check the
+license tag for each file to get additional information.

doc/contributions/releases.md

@@ -0,0 +1,7 @@
+# Releases
+
+The shadow project doesn't follow any specific timeline to release new software
+versions. Usually, they are released when a major milestone is finished.
+
+Released source code, alongside the release notes, are provided in the
+[release Github page](https://github.com/shadow-maint/shadow/releases).

doc/contributions/tests.md

@@ -0,0 +1,18 @@
+# Tests
+
+Currently, shadow only provides system tests.
+
+## System tests
+
+These type of tests are written in shell. Unfortunately, the testing framework
+is tightly coupled to the Ubuntu distribution and it can only be run in this
+distribution. Besides, if anything fails during the execution the system can
+be left in an unstable state. Taking that into account you shouldn't run this
+workflow in your host machine, we recommend to use a disposable system like a
+VM or a container instead.
+
+You can execute system tests by running:
+
+```
+cd tests && ./run_all`.
+```

etc/pam.d/login

@@ -4,8 +4,8 @@ auth		include		system-auth
 account		required	pam_nologin.so
 account		include		system-auth
 password	include		system-auth
-session		required	pam_selinux.so close
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
 session		include		system-auth
 session		required	pam_loginuid.so
 session		optional	pam_console.so
-session		required	pam_selinux.so open
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open

etc/pam.d/su

@@ -7,7 +7,7 @@ auth		required	pam_wheel.so use_uid
 auth		include		system-auth
 account		include		system-auth
 password	include		system-auth
-session		required	pam_selinux.so close
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
 session		include		system-auth
-session		required	pam_selinux.so open multiple
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
 session		optional	pam_xauth.so

etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh

@@ -0,0 +1,26 @@
+#!/bin/sh
+
+PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+GROUPID=`awk -F: '$1 == "'"${SUBJECT}"'" { print $3 }' /etc/group`
+
+if [ "${GROUPID}" = "" ]; then
+    exit 0
+fi
+
+for status in /proc/*/status; do
+    # either this isn't a process or its already dead since expanding the list
+    [ -f "$status" ] || continue
+
+    tbuf=${status%/status}
+    pid=${tbuf#/proc/}
+    case "$pid" in
+        "$$") continue;;
+        [0-9]*) :;;
+        *) continue
+    esac
+    
+    grep -q '^Groups:.*\b'"${GROUPID}"'\b.*' "/proc/$pid/status" || continue
+
+    kill -9 "$pid" || echo "cannot kill $pid" 1>&2
+done
+

etc/shadow-maint/userdel-pre.d/01-kill_user_procs.sh

@@ -0,0 +1,31 @@
+#!/bin/sh
+
+PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+# Check user exists, and if so, send sigkill to processes that the user owns
+
+ps -eo user >/dev/null 2>&1
+if [ $? -eq 0 ]; then
+    RUNNING=`ps -eo user | grep -Fx "$SUBJECT" | wc -l`
+    # if the user does not exist, RUNNING will be 0
+    if [ "${RUNNING}x" = "0x" ]; then
+        exit 0
+    fi
+fi
+
+# If there is no ps -eo, traverse the process directly.
+
+ls -1 /proc | while IFS= read -r PROC; do
+  echo "$PROC" | grep -E '^[0-9]+$' >/dev/null
+  if [ $? -ne 0 ]; then
+    continue
+  fi
+  if [ -d "/proc/${PROC}" ]; then
+    USR=`stat -c "%U" /proc/${PROC}`
+    if [ "${USR}" = "${SUBJECT}" ]; then
+      echo "Killing ${SUBJECT} owned ${PROC}"
+      kill -9 "${PROC}"
+    fi
+  fi
+done
+

lib/Makefile.am

@@ -11,6 +11,7 @@ libshadow_la_CPPFLAGS += -DVENDORDIR=\"$(VENDORDIR)\"
 endif
 
 libshadow_la_CPPFLAGS += -I$(top_srcdir)
+libshadow_la_CFLAGS = $(LIBBSD_CFLAGS)
 
 libshadow_la_SOURCES = \
 	commonio.c \
@@ -36,6 +37,9 @@ libshadow_la_SOURCES = \
 	nss.c \
 	nscd.c \
 	nscd.h \
+	shadowlog.c \
+	shadowlog.h \
+	shadowlog_internal.h \
 	sssd.c \
 	sssd.h \
 	pam_defs.h \
@@ -62,8 +66,7 @@ libshadow_la_SOURCES = \
 	shadowio.c \
 	shadowio.h \
 	shadowmem.c \
-	spawn.c \
-	utent.c
+	spawn.c
 
 if WITH_TCB
 libshadow_la_SOURCES += tcbfuncs.c tcbfuncs.h

lib/alloc.h

@@ -0,0 +1,115 @@
+/*
+ * SPDX-FileCopyrightText:  2023, Alejandro Colomar <alx@kernel.org>
+ *
+ * SPDX-License-Identifier:  BSD-3-Clause
+ */
+
+
+#ifndef SHADOW_INCLUDE_LIB_MALLOC_H_
+#define SHADOW_INCLUDE_LIB_MALLOC_H_
+
+
+#include <config.h>
+
+#include <assert.h>
+#include <errno.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+#include "defines.h"
+
+
+#define CALLOC(n, type)   ((type *) calloc(n, sizeof(type)))
+#define XCALLOC(n, type)  ((type *) xcalloc(n, sizeof(type)))
+#define MALLOC(n, type)   ((type *) mallocarray(n, sizeof(type)))
+#define XMALLOC(n, type)  ((type *) xmallocarray(n, sizeof(type)))
+
+#define REALLOC(ptr, n, type)                                                 \
+({                                                                            \
+	__auto_type  p_ = (ptr);                                              \
+                                                                              \
+	static_assert(__builtin_types_compatible_p(typeof(p_), type *), "");  \
+                                                                              \
+	(type *) reallocarray(p_, n, sizeof(type));                           \
+})
+
+#define REALLOCF(ptr, n, type)                                                \
+({                                                                            \
+	__auto_type  p_ = (ptr);                                              \
+                                                                              \
+	static_assert(__builtin_types_compatible_p(typeof(p_), type *), "");  \
+                                                                              \
+	(type *) reallocarrayf(p_, n, sizeof(type));                          \
+})
+
+#define XREALLOC(ptr, n, type)                                                \
+({                                                                            \
+	__auto_type  p_ = (ptr);                                              \
+                                                                              \
+	static_assert(__builtin_types_compatible_p(typeof(p_), type *), "");  \
+                                                                              \
+	(type *) xreallocarray(p_, n, sizeof(type));                          \
+})
+
+
+ATTR_MALLOC(free)
+inline void *xmalloc(size_t size);
+ATTR_MALLOC(free)
+inline void *xmallocarray(size_t nmemb, size_t size);
+ATTR_MALLOC(free)
+inline void *mallocarray(size_t nmemb, size_t size);
+ATTR_MALLOC(free)
+inline void *reallocarrayf(void *p, size_t nmemb, size_t size);
+ATTR_MALLOC(free)
+inline char *xstrdup(const char *str);
+
+ATTR_MALLOC(free)
+void *xcalloc(size_t nmemb, size_t size);
+ATTR_MALLOC(free)
+void *xreallocarray(void *p, size_t nmemb, size_t size);
+
+
+inline void *
+xmalloc(size_t size)
+{
+	return xmallocarray(1, size);
+}
+
+
+inline void *
+xmallocarray(size_t nmemb, size_t size)
+{
+	return xreallocarray(NULL, nmemb, size);
+}
+
+
+inline void *
+mallocarray(size_t nmemb, size_t size)
+{
+	return reallocarray(NULL, nmemb, size);
+}
+
+
+inline void *
+reallocarrayf(void *p, size_t nmemb, size_t size)
+{
+	void  *q;
+
+	q = reallocarray(p, nmemb, size);
+
+	/* realloc(p, 0) is equivalent to free(p);  avoid double free.  */
+	if (q == NULL && nmemb != 0 && size != 0)
+		free(p);
+	return q;
+}
+
+
+inline char *
+xstrdup(const char *str)
+{
+	return strcpy(XMALLOC(strlen(str) + 1, char), str);
+}
+
+
+#endif  // include guard

lib/bit.h

@@ -0,0 +1,53 @@
+/*
+ * SPDX-FileCopyrightText:  2022 - 2023, Alejandro Colomar <alx@kernel.org>
+ *
+ * SPDX-License-Identifier:  BSD-3-Clause
+ */
+
+
+#ifndef SHADOW_INCLUDE_LIB_BIT_H_
+#define SHADOW_INCLUDE_LIB_BIT_H_
+
+
+#include <config.h>
+
+#include <limits.h>
+
+
+#ifndef ULONG_WIDTH
+#define ULONG_WIDTH (sizeof(unsigned long) * CHAR_BIT)
+#endif
+
+
+inline unsigned long bit_ceilul(unsigned long x);
+inline unsigned long bit_ceil_wrapul(unsigned long x);
+inline int leading_zerosul(unsigned long x);
+
+
+/* stdc_bit_ceilul(3) */
+inline unsigned long
+bit_ceilul(unsigned long x)
+{
+	return 1 + (ULONG_MAX >> leading_zerosul(x));
+}
+
+
+/* stdc_bit_ceilul(3), but wrap instead of having Undefined Behavior */
+inline unsigned long
+bit_ceil_wrapul(unsigned long x)
+{
+	if (x == 0)
+		return 0;
+
+	return bit_ceilul(x);
+}
+
+/* stdc_leading_zerosul(3) */
+inline int
+leading_zerosul(unsigned long x)
+{
+	return (x == 0) ? ULONG_WIDTH : __builtin_clzl(x);
+}
+
+
+#endif  // include guard

lib/commonio.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2001, Marek Michałkiewicz
- * Copyright (c) 2001 - 2006, Tomasz Kłoczko
- * Copyright (c) 2007 - 2011, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2001, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001 - 2006, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2011, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -44,6 +21,8 @@
 #include <errno.h>
 #include <stdio.h>
 #include <signal.h>
+
+#include "alloc.h"
 #include "nscd.h"
 #include "sssd.h"
 #ifdef WITH_TCB
@@ -51,10 +30,11 @@
 #endif				/* WITH_TCB */
 #include "prototypes.h"
 #include "commonio.h"
+#include "shadowlog_internal.h"
 
 /* local function prototypes */
 static int lrename (const char *, const char *);
-static int check_link_count (const char *file);
+static int check_link_count (const char *file, bool log);
 static int do_lock_file (const char *file, const char *lock, bool log);
 static /*@null@*/ /*@dependent@*/FILE *fopen_set_perms (
 	const char *name,
@@ -87,7 +67,6 @@ int lrename (const char *old, const char *new)
 	int res;
 	char *r = NULL;
 
-#if defined(S_ISLNK)
 #ifndef __GLIBC__
 	char resolved_path[PATH_MAX];
 #endif				/* !__GLIBC__ */
@@ -104,28 +83,35 @@ int lrename (const char *old, const char *new)
 			new = r;
 		}
 	}
-#endif				/* S_ISLNK */
 
 	res = rename (old, new);
 
 #ifdef __GLIBC__
-	if (NULL != r) {
-		free (r);
-	}
+	free (r);
 #endif				/* __GLIBC__ */
 
 	return res;
 }
 
-static int check_link_count (const char *file)
+static int check_link_count (const char *file, bool log)
 {
 	struct stat sb;
 
 	if (stat (file, &sb) != 0) {
+		if (log) {
+			(void) fprintf (shadow_logfd,
+			                "%s: %s file stat error: %s\n",
+			                shadow_progname, file, strerror (errno));
+		}
 		return 0;
 	}
 
 	if (sb.st_nlink != 2) {
+		if (log) {
+			(void) fprintf (shadow_logfd,
+			                "%s: %s: lock file already used (nlink: %u)\n",
+			                shadow_progname, file, sb.st_nlink);
+		}
 		return 0;
 	}
 
@@ -146,7 +132,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 		if (log) {
 			(void) fprintf (shadow_logfd,
 			                "%s: %s: %s\n",
-			                Prog, file, strerror (errno));
+			                shadow_progname, file, strerror (errno));
 		}
 		return 0;
 	}
@@ -158,7 +144,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 		if (log) {
 			(void) fprintf (shadow_logfd,
 			                "%s: %s file write error: %s\n",
-			                Prog, file, strerror (errno));
+			                shadow_progname, file, strerror (errno));
 		}
 		(void) close (fd);
 		unlink (file);
@@ -168,7 +154,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 		if (log) {
 			(void) fprintf (shadow_logfd,
 			                "%s: %s file sync error: %s\n",
-			                Prog, file, strerror (errno));
+			                shadow_progname, file, strerror (errno));
 		}
 		(void) close (fd);
 		unlink (file);
@@ -177,12 +163,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 	close (fd);
 
 	if (link (file, lock) == 0) {
-		retval = check_link_count (file);
-		if ((0==retval) && log) {
-			(void) fprintf (shadow_logfd,
-			                "%s: %s: lock file already used\n",
-			                Prog, file);
-		}
+		retval = check_link_count (file, log);
 		unlink (file);
 		return retval;
 	}
@@ -192,7 +173,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 		if (log) {
 			(void) fprintf (shadow_logfd,
 			                "%s: %s: %s\n",
-			                Prog, lock, strerror (errno));
+			                shadow_progname, lock, strerror (errno));
 		}
 		unlink (file);
 		errno = EINVAL;
@@ -204,7 +185,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 		if (log) {
 			(void) fprintf (shadow_logfd,
 			                "%s: existing lock file %s without a PID\n",
-			                Prog, lock);
+			                shadow_progname, lock);
 		}
 		unlink (file);
 		errno = EINVAL;
@@ -215,7 +196,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 		if (log) {
 			(void) fprintf (shadow_logfd,
 			                "%s: existing lock file %s with an invalid PID '%s'\n",
-			                Prog, lock, buf);
+			                shadow_progname, lock, buf);
 		}
 		unlink (file);
 		errno = EINVAL;
@@ -225,7 +206,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 		if (log) {
 			(void) fprintf (shadow_logfd,
 			                "%s: lock %s already used by PID %lu\n",
-			                Prog, lock, (unsigned long) pid);
+			                shadow_progname, lock, (unsigned long) pid);
 		}
 		unlink (file);
 		errno = EEXIST;
@@ -235,7 +216,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 		if (log) {
 			(void) fprintf (shadow_logfd,
 			                "%s: cannot get lock %s: %s\n",
-			                Prog, lock, strerror (errno));
+			                shadow_progname, lock, strerror (errno));
 		}
 		unlink (file);
 		return 0;
@@ -243,17 +224,12 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 
 	retval = 0;
 	if (link (file, lock) == 0) {
-		retval = check_link_count (file);
-		if ((0==retval) && log) {
-			(void) fprintf (shadow_logfd,
-			                "%s: %s: lock file already used\n",
-			                Prog, file);
-		}
+		retval = check_link_count (file, log);
 	} else {
 		if (log) {
 			(void) fprintf (shadow_logfd,
 			                "%s: cannot get lock %s: %s\n",
-			                Prog, lock, strerror (errno));
+			                shadow_progname, lock, strerror (errno));
 		}
 	}
 
@@ -277,25 +253,13 @@ static /*@null@*/ /*@dependent@*/FILE *fopen_set_perms (
 		return NULL;
 	}
 
-#ifdef HAVE_FCHOWN
 	if (fchown (fileno (fp), sb->st_uid, sb->st_gid) != 0) {
 		goto fail;
 	}
-#else				/* !HAVE_FCHOWN */
-	if (chown (name, sb->st_mode) != 0) {
-		goto fail;
-	}
-#endif				/* !HAVE_FCHOWN */
-
-#ifdef HAVE_FCHMOD
 	if (fchmod (fileno (fp), sb->st_mode & 0664) != 0) {
 		goto fail;
 	}
-#else				/* !HAVE_FCHMOD */
-	if (chmod (name, sb->st_mode & 0664) != 0) {
-		goto fail;
-	}
-#endif				/* !HAVE_FCHMOD */
+
 	return fp;
 
       fail:
@@ -361,9 +325,7 @@ static void free_linked_list (struct commonio_db *db)
 		p = db->head;
 		db->head = p->next;
 
-		if (NULL != p->line) {
-			free (p->line);
-		}
+		free (p->line);
 
 		if (NULL != p->eptr) {
 			db->ops->free (p->eptr);
@@ -402,11 +364,11 @@ int commonio_lock_nowait (struct commonio_db *db, bool log)
 	}
 	file_len = strlen(db->filename) + 11;/* %lu max size */
 	lock_file_len = strlen(db->filename) + 6; /* sizeof ".lock" */
-	file = (char*)malloc(file_len);
+	file = MALLOC(file_len, char);
 	if (file == NULL) {
 		goto cleanup_ENOMEM;
 	}
-	lock = (char*)malloc(lock_file_len);
+	lock = MALLOC(lock_file_len, char);
 	if (lock == NULL) {
 		goto cleanup_ENOMEM;
 	}
@@ -419,10 +381,8 @@ int commonio_lock_nowait (struct commonio_db *db, bool log)
 		err = 1;
 	}
 cleanup_ENOMEM:
-	if (file)
-		free(file);
-	if (lock)
-		free(lock);
+	free(file);
+	free(lock);
 	return err;
 }
 
@@ -448,7 +408,7 @@ int commonio_lock (struct commonio_db *db)
 				if (geteuid () != 0) {
 					(void) fprintf (shadow_logfd,
 					                "%s: Permission denied.\n",
-					                Prog);
+					                shadow_progname);
 				}
 				return 0;	/* failure */
 			}
@@ -483,7 +443,7 @@ int commonio_lock (struct commonio_db *db)
 		/* no unnecessary retries on "permission denied" errors */
 		if (geteuid () != 0) {
 			(void) fprintf (shadow_logfd, "%s: Permission denied.\n",
-			                Prog);
+			                shadow_progname);
 			return 0;
 		}
 	}
@@ -648,7 +608,7 @@ int commonio_open (struct commonio_db *db, int mode)
 
 	fd = open (db->filename,
 	             (db->readonly ? O_RDONLY : O_RDWR)
-	           | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW);
+	           | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW | O_CLOEXEC);
 	saved_errno = errno;
 	db->fp = NULL;
 	if (fd >= 0) {
@@ -679,22 +639,19 @@ int commonio_open (struct commonio_db *db, int mode)
 		return 0;
 	}
 
-	/* Do not inherit fd in spawned processes (e.g. nscd) */
-	fcntl (fileno (db->fp), F_SETFD, FD_CLOEXEC);
-
 	buflen = BUFLEN;
-	buf = (char *) malloc (buflen);
+	buf = MALLOC(buflen, char);
 	if (NULL == buf) {
 		goto cleanup_ENOMEM;
 	}
 
