-
Notifications
You must be signed in to change notification settings - Fork 223
Comparing changes
Open a pull request
base repository: shadow-maint/shadow
base: 4.14.5
head repository: shadow-maint/shadow
compare: 4.14.6
- 19 commits
- 21 files changed
- 3 contributors
Commits on Feb 14, 2024
-
lib/defines.h: Remove ITI_AGING
ITI_AGING is not set through any build environment. If it would be set, then timings in /etc/shadow would not fit anymore. Signed-off-by: Tobias Stoeckmann <[email protected]> Cherry-picked-from: ab260fc ("lib/defines.h: Remove ITI_AGING") Link: <#873> Link: <#876> Cc: "Serge E. Hallyn" <[email protected]> [alx: This is a pre-requisite for 674409e ("lib/: Saturate addition to avoid overflow")] Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 25fd8eb - Browse repository at this point
Copy the full SHA 25fd8ebView commit details -
lib/, src/: Remove SCALE definition
SCALE is always DAY (and has to be always DAY), so replace it with DAY in source code and remove unneeded calculations. Signed-off-by: Tobias Stoeckmann <[email protected]> Link: <#876> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: ecc3508 ("lib/, src/: Remove SCALE definition") Cc: "Serge E. Hallyn" <[email protected]> Link: <#888> Link: <#876> [alx: This is a pre-requisite for 674409e ("lib/: Saturate addition to avoid overflow")] Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 55f9635 - Browse repository at this point
Copy the full SHA 55f9635View commit details -
src/chage.c: Unify long overflow checks in print_day_as_date()
The conversion from day to seconds can be done in print_date (renamed to print_day_as_date for clarification). This has the nice benefit that DAY multiplication and long to time_t conversion are done at just one place. Co-developed-by: Tobias Stoeckmann <[email protected]> Co-developed-by: Alejandro Colomar <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: 20100e4 ("src/chage.c: Unify long overflow checks in print_day_as_date()") Cc: "Serge E. Hallyn" <[email protected]> Link: <#876> [alx: This is a pre-requisite for 674409e ("lib/: Saturate addition to avoid overflow")] Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 541d4dd - Browse repository at this point
Copy the full SHA 541d4ddView commit details -
lib/: Saturate addition to avoid overflow
Very large values in /etc/shadow could lead to overflows. Make sure that these calculations are saturated at LONG_MAX. Since entries are based on days and not seconds since epoch, saturating won't hurt anyone. Co-developed-by: Tobias Stoeckmann <[email protected]> Co-developed-by: Alejandro Colomar <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: 674409e ("lib/: Saturate addition to avoid overflow") Cc: "Serge E. Hallyn" <[email protected]> Link: <#876> Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for dbdda2a - Browse repository at this point
Copy the full SHA dbdda2aView commit details -
src/login.c: Fix off-by-one buggs
Before 3b7cc05 ("lib: replace `USER_NAME_MAX_LENGTH` macro"), this code did use a length. It used a utmp(5) fixed-width buffer, so the length matches the buffer size (there was no terminating NUL byte). However, sysconf(_SC_LOGIN_NAME_MAX) returns a buffer size that accounts for the terminating null byte; see sysconf(3). Thus, the commit that introduced the call to sysconf(3), should have taken that detail into account. 403a2e3 ("lib/chkname.c: Take NUL byte into account"), by Tobias, caught that bug in <lib/chkname.c>, but missed that the same commit that introduced that bug, introduced the same bug in two other places. This fixes all remaining calls to sysconf(_SC_LOGIN_NAME_MAX). I still observe some suspicious code after this fix: if (do_rlogin(hostname, username, max_size - 1, term, sizeof(term))) ... login_prompt(username, max_size - 1); We're passing size-1 to functions that want a size. But since the fix to those will be different, let's do that in the following commits. Link: <#935> Link: <#920 (comment)> Link: <#757> Link: <#674> See-also: 403a2e3 ("lib/chkname.c: Take NUL byte into account") Fixes: 3b7cc05 ("lib: replace `USER_NAME_MAX_LENGTH` macro") Reviewed-by: Iker Pedrosa <[email protected]> Cc: Tobias Stoeckmann <[email protected]> Cc: Serge Hallyn <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: 6551709 ("src/login.c: Fix off-by-one buggs") Link: <#936> Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for cc2970c - Browse repository at this point
