common

Timestamp:

Aug 16, 2011 9:45:38 AM (13 years ago)

Author:

vboxsync

Message:

PAM: First implementation of waiting for credentials.

Location:

trunk/src/VBox/Additions/common/pam

Files:

: 1 edited
: 1 moved

Makefile.kmk (modified) (2 diffs)
pam_vbox.cpp (moved) (moved from trunk/src/VBox/Additions/common/pam/pam_vbox.c ) (11 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/src/VBox/Additions/common/pam/Makefile.kmk

-              r29058
+              r38468
+#
 # Copyright (C) 2010 Oracle Corporation
+# Copyright (C) 2011 Oracle Corporation
+#
 # This file is part of VirtualBox Open Source Edition (OSE), as
 …
 pam_vbox_TEMPLATE = VBOXGUESTR3DLL
 pam_vbox_DEFS     = LOG_TO_BACKDOOR VBOX_WITH_HGCM
+pam_vbox_SOURCES  = pam_vbox.c
+pam_vbox_DEFS    += \
+        $(if $(VBOX_WITH_GUEST_PROPS),VBOX_WITH_GUEST_PROPS,)
+pam_vbox_SOURCES  = pam_vbox.cpp
 pam_vbox_LIBS = \
         pam \

trunk/src/VBox/Additions/common/pam/pam_vbox.cpp

-              r38459
+              r38468
 #define PAM_SM_SESSION
 #ifdef _DEBUG
+#ifdef DEBUG
 # define PAM_DEBUG
 #endif
 …
 #include <syslog.h>
+#include <iprt/assert.h>
 #include <iprt/env.h>
+#include <iprt/initterm.h>
+#include <iprt/mem.h>
 #include <iprt/stream.h>
-#include <iprt/initterm.h>
 #include <iprt/string.h>
+#include <iprt/assert.h>
+#include <VBox/VBoxGuestLib.h>
 #include <VBox/log.h>
+#include <VBox/VBoxGuestLib.h>
+#ifdef VBOX_WITH_GUEST_PROPS
+# include <VBox/HostServices/GuestPropertySvc.h>
+  using namespace guestProp;
+#endif
 #define VBOX_MODULE_NAME "pam_vbox"
 /** For debugging. */
 #ifdef _DEBUG
+#ifdef DEBUG
 static pam_handle_t *g_pam_handle;
 static int g_verbosity = 99;
 …
 #ifdef RT_OS_LINUX
     openlog("pam_vbox", LOG_PID, LOG_AUTHPRIV);
     syslog(LOG_ERR, pszBuf);
+    syslog(LOG_ERR, "%s", pszBuf);
     closelog();
 #elif defined(RT_OS_SOLARIS)
 …
  * @param   ...         Format arguments.
  */
 static void pam_vbox_error(pam_handle_t *h, const char *pszFormat, ...)
+static void pam_vbox_error(pam_handle_t *hPAM, const char *pszFormat, ...)
+{
     va_list va;
 …
  * @param   ...         Format arguments.
  */
 static void pam_vbox_log(pam_handle_t *h, const char *pszFormat, ...)
+static void pam_vbox_log(pam_handle_t *hPAM, const char *pszFormat, ...)
+{
     if (g_verbosity)
 …
+static int pam_vbox_do_check(pam_handle_t *h)
+{
+    int rc;
+    int pamrc;
+#ifdef _DEBUG
+    g_pam_handle = h; /* hack for getting assertion text */
+static int vbox_set_msg(pam_handle_t *hPAM, int iStyle, const char *pszText)
+{
+    AssertPtrReturn(hPAM, VERR_INVALID_POINTER);
+    AssertPtrReturn(pszText, VERR_INVALID_POINTER);
+    if (!iStyle)
+        iStyle = PAM_TEXT_INFO;
+    int rc = VINF_SUCCESS;
+    struct pam_message msg;
+    msg.msg_style = iStyle;
+    msg.msg = pszText;
+    const struct pam_conv *conv;
+    int pamrc = pam_get_item(hPAM, PAM_CONV, (const void **)&conv);
+    if (pamrc == PAM_SUCCESS)
+    {
+        struct pam_response *resp;
+        const struct pam_message *msg_p = &msg;
+        pamrc = conv->conv(1 /* One message only */, &msg_p, &resp, conv->appdata_ptr);
+        if (pamrc == PAM_SUCCESS)
+        {
+            pam_vbox_log(hPAM, "Showing message (type %d): %s", msg, pszText);
+            free(resp);
+        }
+    }
+    else
+        rc = VERR_NOT_FOUND;
+    return rc;
+}
+static int pam_vbox_init(pam_handle_t *hPAM)
+{
+#ifdef DEBUG
+    g_pam_handle = hPAM; /* hack for getting assertion text */
 #endif
 …
     RTAssertSetMayPanic(false);
     rc = RTR3Init();
+    int rc = RTR3Init();
     if (RT_FAILURE(rc))
+    {