-	while (db->ops->fgets (buf, (int) buflen, db->fp) == buf) {
+	while (db->ops->fgets (buf, buflen, db->fp) == buf) {
 		while (   ((cp = strrchr (buf, '\n')) == NULL)
 		       && (feof (db->fp) == 0)) {
 			size_t len;
 
 			buflen += BUFLEN;
-			cp = (char *) realloc (buf, buflen);
+			cp = REALLOC(buf, buflen, char);
 			if (NULL == cp) {
 				goto cleanup_buf;
 			}
@@ -728,7 +685,7 @@ int commonio_open (struct commonio_db *db, int mode)
 			}
 		}
 
-		p = (struct commonio_entry *) malloc (sizeof *p);
+		p = MALLOC(1, struct commonio_entry);
 		if (NULL == p) {
 			goto cleanup_entry;
 		}
@@ -805,7 +762,7 @@ commonio_sort (struct commonio_db *db, int (*cmp) (const void *, const void *))
 		return 0;
 	}
 
-	entries = malloc (n * sizeof (struct commonio_entry *));
+	entries = MALLOC(n, struct commonio_entry *);
 	if (entries == NULL) {
 		return -1;
 	}
@@ -1028,13 +985,11 @@ int commonio_close (struct commonio_db *db)
 	if (fflush (db->fp) != 0) {
 		errors++;
 	}
-#ifdef HAVE_FSYNC
+
 	if (fsync (fileno (db->fp)) != 0) {
 		errors++;
 	}
-#else				/* !HAVE_FSYNC */
-	sync ();
-#endif				/* !HAVE_FSYNC */
+
 	if (fclose (db->fp) != 0) {
 		errors++;
 	}
@@ -1126,7 +1081,7 @@ int commonio_update (struct commonio_db *db, const void *eptr)
 		return 1;
 	}
 	/* not found, new entry */
-	p = (struct commonio_entry *) malloc (sizeof *p);
+	p = MALLOC(1, struct commonio_entry);
 	if (NULL == p) {
 		db->ops->free (nentry);
 		errno = ENOMEM;
@@ -1163,7 +1118,7 @@ int commonio_append (struct commonio_db *db, const void *eptr)
 		return 0;
 	}
 	/* new entry */
-	p = (struct commonio_entry *) malloc (sizeof *p);
+	p = MALLOC(1, struct commonio_entry);
 	if (NULL == p) {
 		db->ops->free (nentry);
 		errno = ENOMEM;
@@ -1224,14 +1179,14 @@ int commonio_remove (struct commonio_db *db, const char *name)
 
 	commonio_del_entry (db, p);
 
-	if (NULL != p->line) {
-		free (p->line);
-	}
+	free (p->line);
 
 	if (NULL != p->eptr) {
 		db->ops->free (p->eptr);
 	}
 
+	free(p);
+
 	return 1;
 }
 

lib/commonio.h

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001 - 2005, Tomasz Kłoczko
- * Copyright (c) 2007 - 2010, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /* $Id$ */
@@ -146,6 +123,7 @@ extern int commonio_setname (struct commonio_db *, const char *);
 extern bool commonio_present (const struct commonio_db *db);
 extern int commonio_lock (struct commonio_db *);
 extern int commonio_lock_nowait (struct commonio_db *, bool log);
+extern int do_fcntl_lock (const char *file, bool log, short type);
 extern int commonio_open (struct commonio_db *, int);
 extern /*@observer@*/ /*@null@*/const void *commonio_locate (struct commonio_db *, const char *);
 extern int commonio_update (struct commonio_db *, const void *);

lib/defines.h

@@ -6,43 +6,8 @@
 
 #include "config.h"
 
-#if HAVE_STDBOOL_H
-# include <stdbool.h>
-#else
-# if ! HAVE__BOOL
-#  ifdef __cplusplus
-typedef bool _Bool;
-#  else
-typedef unsigned char _Bool;
-#  endif
-# endif
-# define bool _Bool
-# define false (0)
-# define true  (1)
-# define __bool_true_false_are_defined 1
-#endif
-
-#define ISDIGIT_LOCALE(c) (IN_CTYPE_DOMAIN (c) && isdigit (c))
-
-/* Take care of NLS matters.  */
-#ifdef S_SPLINT_S
-extern char *setlocale(int categories, const char *locale);
-# define LC_ALL		(6)
-extern char * bindtextdomain (const char * domainname, const char * dirname);
-extern char * textdomain (const char * domainname);
-# define _(Text) Text
-# define ngettext(Msgid1, Msgid2, N) \
-    ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
-#else
-#ifdef HAVE_LOCALE_H
-# include <locale.h>
-#else
-# undef setlocale
-# define setlocale(category, locale)	(NULL)
-# ifndef LC_ALL
-#  define LC_ALL	6
-# endif
-#endif
+#include <stdbool.h>
+#include <locale.h>
 
 #define gettext_noop(String) (String)
 /* #define gettext_def(String) "#define String" */
@@ -59,42 +24,17 @@ extern char * textdomain (const char * domainname);
 # define ngettext(Msgid1, Msgid2, N) \
     ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
 #endif
-#endif
 
-#if STDC_HEADERS
-# include <stdlib.h>
-# include <string.h>
-#else				/* not STDC_HEADERS */
-# ifndef HAVE_STRCHR
-#  define strchr index
-#  define strrchr rindex
-# endif
-char *strchr (), *strrchr (), *strtok ();
+#include <stdlib.h>
+#include <string.h>
 
-# ifndef HAVE_MEMCPY
-#  define memcpy(d, s, n) bcopy((s), (d), (n))
-# endif
-#endif				/* not STDC_HEADERS */
-
-#if HAVE_ERRNO_H
-# include <errno.h>
-#endif
+#include <errno.h>
 
 #include <sys/stat.h>
 #include <sys/types.h>
-#if HAVE_SYS_WAIT_H
-# include <sys/wait.h>
-#endif
-#ifndef WEXITSTATUS
-# define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
-#endif
-#ifndef WIFEXITED
-# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
-#endif
+#include <sys/wait.h>
 
-#if HAVE_UNISTD_H
-# include <unistd.h>
-#endif
+#include <unistd.h>
 
 /*
  * crypt(3), crypt_gensalt(3), and their
@@ -104,39 +44,24 @@ char *strchr (), *strrchr (), *strtok ();
 # include <crypt.h>
 #endif
 
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else				/* not TIME_WITH_SYS_TIME */
-# if HAVE_SYS_TIME_H
-#  include <sys/time.h>
-# else
-#  include <time.h>
-# endif
-#endif				/* not TIME_WITH_SYS_TIME */
+#include <sys/time.h>
+#include <time.h>
+
+#ifdef HAVE_MEMSET_EXPLICIT
+# define memzero(ptr, size) memset_explicit((ptr), 0, (size))
+#elif defined HAVE_EXPLICIT_BZERO	/* !HAVE_MEMSET_S */
+# define memzero(ptr, size) explicit_bzero((ptr), (size))
+#else					/* !HAVE_MEMSET_S && HAVE_EXPLICIT_BZERO */
+static inline void memzero(void *ptr, size_t size)
+{
+	ptr = memset(ptr, '\0', size);
+	__asm__ __volatile__ ("" : : "r"(ptr) : "memory");
+}
+#endif					/* !HAVE_MEMSET_S && !HAVE_EXPLICIT_BZERO */
 
-#ifdef HAVE_MEMSET
-# define memzero(ptr, size) memset((void *)(ptr), 0, (size))
-#else
-# define memzero(ptr, size) bzero((char *)(ptr), (size))
-#endif
 #define strzero(s) memzero(s, strlen(s))	/* warning: evaluates twice */
 
-#ifdef HAVE_DIRENT_H		/* DIR_SYSV */
-# include <dirent.h>
-# define DIRECT dirent
-#else
-# ifdef HAVE_SYS_NDIR_H		/* DIR_XENIX */
-#  include <sys/ndir.h>
-# endif
-# ifdef HAVE_SYS_DIR_H		/* DIR_??? */
-#  include <sys/dir.h>
-# endif
-# ifdef HAVE_NDIR_H		/* DIR_BSD */
-#  include <ndir.h>
-# endif
-# define DIRECT direct
-#endif
+#include <dirent.h>
 
 /*
  * Possible cases:
@@ -158,7 +83,6 @@ char *strchr (), *strrchr (), *strtok ();
 #endif
 #endif
 
-#ifdef USE_SYSLOG
 #include <syslog.h>
 
 #ifndef LOG_WARN
@@ -205,14 +129,6 @@ char *strchr (), *strrchr (), *strtok ();
 #define SYSLOG(x) syslog x
 #endif				/* !ENABLE_NLS */
 
-#else				/* !USE_SYSLOG */
-
-#define SYSLOG(x)		/* empty */
-#define openlog(a,b,c)		/* empty */
-#define closelog()		/* empty */
-
-#endif				/* !USE_SYSLOG */
-
 /* The default syslog settings can now be changed here,
    in just one place.  */
 
@@ -227,57 +143,10 @@ char *strchr (), *strrchr (), *strtok ();
 
 #define OPENLOG(progname) openlog(progname, SYSLOG_OPTIONS, SYSLOG_FACILITY)
 
-#ifndef F_OK
-# define F_OK 0
-# define X_OK 1
-# define W_OK 2
-# define R_OK 4
-#endif
-
-#ifndef SEEK_SET
-# define SEEK_SET 0
-# define SEEK_CUR 1
-# define SEEK_END 2
-#endif
-
-#ifdef STAT_MACROS_BROKEN
-# define S_ISDIR(x) ((x) & S_IFMT) == S_IFDIR)
-# define S_ISREG(x) ((x) & S_IFMT) == S_IFREG)
-# ifdef S_IFLNK
-#  define S_ISLNK(x) ((x) & S_IFMT) == S_IFLNK)
-# endif
-#endif
-
-#ifndef S_ISLNK
-#define S_ISLNK(x) (0)
-#endif
-
-#if HAVE_LCHOWN
-#define LCHOWN lchown
-#else
-#define LCHOWN chown
-#endif
-
-#if HAVE_LSTAT
-#define LSTAT lstat
-#else
-#define LSTAT stat
-#endif
-
-#if HAVE_TERMIOS_H
-# include <termios.h>
-# define STTY(fd, termio) tcsetattr(fd, TCSANOW, termio)
-# define GTTY(fd, termio) tcgetattr(fd, termio)
-# define TERMIO struct termios
-# define USE_TERMIOS
-#else				/* assumed HAVE_TERMIO_H */
-# include <sys/ioctl.h>
-# include <termio.h>
-# define STTY(fd, termio) ioctl(fd, TCSETA, termio)
-# define GTTY(fd, termio) ioctl(fd, TCGETA, termio)
-# define TEMRIO struct termio
-# define USE_TERMIO
-#endif
+#include <termios.h>
+#define STTY(fd, termio) tcsetattr(fd, TCSANOW, termio)
+#define GTTY(fd, termio) tcgetattr(fd, termio)
+#define TERMIO struct termios
 
 /*
  * Password aging constants
@@ -300,6 +169,10 @@ char *strchr (), *strrchr (), *strtok ();
 #define SCALE DAY
 #endif
 
+#define WIDTHOF(x)   (sizeof(x) * CHAR_BIT)
+#define NITEMS(arr)  (sizeof((arr)) / sizeof((arr)[0]))
+#define STRLEN(s)    (NITEMS(s) - 1)
+
 /* Copy string pointed by B to array A with size checking.  It was originally
    in lmain.c but is _very_ useful elsewhere.  Some setuid root programs with
    very sloppy coding used to assume that BUFSIZ will always be enough...  */
@@ -326,18 +199,6 @@ char *strchr (), *strrchr (), *strtok ();
 #endif
 #endif
 
-#ifndef NULL
-#define NULL ((void *) 0)
-#endif
-
-#ifdef sun			/* hacks for compiling on SunOS */
-# ifndef SOLARIS
-extern int fputs ();
-extern char *strdup ();
-extern char *strerror ();
-# endif
-#endif
-
 /*
  * string to use for the pw_passwd field in /etc/passwd when using
  * shadow passwords - most systems use "x" but there are a few
@@ -362,34 +223,22 @@ extern char *strerror ();
 
 /* To be used for verified unused parameters */
 #if defined(__GNUC__) && !defined(__STRICT_ANSI__)
-# define unused __attribute__((unused))
+# define unused    __attribute__((unused))
+# define NORETURN  __attribute__((__noreturn__))
+# define format_attr(type, index, check) __attribute__((format (type, index, check)))
 #else
 # define unused
+# define NORETURN
+# define format_attr(type, index, check)
 #endif
 
-/* ! Arguments evaluated twice ! */
-#ifndef MIN
-#define MIN(a,b) (((a) < (b)) ? (a) : (b))
-#endif
-#ifndef MAX
-#define MAX(x,y) (((x) > (y)) ? (x) : (y))
-#endif
+/* Maximum length of passwd entry */
+#define PASSWD_ENTRY_MAX_LENGTH 32768
 
-/* Maximum length of usernames */
-#ifdef HAVE_UTMPX_H
-# include <utmpx.h>
-# define USER_NAME_MAX_LENGTH (sizeof (((struct utmpx *)NULL)->ut_user))
+#if (__GNUC__ >= 11) && !defined(__clang__)
+# define ATTR_MALLOC(deallocator)  [[gnu::malloc(deallocator)]]
 #else
-# include <utmp.h>
-# ifdef HAVE_STRUCT_UTMP_UT_USER
-#  define USER_NAME_MAX_LENGTH (sizeof (((struct utmp *)NULL)->ut_user))
-# else
-#  ifdef HAVE_STRUCT_UTMP_UT_NAME
-#   define USER_NAME_MAX_LENGTH (sizeof (((struct utmp *)NULL)->ut_name))
-#  else
-#   define USER_NAME_MAX_LENGTH 32
-#  endif
-# endif
+# define ATTR_MALLOC(deallocator)
 #endif
 
 #ifdef HAVE_SECURE_GETENV

lib/encrypt.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1990 - 1993, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2007 - 2010, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1993, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -39,6 +16,7 @@
 
 #include "prototypes.h"
 #include "defines.h"
+#include "shadowlog_internal.h"
 
 /*@exposed@*//*@null@*/char *pw_encrypt (const char *clear, const char *salt)
 {

lib/exitcodes.h

@@ -1,30 +1,7 @@
 /*
- * Copyright (c) 2005 - 2006, Tomasz Kłoczko
- * All rights reserved.
+ * SPDX-FileCopyrightText: 2005 - 2006, Tomasz Kłoczko
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /* $Id$ */

lib/faillog.h

@@ -1,32 +1,9 @@
 /*
- * Copyright (c) 1989 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1997, Marek Michałkiewicz
- * Copyright (c) 2005       , Tomasz Kłoczko
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /*

lib/fields.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1990       , Julianne Frances Haugh
- * Copyright (c) 1996 - 1997, Marek Michałkiewicz
- * Copyright (c) 2003 - 2005, Tomasz Kłoczko
- * Copyright (c) 2007       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990       , Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -44,9 +21,9 @@
  *
  * The supplied field is scanned for non-printable and other illegal
  * characters.
- *  + -1 is returned if an illegal character is present.
- *  +  1 is returned if no illegal characters are present, but the field
- *       contains a non-printable character.
+ *  + -1 is returned if an illegal or control character is present.
+ *  +  1 is returned if no illegal or control characters are present,
+ *       but the field contains a non-printable character.
  *  +  0 is returned otherwise.
  */
 int valid_field (const char *field, const char *illegal)
@@ -60,20 +37,19 @@ int valid_field (const char *field, const char *illegal)
 
 	/* For each character of field, search if it appears in the list
 	 * of illegal characters. */
-	for (cp = field; '\0' != *cp; cp++) {
-		if (strchr (illegal, *cp) != NULL) {
-			err = -1;
-			break;
-		}
+	if (illegal && NULL != strpbrk (field, illegal)) {
+		return -1;
 	}
 
-	if (0 == err) {
-		/* Search if there are some non-printable characters */
-		for (cp = field; '\0' != *cp; cp++) {
-			if (!isprint (*cp)) {
-				err = 1;
-				break;
-			}
+	/* Search if there are non-printable or control characters */
+	for (cp = field; '\0' != *cp; cp++) {
+		unsigned char c = *cp;
+		if (!isprint (c)) {
+			err = 1;
+		}
+		if (iscntrl (c)) {
+			err = -1;
+			break;
 		}
 	}
 
@@ -97,7 +73,7 @@ void change_field (char *buf, size_t maxsize, const char *prompt)
 
 	printf ("\t%s [%s]: ", prompt, buf);
 	(void) fflush (stdout);
-	if (fgets (newf, (int) maxsize, stdin) != newf) {
+	if (fgets (newf, maxsize, stdin) != newf) {
 		return;
 	}
 
@@ -114,17 +90,16 @@ void change_field (char *buf, size_t maxsize, const char *prompt)
 		 * entering a space.  --marekm
 		 */
 
-		while (--cp >= newf && isspace (*cp));
-		cp++;
+		while (newf < cp && isspace (cp[-1])) {
+			cp--;
+		}
 		*cp = '\0';
 
 		cp = newf;
-		while (('\0' != *cp) && isspace (*cp)) {
+		while (isspace (*cp)) {
 			cp++;
 		}
 
-		strncpy (buf, cp, maxsize - 1);
-		buf[maxsize - 1] = '\0';
+		strcpy (buf, cp);
 	}
 }
-

lib/fputsx.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1999, Marek Michałkiewicz
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2008       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>

lib/get_gid.c

@@ -1,30 +1,7 @@
 /*
- * Copyright (c) 2009       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 2009       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -48,7 +25,7 @@ int get_gid (const char *gidstr, gid_t *gid)
 		return 0;
 	}
 
-	*gid = (gid_t)val;
+	*gid = val;
 	return 1;
 }
 

lib/get_pid.c

@@ -1,30 +1,7 @@
 /*
- * Copyright (c) 2009       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 2009       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -33,6 +10,9 @@
 
 #include "prototypes.h"
 #include "defines.h"
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
 
 int get_pid (const char *pidstr, pid_t *pid)
 {
@@ -44,11 +24,79 @@ int get_pid (const char *pidstr, pid_t *pid)
 	if (   ('\0' == *pidstr)
 	    || ('\0' != *endptr)
 	    || (ERANGE == errno)
+	    || (val < 1)
 	    || (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) {
 		return 0;
 	}
 