Copy the full SHA cc2970cView commit details -
src/login.c: Fix off-by-one bugss
These functions expect a size, not a length. Don't subtract 1 to the size. Link: <#935> Link: <#920 (comment)> Link: <#757> Link: <#674> See-also: 0656a90bfd0d ("src/login.c: Fix off-by-one buggs") See-also: 403a2e3 ("lib/chkname.c: Take NUL byte into account") Fixes: 3b7cc05 ("lib: replace `USER_NAME_MAX_LENGTH` macro") Reviewed-by: Iker Pedrosa <[email protected]> Cc: Tobias Stoeckmann <[email protected]> Cc: Serge Hallyn <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: 15882a5 ("src/login.c: Fix off-by-one bugss") Link: <#936> Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for d6a9b72 - Browse repository at this point
Copy the full SHA d6a9b72View commit details -
lib/strtoday.c: strtoday(): Fix calculation
Days officially roll over at 00:00 UTC, not at 12:00 UTC. I see no reason to add that half day. Also, remove the comment. It's likely to get stale. So, get_date() gets the number of seconds since the Epoch. I wonder how that thing works, but I'll assume it's something similar to getdate(3) + mktime(3). After that, we need to convert seconds since Epoch to days since Epoch. That should be a simple division, AFAICS, since Epoch is "1970‐01‐01 00:00:00 +0000 (UTC)". See mktime(3). Fixes: 45c6603 ("[svn-upgrade] Integrating new upstream version, shadow (19990709)") Link: <#939> Reported-by: Michael Vetter <[email protected]> Tested-by: Gus Kenion <https://github.com/kenion> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: 1175932 ("lib/strtoday.c: strtoday(): Fix calculation") Cc: "Serge E. Hallyn" <[email protected]> Link: <#942> Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for c4eae35 - Browse repository at this point
Copy the full SHA c4eae35View commit details
Commits on Feb 16, 2024
-
src/passwd.c: inconsistent password length limit
The passwd utility had hardcoded limit for password lenght set to 200 characters. In the agetpass.c is used PASS_MAX for this purpose. This patch moves the PASS_MAX definition to common place and uses it in both places. Signed-off-by: Tomas Halman <[email protected]> Reviewed-by: Alejandro Colomar <[email protected]> Cherry-picked-from: f024002b3d66 ("src/passwd.c: inconsistent password length limit") Cc: Serge Hallyn <[email protected]> Link: <#953> Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for bed23cc - Browse repository at this point
Copy the full SHA bed23ccView commit details -
src/passwd.c: check password length upper limit
The passwd silently truncated the password length to PASS_MAX. This patch introduces check that prints an error message and exits the call. Signed-off-by: Tomas Halman <[email protected]> Reviewed-by: Alejandro Colomar <[email protected]> Cherry-picked-from: f024002b3d66 ("src/passwd.c: inconsistent password length limit") Cc: Serge Hallyn <[email protected]> Link: <#953> Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 9d5591f - Browse repository at this point
Copy the full SHA 9d5591fView commit details
Commits on Feb 17, 2024
-
lib/getdate.y: get_date(): Fix calculation
Instead of adding 1, we should add the value the we stored previously in the variable. Fixes: 45c6603 ("[svn-upgrade] Integrating new upstream version, shadow (19990709)") Closes: <#939> Link: <#942> Reported-by: Michael Vetter <[email protected]> Reported-by: Gus Kenion <https://github.com/kenion> Cc: Iker Pedrosa <[email protected]> Cc: Serge Hallyn <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: 4d139ca ("lib/getdate.y: get_date(): Fix calculation") Link: <#952> Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for fee5e61 - Browse repository at this point
Copy the full SHA fee5e61View commit details
Commits on Feb 20, 2024
-
This changes pull some more dependencies. That's too much for a stable branch, I think. If anyone needs them, please ask for them, but for now let's keep them out. Reverts: 9d5591f ("src/passwd.c: check password length upper limit") Reverts: dbdda2a ("lib/: Saturate addition to avoid overflow") Reverts: 541d4dd ("src/chage.c: Unify long overflow checks in print_day_as_date()") Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 2128715 - Browse repository at this point
Copy the full SHA 2128715View commit details -
lib/, src/, configure.ac: Use utmpx instead of utmp