         pam_vbox_error(h, "pam_vbox_do_check: could not init runtime! rc=%Rrc. Aborting.\n", rc);
+        pam_vbox_error(hPAM, "pam_vbox_init: could not init runtime! rc=%Rrc. Aborting\n", rc);
         return PAM_SUCCESS; /* Jump out as early as we can to not mess around. */
+    }
     pam_vbox_log(h, "pam_vbox_do_check: runtime initialized.\n");
+    pam_vbox_log(hPAM, "pam_vbox_init: runtime initialized\n");
     if (RT_SUCCESS(rc))
+    {
 …
+            {
                 case VERR_ACCESS_DENIED:
                     pam_vbox_error(h, "pam_vbox_do_check: access is denied to guest driver! Please make sure you run with sufficient rights. Aborting.\n");
+                    pam_vbox_error(hPAM, "pam_vbox_init: access is denied to guest driver! Please make sure you run with sufficient rights. Aborting\n");
                     break;
                 case VERR_FILE_NOT_FOUND:
                     pam_vbox_error(h, "pam_vbox_do_check: guest driver not found! Guest Additions installed? Aborting.\n");
+                    pam_vbox_error(hPAM, "pam_vbox_init: guest driver not found! Guest Additions installed? Aborting\n");
                     break;
                 default:
                     pam_vbox_error(h, "pam_vbox_do_check: could not init VbglR3 library! rc=%Rrc. Aborting.\n", rc);
+                    pam_vbox_error(hPAM, "pam_vbox_init: could not init VbglR3 library! rc=%Rrc. Aborting\n", rc);
                     break;
+            }
+            return PAM_SUCCESS; /* Jump out as early as we can to not mess around. */
+        }
+        pam_vbox_log(h, "pam_vbox_do_check: guest lib initialized.\n");
+    }
+    pamrc = PAM_OPEN_ERR; /* The PAM return code; intentionally not used as an exit value below. */
+        }
+        pam_vbox_log(hPAM, "pam_vbox_init: guest lib initialized\n");
+    }
     if (RT_SUCCESS(rc))
+    {
 …
         char *prompt = NULL;
 #ifdef RT_OS_SOLARIS
         pam_get_item(h, PAM_RHOST, (void**) &rhost);
         pam_get_item(h, PAM_TTY, (void**) &tty);
         pam_get_item(h, PAM_USER_PROMPT, (void**) &prompt);
+        pam_get_item(hPAM, PAM_RHOST, (void**) &rhost);
+        pam_get_item(hPAM, PAM_TTY, (void**) &tty);
+        pam_get_item(hPAM, PAM_USER_PROMPT, (void**) &prompt);
 #else
         pam_get_item(h, PAM_RHOST, (const void**) &rhost);
         pam_get_item(h, PAM_TTY, (const void**) &tty);
         pam_get_item(h, PAM_USER_PROMPT, (const void**) &prompt);
 #endif
         pam_vbox_log(h, "pam_vbox_do_check: rhost=%s, tty=%s, prompt=%s\n",
+        pam_get_item(hPAM, PAM_RHOST, (const void**) &rhost);
+        pam_get_item(hPAM, PAM_TTY, (const void**) &tty);
+        pam_get_item(hPAM, PAM_USER_PROMPT, (const void**) &prompt);
+#endif
+        pam_vbox_log(hPAM, "pam_vbox_init: rhost=%s, tty=%s, prompt=%s\n",
                      rhost ? rhost : "<none>", tty ? tty : "<none>", prompt ? prompt : "<none>");
+        rc = VbglR3CredentialsQueryAvailability();
+    }
+    return rc;
+}
+static void pam_vbox_shutdown(pam_handle_t *hPAM)
+{
+    VbglR3Term();
+}
+static int pam_vbox_check_creds(pam_handle_t *hPAM)
+{
+    int rc = VbglR3CredentialsQueryAvailability();
+    if (RT_FAILURE(rc))
+    {
+        if (rc == VERR_NOT_FOUND)
+            pam_vbox_log(hPAM, "pam_vbox_check_creds: no credentials available\n");
+        else
+            pam_vbox_error(hPAM, "pam_vbox_check_creds: could not query for credentials! rc=%Rrc. Aborting\n", rc);
+    }
+    else
+    {
+        char *pszUsername;
+        char *pszPassword;
+        char *pszDomain;
+        rc = VbglR3CredentialsRetrieve(&pszUsername, &pszPassword, &pszDomain);