-	*pid = (pid_t)val;
+	*pid = val;
 	return 1;
 }
 
+/*
+ * If use passed in fd:4 as an argument, then return the
+ * value '4', the fd to use.
+ * On error, return -1.
+ */
+int get_pidfd_from_fd(const char *pidfdstr)
+{
+	long long int val;
+	char *endptr;
+	struct stat st;
+	dev_t proc_st_dev, proc_st_rdev;
+
+	errno = 0;
+	val = strtoll (pidfdstr, &endptr, 10);
+	if (   ('\0' == *pidfdstr)
+	    || ('\0' != *endptr)
+	    || (ERANGE == errno)
+	    || (val < 0)
+	    || (/*@+longintegral@*/val != (int)val)/*@=longintegral@*/) {
+		return -1;
+	}
+
+	if (stat("/proc/self/uid_map", &st) < 0) {
+		return -1;
+	}
+
+	proc_st_dev = st.st_dev;
+	proc_st_rdev = st.st_rdev;
+
+	if (fstat(val, &st) < 0) {
+		return -1;
+	}
+
+	if (st.st_dev != proc_st_dev || st.st_rdev != proc_st_rdev) {
+		return -1;
+	}
+
+	return (int)val;
+}
+
+int open_pidfd(const char *pidstr)
+{
+	int proc_dir_fd;
+	int written;
+	char proc_dir_name[32];
+	pid_t target;
+
+	if (get_pid(pidstr, &target) == 0)
+		return -ENOENT;
+
+	/* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */
+	written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/",
+		target);
+	if ((written <= 0) || ((size_t)written >= sizeof(proc_dir_name))) {
+		fprintf(stderr, "snprintf of proc path failed for %u: %s\n",
+			target, strerror(errno));
+		return -EINVAL;
+	}
+
+	proc_dir_fd = open(proc_dir_name, O_DIRECTORY);
+	if (proc_dir_fd < 0) {
+		fprintf(stderr, _("Could not open proc directory for target %u: %s\n"),
+			target, strerror(errno));
+		return -EINVAL;
+	}
+	return proc_dir_fd;
+}

lib/get_uid.c

@@ -1,30 +1,7 @@
 /*
- * Copyright (c) 2009       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 2009       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -48,7 +25,7 @@ int get_uid (const char *uidstr, uid_t *uid)
 		return 0;
 	}
 
-	*uid = (uid_t)val;
+	*uid = val;
 	return 1;
 }
 

lib/getdef.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1991 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2002 - 2006, Tomasz Kłoczko
- * Copyright (c) 2007 - 2008, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2002 - 2006, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2008, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -36,6 +13,7 @@
 
 #include "prototypes.h"
 #include "defines.h"
+#include <stddef.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <ctype.h>
@@ -43,7 +21,11 @@
 #ifdef USE_ECONF
 #include <libeconf.h>
 #endif
+
+#include "alloc.h"
 #include "getdef.h"
+#include "shadowlog_internal.h"
+
 /*
  * A configuration item definition.
  */
@@ -154,10 +136,8 @@ static struct itemdef def_table[] = {
 #ifndef USE_PAM
 	PAMDEFS
 #endif
-#ifdef USE_SYSLOG
 	{"SYSLOG_SG_ENAB", NULL},
 	{"SYSLOG_SU_ENAB", NULL},
-#endif
 #ifdef WITH_TCB
 	{"TCB_AUTH_GROUP", NULL},
 	{"TCB_SYMLINKS", NULL},
@@ -215,7 +195,7 @@ static void def_load (void);
 	}
 
 	d = def_find (item);
-	return ((NULL == d)? (const char *) NULL : d->value);
+	return (NULL == d) ? NULL : d->value;
 }
 
 
@@ -273,7 +253,7 @@ int getdef_num (const char *item, int dflt)
 		return dflt;
 	}
 
-	return (int) val;
+	return val;
 }
 
 
@@ -308,7 +288,7 @@ unsigned int getdef_unum (const char *item, unsigned int dflt)
 		return dflt;
 	}
 
-	return (unsigned int) val;
+	return val;
 }
 
 
@@ -367,7 +347,6 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt)
 	}
 
 	if (getulong (d->value, &val) == 0) {
-		/* FIXME: we should have a getulong */
 		fprintf (shadow_logfd,
 		         _("configuration error - cannot parse %s value: '%s'"),
 		         item, d->value);
@@ -411,10 +390,7 @@ int putdef_str (const char *name, const char *value)
 		return -1;
 	}
 
-	if (NULL != d->value) {
-		free (d->value);
-	}
-
+	free (d->value);
 	d->value = cp;
 	return 0;
 }
@@ -456,7 +432,7 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
 	SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name));
 
 out:
-	return (struct itemdef *) NULL;
+	return NULL;
 }
 
 /*
@@ -472,14 +448,14 @@ void setdef_config_file (const char* file)
 	char* cp;
 
 	len = strlen(file) + strlen(sysconfdir) + 2;
-	cp = malloc(len);
+	cp = MALLOC(len, char);
 	if (cp == NULL)
 		exit (13);
 	snprintf(cp, len, "%s/%s", file, sysconfdir);
 	sysconfdir = cp;
 #ifdef VENDORDIR
 	len = strlen(file) + strlen(vendordir) + 2;
-	cp = malloc(len);
+	cp = MALLOC(len, char);
 	if (cp == NULL)
 		exit (13);
 	snprintf(cp, len, "%s/%s", file, vendordir);
@@ -496,18 +472,13 @@ void setdef_config_file (const char* file)
  * Loads the user-configured options from the default configuration file
  */
 
+#ifdef USE_ECONF
 static void def_load (void)
 {
-#ifdef USE_ECONF
 	econf_file *defs_file = NULL;
 	econf_err error;
 	char **keys;
 	size_t key_number;
-#else
-	int i;
-	FILE *fp;
-	char buf[1024], *name, *value, *s;
-#endif
 
 	/*
 	 * Set the initialized flag.
@@ -515,8 +486,6 @@ static void def_load (void)
 	 */
 	def_loaded = true;
 
-#ifdef USE_ECONF
-
 	error = econf_readDirs (&defs_file, vendordir, sysconfdir, "login", "defs", " \t", "#");
 	if (error) {
 		if (error == ECONF_NOFILE)
@@ -536,7 +505,12 @@ static void def_load (void)
 	for (size_t i = 0; i < key_number; i++) {
 		char *value;
 
-		econf_getStringValue(defs_file, NULL, keys[i], &value);
+		error = econf_getStringValue(defs_file, NULL, keys[i], &value);
+		if (error) {
+			SYSLOG ((LOG_CRIT, "failed reading key %zu from econf [%s]",
+				i, econf_errString(error)));
+			exit (EXIT_FAILURE);
+		}
 
 		/*
 		 * Store the value in def_table.
@@ -546,11 +520,26 @@ static void def_load (void)
 		 * syslog. The tools will just use their default values.
 		 */
 		(void)putdef_str (keys[i], value);
+
+		free(value);
 	}
 
 	econf_free (keys);
 	econf_free (defs_file);
-#else
+}
+#else /* USE_ECONF */
+static void def_load (void)
+{
+	int i;
+	FILE *fp;
+	char buf[1024], *name, *value, *s;
+
+	/*
+	 * Set the initialized flag.
+	 * (do it early to prevent recursion in putdef_str())
+	 */
+	def_loaded = true;
+
 	/*
 	 * Open the configuration definitions file.
 	 */
@@ -568,12 +557,12 @@ static void def_load (void)
 	/*
 	 * Go through all of the lines in the file.
 	 */
-	while (fgets (buf, (int) sizeof (buf), fp) != NULL) {
+	while (fgets (buf, sizeof (buf), fp) != NULL) {
 
 		/*
 		 * Trim trailing whitespace.
 		 */
-		for (i = (int) strlen (buf) - 1; i >= 0; --i) {
+		for (i = (ptrdiff_t) strlen (buf) - 1; i >= 0; --i) {
 			if (!isspace (buf[i])) {
 				break;
 			}
@@ -614,8 +603,8 @@ static void def_load (void)
 	}
 
 	(void) fclose (fp);
-#endif
 }
+#endif /* USE_ECONF */
 
 
 #ifdef CKDEFS

lib/getdef.h

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1991 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2002 - 2006, Tomasz Kłoczko
- * Copyright (c) 2008       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2002 - 2006, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 #ifndef _GETDEF_H
 #define _GETDEF_H

lib/getlong.c

@@ -1,30 +1,7 @@
 /*
- * Copyright (c) 2007 - 2009, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>

lib/getulong.c

@@ -1,30 +1,7 @@
 /*
- * Copyright (c) 2007 - 2009, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>

lib/groupio.c

@@ -1,34 +1,11 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001       , Michał Moskal
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2007 - 2010, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001       , Michał Moskal
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -38,6 +15,7 @@
 #include <assert.h>
 #include <stdio.h>
 
+#include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include "commonio.h"
@@ -73,7 +51,7 @@ static const char *group_getname (const void *ent)
 
 static void *group_parse (const char *line)
 {
-	return (void *) sgetgrent (line);
+	return sgetgrent (line);
 }
 
 static int group_put (const void *ent, FILE * file)
@@ -182,7 +160,7 @@ int gr_open (int mode)
 
 int gr_update (const struct group *gr)
 {
-	return commonio_update (&group_db, (const void *) gr);
+	return commonio_update (&group_db, gr);
 }
 
 int gr_remove (const char *name)
@@ -270,8 +248,8 @@ static int group_open_hook (void)
 
 	for (gr1 = group_db.head; NULL != gr1; gr1 = gr1->next) {
 		for (gr2 = gr1->next; NULL != gr2; gr2 = gr2->next) {
-			struct group *g1 = (struct group *)gr1->eptr;
-			struct group *g2 = (struct group *)gr2->eptr;
+			struct group *g1 = gr1->eptr;
+			struct group *g2 = gr2->eptr;
 			if (NULL != g1 &&
 			    NULL != g2 &&
 			    0 == strcmp (g1->gr_name, g2->gr_name) &&
@@ -325,8 +303,8 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
 		return NULL;
 	}
 
-	gptr1 = (struct group *)gr1->eptr;
-	gptr2 = (struct group *)gr2->eptr;
+	gptr1 = gr1->eptr;
+	gptr2 = gr2->eptr;
 	if (NULL == gptr2 || NULL == gptr1) {
 		errno = EINVAL;
 		return NULL;
@@ -334,9 +312,8 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
 
 	/* Concatenate the 2 lines */
 	new_line_len = strlen (gr1->line) + strlen (gr2->line) +1;
-	new_line = (char *)malloc (new_line_len + 1);
+	new_line = MALLOC(new_line_len + 1, char);
 	if (NULL == new_line) {
-		errno = ENOMEM;
 		return NULL;
 	}
 	snprintf(new_line, new_line_len + 1, "%s\n%s", gr1->line, gr2->line);
@@ -356,10 +333,9 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
 			members++;
 		}
 	}
-	new_members = (char **)calloc ( (members+1), sizeof(char*) );
+	new_members = CALLOC (members + 1, char *);
 	if (NULL == new_members) {
 		free (new_line);
-		errno = ENOMEM;
 		return NULL;
 	}
 	for (i=0; NULL != gptr1->gr_mem[i]; i++) {
@@ -400,7 +376,7 @@ static int split_groups (unsigned int max_members)
 	struct commonio_entry *gr;
 
 	for (gr = group_db.head; NULL != gr; gr = gr->next) {
-		struct group *gptr = (struct group *)gr->eptr;
+		struct group *gptr = gr->eptr;
 		struct commonio_entry *new;
 		struct group *new_gptr;
 		unsigned int members = 0;
@@ -418,9 +394,8 @@ static int split_groups (unsigned int max_members)
 			continue;
 		}
 
-		new = (struct commonio_entry *) malloc (sizeof *new);
+		new = MALLOC(1, struct commonio_entry);
 		if (NULL == new) {
-			errno = ENOMEM;
 			return 0;
 		}
 		new->eptr = group_dup(gr->eptr);
@@ -429,7 +404,7 @@ static int split_groups (unsigned int max_members)
 			errno = ENOMEM;
 			return 0;
 		}
-		new_gptr = (struct group *)new->eptr;
+		new_gptr = new->eptr;
 		new->line = NULL;
 		new->changed = true;
 
@@ -441,9 +416,7 @@ static int split_groups (unsigned int max_members)
 		/* Shift all the members */
 		/* The number of members in new_gptr will be check later */
 		for (i = 0; NULL != new_gptr->gr_mem[i + max_members]; i++) {
-			if (NULL != new_gptr->gr_mem[i]) {
-				free (new_gptr->gr_mem[i]);
-			}
+			free (new_gptr->gr_mem[i]);
 			new_gptr->gr_mem[i] = new_gptr->gr_mem[i + max_members];
 			new_gptr->gr_mem[i + max_members] = NULL;
 		}

lib/groupio.h

@@ -1,34 +1,11 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001       , Michał Moskal
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2008       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001       , Michał Moskal
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /* $Id$ */

lib/groupmem.c

@@ -1,40 +1,18 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001       , Michał Moskal
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2007 - 2013, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001       , Michał Moskal
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2013, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
 
 #ident "$Id$"
 
+#include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include "groupio.h"
@@ -44,7 +22,7 @@
 	struct group *gr;
 	int i;
 
-	gr = (struct group *) malloc (sizeof *gr);
+	gr = MALLOC(1, struct group);
 	if (NULL == gr) {
 		return NULL;
 	}
@@ -69,7 +47,7 @@
 	for (i = 0; grent->gr_mem[i]; i++);
 
 	/*@-mustfreeonly@*/
-	gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
+	gr->gr_mem = MALLOC(i + 1, char *);
 	/*@=mustfreeonly@*/
 	if (NULL == gr->gr_mem) {
 		gr_free(gr);
@@ -103,39 +81,9 @@ void gr_free (/*@out@*/ /*@only@*/struct group *grent)
 {
 	free (grent->gr_name);
 	if (NULL != grent->gr_passwd) {
-		memzero (grent->gr_passwd, strlen (grent->gr_passwd));
+		strzero (grent->gr_passwd);
 		free (grent->gr_passwd);
 	}
 	gr_free_members(grent);
 	free (grent);
 }
-
-bool gr_append_member(struct group *grp, char *member)
-{
-	int i;
-
-	if (NULL == grp->gr_mem || grp->gr_mem[0] == NULL) {
-		grp->gr_mem = (char **)malloc(2 * sizeof(char *));
-		if (!grp->gr_mem) {
-			return false;
-		}
-		grp->gr_mem[0] = strdup(member);
-		if (!grp->gr_mem[0]) {
-			return false;
-		}
-		grp->gr_mem[1] = NULL;
-		return true;
-	}
-
-	for (i = 0; grp->gr_mem[i]; i++) ;
-	grp->gr_mem = realloc(grp->gr_mem, (i + 2) * sizeof(char *));
-	if (NULL == grp->gr_mem) {
-		return false;
-	}
-	grp->gr_mem[i] = strdup(member);
-	if (NULL == grp->gr_mem[i]) {
-		return false;
-	}
-	grp->gr_mem[i + 1] = NULL;
-	return true;
-}

lib/gshadow.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1998, Marek Michałkiewicz
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2008 - 2009, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008 - 2009, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -38,8 +15,12 @@
 #ident "$Id$"
 
 #include <stdio.h>
+#include <string.h>
+
+#include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
+
 static /*@null@*/FILE *shadow;
 static /*@null@*//*@only@*/char **members = NULL;
 static size_t nmembers = 0;
@@ -85,7 +66,7 @@ static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
 
 	while (s != NULL && *s != '\0') {
 		size = (nelem + 1) * sizeof (ptr);
-		ptr = realloc (*list, size);
+		ptr = REALLOC(*list, size, char *);
 		if (NULL != ptr) {
 			ptr[nelem] = s;
 			nelem++;
@@ -99,7 +80,7 @@ static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
 		}
 	}
 	size = (nelem + 1) * sizeof (ptr);
-	ptr = realloc (*list, size);
+	ptr = REALLOC(*list, size, char *);
 	if (NULL != ptr) {
 		ptr[nelem] = NULL;
 		*list = ptr;
@@ -125,7 +106,7 @@ void endsgent (void)
 		(void) fclose (shadow);
 	}
 
-	shadow = (FILE *) 0;
+	shadow = NULL;
 }
 
 /*@observer@*//*@null@*/struct sgrp *sgetsgent (const char *string)
@@ -139,7 +120,7 @@ void endsgent (void)
 	size_t len = strlen (string) + 1;
 
 	if (len > sgrbuflen) {
-		char *buf = (char *) realloc (sgrbuf, sizeof (char) * len);
+		char *buf = REALLOC(sgrbuf, len, char);
 		if (NULL == buf) {
 			return NULL;
 		}
@@ -147,8 +128,7 @@ void endsgent (void)
 		sgrbuflen = len;
 	}
 
-	strncpy (sgrbuf, string, len);
-	sgrbuf[len-1] = '\0';
+	strcpy (sgrbuf, string);
 
 	cp = strrchr (sgrbuf, '\n');
 	if (NULL != cp) {
@@ -218,7 +198,7 @@ void endsgent (void)
 	char *cp;
 
 	if (0 == buflen) {
-		buf = (char *) malloc (BUFSIZ);
+		buf = MALLOC(BUFSIZ, char);
 		if (NULL == buf) {
 			return NULL;
 		}
@@ -230,16 +210,16 @@ void endsgent (void)
 	}
 
 #ifdef	USE_NIS
-	while (fgetsx (buf, (int) buflen, fp) == buf)
+	while (fgetsx (buf, buflen, fp) == buf)
 #else
-	if (fgetsx (buf, (int) buflen, fp) == buf)
+	if (fgetsx (buf, buflen, fp) == buf)
 #endif
 	{
 		while (   ((cp = strrchr (buf, '\n')) == NULL)
 		       && (feof (fp) == 0)) {
 			size_t len;
 
-			cp = (char *) realloc (buf, buflen*2);
+			cp = REALLOC(buf, buflen * 2, char);
 			if (NULL == cp) {
 				return NULL;
 			}
@@ -422,7 +402,7 @@ void endsgent (void)
 		nis_disabled = true;
 	}
 #endif
-	while ((sgrp = getsgent ()) != (struct sgrp *) 0) {
+	while ((sgrp = getsgent ()) != NULL) {
 		if (strcmp (name, sgrp->sg_name) == 0) {
 			break;
 		}
@@ -460,7 +440,7 @@ int putsgent (const struct sgrp *sgrp, FILE * fp)
 		size += strlen (sgrp->sg_mem[i]) + 1;
 	}
 
-	buf = malloc (size);
+	buf = MALLOC(size, char);
 	if (NULL == buf) {
 		return -1;
 	}
@@ -525,5 +505,5 @@ int putsgent (const struct sgrp *sgrp, FILE * fp)
 	return 0;
 }
 #else
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/*} SHADOWGRP */

lib/gshadow_.h

@@ -1,32 +1,9 @@
 /*
- * Copyright (c) 1988 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1997, Marek Michałkiewicz
- * Copyright (c) 2003 - 2005, Tomasz Kłoczko
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1988 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /*

lib/lockpw.c

@@ -1,32 +1,9 @@
 /*
- * Copyright (c) 1992       , Julianne Frances Haugh
- * Copyright (c) 1996 - 1998, Marek Michałkiewicz
- * Copyright (c) 2005       , Tomasz Kłoczko
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1992       , Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -104,5 +81,5 @@ int ulckpwdf (void)
 	return (pw_unlock () && spw_unlock ())? 0 : -1;
 }
 #else
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif

lib/mempcpy.h

@@ -0,0 +1,31 @@
+/*
+ * SPDX-FileCopyrightText:  2023, Alejandro Colomar <alx@kernel.org>
+ *
+ * SPDX-License-Identifier:  BSD-3-Clause
+ */
+
+
+#ifndef SHADOW_INCLUDE_LIB_MEMPCPY_H_
+#define SHADOW_INCLUDE_LIB_MEMPCPY_H_
+
+
+#include <config.h>
+
+#if !defined(HAVE_MEMPCPY)
+
+#include <stddef.h>
+#include <string.h>
+
+
+inline void *mempcpy(void *restrict dst, const void *restrict src, size_t n);
+
+
+inline void *
+mempcpy(void *restrict dst, const void *restrict src, size_t n)
+{
+	return memcpy(dst, src, n) + n;
+}
+
+
+#endif  // !HAVE_MEMPCPY
+#endif  // include guard

lib/nscd.c

@@ -10,6 +10,7 @@
 #include "defines.h"
 #include "prototypes.h"
 #include "nscd.h"
+#include "shadowlog_internal.h"
 