utmpx is specified by POSIX as an XSI extension. That's more portable than utmp, which is unavailable for example in musl libc. The manual page specifies that in Linux (but it probably means in glibc), utmp and utmpx (and the functions that use them) are identical, so this commit shouldn't affect glibc systems. Assume utmpx is always present. Also, if utmpx is present, POSIX guarantees that some members exist: - ut_user - ut_id - ut_line - ut_pid - ut_type - ut_tv So, rely on them unconditionally. Fixes: 170b76c ("Disable utmpx permanently") Closes: <#945> Reported-by: Firas Khalil Khana <[email protected]> Reported-by: "A. Wilfox" <https://github.com/awilfox> Tested-by: Firas Khalil Khana <[email protected]> Reviewed-by: Iker Pedrosa <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: 64bcb54 ("lib/, src/, configure.ac: Use utmpx instead of utmp") Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for bec925d - Browse repository at this point
Copy the full SHA bec925dView commit details -
lib/utmp.c: Replace UT_LINESIZE by a NITEMS() calculation
A difference between 'struct utmp' and 'struct utmpx' is that the former uses UT_LINESIZE for the size of its array members, while the latter doesn't have a standard variable to get its size. Therefore, we need to get the number of elements in the array with NITEMS(). Reviewed-by: Iker Pedrosa <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cc: Firas Khalil Khana <[email protected]> Cc: "A. Wilfox" <https://github.com/awilfox> Cherry-picked-from: 5ff6edf ("lib/utmp.c: Replace UT_LINESIZE by a NITEMS() calculation") Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 02a9d04 - Browse repository at this point
Copy the full SHA 02a9d04View commit details
Commits on Feb 21, 2024
-
lib/utmp.c: Indent nested preprocessor conditionals
Reviewed-by: Iker Pedrosa <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: f4ea04b ("lib/utmp.c: Indent nested preprocessor conditionals") [alx: This is needed by 1af6b68 ("lib/utmp.c: Use the appropriate autotools macros for struct utmpx")] Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 261f404 - Browse repository at this point
Copy the full SHA 261f404View commit details -
lib/utmp.c: Merge preprocessor conditionals
Reviewed-by: Iker Pedrosa <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: e5815ac ("lib/utmp.c: Merge preprocessor conditionals") [alx: This is needed by 1af6b68 ("lib/utmp.c: Use the appropriate autotools macros for struct utmpx")] Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 561cbbe - Browse repository at this point
Copy the full SHA 561cbbeView commit details -
lib/utmp.c: Remove #endif comments
Indentation makes it clear which is which. Reviewed-by: Iker Pedrosa <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: 7e94a2f ("lib/utmp.c: Remove #endif comments") [alx: This is needed by 1af6b68 ("lib/utmp.c: Use the appropriate autotools macros for struct utmpx")] Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 2da400d - Browse repository at this point
Copy the full SHA 2da400dView commit details -
lib/utmp.c: Use defined() instead of #if[n]def
Reviewed-by: Iker Pedrosa <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: 2806b82 ("lib/utmp.c: Use defined() instead of #if[n]def") [alx: This is needed by 1af6b68 ("lib/utmp.c: Use the appropriate autotools macros for struct utmpx")] Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 128fe11 - Browse repository at this point
Copy the full SHA 128fe11View commit details -
lib/utmp.c: Use the appropriate autotools macros for struct utmpx
Recently, we started using utmpx instead of utmp, and we updated <./configure.ac> to do the checks for 'struct utmpx' instead of 'struct utmp'. However, I forgot to update the preprocessor conditionals accordingly. Fixes: 64bcb54 ("lib/, src/, configure.ac: Use utmpx instead of utmp") Link: <#954> Cc: Firas Khalil Khana <[email protected]> Cc: "A. Wilfox" <https://github.com/awilfox> Reviewed-by: Iker Pedrosa <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]> Cherry-picked-from: 1af6b68 ("lib/utmp.c: Use the appropriate autotools macros for struct utmpx") Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 7e396ba - Browse repository at this point
Copy the full SHA 7e396baView commit details
Commits on Mar 1, 2024
-
Signed-off-by: Alejandro Colomar <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 71080e7 - Browse repository at this point
Copy the full SHA 71080e7View commit details
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff 4.14.5...4.14.6