Version 2.0release-2.0

* NEWS: Update version number
* configure.ac: Likewise.
* doc/pam-modules.texi: Fix a typo.
* doc/pam_ldaphome.8in: Likewise.
* pamck/pamck.c: Update copyright years.

* pam_fshadow/pam_fshadow.c: Suppress cc warnings.
* pam_groupmember/pam_groupmember.c: Likewise.
* pam_ldaphome/pam_ldaphome.c: Likewise.
* pam_log/pam_log.c: Likewise.
* pam_regex/pam_regex.c: Likewise.

10 files changed, 36 insertions, 24 deletions

diff --git a/NEWS b/NEWS
index 79dbb71..7d24ab6 100644
--- a/NEWS
+++ b/NEWS
@@ -1,11 +1,11 @@
-pam-modules -- history of user-visible changes. 2015-01-30
+pam-modules -- history of user-visible changes. 2015-02-26
 Copyright (C) 2001, 2004-2005, 2007-2012, 2015 Sergey Poznyakoff
 See the end of file for copying conditions.
 
 Please send pam-modules bug reports to <bug-pam-modules@gnu.org.ua>
 
 
-Version 1.9.90 (Git)
+Version 2.0, 2015-02-26
 
 * pam_ldaphome reads LDAP configuration from /etc/ldap.conf
 
@@ -32,6 +32,14 @@ configuration file contains:
 
 then the line '#:user' can be used to delimit ldap-synchronized
 and user-specific keys.
+
+* audit option
+
+All modules now support 'audit' option, which is equivalent to
+debug=100, i.e. it enables logging maximum debugging output.
+
+* pam_fshadow is built on all systems
+
 
 Version 1.9, 2014-05-21
 
diff --git a/configure.ac b/configure.ac
index 70c5b74..3a192a6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -16,7 +16,7 @@
 
 AC_PREREQ(2.63)
 
-AC_INIT(pam-modules, 1.9.90, bug-pam-modules@gnu.org.ua)
+AC_INIT(pam-modules, 2.0, bug-pam-modules@gnu.org.ua)
 AC_CONFIG_SRCDIR(pam_fshadow/pam_fshadow.c)
 AC_CONFIG_AUX_DIR([build-aux])
 AC_CONFIG_MACRO_DIR([m4])
diff --git a/doc/pam-modules.texi b/doc/pam-modules.texi
index a37a8ae..1464e06 100644
--- a/doc/pam-modules.texi
+++ b/doc/pam-modules.texi
@@ -1215,7 +1215,7 @@ From @file{/etc/ldap.conf}, the following statements are used:
 
 In general, all statements defined below can appear in both files.
 However, since @file{/etc/ldap.conf} is read by other system utilities
-as well, we do not recomment using @command{pam_ldaphome}-specific
+as well, we do not recommend using @command{pam_ldaphome}-specific
 keywords in it.
 
 The values read from @command{pam_ldaphome} configuration file
diff --git a/doc/pam_ldaphome.8in b/doc/pam_ldaphome.8in
index 01b0a1c..ace334a 100644
--- a/doc/pam_ldaphome.8in
+++ b/doc/pam_ldaphome.8in
@@ -14,7 +14,7 @@
 .\" You should have received a copy of the GNU General Public License
 .\" along with PAM-Modules.  If not, see <http://www.gnu.org/licenses/>.
 .so config.so
-.TH PAM_LDAPHOME 8 "January 30, 2015" "PAM-MODULES" "Pam-Modules User Reference"
+.TH PAM_LDAPHOME 8 "February 26, 2015" "PAM-MODULES" "Pam-Modules User Reference"
 .SH NAME
 pam_ldaphome \- create and populate user home directories
 .SH SYNOPSIS
@@ -50,7 +50,7 @@ The system-wide configuration file
 is parsed after processing the main configuration file.  In general,
 all statements defined below can appear in both files.  However, since
 .B /etc/ldap.conf
-is read by other system utilities as well, we do not recomment using
+is read by other system utilities as well, we do not recommend using
 .BR pam_ldaphome -specific 
 keywords in it.
 .PP
diff --git a/pam_fshadow/pam_fshadow.c b/pam_fshadow/pam_fshadow.c
index 3a9bcda..058dd44 100644
--- a/pam_fshadow/pam_fshadow.c
+++ b/pam_fshadow/pam_fshadow.c
@@ -124,19 +124,21 @@ struct pam_opt pam_opt[] = {
         { PAM_OPTSTR(sysconfdir), pam_opt_string, &sysconfdir },
         { PAM_OPTSTR(regex), pam_opt_string, &regex_str },
         { PAM_OPTSTR(extended), pam_opt_bitmask, &regex_flags,
-          REG_EXTENDED },
+          { .value = REG_EXTENDED } },
         { PAM_OPTSTR(basic), pam_opt_bitmask_rev, &regex_flags,
-          REG_EXTENDED },
+          { .value = REG_EXTENDED } },
         { PAM_OPTSTR(icase), pam_opt_bitmask, &regex_flags,
-          REG_ICASE },
+          { .value = REG_ICASE } },
         { PAM_OPTSTR(ignore-case), pam_opt_bitmask, &regex_flags,
-          REG_ICASE },
+          { .value = REG_ICASE } },
         { PAM_OPTSTR(case), pam_opt_bitmask_rev, &regex_flags,
-          REG_ICASE },
-        { PAM_OPTSTR(passwd), pam_opt_bool, &cntl_flags, CNTL_PASSWD },
-        { PAM_OPTSTR(shadow), pam_opt_bool, &cntl_flags, CNTL_SHADOW },
+          { .value = REG_ICASE } },
+        { PAM_OPTSTR(passwd), pam_opt_bool, &cntl_flags,
+          { .value = CNTL_PASSWD } },
+        { PAM_OPTSTR(shadow), pam_opt_bool, &cntl_flags,
+          { .value = CNTL_SHADOW } },
         { PAM_OPTSTR(revert-index), pam_opt_bool, &cntl_flags,
-          CNTL_REVERT_INDEX },
+          { .value = CNTL_REVERT_INDEX } },
         { NULL }
 };
 