 #define MSG_NSCD_FLUSH_CACHE_FAILED "%s: Failed to flush the nscd cache.\n"
 
@@ -25,7 +26,7 @@ int nscd_flush_cache (const char *service)
 
 	if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) {
 		/* run_command writes its own more detailed message. */
-		(void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+		(void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
 		return -1;
 	}
 
@@ -33,7 +34,7 @@ int nscd_flush_cache (const char *service)
 	if (!WIFEXITED (status)) {
 		(void) fprintf (shadow_logfd,
 		                _("%s: nscd did not terminate normally (signal %d)\n"),
-		                Prog, WTERMSIG (status));
+		                shadow_progname, WTERMSIG (status));
 		return -1;
 	} else if (code == E_CMD_NOTFOUND) {
 		/* nscd is not installed, or it is installed but uses an
@@ -44,14 +45,14 @@ int nscd_flush_cache (const char *service)
 		return 0;
 	} else if (code != 0) {
 		(void) fprintf (shadow_logfd, _("%s: nscd exited with status %d\n"),
-		                Prog, code);
-		(void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+		                shadow_progname, code);
+		(void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
 		return -1;
 	}
 
 	return 0;
 }
 #else				/* USE_NSCD */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* USE_NSCD */
 

lib/nss.c

@@ -6,8 +6,12 @@
 #include <strings.h>
 #include <ctype.h>
 #include <stdatomic.h>
+
+#include "alloc.h"
 #include "prototypes.h"
 #include "../libsubid/subid.h"
+#include "shadowlog_internal.h"
+#include "shadowlog.h"
 
 #define NSSWITCH "/etc/nsswitch.conf"
 
@@ -28,7 +32,7 @@ bool nss_is_initialized() {
 	return atomic_load(&nss_init_completed);
 }
 
-void nss_exit() {
+static void nss_exit(void) {
 	if (nss_is_initialized() && subid_nss) {
 		dlclose(subid_nss->handle);
 		free(subid_nss);
@@ -37,10 +41,13 @@ void nss_exit() {
 }
 
 // nsswitch_path is an argument only to support testing.
-void nss_init(char *nsswitch_path) {
+void nss_init(const char *nsswitch_path) {
 	FILE *nssfp = NULL;
 	char *line = NULL, *p, *token, *saveptr;
 	size_t len = 0;
+	FILE *shadow_logfd = log_get_logfd();
+	char libname[65];
+	void *h;
 
 	if (atomic_flag_test_and_set(&nss_init_started)) {
 		// Another thread has started nss_init, wait for it to complete
@@ -56,83 +63,78 @@ void nss_init(char *nsswitch_path) {
 	//   subid:	files
 	nssfp = fopen(nsswitch_path, "r");
 	if (!nssfp) {
-		fprintf(shadow_logfd, "Failed opening %s: %m", nsswitch_path);
+		if (errno != ENOENT)
+			fprintf(shadow_logfd, "Failed opening %s: %m\n", nsswitch_path);
+
 		atomic_store(&nss_init_completed, true);
 		return;
 	}
-	while ((getline(&line, &len, nssfp)) != -1) {
-		if (line[0] == '\0' || line[0] == '#')
+	p = NULL;
+	while (getline(&line, &len, nssfp) != -1) {
+		if (line[0] == '#')
 			continue;
 		if (strlen(line) < 8)
 			continue;
 		if (strncasecmp(line, "subid:", 6) != 0)
 			continue;
 		p = &line[6];
-		while ((*p) && isspace(*p))
+		while (isspace(*p))
 			p++;
-		if (!*p)
-			continue;
-		for (token = strtok_r(p, " \n\t", &saveptr);
-		     token;
-		     token = strtok_r(NULL, " \n\t", &saveptr)) {
-			char libname[65];
-			void *h;
-			if (strcmp(token, "files") == 0) {
-				subid_nss = NULL;
-				goto done;
-			}
-			if (strlen(token) > 50) {
-				fprintf(shadow_logfd, "Subid NSS module name too long (longer than 50 characters): %s\n", token);
-				fprintf(shadow_logfd, "Using files\n");
-				subid_nss = NULL;
-				goto done;
-			}
-			snprintf(libname, 64,  "libsubid_%s.so", token);
-			h = dlopen(libname, RTLD_LAZY);
-			if (!h) {
-				fprintf(shadow_logfd, "Error opening %s: %s\n", libname, dlerror());
-				fprintf(shadow_logfd, "Using files\n");
-				subid_nss = NULL;
-				goto done;
-			}
-			subid_nss = malloc(sizeof(*subid_nss));
-			if (!subid_nss) {
-				dlclose(h);
-				goto done;
-			}
-			subid_nss->has_range = dlsym(h, "shadow_subid_has_range");
-			if (!subid_nss->has_range) {
-				fprintf(shadow_logfd, "%s did not provide @has_range@\n", libname);
-				dlclose(h);
-				free(subid_nss);
-				subid_nss = NULL;
-				goto done;
-			}
-			subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges");
-			if (!subid_nss->list_owner_ranges) {
-				fprintf(shadow_logfd, "%s did not provide @list_owner_ranges@\n", libname);
-				dlclose(h);
-				free(subid_nss);
-				subid_nss = NULL;
-				goto done;
-			}
-			subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners");
-			if (!subid_nss->find_subid_owners) {
-				fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname);
-				dlclose(h);
-				free(subid_nss);
-				subid_nss = NULL;
-				goto done;
-			}
-			subid_nss->handle = h;
-			goto done;
-		}
+		if (*p != '\0')
+			break;
+		p = NULL;
+	}
+	if (p == NULL) {
+		goto null_subid;
+	}
+	token = strtok_r(p, " \n\t", &saveptr);
+	if (token == NULL) {
 		fprintf(shadow_logfd, "No usable subid NSS module found, using files\n");
 		// subid_nss has to be null here, but to ease reviews:
-		free(subid_nss);
-		subid_nss = NULL;
-		goto done;
+		goto null_subid;
 	}
+	if (strcmp(token, "files") == 0) {
+		goto null_subid;
+	}
+	if (strlen(token) > 50) {
+		fprintf(shadow_logfd, "Subid NSS module name too long (longer than 50 characters): %s\n", token);
+		fprintf(shadow_logfd, "Using files\n");
+		goto null_subid;
+	}
+	snprintf(libname, 64,  "libsubid_%s.so", token);
+	h = dlopen(libname, RTLD_LAZY);
+	if (!h) {
+		fprintf(shadow_logfd, "Error opening %s: %s\n", libname, dlerror());
+		fprintf(shadow_logfd, "Using files\n");
+		goto null_subid;
+	}
+	subid_nss = MALLOC(1, struct subid_nss_ops);
+	if (!subid_nss) {
+		goto close_lib;
+	}
+	subid_nss->has_range = dlsym(h, "shadow_subid_has_range");
+	if (!subid_nss->has_range) {
+		fprintf(shadow_logfd, "%s did not provide @has_range@\n", libname);
+		goto close_lib;
+	}
+	subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges");
+	if (!subid_nss->list_owner_ranges) {
+		fprintf(shadow_logfd, "%s did not provide @list_owner_ranges@\n", libname);
+		goto close_lib;
+	}
+	subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners");
+	if (!subid_nss->find_subid_owners) {
+		fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname);
+		goto close_lib;
+	}
+	subid_nss->handle = h;
+	goto done;
+
+close_lib:
+	dlclose(h);
+	free(subid_nss);
+null_subid:
+	subid_nss = NULL;
 
 done:
 	atomic_store(&nss_init_completed, true);

lib/pam_defs.h

@@ -1,31 +1,8 @@
 /*
- * Copyright (c) 1999       , Marek Michałkiewicz
- * Copyright (c) 2001 - 2005, Tomasz Kłoczko
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1999       , Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -38,7 +15,7 @@
 #endif
 
 
-static struct pam_conv conv = {
+static const struct pam_conv conv = {
 	SHADOW_PAM_CONVERSATION,
 	NULL
 };

lib/port.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1989 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1997, Marek Michałkiewicz
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2008       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -102,7 +79,7 @@ static void endportent (void)
 		(void) fclose (ports);
 	}
 
-	ports = (FILE *) 0;
+	ports = NULL;
 }
 
 /*
@@ -153,11 +130,11 @@ static struct port *getportent (void)
       again:
 
 	/*
-	 * Get the next line and remove the last character, which
-	 * is a '\n'.  Lines which begin with '#' are all ignored.
+	 * Get the next line and remove optional trailing '\n'.
+	 * Lines which begin with '#' are all ignored.
 	 */
 
-	if (fgets (buf, (int) sizeof buf, ports) == 0) {
+	if (fgets (buf, sizeof buf, ports) == 0) {
 		errno = saveerr;
 		return 0;
 	}
@@ -172,7 +149,7 @@ static struct port *getportent (void)
 	 * TTY devices.
 	 */
 
-	buf[strlen (buf) - 1] = 0;
+	buf[strcspn (buf, "\n")] = 0;
 
 	port.pt_names = ttys;
 	for (cp = buf, j = 0; j < PORT_TTY; j++) {
@@ -195,13 +172,13 @@ static struct port *getportent (void)
 	}
 	*cp = '\0';
 	cp++;
-	port.pt_names[j + 1] = (char *) 0;
+	port.pt_names[j + 1] = NULL;
 
 	/*
 	 * Get the list of user names.  It is the second colon
 	 * separated field, and is a comma separated list of user
 	 * names.  The entry '*' is used to specify all usernames.
-	 * The last entry in the list is a (char *) 0 pointer.
+	 * The last entry in the list is a NULL pointer.
 	 */
 
 	if (':' != *cp) {
@@ -266,9 +243,7 @@ static struct port *getportent (void)
 		 * week or the other two values.
 		 */
 
-		for (i = 0;
-		     ('\0' != cp[i]) && ('\0' != cp[i + 1]) && isalpha (cp[i]);
-		     i += 2) {
+		for (i = 0; isalpha(cp[i]) && ('\0' != cp[i + 1]); i += 2) {
 			switch ((cp[i] << 8) | (cp[i + 1])) {
 			case ('S' << 8) | 'u':
 				port.pt_times[j].t_days |= 01;
@@ -317,7 +292,7 @@ static struct port *getportent (void)
 		 * representing the times of day.
 		 */
 
-		for (dtime = 0; ('\0' != cp[i]) && isdigit (cp[i]); i++) {
+		for (dtime = 0; isdigit (cp[i]); i++) {
 			dtime = dtime * 10 + cp[i] - '0';
 		}
 
@@ -327,9 +302,7 @@ static struct port *getportent (void)
 		port.pt_times[j].t_start = dtime;
 		cp = cp + i + 1;
 
-		for (dtime = 0, i = 0;
-		     ('\0' != cp[i]) && isdigit (cp[i]);
-		     i++) {
+		for (dtime = 0, i = 0; isdigit (cp[i]); i++) {
 			dtime = dtime * 10 + cp[i] - '0';
 		}
 

lib/port.h

@@ -1,32 +1,9 @@
 /*
- * Copyright (c) 1989 - 1991, Julianne Frances Haugh
- * Copyright (c) 1996 - 1997, Marek Michałkiewicz
- * Copyright (c) 2005       , Tomasz Kłoczko
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1989 - 1991, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /*

lib/prototypes.h

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2003 - 2006, Tomasz Kłoczko
- * Copyright (c) 2007 - 2010, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /*
@@ -44,24 +21,19 @@
 
 #include <config.h>
 
+#include <sys/socket.h>
 #include <sys/stat.h>
-#ifdef USE_UTMPX
-#include <utmpx.h>
-#else
-#include <utmp.h>
-#endif
 #include <sys/types.h>
 #include <pwd.h>
 #include <grp.h>
 #include <shadow.h>
+#ifdef ENABLE_LASTLOG
 #include <lastlog.h>
+#endif /* ENABLE_LASTLOG */
 
 #include "defines.h"
 #include "commonio.h"
 
-extern /*@observer@*/ const char *Prog; /* Program name showed in error messages */
-extern FILE *shadow_logfd;  /* file descripter to which error messages are printed */
-
 /* addgrps.c */
 #if defined (HAVE_SETGROUPS) && ! defined (USE_PAM)
 extern int add_groups (const char *);
@@ -70,6 +42,12 @@ extern int add_groups (const char *);
 /* age.c */
 extern void agecheck (/*@null@*/const struct spwd *);
 extern int expire (const struct passwd *, /*@null@*/const struct spwd *);
+
+/* agetpass.c */
+extern void erase_pass(char *pass);
+ATTR_MALLOC(erase_pass)
+extern char *agetpass(const char *prompt);
+
 /* isexpired.c */
 extern int isexpired (const struct passwd *, /*@null@*/const struct spwd *);
 
@@ -134,6 +112,9 @@ extern int copy_tree (const char *src_root, const char *dst_root,
                       uid_t old_uid, uid_t new_uid,
                       gid_t old_gid, gid_t new_gid);
 
+/* date_to_str.c */
+extern void date_to_str (size_t size, char buf[size], long date);
+
 /* encrypt.c */
 extern /*@exposed@*//*@null@*/char *pw_encrypt (const char *, const char *);
 
@@ -180,14 +161,16 @@ extern int getlong (const char *numstr, /*@out@*/long int *result);
 
 /* get_pid.c */
 extern int get_pid (const char *pidstr, pid_t *pid);
+extern int get_pidfd_from_fd(const char *pidfdstr);
+extern int open_pidfd(const char *pidstr);
 
 /* getrange */
-extern int getrange (char *range,
+extern int getrange (const char *range,
                      unsigned long *min, bool *has_min,
                      unsigned long *max, bool *has_max);
 
 /* gettime.c */
-extern time_t gettime ();
+extern time_t gettime (void);
 
 /* get_uid.c */
 extern int get_uid (const char *uidstr, uid_t *uid);
@@ -209,7 +192,6 @@ extern void __gr_set_changed (void);
 extern /*@null@*/ /*@only@*/struct group *__gr_dup (const struct group *grent);
 extern void gr_free_members (struct group *grent);
 extern void gr_free (/*@out@*/ /*@only@*/struct group *grent);
-extern bool gr_append_member (struct group *grp, char *member);
 
 /* hushed.c */
 extern bool hushed (const char *username);
@@ -241,18 +223,20 @@ extern /*@only@*/ /*@out@*/char **dup_list (char *const *);
 extern bool is_on_list (char *const *list, const char *member);
 extern /*@only@*/char **comma_to_list (const char *);
 
+#ifdef ENABLE_LASTLOG
 /* log.c */
 extern void dolastlog (
 	struct lastlog *ll,
 	const struct passwd *pw,
 	/*@unique@*/const char *line,
 	/*@unique@*/const char *host);
+#endif /* ENABLE_LASTLOG */
 
 /* login_nopam.c */
 extern int login_access (const char *user, const char *from);
 
 /* loginprompt.c */
-extern void login_prompt (const char *, char *, int);
+extern void login_prompt (char *, int);
 
 /* mail.c */
 extern void mailcheck (void);
@@ -265,8 +249,8 @@ extern /*@null@*//*@only@*/struct passwd *get_my_pwent (void);
 
 /* nss.c */
 #include <libsubid/subid.h>
-extern void nss_init(char *nsswitch_path);
-extern bool nss_is_initialized();
+extern void nss_init(const char *nsswitch_path);
+extern bool nss_is_initialized(void);
 
 struct subid_nss_ops {
 	/*
@@ -316,7 +300,7 @@ struct subid_nss_ops {
 	void *handle;
 };
 
-extern struct subid_nss_ops *get_subid_nss_handle();
+extern struct subid_nss_ops *get_subid_nss_handle(void);
 
 
 /* pam_pass_non_interactive.c */
@@ -327,9 +311,7 @@ extern int do_pam_passwd_non_interactive (const char *pam_service,
 #endif				/* USE_PAM */
 
 /* obscure.c */
-#ifndef USE_PAM
 extern bool obscure (const char *, const char *, const struct passwd *);
-#endif
 
 /* pam_pass.c */
 #ifdef USE_PAM
@@ -345,19 +327,21 @@ extern struct group *prefix_getgrnam(const char *name);
 extern struct group *prefix_getgrgid(gid_t gid);
 extern struct passwd *prefix_getpwuid(uid_t uid);
 extern struct passwd *prefix_getpwnam(const char* name);
+#if HAVE_FGETPWENT_R
+extern int prefix_getpwnam_r(const char* name, struct passwd* pwd,
+                             char* buf, size_t buflen, struct passwd** result);
+#endif
 extern struct spwd *prefix_getspnam(const char* name);
 extern struct group *prefix_getgr_nam_gid(const char *grname);
-extern void prefix_setpwent();
-extern struct passwd* prefix_getpwent();
-extern void prefix_endpwent();
-extern void prefix_setgrent();
-extern struct group* prefix_getgrent();
-extern void prefix_endgrent();
+extern void prefix_setpwent(void);
+extern struct passwd* prefix_getpwent(void);
+extern void prefix_endpwent(void);
+extern void prefix_setgrent(void);
+extern struct group* prefix_getgrent(void);
+extern void prefix_endgrent(void);
 
 /* pwd2spwd.c */
-#ifndef USE_PAM
 extern struct spwd *pwd_to_spwd (const struct passwd *);
-#endif
 
 /* pwdcheck.c */
 #ifndef USE_PAM
@@ -376,6 +360,11 @@ extern /*@dependent@*/ /*@null@*/struct commonio_entry *__pw_get_head (void);
 extern /*@null@*/ /*@only@*/struct passwd *__pw_dup (const struct passwd *pwent);
 extern void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent);
 
+/* csrand.c */
+unsigned long csrand (void);
+unsigned long csrand_uniform (unsigned long n);
+unsigned long csrand_interval (unsigned long min, unsigned long max);
+
 /* remove_tree.c */
 extern int remove_tree (const char *root, bool remove_root);
 
@@ -399,7 +388,7 @@ extern int check_selinux_permit (const char *perm_name);
 
 /* semanage.c */
 #ifdef WITH_SELINUX
-extern int set_seuser(const char *login_name, const char *seuser_name);
+extern int set_seuser(const char *login_name, const char *seuser_name, const char *serange);
 extern int del_seuser(const char *login_name);
 #endif
 