         if (RT_FAILURE(rc))
+        {
+            if (rc == VERR_NOT_FOUND)
+                pam_vbox_log(h, "pam_vbox_do_check: no credentials available.\n");
+            else
+                pam_vbox_error(h, "pam_vbox_do_check: could not query for credentials! rc=%Rrc. Aborting.\n", rc);
+            pamrc = PAM_SUCCESS;
+            pam_vbox_error(hPAM, "pam_vbox_check_creds: could not retrieve credentials! rc=%Rrc. Aborting\n", rc);
+        }
         else
+        {
+            char *pszUsername;
+            char *pszPassword;
+            char *pszDomain;
+            rc = VbglR3CredentialsRetrieve(&pszUsername, &pszPassword, &pszDomain);
+            if (RT_FAILURE(rc))
+#ifdef DEBUG
+            pam_vbox_log(hPAM, "pam_vbox_check_creds: credentials retrieved: user=%s, password=%s, domain=%s\n",
+                         pszUsername, pszPassword, pszDomain);
+#else
+            /* Don't log passwords in release mode! */
+            pam_vbox_log(hPAM, "pam_vbox_check_creds: credentials retrieved: user=%s, password=XXX, domain=%s\n",
+                         pszUsername, pszDomain);
+#endif
+            /* Fill credentials into PAM. */
+            int pamrc = pam_set_item(hPAM, PAM_USER, pszUsername);
+            if (pamrc != PAM_SUCCESS)
+            {
+                pam_vbox_error(h, "pam_vbox_do_check: could not retrieve credentials! rc=%Rrc. Aborting.\n", rc);
+                pam_vbox_error(hPAM, "pam_vbox_check_creds: could not set user name! pamrc=%d, msg=%s. Aborting\n",
+                               pamrc, pam_strerror(hPAM, pamrc));
+            }
             else
+            {
+#ifdef _DEBUG
+                pam_vbox_log(h, "pam_vbox_do_check: credentials retrieved: user=%s, password=%s, domain=%s\n",
+                             pszUsername, pszPassword, pszDomain);
+#else
+                pam_vbox_log(h, "pam_vbox_do_check: credentials retrieved: user=%s, password=XXX, domain=%s\n",
+                             pszUsername, pszDomain);
+#endif
+                /* Fill credentials into PAM. */
+                pamrc = pam_set_item(h, PAM_USER, pszUsername);
+                pamrc = pam_set_item(hPAM, PAM_AUTHTOK, pszPassword);
                 if (pamrc != PAM_SUCCESS)
+                    pam_vbox_error(hPAM, "pam_vbox_check_creds: could not set password! pamrc=%d, msg=%s. Aborting\n",
+                                   pamrc, pam_strerror(hPAM, pamrc));
+            }
+            /** @todo Add handling domains as well. */
+            VbglR3CredentialsDestroy(pszUsername, pszPassword, pszDomain,
+/* Three wipe passes */);
+           pam_vbox_log(hPAM, "pam_vbox_check_creds: returned with pamrc=%d, msg=%s\n",
+                        pamrc, pam_strerror(hPAM, pamrc));
+        }
+    }
+    pam_vbox_log(hPAM, "pam_vbox_check_creds: returned with rc=%Rrc\n", rc);
+    return rc;
+}
+#ifdef VBOX_WITH_GUEST_PROPS
+static int pam_vbox_wait_for_creds(pam_handle_t *hPAM, uint32_t uClientID, uint32_t uTimeoutMS)
+{
+    int rc;
+    /* The buffer for storing the data and its initial size.  We leave a bit
+     * of space here in case the maximum values are raised. */
+    void *pvBuf = NULL;
+    uint32_t cbBuf = MAX_NAME_LEN + MAX_VALUE_LEN + MAX_FLAGS_LEN + _1K;
+    pam_vbox_log(hPAM, "Waiting for credentials (%dms) ...\n", uTimeoutMS);
+    int i;
+    for (i = 0; i < 10; i++)
+    {
+        void *pvTmpBuf = RTMemRealloc(pvBuf, cbBuf);
+        if (pvTmpBuf)
+        {
+            char *pszName = NULL;
+            char *pszValue = NULL;
+            uint64_t u64TimestampOut = 0;