diff --git a/pam_groupmember/pam_groupmember.c b/pam_groupmember/pam_groupmember.c
index 39685b0..020c900 100644
--- a/pam_groupmember/pam_groupmember.c
+++ b/pam_groupmember/pam_groupmember.c
@@ -40,7 +40,6 @@
 const char *sense_choice[] = { "allow", "deny", NULL };
 
 static int sense;
-static int cntl_flags;
 static long debug_level;
 static char *groups;
 
diff --git a/pam_ldaphome/pam_ldaphome.c b/pam_ldaphome/pam_ldaphome.c
index c80f1dc..b1403cb 100644
--- a/pam_ldaphome/pam_ldaphome.c
+++ b/pam_ldaphome/pam_ldaphome.c
@@ -628,6 +628,10 @@ get_ldap_attrs(LDAP *ld, LDAPMessage *msg, const char *attr)
         struct berval **values;
         
         rc = ldap_get_dn_ber(ld, msg, &ber, &bv);
+        if (rc != LDAP_SUCCESS) {
+                _pam_log(LOG_ERR, "ldap_get_dn_ber: %s", ldap_err2string(rc));
+                return NULL;
+        }
         ufn = ldap_dn2ufn(bv.bv_val);
         DEBUG(2, ("INFO: %s", ufn));
         ldap_memfree(ufn);
diff --git a/pam_log/pam_log.c b/pam_log/pam_log.c
index adb296d..8a76f3f 100644
--- a/pam_log/pam_log.c
+++ b/pam_log/pam_log.c
@@ -18,7 +18,6 @@
 
 
 /* Command line parsing */
-static int cntl_flags;
 static long debug_level;
 
 static int xargc;
diff --git a/pam_regex/pam_regex.c b/pam_regex/pam_regex.c
index cbb7431..3f14510 100644
--- a/pam_regex/pam_regex.c
+++ b/pam_regex/pam_regex.c
@@ -43,7 +43,6 @@
 const char *sense_choice[] = { "allow", "deny", NULL };
 
 static int sense;
-static int cntl_flags;
 static long debug_level;
 static const char *regex = NULL;
 static int regex_flags = REG_NOSUB|REG_EXTENDED;
@@ -56,20 +55,21 @@ struct pam_opt pam_opt[] = {
         { PAM_OPTSTR(audit), pam_opt_const, &debug_level, { 100 } },
         { PAM_OPTSTR(waitdebug), pam_opt_null, NULL, { 0 },
           gray_wait_debug_fun },
-        { PAM_OPTSTR(sense), pam_opt_enum, &sense, { sense_choice } },
+        { PAM_OPTSTR(sense), pam_opt_enum, &sense,
+          { .enumstr = sense_choice } },
         { PAM_OPTSTR(transform), pam_opt_string, &transform },
         { PAM_OPTSTR(user), pam_opt_string, &user_name },
         { PAM_OPTSTR(regex), pam_opt_string, &regex },
         { PAM_OPTSTR(extended), pam_opt_bitmask, &regex_flags,
-          { REG_EXTENDED } },
+          { .value = REG_EXTENDED } },
         { PAM_OPTSTR(basic), pam_opt_bitmask_rev, &regex_flags,
-          { REG_EXTENDED } },
+          { .value = REG_EXTENDED } },
         { PAM_OPTSTR(icase), pam_opt_bitmask, &regex_flags,
-          { REG_ICASE } },
+          { .value = REG_ICASE } },
         { PAM_OPTSTR(ignore-case), pam_opt_bitmask, &regex_flags,
-          { REG_ICASE } },
+          { .value = REG_ICASE } },
         { PAM_OPTSTR(case), pam_opt_bitmask_rev, &regex_flags,
-          { REG_ICASE } },
+          { .value = REG_ICASE } },
         
         { NULL }
 };
diff --git a/pamck/pamck.c b/pamck/pamck.c
index 55e744c..976c1da 100644
--- a/pamck/pamck.c
+++ b/