@@ -482,34 +471,65 @@ extern int set_filesize_limit (int blocks);
 /* user_busy.c */
 extern int user_busy (const char *name, uid_t uid);
 
-/* utmp.c */
-#ifndef USE_UTMPX
-extern /*@null@*/struct utmp *get_current_utmp (void);
-extern struct utmp *prepare_utmp (const char *name,
-                                  const char *line,
-                                  const char *host,
-                                  /*@null@*/const struct utmp *ut);
-extern int setutmp (struct utmp *ut);
-#else
-extern /*@null@*/struct utmpx *get_current_utmp (void);
-extern struct utmpx *prepare_utmpx (const char *name,
-                                    const char *line,
-                                    const char *host,
-                                    /*@null@*/const struct utmpx *ut);
-extern int setutmpx (struct utmpx *utx);
-#endif				/* USE_UTMPX */
+/*
+ * Session management: utmp.c or logind.c
+ */
+
+/**
+ * @brief Get host for the current session
+ *
+ * @param[out] out Host name
+ *
+ * @return 0 or a positive integer if the host was obtained properly,
+ *         another value on error.
+ */
+extern int get_session_host (char **out);
+#ifndef ENABLE_LOGIND
+/**
+ * @brief Update or create an utmp entry in utmp, wtmp, utmpw, or wtmpx
+ *
+ * @param[in] user username
+ * @param[in] tty tty
+ * @param[in] host hostname
+ *
+ * @return 0 if utmp was updated properly,
+ *         1 on error.
+ */
+extern int update_utmp (const char *user,
+                        const char *tty,
+                        const char *host);
+/**
+ * @brief Update the cumulative failure log
+ *
+ * @param[in] failent_user username
+ * @param[in] tty tty
+ * @param[in] host hostname
+ *
+ */
+extern void record_failure(const char *failent_user,
+                           const char *tty,
+                           const char *hostname);
+#endif /* ENABLE_LOGIND */
+
+/**
+ * @brief Number of active user sessions
+ *
+ * @param[in] name username
+ * @param[in] limit maximum number of active sessions
+ *
+ * @return number of active sessions.
+ *
+ */
+extern unsigned long active_sessions_count(const char *name,
+                                           unsigned long limit);
 
 /* valid.c */
 extern bool valid (const char *, const struct passwd *);
 
-/* xmalloc.c */
-extern /*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/char *xmalloc (size_t size)
-  /*@ensures MaxSet(result) == (size - 1); @*/;
-extern /*@maynotreturn@*/ /*@only@*//*@notnull@*/char *xstrdup (const char *);
-extern void xfree(void *ap);
-
 /* xgetpwnam.c */
 extern /*@null@*/ /*@only@*/struct passwd *xgetpwnam (const char *);
+/* xprefix_getpwnam.c */
+extern /*@null@*/ /*@only@*/struct passwd *xprefix_getpwnam (const char *);
 /* xgetpwuid.c */
 extern /*@null@*/ /*@only@*/struct passwd *xgetpwuid (uid_t);
 /* xgetgrnam.c */

lib/pwauth.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1992 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2003 - 2006, Tomasz Kłoczko
- * Copyright (c) 2008 - 2009, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1992 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008 - 2009, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -230,5 +207,5 @@ int pw_auth (const char *cipher,
 	return retval;
 }
 #else				/* !USE_PAM */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* !USE_PAM */

lib/pwauth.h

@@ -1,39 +1,19 @@
 /*
- * Copyright (c) 1992 - 1993, Julianne Frances Haugh
- * Copyright (c) 1996 - 1997, Marek Michałkiewicz
- * Copyright (c) 2003 - 2005, Tomasz Kłoczko
- * Copyright (c) 2009       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1992 - 1993, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2009       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /*
  *	$Id$
  */
 
+#ifndef _PWAUTH_H
+#define _PWAUTH_H
+
 #ifndef USE_PAM
 int pw_auth (const char *cipher,
              const char *user,
@@ -64,3 +44,5 @@ int pw_auth (const char *cipher,
 #define	PW_RLOGIN	202
 #define	PW_FTP		203
 #define	PW_REXEC	204
+
+#endif /* _PWAUTH_H */

lib/pwio.c

@@ -1,34 +1,11 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001       , Michał Moskal
- * Copyright (c) 2003 - 2005, Tomasz Kłoczko
- * Copyright (c) 2007 - 2009, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001       , Michał Moskal
+ * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -65,7 +42,7 @@ static const char *passwd_getname (const void *ent)
 
 static void *passwd_parse (const char *line)
 {
-	return (void *) sgetpwent (line);
+	return sgetpwent (line);
 }
 
 static int passwd_put (const void *ent, FILE * file)
@@ -79,7 +56,10 @@ static int passwd_put (const void *ent, FILE * file)
 	    || (pw->pw_gid == (gid_t)-1)
 	    || (valid_field (pw->pw_gecos, ":\n") == -1)
 	    || (valid_field (pw->pw_dir, ":\n") == -1)
-	    || (valid_field (pw->pw_shell, ":\n") == -1)) {
+	    || (valid_field (pw->pw_shell, ":\n") == -1)
+	    || (strlen (pw->pw_name) + strlen (pw->pw_passwd) +
+	        strlen (pw->pw_gecos) + strlen (pw->pw_dir) +
+	        strlen (pw->pw_shell) + 100 > PASSWD_ENTRY_MAX_LENGTH)) {
 		return -1;
 	}
 
@@ -157,7 +137,7 @@ int pw_open (int mode)
 
 int pw_update (const struct passwd *pw)
 {
-	return commonio_update (&passwd_db, (const void *) pw);
+	return commonio_update (&passwd_db, pw);
 }
 
 int pw_remove (const char *name)

lib/pwio.h

@@ -1,34 +1,11 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2005       , Michał Moskal
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2008       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2005       , Michał Moskal
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /* $Id$ */

lib/pwmem.c

@@ -1,34 +1,11 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001       , Michał Moskal
- * Copyright (c) 2003 - 2005, Tomasz Kłoczko
- * Copyright (c) 2007 - 2013, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001       , Michał Moskal
+ * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2013, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -36,6 +13,8 @@
 #ident "$Id$"
 
 #include <stdio.h>
+
+#include "alloc.h"
 #include "defines.h"
 #include "prototypes.h"
 #include "pwio.h"
@@ -44,12 +23,11 @@
 {
 	struct passwd *pw;
 
-	pw = (struct passwd *) malloc (sizeof *pw);
+	pw = CALLOC (1, struct passwd);
 	if (NULL == pw) {
 		return NULL;
 	}
 	/* The libc might define other fields. They won't be copied. */
-	memset (pw, 0, sizeof *pw);
 	pw->pw_uid = pwent->pw_uid;
 	pw->pw_gid = pwent->pw_gid;
 	/*@-mustfreeonly@*/
@@ -96,7 +74,7 @@ void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent)
 	if (pwent != NULL) {
 		free (pwent->pw_name);
 		if (pwent->pw_passwd) {
-			memzero (pwent->pw_passwd, strlen (pwent->pw_passwd));
+			strzero (pwent->pw_passwd);
 			free (pwent->pw_passwd);
 		}
 		free (pwent->pw_gecos);

lib/run_part.c

@@ -9,7 +9,11 @@
 #include <unistd.h>
 #include <lib/prototypes.h>
 
-int run_part (char *script_path, char *name, char *action)
+#include "alloc.h"
+#include "run_part.h"
+#include "shadowlog_internal.h"
+
+int run_part (char *script_path, const char *name, const char *action)
 {
 	int pid;
 	int wait_status;
@@ -38,15 +42,15 @@ int run_part (char *script_path, char *name, char *action)
 	return (1);
 }
 
-int run_parts (char *directory, char *name, char *action)
+int run_parts (const char *directory, const char *name, const char *action)
 {
 	struct dirent **namelist;
 	int scanlist;
 	int n;
-	int execute_result;
+	int execute_result = 0;
 
 	scanlist = scandir (directory, &namelist, 0, alphasort);
-	if (scanlist<0) {
+	if (scanlist<=0) {
 		return (0);
 	}
 
@@ -55,7 +59,7 @@ int run_parts (char *directory, char *name, char *action)
 		struct stat sb;
 
 		path_length=strlen(directory) + strlen(namelist[n]->d_name) + 2;
-		char *s = (char*)malloc(path_length);
+		char *s = MALLOC(path_length, char);
 		if (!s) {
 			printf ("could not allocate memory\n");
 			for (; n<scanlist; n++) {

lib/run_part.h

@@ -1,2 +1,7 @@
-int run_part (char *script_path, char *name, char *action);
-int run_parts (char *directory, char *name, char *action);
+#ifndef _RUN_PART_H
+#define _RUN_PART_H
+
+int run_part (char *script_path, const char *name, const char *action);
+int run_parts (const char *directory, const char *name, const char *action);
+
+#endif /* _RUN_PART_H */

lib/selinux.c

@@ -1,30 +1,7 @@
 /*
- * Copyright (c) 2011       , Peter Vrabec <pvrabec@redhat.com>
- * All rights reserved.
+ * SPDX-FileCopyrightText: 2011       , Peter Vrabec <pvrabec@redhat.com>
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -38,6 +15,8 @@
 #include <selinux/label.h>
 #include "prototypes.h"
 
+#include "shadowlog_internal.h"
+
 static bool selinux_checked = false;
 static bool selinux_enabled;
 static /*@null@*/struct selabel_handle *selabel_hnd = NULL;
@@ -130,7 +109,7 @@ int reset_selinux_file_context (void)
 /*
  *  Log callback for libselinux internal error reporting.
  */
-__attribute__((__format__ (printf, 2, 3)))
+format_attr(printf, 2, 3)
 static int selinux_log_cb (int type, const char *fmt, ...) {
 	va_list ap;
 	char *buf;
@@ -209,12 +188,12 @@ int check_selinux_permit (const char *perm_name)
 		return 0;
 	}
 
-	selinux_set_callback (SELINUX_CB_LOG, (union selinux_callback) selinux_log_cb);
+	selinux_set_callback (SELINUX_CB_LOG, (union selinux_callback) { .func_log = selinux_log_cb });
 
 	if (getprevcon_raw (&user_context_raw) != 0) {
 		fprintf (shadow_logfd,
 		    _("%s: can not get previous SELinux process context: %s\n"),
-		    Prog, strerror (errno));
+		    shadow_progname, strerror (errno));
 		SYSLOG ((LOG_WARN,
 		    "can not get previous SELinux process context: %s",
 		    strerror (errno)));
@@ -227,5 +206,5 @@ int check_selinux_permit (const char *perm_name)
 }
 
 #else				/* !WITH_SELINUX */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* !WITH_SELINUX */

lib/semanage.c

@@ -1,31 +1,8 @@
 /*
- * Copyright (c) 2010       , Jakub Hrozek <jhrozek@redhat.com>
- * Copyright (c) 2011       , Peter Vrabec <pvrabec@redhat.com>
- * All rights reserved.
+ * SPDX-FileCopyrightText: 2010       , Jakub Hrozek <jhrozek@redhat.com>
+ * SPDX-FileCopyrightText: 2011       , Peter Vrabec <pvrabec@redhat.com>
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -43,12 +20,10 @@
 #include <semanage/semanage.h>
 #include "prototypes.h"
 
-
-#ifndef DEFAULT_SERANGE
-#define DEFAULT_SERANGE "s0"
-#endif
+#include "shadowlog_internal.h"
 
 
+format_attr(printf, 3, 4)
 static void semanage_error_callback (unused void *varg,
                                      semanage_handle_t *handle,
                                      const char *fmt, ...)
@@ -122,6 +97,8 @@ static semanage_handle_t *semanage_init (void)
 	return handle;
 
 fail:
+	if (handle)
+		semanage_disconnect (handle);
 	semanage_handle_destroy (handle);
 	return NULL;
 }
@@ -130,7 +107,8 @@ fail:
 static int semanage_user_mod (semanage_handle_t *handle,
                               semanage_seuser_key_t *key,
                               const char *login_name,
-                              const char *seuser_name)
+                              const char *seuser_name,
+                              const char *serange)
 {
 	int ret;
 	semanage_seuser_t *seuser = NULL;
@@ -143,12 +121,15 @@ static int semanage_user_mod (semanage_handle_t *handle,
 		goto done;
 	}
 
-	ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
-	if (ret != 0) {
-		fprintf (shadow_logfd,
-		         _("Could not set serange for %s\n"), login_name);
-		ret = 1;
-		goto done;
+	if (serange && semanage_mls_enabled(handle)) {
+		ret = semanage_seuser_set_mlsrange (handle, seuser, serange);
+		if (ret != 0) {
+			fprintf (shadow_logfd,
+			         _("Could not set serange for %s to %s\n"),
+			         login_name, serange);
+			ret = 1;
+			goto done;
+		}
 	}
 
 	ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
@@ -177,9 +158,10 @@ done:
 
 
 static int semanage_user_add (semanage_handle_t *handle,
-                             semanage_seuser_key_t *key,
+                             const semanage_seuser_key_t *key,
                              const char *login_name,
-                             const char *seuser_name)
+                             const char *seuser_name,
+                             const char *serange)
 {
 	int ret;
 	semanage_seuser_t *seuser = NULL;
@@ -200,13 +182,15 @@ static int semanage_user_add (semanage_handle_t *handle,
 		goto done;
 	}
 
-	ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
-	if (ret != 0) {
-		fprintf (shadow_logfd,
-		         _("Could not set serange for %s\n"),
-		         login_name);
-		ret = 1;
-		goto done;
+	if (serange && semanage_mls_enabled(handle)) {
+		ret = semanage_seuser_set_mlsrange (handle, seuser, serange);
+		if (ret != 0) {
+			fprintf (shadow_logfd,
+			         _("Could not set serange for %s to %s\n"),
+			         login_name, serange);
+			ret = 1;
+			goto done;
+		}
 	}
 
 	ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
@@ -234,7 +218,7 @@ done:
 }
 
 
-int set_seuser (const char *login_name, const char *seuser_name)
+int set_seuser (const char *login_name, const char *seuser_name, const char *serange)
 {
 	semanage_handle_t *handle = NULL;
 	semanage_seuser_key_t *key = NULL;
@@ -268,7 +252,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
 	}
 
 	if (0 != seuser_exists) {
-		ret = semanage_user_mod (handle, key, login_name, seuser_name);
+		ret = semanage_user_mod (handle, key, login_name, seuser_name, serange);
 		if (ret != 0) {
 			fprintf (shadow_logfd,
 			         _("Cannot modify SELinux user mapping\n"));
@@ -276,7 +260,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
 			goto done;
 		}
 	} else {
-		ret = semanage_user_add (handle, key, login_name, seuser_name);
+		ret = semanage_user_add (handle, key, login_name, seuser_name, serange);
 		if (ret != 0) {
 			fprintf (shadow_logfd,
 			         _("Cannot add SELinux user mapping\n"));
@@ -297,6 +281,8 @@ int set_seuser (const char *login_name, const char *seuser_name)
 
 done:
 	semanage_seuser_key_free (key);
+	if (handle)
+		semanage_disconnect (handle);
 	semanage_handle_destroy (handle);
 	return ret;
 }
@@ -371,9 +357,12 @@ int del_seuser (const char *login_name)
 
 	ret = 0;
 done:
+	semanage_seuser_key_free (key);
+	if (handle)
+		semanage_disconnect (handle);
 	semanage_handle_destroy (handle);
 	return ret;
 }
 #else				/* !WITH_SELINUX */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* !WITH_SELINUX */

lib/sgetgrent.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1998, Marek Michałkiewicz
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2008       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -37,6 +14,8 @@
 #include <stdio.h>
 #include <sys/types.h>
 #include <grp.h>
+
+#include "alloc.h"
 #include "defines.h"
 #include "prototypes.h"
 
@@ -57,10 +36,9 @@
  */
 static char **list (char *s)
 {
-	static char **members = 0;
+	static char **members = NULL;
 	static int size = 0;	/* max members + 1 */
 	int i;
-	char **rbuf;
 
 	i = 0;
 	for (;;) {
@@ -68,22 +46,9 @@ static char **list (char *s)
 		   member name, or terminating NULL).  */
 		if (i >= size) {
 			size = i + 100;	/* at least: i + 1 */
-			if (members) {
-				rbuf =
-				    realloc (members, size * sizeof (char *));
-			} else {
-				/* for old (before ANSI C) implementations of
-				   realloc() that don't handle NULL properly */
-				rbuf = malloc (size * sizeof (char *));
-			}
-			if (!rbuf) {
-				if (members)
-					free (members);
-				members = 0;
-				size = 0;
-				return (char **) 0;
-			}
-			members = rbuf;
+			members = REALLOCF(members, size, char *);
+			if (!members)
+				return NULL;
 		}
 		if (!s || s[0] == '\0')
 			break;
@@ -95,14 +60,14 @@ static char **list (char *s)
 			*s++ = '\0';
 		}
 	}
-	members[i] = (char *) 0;
+	members[i] = NULL;
 	return members;
 }
 
 
 struct group *sgetgrent (const char *buf)
 {
-	static char *grpbuf = 0;
+	static char *grpbuf = NULL;
 	static size_t size = 0;
 	static char *grpfields[NFIELDS];
 	static struct group grent;
@@ -112,13 +77,12 @@ struct group *sgetgrent (const char *buf)
 	if (strlen (buf) + 1 > size) {
 		/* no need to use realloc() here - just free it and
 		   allocate a larger block */
-		if (grpbuf)
-			free (grpbuf);
+		free (grpbuf);
 		size = strlen (buf) + 1000;	/* at least: strlen(buf) + 1 */
-		grpbuf = malloc (size);
-		if (!grpbuf) {
+		grpbuf = MALLOC(size, char);
+		if (grpbuf == NULL) {
 			size = 0;
-			return 0;
+			return NULL;
 		}
 	}
 	strcpy (grpbuf, buf);
@@ -137,16 +101,16 @@ struct group *sgetgrent (const char *buf)
 		}
 	}
 	if (i < (NFIELDS - 1) || *grpfields[2] == '\0' || cp != NULL) {
-		return (struct group *) 0;
+		return NULL;
 	}
 	grent.gr_name = grpfields[0];
 	grent.gr_passwd = grpfields[1];
 	if (get_gid (grpfields[2], &grent.gr_gid) == 0) {
-		return (struct group *) 0;
+		return NULL;
 	}
 	grent.gr_mem = list (grpfields[3]);
 	if (NULL == grent.gr_mem) {
-		return (struct group *) 0;	/* out of memory */
+		return NULL;	/* out of memory */
 	}
 
 	return &grent;

lib/sgetpwent.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1989 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1998, Marek Michałkiewicz
- * Copyright (c) 2003 - 2005, Tomasz Kłoczko
- * Copyright (c) 2008       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -39,6 +16,7 @@
 #include <stdio.h>
 #include <pwd.h>
 #include "prototypes.h"
+#include "shadowlog_internal.h"
 