+            char *pszFlags = NULL;
+            pvBuf = pvTmpBuf;
+            rc = VbglR3GuestPropWait(uClientID, "/VirtualBox/GuestAdd/PAM/CredsChanged", pvBuf, cbBuf,
+/* Last timestamp; just wait for next event */, uTimeoutMS,
+                                     &pszName, &pszValue, &u64TimestampOut,
+                                     &pszFlags, &cbBuf);
+        }
+        else
+            rc = VERR_NO_MEMORY;
+        switch (rc)
+        {
+            case VINF_SUCCESS:
+                pam_vbox_error(hPAM, "Got notification for supplied credentials\n");
+                break;
+            case VERR_BUFFER_OVERFLOW:
+            {
+                /* Buffer too small, try it with a bigger one next time. */
+                cbBuf += _1K;
+                continue; /* Try next round. */
+            }
+            case VERR_INTERRUPTED:
+                pam_vbox_error(hPAM, "The credentials notification request timed out or was interrupted\n");
+                break;
+            case VERR_TIMEOUT:
+                pam_vbox_error(hPAM, "Credentials did not arrive within time (%dms)\n", uTimeoutMS);
+                break;
+            case VERR_TOO_MUCH_DATA:
+                pam_vbox_error(hPAM, "Temporarily unable to get credentials notification\n");
+                break;
+            default:
+                pam_vbox_error(hPAM, "The credentials notification request failed with rc=%Rrc\n", rc);
+                break;
+        }
+        /* Everything except VERR_BUFFER_OVERLOW makes us bail out ... */
+        break;
+    }
+    pam_vbox_log(hPAM, "Waiting for credentials returned with rc=%Rrc\n", rc);
+    return rc;
+}
+static int pam_vbox_read_prop(pam_handle_t *hPAM, uint32_t clientid, const char *pszKey,
+                              char *pszValue, size_t cbValue)
+{
+    AssertReturn(clientid, VERR_INVALID_PARAMETER);
+    AssertPtrReturn(pszKey, VERR_INVALID_POINTER);
+    AssertPtrReturn(pszValue, VERR_INVALID_POINTER);
+    int rc = VbglR3GuestPropReadValue(clientid, pszKey,
+                                      pszValue, cbValue, NULL /* Actual size, not required. */);
+    pam_vbox_log(hPAM, "pam_vbox_read_prop: read key \"%s\" with rc=%Rrc\n",
+                 pszKey, rc);
+    if (RT_SUCCESS(rc))
+        pam_vbox_log(hPAM, "pam_vbox_read_prop: key \"%s\"=\"%s\"\n",
+                     pszKey, pszValue);
+    return rc;
+}
+#endif
+/**
+ * Performs authentication within the PAM framework.
+ *
+ * @todo
+ */
+DECLEXPORT(int) pam_sm_authenticate(pam_handle_t *hPAM, int iFlags,
+                                    int argc, const char **argv)
+{
+    /* Parse arguments. */
+    int i;
+    for (i = 0; i < argc; i++)
+    {
+        if (!RTStrICmp(argv[i], "debug"))
+            g_verbosity = 1;
+        else
+            pam_vbox_error(hPAM, "pam_sm_authenticate: unknown command line argument \"%s\"\n", argv[i]);
+    }
+    pam_vbox_log(hPAM, "pam_vbox_authenticate called\n");
+    int rc = pam_vbox_init(hPAM);
+    if (RT_FAILURE(rc))
+        return PAM_SUCCESS; /* Jump out as early as we can to not mess around. */
+    bool fFallback = true;
+#ifdef VBOX_WITH_GUEST_PROPS
+    uint32_t uClientId;
+    rc = VbglR3GuestPropConnect(&uClientId);
+    if (RT_SUCCESS(rc))
+    {
+        char szVal[256];
+        rc = pam_vbox_read_prop(hPAM,uClientId, "/VirtualBox/GuestAdd/PAM/CredsWait",
+                                szVal, sizeof(szVal));
+        if (RT_SUCCESS(rc))
+        {
+            /* All calls which are checked against rc2 are not critical, e.g. it does
+             * not matter if they succeed or not. */