 #define	NFIELDS	7
 
@@ -57,9 +35,9 @@
 struct passwd *sgetpwent (const char *buf)
 {
 	static struct passwd pwent;
-	static char pwdbuf[1024];
-	register int i;
-	register char *cp;
+	static char pwdbuf[PASSWD_ENTRY_MAX_LENGTH];
+	int i;
+	char *cp;
 	char *fields[NFIELDS];
 
 	/*
@@ -67,8 +45,12 @@ struct passwd *sgetpwent (const char *buf)
 	 * the password structure remain valid.
 	 */
 
-	if (strlen (buf) >= sizeof pwdbuf)
+	if (strlen (buf) >= sizeof pwdbuf) {
+		fprintf (shadow_logfd,
+		         "%s: Too long passwd entry encountered, file corruption?\n",
+		         shadow_progname);
 		return 0;	/* fail if too long */
+	}
 	strcpy (pwdbuf, buf);
 
 	/*

lib/sgetspent.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1989 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1998, Marek Michałkiewicz
- * Copyright (c) 2003 - 2005, Tomasz Kłoczko
- * Copyright (c) 2009       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2009       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -39,6 +16,7 @@
 
 #include <sys/types.h>
 #include "prototypes.h"
+#include "shadowlog_internal.h"
 #include "defines.h"
 #include <stdio.h>
 #define	FIELDS	9
@@ -48,7 +26,7 @@
  */
 struct spwd *sgetspent (const char *string)
 {
-	static char spwbuf[1024];
+	static char spwbuf[PASSWD_ENTRY_MAX_LENGTH];
 	static struct spwd spwd;
 	char *fields[FIELDS];
 	char *cp;
@@ -60,6 +38,9 @@ struct spwd *sgetspent (const char *string)
 	 */
 
 	if (strlen (string) >= sizeof spwbuf) {
+		fprintf (shadow_logfd,
+		         "%s: Too long passwd entry encountered, file corruption?\n",
+		         shadow_progname);
 		return 0;	/* fail if too long */
 	}
 	strcpy (spwbuf, string);
@@ -194,14 +175,13 @@ struct spwd *sgetspent (const char *string)
 
 	if (fields[8][0] == '\0') {
 		spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
-	} else if (getlong (fields[8], &spwd.sp_flag) == 0) {
-		/* FIXME: add a getulong function */
+	} else if (getulong (fields[8], &spwd.sp_flag) == 0) {
 		return 0;
 	}
 
 	return (&spwd);
 }
 #else
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif
 

lib/sgroupio.c

@@ -1,34 +1,11 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001       , Michał Moskal
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2007 - 2013, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001       , Michał Moskal
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2013, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -37,6 +14,7 @@
 
 #ident "$Id$"
 
+#include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include "commonio.h"
@@ -48,13 +26,12 @@
 	struct sgrp *sg;
 	int i;
 
-	sg = (struct sgrp *) malloc (sizeof *sg);
+	sg = CALLOC (1, struct sgrp);
 	if (NULL == sg) {
 		return NULL;
 	}
 	/* Do the same as the other _dup function, even if we know the
 	 * structure. */
-	memset (sg, 0, sizeof *sg);
 	/*@-mustfreeonly@*/
 	sg->sg_name = strdup (sgent->sg_name);
 	/*@=mustfreeonly@*/
@@ -73,7 +50,7 @@
 
 	for (i = 0; NULL != sgent->sg_adm[i]; i++);
 	/*@-mustfreeonly@*/
-	sg->sg_adm = (char **) malloc ((i + 1) * sizeof (char *));
+	sg->sg_adm = MALLOC(i + 1, char *);
 	/*@=mustfreeonly@*/
 	if (NULL == sg->sg_adm) {
 		free (sg->sg_passwd);
@@ -98,7 +75,7 @@
 
 	for (i = 0; NULL != sgent->sg_mem[i]; i++);
 	/*@-mustfreeonly@*/
-	sg->sg_mem = (char **) malloc ((i + 1) * sizeof (char *));
+	sg->sg_mem = MALLOC(i + 1, char *);
 	/*@=mustfreeonly@*/
 	if (NULL == sg->sg_mem) {
 		for (i = 0; NULL != sg->sg_adm[i]; i++) {
@@ -151,7 +128,7 @@ void sgr_free (/*@out@*/ /*@only@*/struct sgrp *sgent)
 	size_t i;
 	free (sgent->sg_name);
 	if (NULL != sgent->sg_passwd) {
-		memzero (sgent->sg_passwd, strlen (sgent->sg_passwd));
+		strzero (sgent->sg_passwd);
 		free (sgent->sg_passwd);
 	}
 	for (i = 0; NULL != sgent->sg_adm[i]; i++) {
@@ -174,7 +151,7 @@ static const char *gshadow_getname (const void *ent)
 
 static void *gshadow_parse (const char *line)
 {
-	return (void *) sgetsgent (line);
+	return sgetsgent (line);
 }
 
 static int gshadow_put (const void *ent, FILE * file)
@@ -276,7 +253,7 @@ int sgr_open (int mode)
 
 int sgr_update (const struct sgrp *sg)
 {
-	return commonio_update (&gshadow_db, (const void *) sg);
+	return commonio_update (&gshadow_db, sg);
 }
 
 int sgr_remove (const char *name)
@@ -325,5 +302,5 @@ int sgr_sort ()
 	return commonio_sort_wrt (&gshadow_db, __gr_get_db ());
 }
 #else
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif

lib/sgroupio.h

@@ -1,34 +1,11 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001       , Michał Moskal
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2008       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001       , Michał Moskal
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /* $Id$ */

lib/shadow.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1989 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1998, Marek Michałkiewicz
- * Copyright (c) 2003 - 2005, Tomasz Kłoczko
- * Copyright (c) 2009       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2009       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -117,7 +94,7 @@ void endspent (void)
 		(void) fclose (shadow);
 	}
 
-	shadow = (FILE *) 0;
+	shadow = NULL;
 }
 
 /*
@@ -328,8 +305,7 @@ static struct spwd *my_sgetspent (const char *string)
 	if (fields[8][0] == '\0') {
 		spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
 	} else {
-		if (getlong (fields[8], &spwd.sp_flag) == 0) {
-			/* FIXME: add a getulong function */
+		if (getulong (fields[8], &spwd.sp_flag) == 0) {
 #ifdef	USE_NIS
 			if (nis_used) {
 				spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
@@ -360,9 +336,9 @@ struct spwd *fgetspent (FILE * fp)
 	}
 
 #ifdef	USE_NIS
-	while (fgets (buf, (int) sizeof buf, fp) != (char *) 0)
+	while (fgets (buf, sizeof buf, fp) != NULL)
 #else
-	if (fgets (buf, (int) sizeof buf, fp) != (char *) 0)
+	if (fgets (buf, sizeof buf, fp) != NULL)
 #endif
 	{
 		cp = strchr (buf, '\n');
@@ -535,7 +511,7 @@ struct spwd *getspnam (const char *name)
 		nis_disabled = true;
 	}
 #endif
-	while ((sp = getspent ()) != (struct spwd *) 0) {
+	while ((sp = getspent ()) != NULL) {
 		if (strcmp (name, sp->sp_namp) == 0) {
 			break;
 		}
@@ -549,6 +525,6 @@ struct spwd *getspnam (const char *name)
 	return (sp);
 }
 #else
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif
 

lib/shadowio.c

@@ -1,34 +1,11 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001       , Michał Moskal
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2007 - 2009, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001       , Michał Moskal
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -70,7 +47,7 @@ static const char *shadow_getname (const void *ent)
 
 static void *shadow_parse (const char *line)
 {
-	return (void *) sgetspent (line);
+	return sgetspent (line);
 }
 
 static int shadow_put (const void *ent, FILE * file)
@@ -79,7 +56,9 @@ static int shadow_put (const void *ent, FILE * file)
 
 	if (   (NULL == sp)
 	    || (valid_field (sp->sp_namp, ":\n") == -1)
-	    || (valid_field (sp->sp_pwdp, ":\n") == -1)) {
+	    || (valid_field (sp->sp_pwdp, ":\n") == -1)
+	    || (strlen (sp->sp_namp) + strlen (sp->sp_pwdp) +
+	        1000 > PASSWD_ENTRY_MAX_LENGTH)) {
 		return -1;
 	}
 
@@ -185,7 +164,7 @@ int spw_open (int mode)
 
 int spw_update (const struct spwd *sp)
 {
-	return commonio_update (&shadow_db, (const void *) sp);
+	return commonio_update (&shadow_db, sp);
 }
 
 int spw_remove (const char *name)

lib/shadowio.h

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001 - 2005, Tomasz Kłoczko
- * Copyright (c) 2008       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /* $Id$ */

lib/shadowlog.c

@@ -0,0 +1,31 @@
+#include "shadowlog.h"
+
+#include "lib/shadowlog_internal.h"
+
+const char *shadow_progname = "libshadow";
+FILE *shadow_logfd = NULL;
+
+void log_set_progname(const char *progname)
+{
+	shadow_progname = progname;
+}
+
+const char *log_get_progname(void)
+{
+	return shadow_progname;
+}
+
+void log_set_logfd(FILE *fd)
+{
+	if (NULL != fd)
+		shadow_logfd = fd;
+	else
+		shadow_logfd = stderr;
+}
+
+FILE *log_get_logfd(void)
+{
+	if (shadow_logfd != NULL)
+		return shadow_logfd;
+	return stderr;
+}

lib/shadowlog.h

@@ -1,7 +1,5 @@
 /*
- * Copyright (c) 1993 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1998, Marek Michałkiewicz
- * Copyright (c) 2005       , Tomasz Kłoczko
+ * Copyright (c) 2021       , Serge Hallyn
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -29,65 +27,14 @@
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#include <config.h>
-
-#ifndef	HAVE_GETUTENT
-
-#include "defines.h"
+/* $Id$ */
+#ifndef _LOG_H
+#define _LOG_H
 #include <stdio.h>
-#include <fcntl.h>
-#include <utmp.h>
 
-#ifndef	lint
-static char rcsid[] = "$Id$";
-#endif
-
-static int utmp_fd = -1;
-static struct utmp utmp_buf;
-
-/*
- * setutent - open or rewind the utmp file
- */
-
-void setutent (void)
-{
-	if (utmp_fd == -1)
-		if ((utmp_fd = open (_UTMP_FILE, O_RDWR)) == -1)
-			utmp_fd = open (_UTMP_FILE, O_RDONLY);
-
-	if (utmp_fd != -1)
-		lseek (utmp_fd, (off_t) 0L, SEEK_SET);
-}
-
-/*
- * endutent - close the utmp file
- */
-
-void endutent (void)
-{
-	if (utmp_fd != -1)
-		close (utmp_fd);
-
-	utmp_fd = -1;
-}
-
-/*
- * getutent - get the next record from the utmp file
- */
-
-struct utmp *getutent (void)
-{
-	if (utmp_fd == -1)
-		setutent ();
-
-	if (utmp_fd == -1)
-		return 0;
-
-	if (read (utmp_fd, &utmp_buf, sizeof utmp_buf) != sizeof utmp_buf)
-		return 0;
-
-	return &utmp_buf;
-}
-#else
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern void log_set_progname(const char *);
+extern const char *log_get_progname(void);
+extern void log_set_logfd(FILE *fd);
+extern FILE *log_get_logfd(void);
+
 #endif

lib/shadowlog_internal.h

@@ -0,0 +1,7 @@
+#ifndef _SHADOWLOG_INTERNAL_H
+#define _SHADOWLOG_INTERNAL_H
+
+extern const char *shadow_progname; /* Program name showed in error messages */
+extern FILE *shadow_logfd;  /* file descriptor to which error messages are printed */
+
+#endif /* _SHADOWLOG_INTERNAL_H */

lib/shadowmem.c

@@ -1,34 +1,11 @@
 /*
- * Copyright (c) 1990 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 2000, Marek Michałkiewicz
- * Copyright (c) 2001       , Michał Moskal
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2007 - 2013, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001       , Michał Moskal
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2013, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -39,18 +16,19 @@
 #include "defines.h"
 #include <shadow.h>
 #include <stdio.h>
+
+#include "alloc.h"
 #include "shadowio.h"
 
 /*@null@*/ /*@only@*/struct spwd *__spw_dup (const struct spwd *spent)
 {
 	struct spwd *sp;
 
-	sp = (struct spwd *) malloc (sizeof *sp);
+	sp = CALLOC (1, struct spwd);
 	if (NULL == sp) {
 		return NULL;
 	}
 	/* The libc might define other fields. They won't be copied. */
-	memset (sp, 0, sizeof *sp);
 	sp->sp_lstchg = spent->sp_lstchg;
 	sp->sp_min    = spent->sp_min;
 	sp->sp_max    = spent->sp_max;
@@ -82,7 +60,7 @@ void spw_free (/*@out@*/ /*@only@*/struct spwd *spent)
 	if (spent != NULL) {
 		free (spent->sp_namp);
 		if (NULL != spent->sp_pwdp) {
-			memzero (spent->sp_pwdp, strlen (spent->sp_pwdp));
+			strzero (spent->sp_pwdp);
 			free (spent->sp_pwdp);
 		}
 		free (spent);

lib/spawn.c

@@ -1,30 +1,7 @@
 /*
- * Copyright (c) 2011       , Jonathan Nieder
- * All rights reserved.
+ * SPDX-FileCopyrightText: 2011       , Jonathan Nieder
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -38,6 +15,8 @@
 #include "exitcodes.h"
 #include "prototypes.h"
 
+#include "shadowlog_internal.h"
+
 int run_command (const char *cmd, const char *argv[],
                  /*@null@*/const char *envp[], /*@out@*/int *status)
 {
@@ -58,11 +37,11 @@ int run_command (const char *cmd, const char *argv[],
 			exit (E_CMD_NOTFOUND);
 		}
 		fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
-		         Prog, cmd, strerror (errno));
+		         shadow_progname, cmd, strerror (errno));
 		exit (E_CMD_NOEXEC);
 	} else if ((pid_t)-1 == pid) {
 		fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
-		         Prog, cmd, strerror (errno));
+		         shadow_progname, cmd, strerror (errno));
 		return -1;
 	}
 
@@ -75,7 +54,7 @@ int run_command (const char *cmd, const char *argv[],
 
 	if ((pid_t)-1 == wpid) {
 		fprintf (shadow_logfd, "%s: waitpid (status: %d): %s\n",
-		         Prog, *status, strerror (errno));
+		         shadow_progname, *status, strerror (errno));
 		return -1;
 	}
 

lib/sssd.c

@@ -4,25 +4,35 @@
 #ifdef USE_SSSD
 
 #include <stdio.h>
+#include <sys/stat.h>
 #include <sys/wait.h>
 #include <sys/types.h>
+
+#include "alloc.h"
 #include "exitcodes.h"
 #include "defines.h"
 #include "prototypes.h"
 #include "sssd.h"
 
+#include "shadowlog_internal.h"
+
 #define MSG_SSSD_FLUSH_CACHE_FAILED "%s: Failed to flush the sssd cache."
 
 int sssd_flush_cache (int dbflags)
 {
 	int status, code, rv;
 	const char *cmd = "/usr/sbin/sss_cache";
+	struct stat sb;
 	char *sss_cache_args = NULL;
 	const char *spawnedArgs[] = {"sss_cache", NULL, NULL};
 	const char *spawnedEnv[] = {NULL};
 	int i = 0;
 
-	sss_cache_args = malloc(4);
+	rv = stat(cmd, &sb);
+	if (rv == -1 && errno == ENOENT)
+		return 0;
+
+	sss_cache_args = MALLOC(4, char);
 	if (sss_cache_args == NULL) {
 	    return -1;
 	}
@@ -46,28 +56,28 @@ int sssd_flush_cache (int dbflags)
 	free(sss_cache_args);
 	if (rv != 0) {
 		/* run_command writes its own more detailed message. */
-		SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, Prog));
+		SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, shadow_progname));
 		return -1;
 	}
 
 	code = WEXITSTATUS (status);
 	if (!WIFEXITED (status)) {
 		SYSLOG ((LOG_WARN, "%s: sss_cache did not terminate normally (signal %d)",
-			Prog, WTERMSIG (status)));
+			shadow_progname, WTERMSIG (status)));
 		return -1;
 	} else if (code == E_CMD_NOTFOUND) {
 		/* sss_cache is not installed, or it is installed but uses an
 		   interpreter that is missing.  Probably the former. */
 		return 0;
 	} else if (code != 0) {
-		SYSLOG ((LOG_WARN, "%s: sss_cache exited with status %d", Prog, code));
-		SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, Prog));
+		SYSLOG ((LOG_WARN, "%s: sss_cache exited with status %d", shadow_progname, code));
+		SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, shadow_progname));
 		return -1;
 	}
 
 	return 0;
 }
 #else				/* USE_SSSD */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* USE_SSSD */
 

lib/stpecpy.h

@@ -0,0 +1,92 @@
+/*
+ * SPDX-FileCopyrightText:  2022 - 2023, Alejandro Colomar <alx@kernel.org>
+ *
+ * SPDX-License-Identifier:  BSD-3-Clause
+ */
+
+
+#ifndef SHADOW_INCLUDE_LIB_STPECPY_H_
+#define SHADOW_INCLUDE_LIB_STPECPY_H_
+
+
+#include <config.h>
+
+#if !defined(HAVE_STPECPY)
+
+#include <stdbool.h>
+#include <stddef.h>
+#include <string.h>
+
+#include "defines.h"
+
+
+inline char *stpecpy(char *dst, char *end, const char *restrict src);
+
+
+/*
+ * SYNOPSIS
+ *	char *_Nullable stpecpy(char *_Nullable dst, char end[0],
+ *	                        const char *restrict src);
+ *
+ * ARGUMENTS
+ *	dst	Destination buffer where to copy a string.
+ *
+ *	end	Pointer to one after the last element of the buffer
+ *		pointed to by `dst`.  Usually, it should be calculated
+ *		as `dst + NITEMS(dst)`.
+ *
+ *	src	Source string to be copied into dst.
+ *
+ * DESCRIPTION
+ *	This function copies the string pointed to by src, into a string
+ *	at the buffer pointed to by dst.  If the destination buffer,
+ *	limited by a pointer to its end --one after its last element--,
+ *	isn't large enough to hold the copy, the resulting string is
+ *	truncated.
+ *
+ *	This function can be chained with calls to [v]stpeprintf().
+ *
+ * RETURN VALUE
+ *	dst + strlen(dst)
+ *		•  On success, this function returns a pointer to the
+ *		   terminating NUL byte.
+ *
+ *	end
+ *		•  If this call truncated the resulting string.
+ *		•  If `dst == end` (a previous chained call to these
+ *		   functions truncated).
+ *	NULL
+ *		•  If `dst == NULL` (a previous chained call to
+ *		   [v]stpeprintf() failed).
+ *
+ * ERRORS
+ *	This function doesn't set errno.
+ */
+
+
+inline char *
+stpecpy(char *dst, char *end, const char *restrict src)
+{
+	bool    trunc;
+	char    *p;
+	size_t  dsize, dlen, slen;
+
+	if (dst == end)
+		return end;
+	if (dst == NULL)
+		return NULL;
+
+	dsize = end - dst;
+	slen = strnlen(src, dsize);
+	trunc = (slen == dsize);
+	dlen = slen - trunc;
+
+	p = mempcpy(dst, src, dlen);
+	*p = '\0';
+
+	return p + trunc;
+}
+
+
+#endif  // !HAVE_STPECPY
+#endif  // include guard