+            uint32_t uTimeoutMS = RT_INDEFINITE_WAIT; /* Wait infinite by default. */
+            int rc2 = pam_vbox_read_prop(hPAM, uClientId, "/VirtualBox/GuestAdd/PAM/CredsWaitTimeout",
+                                         szVal, sizeof(szVal));
+            if (RT_SUCCESS(rc2))
+            {
+                uTimeoutMS = RTStrToUInt32(szVal);
+                if (!uTimeoutMS)
+                {
+                    pam_vbox_error(h, "pam_vbox_do_check: could not set user name! pamrc=%d. Aborting.\n", pamrc);
+                    pam_vbox_error(hPAM, "pam_sm_authenticate: invalid waiting timeout value specified, defaulting to infinite timeout\n");
+                    uTimeoutMS = RT_INDEFINITE_WAIT;
+                }
                 else
+                    uTimeoutMS = uTimeoutMS * 1000; /* Make ms out of s. */
+            }
+            rc2 = pam_vbox_read_prop(hPAM, uClientId, "/VirtualBox/GuestAdd/PAM/CredsMsgWaiting",
+                                     szVal, sizeof(szVal));
+            const char *pszWaitMsg = NULL;
+            if (RT_SUCCESS(rc2))
+                pszWaitMsg = szVal;
+            rc2 = vbox_set_msg(hPAM, 0 /* Info message */,
+                               pszWaitMsg ? pszWaitMsg : "Waiting for credentials ...");
+            if (RT_FAILURE(rc2)) /* Not critical. */
+                pam_vbox_error(hPAM, "pam_sm_authenticate: error setting waiting information message, rc=%Rrc\n", rc2);
+            if (RT_SUCCESS(rc))
+            {
+                /* Before we actuall wait for credentials just make sure we didn't already get credentials
+                 * set so that we can skip waiting for them ... */
+                rc = pam_vbox_check_creds(hPAM);
+                if (rc == VERR_NOT_FOUND)
+                {
+                    pamrc = pam_set_item(h, PAM_AUTHTOK, pszPassword);
+                    if (pamrc != PAM_SUCCESS)
+                        pam_vbox_error(h, "pam_vbox_do_check: could not set password! pamrc=%d. Aborting.\n", pamrc);
+                    rc = pam_vbox_wait_for_creds(hPAM, uClientId, uTimeoutMS);
+                    if (RT_SUCCESS(rc))
+                    {
+                        /* Waiting for credentials succeeded, try getting those ... */
+                        rc = pam_vbox_check_creds(hPAM);
+                        if (RT_FAILURE(rc))
+                            pam_vbox_error(hPAM, "pam_sm_authenticate: no credentials given, even when waited for it, rc=%Rrc\n", rc);
+                    }
+                    else if (rc == VERR_TIMEOUT)
+                    {
+                        pam_vbox_log(hPAM, "pam_sm_authenticate: no credentials given within time\n", rc);
+                        rc2 = pam_vbox_read_prop(hPAM, uClientId, "/VirtualBox/GuestAdd/PAM/CredsMsgWaitTimeout",
+                                                 szVal, sizeof(szVal));
+                        if (RT_SUCCESS(rc2))
+                            rc2 = vbox_set_msg(hPAM, 0 /* Info message */, szVal);
+                    }
+                }
+                /** @todo Add handling domains as well. */
+                VbglR3CredentialsDestroy(pszUsername, pszPassword, pszDomain,
+/* Three wipe passes */);
+                /* If we got here we don't need the fallback, so just deactivate it. */
+                fFallback = false;
+            }
+        }
+        VbglR3Term();
+    } /* VbglR3 init okay */
+#if 0 /** @todo implement RTR3Term, or create some hack to force anything containing RTR3Init to stay loaded. */
+    RTR3Term();
+#endif
+    pam_vbox_log(h, "pam_vbox_do_check: returned with pamrc=%d, msg=%s\n",