lib/stpeprintf.h

@@ -0,0 +1,119 @@
+/*
+ * SPDX-FileCopyrightText:  2022 - 2023, Alejandro Colomar <alx@kernel.org>
+ *
+ * SPDX-License-Identifier:  BSD-3-Clause
+ */
+
+
+#ifndef SHADOW_INCLUDE_LIB_STPEPRINTF_H_
+#define SHADOW_INCLUDE_LIB_STPEPRINTF_H_
+
+
+#include <config.h>
+
+#if !defined(HAVE_STPEPRINTF)
+
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdio.h>
+
+#include "defines.h"
+
+
+format_attr(printf, 3, 4)
+inline char *stpeprintf(char *dst, char *end, const char *restrict fmt, ...);
+
+format_attr(printf, 3, 0)
+inline char *vstpeprintf(char *dst, char *end, const char *restrict fmt,
+    va_list ap);
+
+
+/*
+ * SYNOPSIS
+ *	[[gnu::format(printf, 3, 4)]]
+ *	char *_Nullable stpeprintf(char *_Nullable dst, char end[0],
+ *	                           const char *restrict fmt, ...);
+ *
+ *	[[gnu::format(printf, 3, 0)]]
+ *	char *_Nullable vstpeprintf(char *_Nullable dst, char end[0],
+ *	                           const char *restrict fmt, va_list ap);
+ *
+ *
+ * ARGUMENTS
+ *	dst	Destination buffer where to write a string.
+ *
+ *	end	Pointer to one after the last element of the buffer
+ *		pointed to by `dst`.  Usually, it should be calculated
+ *		as `dst + NITEMS(dst)`.
+ *
+ *	fmt	Format string
+ *
+ *	...
+ *	ap	Variadic argument list
+ *
+ * DESCRIPTION
+ *	These functions are very similar to [v]snprintf(3).
+ *
+ *	The destination buffer is limited by a pointer to its end --one
+ *	after its last element-- instead of a size.  This allows
+ *	chaining calls to it safely, unlike [v]snprintf(3), which is
+ *	difficult to chain without invoking Undefined Behavior.
+ *
+ * RETURN VALUE
+ *	dst + strlen(dst)
+ *		•  On success, these functions return a pointer to the
+ *		   terminating NUL byte.
+ *
+ *	end
+ *		•  If this call truncated the resulting string.
+ *		•  If `dst == end` (a previous chained call to these
+ *		   functions truncated).
+ *	NULL
+ *		•  If this function failed (see ERRORS).
+ *		•  If `dst == NULL` (a previous chained call to these
+ *		   functions failed).
+ *
+ * ERRORS
+ *	These functions may fail for the same reasons as vsnprintf(3).
+ */
+
+
+inline char *
+stpeprintf(char *dst, char *end, const char *restrict fmt, ...)
+{
+	char     *p;
+	va_list  ap;
+
+	va_start(ap, fmt);
+	p = vstpeprintf(dst, end, fmt, ap);
+	va_end(ap);
+
+	return p;
+}
+
+
+inline char *
+vstpeprintf(char *dst, char *end, const char *restrict fmt, va_list ap)
+{
+	int        len;
+	ptrdiff_t  size;
+
+	if (dst == end)
+		return end;
+	if (dst == NULL)
+		return NULL;
+
+	size = end - dst;
+	len = vsnprintf(dst, size, fmt, ap);
+
+	if (len == -1)
+		return NULL;
+	if (len >= size)
+		return end;
+
+	return dst + len;
+}
+
+
+#endif  // !HAVE_STPEPRINTF
+#endif  // include guard

lib/subordinateio.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012 - Eric Biederman
+ * SPDX-FileCopyrightText: 2012 - Eric Biederman
  */
 
 #include <config.h>
@@ -17,6 +17,10 @@
 #include <ctype.h>
 #include <fcntl.h>
 
+#include "alloc.h"
+
+#define ID_SIZE 31
+
 /*
  * subordinate_dup: create a duplicate range
  *
@@ -30,7 +34,7 @@ static /*@null@*/ /*@only@*/void *subordinate_dup (const void *ent)
 	const struct subordinate_range *rangeent = ent;
 	struct subordinate_range *range;
 
-	range = (struct subordinate_range *) malloc (sizeof *range);
+	range = MALLOC(1, struct subordinate_range);
 	if (NULL == range) {
 		return NULL;
 	}
@@ -155,7 +159,7 @@ static struct commonio_ops subordinate_ops = {
  *
  * Returns true if @owner owns any subuid ranges, false otherwise.
  */
-static const bool range_exists(struct commonio_db *db, const char *owner)
+static bool range_exists(struct commonio_db *db, const char *owner)
 {
 	const struct subordinate_range *range;
 	commonio_rewind(db);
@@ -311,19 +315,16 @@ static bool have_range(struct commonio_db *db,
 
 static bool append_range(struct subid_range **ranges, const struct subordinate_range *new, int n)
 {
-	if (!*ranges) {
-		*ranges = malloc(sizeof(struct subid_range));
-		if (!*ranges)
-			return false;
-	} else {
-		struct subid_range *alloced;
-		alloced = realloc(*ranges, (n + 1) * (sizeof(struct subid_range)));
-		if (!alloced)
-			return false;
-		*ranges = alloced;
-	}
-	(*ranges)[n].start = new->start;
-	(*ranges)[n].count = new->count;
+	struct subid_range  *sr;
+
+	sr = REALLOC(*ranges, n + 1, struct subid_range);
+	if (!sr)
+		return false;
+
+	sr[n].start = new->start;
+	sr[n].count = new->count;
+	*ranges = sr;
+
 	return true;
 }
 
@@ -353,13 +354,14 @@ static int subordinate_range_cmp (const void *p1, const void *p2)
 {
 	struct subordinate_range *range1, *range2;
 
-	if ((*(struct commonio_entry **) p1)->eptr == NULL)
-		return 1;
-	if ((*(struct commonio_entry **) p2)->eptr == NULL)
-		return -1;
 
-	range1 = ((struct subordinate_range *) (*(struct commonio_entry **) p1)->eptr);
-	range2 = ((struct subordinate_range *) (*(struct commonio_entry **) p2)->eptr);
+	range1 = (*(struct commonio_entry **) p1)->eptr;
+	if (range1 == NULL)
+		return 1;
+
+	range2 = (*(struct commonio_entry **) p2)->eptr;
+	if (range2 == NULL)
+		return -1;
 
 	if (range1->start < range2->start)
 		return -1;
@@ -618,17 +620,28 @@ bool have_sub_uids(const char *owner, uid_t start, unsigned long count)
 	return have_range (&subordinate_uid_db, owner, start, count);
 }
 
+/*
+ * sub_uid_add: add a subuid range, perhaps through nss.
+ *
+ * Return 1 if the range is already present or on success.  On error
+ * return 0 and set errno appropriately.
+ */
 int sub_uid_add (const char *owner, uid_t start, unsigned long count)
 {
-	if (get_subid_nss_handle())
-		return -EOPNOTSUPP;
+	if (get_subid_nss_handle()) {
+		errno = EOPNOTSUPP;
+		return 0;
+	}
 	return add_range (&subordinate_uid_db, owner, start, count);
 }
 
+/* Return 1 on success.  on failure, return 0 and set errno appropriately */
 int sub_uid_remove (const char *owner, uid_t start, unsigned long count)
 {
-	if (get_subid_nss_handle())
-		return -EOPNOTSUPP;
+	if (get_subid_nss_handle()) {
+		errno = EOPNOTSUPP;
+		return 0;
+	}
 	return remove_range (&subordinate_uid_db, owner, start, count);
 }
 
@@ -714,17 +727,28 @@ bool local_sub_gid_assigned(const char *owner)
 	return range_exists (&subordinate_gid_db, owner);
 }
 
+/*
+ * sub_gid_add: add a subgid range, perhaps through nss.
+ *
+ * Return 1 if the range is already present or on success.  On error
+ * return 0 and set errno appropriately.
+ */
 int sub_gid_add (const char *owner, gid_t start, unsigned long count)
 {
-	if (get_subid_nss_handle())
-		return -EOPNOTSUPP;
+	if (get_subid_nss_handle()) {
+		errno = EOPNOTSUPP;
+		return 0;
+	}
 	return add_range (&subordinate_gid_db, owner, start, count);
 }
 
+/* Return 1 on success.  on failure, return 0 and set errno appropriately */
 int sub_gid_remove (const char *owner, gid_t start, unsigned long count)
 {
-	if (get_subid_nss_handle())
-		return -EOPNOTSUPP;
+	if (get_subid_nss_handle()) {
+		errno = EOPNOTSUPP;
+		return 0;
+	}
 	return remove_range (&subordinate_gid_db, owner, start, count);
 }
 
@@ -745,6 +769,40 @@ gid_t sub_gid_find_free_range(gid_t min, gid_t max, unsigned long count)
 	return start == ULONG_MAX ? (gid_t) -1 : start;
 }
 
+static bool get_owner_id(const char *owner, enum subid_type id_type, char *id)
+{
+	struct passwd *pw;
+	struct group *gr;
+	int ret = 0;
+
+	switch (id_type) {
+	case ID_TYPE_UID:
+		pw = getpwnam(owner);
+		if (pw == NULL) {
+			return false;
+		}
+		ret = snprintf(id, ID_SIZE, "%u", pw->pw_uid);
+		if (ret < 0 || ret >= ID_SIZE) {
+			return false;
+		}
+		break;
+	case ID_TYPE_GID:
+		gr = getgrnam(owner);
+		if (gr == NULL) {
+			return false;
+		}
+		ret = snprintf(id, ID_SIZE, "%u", gr->gr_gid);
+		if (ret < 0 || ret >= ID_SIZE) {
+			return false;
+		}
+		break;
+	default:
+		return false;
+	}
+
+	return true;
+}
+
 /*
  * int list_owner_ranges(const char *owner, enum subid_type id_type, struct subordinate_range ***ranges)
  *
@@ -770,6 +828,8 @@ int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_r
 	enum subid_status status;
 	int count = 0;
 	struct subid_nss_ops *h;
+	char id[ID_SIZE];
+	bool have_owner_id;
 
 	*in_ranges = NULL;
 
@@ -798,6 +858,8 @@ int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_r
 		return -1;
 	}
 
+	have_owner_id = get_owner_id(owner, id_type, id);
+
 	commonio_rewind(db);
 	while ((range = commonio_next(db)) != NULL) {
 		if (0 == strcmp(range->owner, owner)) {
@@ -808,6 +870,16 @@ int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_r
 				goto out;
 			}
 		}
+
+		// Let's also compare with the ID
+		if (have_owner_id == true && 0 == strcmp(range->owner, id)) {
+			if (!append_range(&ranges, range, count++)) {
+				free(ranges);
+				ranges = NULL;
+				count = -1;
+				goto out;
+			}
+		}
 	}
 
 out:
@@ -860,7 +932,7 @@ static int append_uids(uid_t **uids, const char *owner, int n)
 			return n;
 	}
 
-	ret = realloc(*uids, (n + 1) * sizeof(uid_t));
+	ret = REALLOC(*uids, n + 1, uid_t);
 	if (!ret) {
 		free(*uids);
 		return -1;
@@ -935,7 +1007,7 @@ bool new_subid_range(struct subordinate_range *range, enum subid_type id_type, b
 	switch (id_type) {
 	case ID_TYPE_UID:
 		if (!sub_uid_lock()) {
-			printf("Failed loging subuids (errno %d)\n", errno);
+			printf("Failed locking subuids (errno %d)\n", errno);
 			return false;
 		}
 		if (!sub_uid_open(O_CREAT | O_RDWR)) {
@@ -947,7 +1019,7 @@ bool new_subid_range(struct subordinate_range *range, enum subid_type id_type, b
 		break;
 	case ID_TYPE_GID:
 		if (!sub_gid_lock()) {
-			printf("Failed loging subgids (errno %d)\n", errno);
+			printf("Failed locking subgids (errno %d)\n", errno);
 			return false;
 		}
 		if (!sub_gid_open(O_CREAT | O_RDWR)) {
@@ -1007,7 +1079,7 @@ bool release_subid_range(struct subordinate_range *range, enum subid_type id_typ
 	switch (id_type) {
 	case ID_TYPE_UID:
 		if (!sub_uid_lock()) {
-			printf("Failed loging subuids (errno %d)\n", errno);
+			printf("Failed locking subuids (errno %d)\n", errno);
 			return false;
 		}
 		if (!sub_uid_open(O_CREAT | O_RDWR)) {
@@ -1019,7 +1091,7 @@ bool release_subid_range(struct subordinate_range *range, enum subid_type id_typ
 		break;
 	case ID_TYPE_GID:
 		if (!sub_gid_lock()) {
-			printf("Failed loging subgids (errno %d)\n", errno);
+			printf("Failed locking subgids (errno %d)\n", errno);
 			return false;
 		}
 		if (!sub_gid_open(O_CREAT | O_RDWR)) {
@@ -1047,6 +1119,6 @@ bool release_subid_range(struct subordinate_range *range, enum subid_type id_typ
 }
 
 #else				/* !ENABLE_SUBIDS */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* !ENABLE_SUBIDS */
 

lib/tcbfuncs.c

@@ -1,21 +1,6 @@
 /*
- * Copyright (c) 2001 Rafal Wojtczuk, Solar Designer
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-FileCopyrightText: 2001 Rafal Wojtczuk, Solar Designer
+ * SPDX-License-Identifier: 0BSD
  */
 
 #define _GNU_SOURCE
@@ -38,6 +23,8 @@
 #include "shadowio.h"
 #include "tcbfuncs.h"
 
+#include "shadowlog_internal.h"
+
 #define SHADOWTCB_HASH_BY 1000
 #define SHADOWTCB_LOCK_SUFFIX ".lock"
 
@@ -72,7 +59,7 @@ shadowtcb_status shadowtcb_gain_priv (void)
  * to exit soon.
  */
 #define OUT_OF_MEMORY do { \
-	fprintf (shadow_logfd, _("%s: out of memory\n"), Prog); \
+	fprintf (shadow_logfd, _("%s: out of memory\n"), shadow_progname); \
 	(void) fflush (shadow_logfd); \
 } while (false)
 
@@ -118,7 +105,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
 	if (lstat (path, &st) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot stat %s: %s\n"),
-		         Prog, path, strerror (errno));
+		         shadow_progname, path, strerror (errno));
 		free (path);
 		return NULL;
 	}
@@ -134,7 +121,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
 	if (!S_ISLNK (st.st_mode)) {
 		fprintf (shadow_logfd,
 		         _("%s: %s is neither a directory, nor a symlink.\n"),
-		         Prog, path);
+		         shadow_progname, path);
 		free (path);
 		return NULL;
 	}
@@ -142,7 +129,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
 	if (-1 == ret) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot read symbolic link %s: %s\n"),
-		         Prog, path, strerror (errno));
+		         shadow_progname, path, strerror (errno));
 		free (path);
 		return NULL;
 	}
@@ -151,10 +138,10 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
 		link[sizeof(link) - 1] = '\0';
 		fprintf (shadow_logfd,
 		         _("%s: Suspiciously long symlink: %s\n"),
-		         Prog, link);
+		         shadow_progname, link);
 		return NULL;
 	}
-	link[(size_t)ret] = '\0';
+	link[ret] = '\0';
 	rval = strdup (link);
 	if (NULL == rval) {
 		OUT_OF_MEMORY;
@@ -209,7 +196,7 @@ static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
 	if (stat (TCB_DIR, &st) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot stat %s: %s\n"),
-		         Prog, TCB_DIR, strerror (errno));
+		         shadow_progname, TCB_DIR, strerror (errno));
 		goto out_free_path;
 	}
 	while ((ind = strchr (ptr, '/'))) {
@@ -221,19 +208,19 @@ static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
 		if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) {
 			fprintf (shadow_logfd,
 			         _("%s: Cannot create directory %s: %s\n"),
-			         Prog, dir, strerror (errno));
+			         shadow_progname, dir, strerror (errno));
 			goto out_free_dir;
 		}
 		if (chown (dir, 0, st.st_gid) != 0) {
 			fprintf (shadow_logfd,
 			         _("%s: Cannot change owner of %s: %s\n"),
-			         Prog, dir, strerror (errno));
+			         shadow_progname, dir, strerror (errno));
 			goto out_free_dir;
 		}
 		if (chmod (dir, 0711) != 0) {
 			fprintf (shadow_logfd,
 			         _("%s: Cannot change mode of %s: %s\n"),
-			         Prog, dir, strerror (errno));
+			         shadow_progname, dir, strerror (errno));
 			goto out_free_dir;
 		}
 		free (dir);
@@ -263,7 +250,7 @@ static shadowtcb_status unlink_suffs (const char *user)
 		if ((unlink (tmp) != 0) && (errno != ENOENT)) {
 			fprintf (shadow_logfd,
 			         _("%s: unlink: %s: %s\n"),
-			         Prog, tmp, strerror (errno));
+			         shadow_progname, tmp, strerror (errno));
 			free (tmp);
 			return SHADOWTCB_FAILURE;
 		}
@@ -288,7 +275,7 @@ static shadowtcb_status rmdir_leading (char *path)
 			if (errno != ENOTEMPTY) {
 				fprintf (shadow_logfd,
 				         _("%s: Cannot remove directory %s: %s\n"),
-				         Prog, dir, strerror (errno));
+				         shadow_progname, dir, strerror (errno));
 				ret = SHADOWTCB_FAILURE;
 			}
 			free (dir);
@@ -317,7 +304,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
 	if (stat (olddir, &oldmode) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot stat %s: %s\n"),
-		         Prog, olddir, strerror (errno));
+		         shadow_progname, olddir, strerror (errno));
 		goto out_free;
 	}
 	old_uid = oldmode.st_uid;
@@ -344,7 +331,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
 	if (rename (real_old_dir, real_new_dir) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot rename %s to %s: %s\n"),
-		         Prog, real_old_dir, real_new_dir, strerror (errno));
+		         shadow_progname, real_old_dir, real_new_dir, strerror (errno));
 		goto out_free;
 	}
 	if (rmdir_leading (real_old_dir_rel) == SHADOWTCB_FAILURE) {
@@ -353,7 +340,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
 	if ((unlink (olddir) != 0) && (errno != ENOENT)) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot remove %s: %s\n"),
-		         Prog, olddir, strerror (errno));
+		         shadow_progname, olddir, strerror (errno));
 		goto out_free;
 	}
 	if (asprintf (&newdir, TCB_DIR "/%s", user_newname) == -1) {
@@ -367,7 +354,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
 	    && (symlink (real_new_dir_rel, newdir) != 0)) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot create symbolic link %s: %s\n"),
-		         Prog, real_new_dir_rel, strerror (errno));
+		         shadow_progname, real_new_dir_rel, strerror (errno));
 		goto out_free;
 	}
 	ret = SHADOWTCB_SUCCESS;
@@ -393,9 +380,7 @@ shadowtcb_status shadowtcb_set_user (const char* name)
 		return SHADOWTCB_SUCCESS;
 	}
 
-	if (NULL != stored_tcb_user) {
-		free (stored_tcb_user);
-	}
+	free (stored_tcb_user);
 
 	stored_tcb_user = strdup (name);
 	if (NULL == stored_tcb_user) {
@@ -466,31 +451,31 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
 	if (stat (tcbdir, &dirmode) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot stat %s: %s\n"),
-		         Prog, tcbdir, strerror (errno));
+		         shadow_progname, tcbdir, strerror (errno));
 		goto out_free;
 	}
 	if (chown (tcbdir, 0, 0) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot change owners of %s: %s\n"),
-		         Prog, tcbdir, strerror (errno));
+		         shadow_progname, tcbdir, strerror (errno));
 		goto out_free;
 	}
 	if (chmod (tcbdir, 0700) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot change mode of %s: %s\n"),
-		         Prog, tcbdir, strerror (errno));
+		         shadow_progname, tcbdir, strerror (errno));
 		goto out_free;
 	}
 	if (lstat (shadow, &filemode) != 0) {
 		if (errno != ENOENT) {
 			fprintf (shadow_logfd,
 			         _("%s: Cannot lstat %s: %s\n"),
-			         Prog, shadow, strerror (errno));
+			         shadow_progname, shadow, strerror (errno));
 			goto out_free;
 		}
 		fprintf (shadow_logfd,
 		         _("%s: Warning, user %s has no tcb shadow file.\n"),
-		         Prog, user_newname);
+		         shadow_progname, user_newname);
 	} else {
 		if (!S_ISREG (filemode.st_mode) ||
 			filemode.st_nlink != 1) {
@@ -498,19 +483,19 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
 			         _("%s: Emergency: %s's tcb shadow is not a "
 			           "regular file with st_nlink=1.\n"
 			           "The account is left locked.\n"),
-			         Prog, user_newname);
+			         shadow_progname, user_newname);
 			goto out_free;
 		}
 		if (chown (shadow, user_newid, filemode.st_gid) != 0) {
 			fprintf (shadow_logfd,
 			         _("%s: Cannot change owner of %s: %s\n"),
-			         Prog, shadow, strerror (errno));
+			         shadow_progname, shadow, strerror (errno));
 			goto out_free;
 		}
 		if (chmod (shadow, filemode.st_mode & 07777) != 0) {
 			fprintf (shadow_logfd,
 			         _("%s: Cannot change mode of %s: %s\n"),
-			         Prog, shadow, strerror (errno));
+			         shadow_progname, shadow, strerror (errno));
 			goto out_free;
 		}
 	}
@@ -520,13 +505,13 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
 	if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot change owner of %s: %s\n"),
-		         Prog, tcbdir, strerror (errno));
+		         shadow_progname, tcbdir, strerror (errno));
 		goto out_free;
 	}
 	if (chmod (tcbdir, dirmode.st_mode & 07777) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot change mode of %s: %s\n"),
-		         Prog, tcbdir, strerror (errno));
+		         shadow_progname, tcbdir, strerror (errno));
 		goto out_free;
 	}
 	ret = SHADOWTCB_SUCCESS;
@@ -551,7 +536,7 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
 	if (stat (TCB_DIR, &tcbdir_stat) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot stat %s: %s\n"),
-		         Prog, TCB_DIR, strerror (errno));
+		         shadow_progname, TCB_DIR, strerror (errno));
 		return SHADOWTCB_FAILURE;
 	}
 	shadowgid = tcbdir_stat.st_gid;
@@ -571,39 +556,39 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
 	if (mkdir (dir, 0700) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: mkdir: %s: %s\n"),
-		         Prog, dir, strerror (errno));
+		         shadow_progname, dir, strerror (errno));
 		goto out_free;
 	}
 	fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600);
 	if (fd < 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot open %s: %s\n"),
-		         Prog, shadow, strerror (errno));
+		         shadow_progname, shadow, strerror (errno));
 		goto out_free;
 	}
 	close (fd);
 	if (chown (shadow, 0, authgid) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot change owner of %s: %s\n"),
-		         Prog, shadow, strerror (errno));
+		         shadow_progname, shadow, strerror (errno));
 		goto out_free;
 	}
 	if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot change mode of %s: %s\n"),
-		         Prog, shadow, strerror (errno));
+		         shadow_progname, shadow, strerror (errno));
 		goto out_free;
 	}
 	if (chown (dir, 0, authgid) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot change owner of %s: %s\n"),
-		         Prog, dir, strerror (errno));
+		         shadow_progname, dir, strerror (errno));
 		goto out_free;
 	}
 	if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot change mode of %s: %s\n"),
-		         Prog, dir, strerror (errno));
+		         shadow_progname, dir, strerror (errno));
 		goto out_free;
 	}
 	if (   (shadowtcb_set_user (name) == SHADOWTCB_FAILURE)

libmisc/Makefile.am

@@ -5,11 +5,21 @@ AM_CPPFLAGS = -I$(top_srcdir)/lib -I$(top_srcdir) $(ECONF_CPPFLAGS)
 
 noinst_LTLIBRARIES = libmisc.la
 
+if USE_PAM
+LIBCRYPT_PAM = $(LIBCRYPT)
+else
+LIBCRYPT_PAM =
+endif
+
+libmisc_la_CFLAGS = $(LIBBSD_CFLAGS) $(LIBCRYPT_PAM) $(LIBSYSTEMD)
 libmisc_la_SOURCES = \
 	addgrps.c \
 	age.c \
+	agetpass.c \
+	alloc.c \
 	audit_help.c \
 	basename.c \
+	bit.c \
 	chkname.c \
 	chkname.h \
 	chowndir.c \
@@ -19,6 +29,7 @@ libmisc_la_SOURCES = \
 	cleanup_user.c \
 	console.c \
 	copydir.c \
+	date_to_str.c \
 	entry.c \
 	env.c \
 	failure.c \
@@ -37,9 +48,10 @@ libmisc_la_SOURCES = \
 	idmapping.c \
 	isexpired.c \
 	limits.c \
-	list.c log.c \
+	list.c \
 	loginprompt.c \
 	mail.c \
+	mempcpy.c \
 	motd.c \
 	myname.c \
 	obscure.c \
@@ -49,6 +61,7 @@ libmisc_la_SOURCES = \
 	pwd2spwd.c \
 	pwdcheck.c \
 	pwd_init.c \
+	csrand.c \
 	remove_tree.c \
 	rlogin.c \
 	root_flag.c \
@@ -56,6 +69,8 @@ libmisc_la_SOURCES = \
 	setugid.c \
 	setupenv.c \
 	shell.c \
+	stpecpy.c \
+	stpeprintf.c \
 	strtoday.c \
 	sub.c \
 	sulog.c \
@@ -63,17 +78,25 @@ libmisc_la_SOURCES = \
 	tz.c \
 	ulimit.c \
 	user_busy.c \
-	utmp.c \
 	valid.c \
 	xgetpwnam.c \
+	xprefix_getpwnam.c \
 	xgetpwuid.c \
 	xgetgrnam.c \
 	xgetgrgid.c \
 	xgetspnam.c \
-	xmalloc.c \
 	yesno.c
 
 if WITH_BTRFS
 libmisc_la_SOURCES += btrfs.c
 endif
 
+if ENABLE_LASTLOG
+libmisc_la_SOURCES += log.c
+endif
+
+if ENABLE_LOGIND
+libmisc_la_SOURCES += logind.c
+else
+libmisc_la_SOURCES += utmp.c
+endif

libmisc/addgrps.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1989 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1998, Marek Michałkiewicz
- * Copyright (c) 2001 - 2006, Tomasz Kłoczko
- * Copyright (c) 2007 - 2009, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001 - 2006, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -41,6 +18,9 @@
 #include <grp.h>
 #include <errno.h>
 
+#include "alloc.h"
+#include "shadowlog.h"
+
 #ident "$Id$"
 
 #define SEP ",:"
@@ -51,13 +31,14 @@
  */
 int add_groups (const char *list)
 {
-	GETGROUPS_T *grouplist, *tmp;
+	GETGROUPS_T *grouplist;
 	size_t i;
 	int ngroups;
 	bool added;
 	char *token;
 	char buf[1024];
 	int ret;
+	FILE *shadow_logfd = log_get_logfd();
 
 	if (strlen (list) >= sizeof (buf)) {
 		errno = EINVAL;
@@ -67,7 +48,7 @@ int add_groups (const char *list)
 
 	i = 16;
 	for (;;) {
-		grouplist = (gid_t *) malloc (i * sizeof (GETGROUPS_T));
+		grouplist = MALLOC(i, GETGROUPS_T);
 		if (NULL == grouplist) {
 			return -1;
 		}
@@ -109,19 +90,17 @@ int add_groups (const char *list)
 			fputs (_("Warning: too many groups\n"), shadow_logfd);
 			break;
 		}
-		tmp = (gid_t *) realloc (grouplist, (size_t)(ngroups + 1) * sizeof (GETGROUPS_T));
-		if (NULL == tmp) {
-			free (grouplist);
+		grouplist = REALLOCF(grouplist, (size_t) ngroups + 1, GETGROUPS_T);
+		if (grouplist == NULL) {
 			return -1;
 		}
-		tmp[ngroups] = grp->gr_gid;
+		grouplist[ngroups] = grp->gr_gid;
 		ngroups++;
-		grouplist = tmp;
 		added = true;
 	}
 
 	if (added) {
-		ret = setgroups ((size_t)ngroups, grouplist);
+		ret = setgroups (ngroups, grouplist);
 		free (grouplist);
 		return ret;
 	}
@@ -130,6 +109,6 @@ int add_groups (const char *list)
 	return 0;
 }
 #else				/* HAVE_SETGROUPS && !USE_PAM */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* HAVE_SETGROUPS && !USE_PAM */
 

libmisc/age.c

@@ -1,33 +1,10 @@
 /*
- * Copyright (c) 1989 - 1994, Julianne Frances Haugh
- * Copyright (c) 1996 - 1998, Marek Michałkiewicz
- * Copyright (c) 2001 - 2006, Tomasz Kłoczko
- * Copyright (c) 2008 - 2009, Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2001 - 2006, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008 - 2009, Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <config.h>
@@ -135,7 +112,7 @@ int expire (const struct passwd *pw, /*@null@*/const struct spwd *sp)
 			_exit (126);
 		}
 
-		(void) execl (PASSWD_PROGRAM, PASSWD_PROGRAM, pw->pw_name, (char *) 0);
+		(void) execl (PASSWD_PROGRAM, PASSWD_PROGRAM, pw->pw_name, (char *) NULL);
 		err = errno;
 		perror ("Can't execute " PASSWD_PROGRAM);
 		_exit ((ENOENT == err) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
@@ -162,7 +139,7 @@ int expire (const struct passwd *pw, /*@null@*/const struct spwd *sp)
 
 void agecheck (/*@null@*/const struct spwd *sp)
 {
-	long now = (long) time ((time_t *) 0) / SCALE;
+	long now = time(NULL) / SCALE;
 	long remain;
 
 	if (NULL == sp) {

libmisc/agetpass.c

@@ -0,0 +1,130 @@
+/*
+ * SPDX-FileCopyrightText:  2022, Alejandro Colomar <alx@kernel.org>
+ *
+ * SPDX-License-Identifier:  BSD-3-Clause
+ */
+
+
+#include <config.h>
+
+#include <limits.h>
+#include <readpassphrase.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#ident "$Id$"
+
+#include "alloc.h"
+#include "prototypes.h"
+
+
+#if !defined(PASS_MAX)
+#define PASS_MAX  BUFSIZ - 1
+#endif
+
+
+/*
+ * SYNOPSIS
+ *	[[gnu::malloc(erase_pass)]]
+ *	char *agetpass(const char *prompt);
+ *
+ *	void erase_pass(char *pass);
+ *
+ * ARGUMENTS
+ *   agetpass()
+ *	prompt	String to be printed before reading a password.
+ *
+ *   erase_pass()
+ *	pass	password previously returned by agetpass().
+ *
+ * DESCRIPTION
+ *   agetpass()
+ *	This function is very similar to getpass(3).  It has several
+ *	advantages compared to getpass(3):
+ *
+ *	- Instead of using a static buffer, agetpass() allocates memory
+ *	  through malloc(3).  This makes the function thread-safe, and
+ *	  also reduces the visibility of the buffer.
+ *
+ *	- agetpass() doesn't reallocate internally.  Some
+ *	  implementations of getpass(3), such as glibc, do that, as a
+ *	  consequence of calling getline(3).  That's a bug in glibc,
+ *	  which allows leaking prefixes of passwords in freed memory.
+ *
+ *	- agetpass() doesn't overrun the output buffer.  If the input
+ *	  password is too long, it simply fails.  Some implementations
+ *	  of getpass(3), share the same bug that gets(3) has.
+ *
+ *	As soon as possible, the password obtained from agetpass() be
+ *	erased by calling erase_pass(), to avoid possibly leaking the
+ *	password.
+ *
+ *   erase_pass()
+ *	This function first clears the password, by calling
+ *	explicit_bzero(3) (or an equivalent call), and then frees the
+ *	allocated memory by calling free(3).
+ *
+ *	NULL is a valid input pointer, and in such a case, this call is
+ *	a no-op.
+ *
+ * RETURN VALUE
+ *	agetpass() returns a newly allocated buffer containing the
+ *	password on success.  On error, errno is set to indicate the
+ *	error, and NULL is returned.
+ *
+ * ERRORS
+ *   agetpass()
+ *	This function may fail for any errors that malloc(3) or
+ *	readpassphrase(3) may fail, and in addition it may fail for the
+ *	following errors:
+ *
+ *	ENOBUFS
+ *		The input password was longer than PASS_MAX.
+ *
+ * CAVEATS
+ *	If a password is passed twice to erase_pass(), the behavior is
+ *	undefined.
+ */
+
+
+char *
+agetpass(const char *prompt)
+{
+	char    *pass;
+	size_t  len;
+
+	/*
+	 * Since we want to support passwords upto PASS_MAX, we need
+	 * PASS_MAX bytes for the password itself, and one more byte for
+	 * the terminating '\0'.  We also want to detect truncation, and
+	 * readpassphrase(3) doesn't detect it, so we need some trick.
+	 * Let's add one more byte, and if the password uses it, it
+	 * means the introduced password was longer than PASS_MAX.
+	 */
+	pass = MALLOC(PASS_MAX + 2, char);
+	if (pass == NULL)
+		return NULL;
+
+	if (readpassphrase(prompt, pass, PASS_MAX + 2, RPP_REQUIRE_TTY) == NULL)
+		goto fail;
+
+	len = strlen(pass);
+	if (len == PASS_MAX + 1) {
+		errno = ENOBUFS;
+		goto fail;
+	}
+
+	return pass;
+
+fail:
+	freezero(pass, PASS_MAX + 2);
+	return NULL;
+}
+
+
+void
+erase_pass(char *pass)
+{
+	freezero(pass, PASS_MAX + 2);
+}

libmisc/alloc.c

@@ -0,0 +1,73 @@
+/*
+ * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
+ * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
+ * SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
+ * SPDX-FileCopyrightText: 2023       , Alejandro Colomar <alx@kernel.org>
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/* Replacements for malloc and strdup with error checking.  Too trivial
+   to be worth copyrighting :-).  I did that because a lot of code used
+   malloc and strdup without checking for NULL pointer, and I like some
+   message better than a core dump...  --marekm
+
+   Yeh, but.  Remember that bailing out might leave the system in some
+   bizarre state.  You really want to put in error checking, then add
+   some back-out failure recovery code. -- jfh */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "alloc.h"
+
+#include <errno.h>
+#include <stddef.h>
+#include <stdio.h>
+
+#include "defines.h"
+#include "prototypes.h"
+#include "shadowlog.h"
+
+
+extern inline void *xmalloc(size_t size);
+extern inline void *xmallocarray(size_t nmemb, size_t size);
+extern inline void *mallocarray(size_t nmemb, size_t size);
+extern inline void *reallocarrayf(void *p, size_t nmemb, size_t size);
+extern inline char *xstrdup(const char *str);
+
+
+void *
+xcalloc(size_t nmemb, size_t size)
+{
+	void  *p;
+
+	p = calloc(nmemb, size);
+	if (p == NULL)
+		goto x;
+
+	return p;
+
+x:
+	fprintf(log_get_logfd(), _("%s: %s\n"),
+	        log_get_progname(), strerror(errno));
+	exit(13);
+}
+
+
+void *
+xreallocarray(void *p, size_t nmemb, size_t size)
+{
+	p = reallocarrayf(p, nmemb, size);
+	if (p == NULL)
+		goto x;
+
+	return p;
+
+x:
+	fprintf(log_get_logfd(), _("%s: %s\n"),
+	        log_get_progname(), strerror(errno));
+	exit(13);
+}

libmisc/audit_help.c

@@ -1,32 +1,9 @@
 /*
- * Copyright (c) 2005       , Red Hat, Inc.
- * Copyright (c) 2005       , Tomasz Kłoczko
- * Copyright (c) 2008       , Nicolas François
- * All rights reserved.
+ * SPDX-FileCopyrightText: 2005       , Red Hat, Inc.
+ * SPDX-FileCopyrightText: 2005       , Tomasz Kłoczko
+ * SPDX-FileCopyrightText: 2008       , Nicolas François
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the copyright holders or contributors may not be used to
- *    endorse or promote products derived from this software without
- *    specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
- * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * SPDX-License-Identifier: BSD-3-Clause
  */
 
 /*
@@ -45,6 +22,7 @@
 #include <errno.h>
 #include <stdio.h>
 #include "prototypes.h"
+#include "shadowlog.h"
 int audit_fd;
 
 void audit_help_open (void)
@@ -59,7 +37,7 @@ void audit_help_open (void)
 			return;
 		}
 		(void) fputs (_("Cannot open audit interface - aborting.\n"),
-		              shadow_logfd);
+		              log_get_logfd());
 		exit (EXIT_FAILURE);
 	}
 }
@@ -84,7 +62,7 @@ void audit_logger (int type, unused const char *pgname, const char *op,
 		return;
 	} else {
 		audit_log_acct_message (audit_fd, type, NULL, op, name, id,
-		                        NULL, NULL, NULL, (int) result);
+		                        NULL, NULL, NULL, result);
 	}
 }
 
@@ -99,11 +77,11 @@ void audit_logger_message (const char *message, shadow_audit_result result)
 		                        NULL, /* hostname */
 		                        NULL, /* addr */
 		                        NULL, /* tty */
-		                        (int) result);
+		                        result);
 	}
 }
 
 #else				/* WITH_AUDIT */
-extern int errno;	/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* WITH_AUDIT */