+                 pamrc, pam_strerror(h, pamrc));
+        VbglR3GuestPropDisconnect(uClientId);
+    }
+#endif /* VBOX_WITH_GUEST_PROPS */
+    if (fFallback)
+    {
+        pam_vbox_log(hPAM, "pam_vbox_authenticate: falling back to old method\n");
+        /* If anything went wrong in the code above we just do a credentials
+         * check like it was before: Try retrieving the stuff and authenticating. */
+        int rc2 = pam_vbox_check_creds(hPAM);
+        if (RT_SUCCESS(rc))
+            rc = rc2;
+    }
+    pam_vbox_shutdown(hPAM);
+    pam_vbox_log(hPAM, "pam_vbox_authenticate: overall result rc=%Rrc\n", rc);
     /* Never report an error here because if no credentials from the host are available or something
 …
 /**
- * Performs authentication within the PAM framework.
+ *
- * @todo
- */
-DECLEXPORT(int) pam_sm_authenticate(pam_handle_t *h, int flags,
-                                    int argc, const char **argv)
+{
-    /* Parse arguments. */
-    int i;
-    for (i = 0; i < argc; i++)
+    {
-        if (!RTStrICmp(argv[i], "debug"))
-            g_verbosity = 1;
-        else
-            pam_vbox_error(h, "pam_sm_authenticate: unknown command line argument \"%s\"\n", argv[i]);
+    }
-    pam_vbox_log(h, "pam_vbox_authenticate called.\n");
-    /* Do the actual check. */
-    return pam_vbox_do_check(h);
+}
-/**
  * Modifies / deletes user credentials
+ *
  * @todo
  */
 DECLEXPORT(int) pam_sm_setcred(pam_handle_t *h, int flags, int argc, const char **argv)
+{
     pam_vbox_log(h, "pam_vbox_setcred called.\n");
+DECLEXPORT(int) pam_sm_setcred(pam_handle_t *hPAM, int iFlags, int argc, const char **argv)
+{
+    pam_vbox_log(hPAM, "pam_vbox_setcred called\n");
     return PAM_SUCCESS;
+}
 DECLEXPORT(int) pam_sm_acct_mgmt(pam_handle_t *h, int flags, int argc, const char **argv)
+{
     pam_vbox_log(h, "pam_vbox_acct_mgmt called.\n");
+DECLEXPORT(int) pam_sm_acct_mgmt(pam_handle_t *hPAM, int iFlags, int argc, const char **argv)
+{
+    pam_vbox_log(hPAM, "pam_vbox_acct_mgmt called\n");
     return PAM_SUCCESS;
+}
 DECLEXPORT(int) pam_sm_open_session(pam_handle_t *h, int flags, int argc, const char **argv)
+{
     pam_vbox_log(h, "pam_vbox_open_session called.\n");
+DECLEXPORT(int) pam_sm_open_session(pam_handle_t *hPAM, int iFlags, int argc, const char **argv)
+{
+    pam_vbox_log(hPAM, "pam_vbox_open_session called\n");
     RTPrintf("This session was provided by VirtualBox Guest Additions. Have a lot of fun!\n");
     return PAM_SUCCESS;
 …
 DECLEXPORT(int) pam_sm_close_session(pam_handle_t *h, int flags, int argc, const char **argv)
+{
     pam_vbox_log(h, "pam_vbox_close_session called.\n");
+DECLEXPORT(int) pam_sm_close_session(pam_handle_t *hPAM, int iFlags, int argc, const char **argv)
+{
+    pam_vbox_log(hPAM, "pam_vbox_close_session called\n");
     return PAM_SUCCESS;
+}
 DECLEXPORT(int) pam_sm_chauthtok(pam_handle_t *h, int flags, int argc, const char **argv)
+{
     pam_vbox_log(h, "pam_vbox_sm_chauthtok called.\n");
+DECLEXPORT(int) pam_sm_chauthtok(pam_handle_t *hPAM, int iFlags, int argc, const char **argv)
+{
+    pam_vbox_log(hPAM, "pam_vbox_sm_chauthtok called\n");
     return PAM_SUCCESS;
+}
 #ifdef _DEBUG
+#ifdef DEBUG
 DECLEXPORT(void) RTAssertMsg1Weak(const char *pszExpr, unsigned uLine, const char *pszFile, const char *pszFunction)
+{

Note: See TracChangeset for help on using the changeset viewer.

Changeset 38468 in vbox for trunk/src/VBox/Additions/common

Legend:

trunk/src/VBox/Additions/common/pam/Makefile.kmk

trunk/src/VBox/Additions/common/pam/pam_vbox.cpp

Download in other formats: