freebsd-dev

Author	SHA1	Message	Date
Andrey A. Chernov	3195cd6712	Back out second right-now-expired password check in pam_sm_chauthtok, old expired password assumed there	2002-01-19 09:23:36 +00:00
Andrey A. Chernov	012400dfcd	Previous commit was incomplete, use new error code PAM_CRED_ERR to indicate die case, different from PAM_SUCCESS and PAM_AUTH_ERR	2002-01-19 08:36:47 +00:00
Andrey A. Chernov	d97cc81fa4	Rewrite 'pwok' fallback in the way it can be properly chained with pam_unix Replace snprintf %s with strlcpy Check for NULL returned from getpwnam()	2002-01-19 07:23:48 +00:00
Andrey A. Chernov	c8e3fac7a1	Add yet one expired-right-now password check, in pam_sm_chauthtok srandomdev() can't be used in libraries, replace srandomdev()+random() by arc4random()	2002-01-19 04:58:51 +00:00
Andrey A. Chernov	8c70adab72	Set pwok to 1 for non-OPIE users	2002-01-19 03:31:39 +00:00
Andrey A. Chernov	d54c36388e	Add missing check for right-now-expired password	2002-01-19 02:45:24 +00:00
Andrey A. Chernov	3f9a326a7a	Implement 'pwok', i.e. conditional fallback to unix password as supposed by opieaccessfile() and opiealways()	2002-01-19 02:38:43 +00:00
Ruslan Ermilov	7f432ff831	mdoc(7) police: bump document date.	2001-12-14 13:49:28 +00:00
David Malone	9f5b04e925	Style improvements recommended by Bruce as a follow up to some of the recent WARNS commits. The idea is: 1) FreeBSD id tags should follow vendor tags. 2) Vendor tags should not be compiled (though copyrights probably should). 3) There should be no blank line between including cdefs and __FBSDIF.	2001-12-10 21:13:08 +00:00
Dag-Erling Smørgrav	18a85de04b	Back out previous commit. Requested by: ru	2001-12-09 15:11:55 +00:00
Ruslan Ermilov	945b9f4de9	mdoc(7) police: sort xrefs.	2001-12-08 16:28:20 +00:00
Dag-Erling Smørgrav	bdd601a1e3	Get pam_mod_misc.h from .CURDIR rather than .OBJDIR or /usr/include. Sponsored by: DARPA, NAI Labs	2001-12-07 11:51:47 +00:00
Dag-Erling Smørgrav	8d3978c115	Add dummy functions for all module types. These dummies return PAM_IGNORE rather than PAM_SUCCESS, so you'll get a failure if you list dummies but no real modules for a particular module chain. Sponsored by: DARPA, NAI Labs	2001-12-05 16:06:35 +00:00
Dag-Erling Smørgrav	d5a8dd3fb5	Connect the man page to the build. Sponsored by: DARPA, NAI Labs	2001-12-05 16:02:50 +00:00
Dag-Erling Smørgrav	e2c8459e85	Add a pam_self authentication module that succeeds if and only if the local and remote user names are the same. Sponsored by: DARPA, NAI Labs	2001-12-05 15:55:14 +00:00
Mark Murray	1a8b24c257	Use __FBSDID(). Also do a bit of cosmetic #if and header-order cleaning-up.	2001-12-02 20:54:57 +00:00
Mark Murray	d2f6cd8fd5	Style fixups. Sort function declarations, includes. Make consistent WRT use of _P() macro (ugh!) Inspired by: bde	2001-12-01 21:12:04 +00:00
Mark Murray	e317b97026	WARNS=2 fixes. Reviewed by: bde (a while back)	2001-12-01 17:46:46 +00:00
Brian Feldman	7d8cee925b	Fix pam_ssh by adding an IPv4or6 (evidently, this was broken by my last OpenSSH import) declaration and strdup(3)ing a value which is later free(3)d, rather than letting the system try to free it invalidly.	2001-11-29 21:16:11 +00:00
Ruslan Ermilov	60c6736148	mdoc(7) police: fix one pam_unix(8) left-over, sort xrefs.	2001-11-28 09:25:03 +00:00
Dag-Erling Smørgrav	b4a475937b	Create a pam_ssh(8) man page, based on a repo-copy of pam_unix(8). License modified with original author's permission. Sponsored by: DARPA, NAI Labs	2001-11-27 00:57:50 +00:00
Dag-Erling Smørgrav	d65e5dfa59	Document the local_pass and nis_pass options, add a few xrefs, and reorder the SEE ALSO section. License modified with original author's permission. Sponsored by: DARPA, NAI Labs	2001-11-27 00:53:10 +00:00
Dima Dorfman	a48060a2f7	Spelling police: sucessful -> successful.	2001-11-24 23:41:32 +00:00
Maxim Sobolev	bc3a4bf55d	Don't put an extra space after password prompts, because it violates POLA, makes FreeBSD inconsistent with previous releases and "other unices" as well as with some internal password-asking services (e.g. ftp) within the same release.	2001-10-25 15:51:50 +00:00
Mark Murray	ce1e0bbc8f	Add library exposed by KDE's use if this module.	2001-10-18 20:05:20 +00:00
Matthew Dillon	ceaf33f537	Add __FBSDID()s to libpam	2001-09-30 22:11:06 +00:00
Mark Murray	6e925e8fc7	1) repair the return value in the PAM_RETURN() macro (Side effects!!). 2) canonicalise the options use in pam_options(). Submitted by: Gunnar Kreitz <gunnark@chello.se> PR: 30250	2001-09-04 17:05:08 +00:00
Mark Murray	a41ad3fca9	Introduce a "noroot_ok" option to make this module ignore authentications to a non-superuser if required.	2001-08-26 18:09:00 +00:00
Mark Murray	f96b705fa7	Introduce better logging, error reporting and use of login_cap data.	2001-08-26 18:05:35 +00:00
Mark Murray	3d55a6c083	Big module makeover; improve logging, standardise variable names, introduce ability to change passwords for both "usual" Unix methods and NIS.	2001-08-26 17:41:13 +00:00
Mark Murray	ca0bdcdd29	Document the no_warn option.	2001-08-15 20:05:33 +00:00
Mark Murray	b5507a38bc	Fix a couple of cross-references to reflect the reality of the module.	2001-08-15 20:03:26 +00:00
Mark Murray	537db85291	Fix: /usr/src/lib/libpam/modules/pam_ssh/pam_ssh.c has couple of bugs which cause: 1) xdm dumps core 2) ssh1 private key is not passed to ssh-agent 3) ssh2 RSA key seems not handled properly (just a guess from source) 4) ssh_get_authentication_connectionen() fails to get connection because of SSH_AUTH_SOCK not defined. PR: 29609 Submitted by: Takanori Saneto <sanewo@ba2.so-net.ne.jp>	2001-08-11 12:37:55 +00:00
Mark Murray	3938427761	Clean up this module very extensively. Fix the logging, the coding standards and the option handling. This module is now much more easy to maintain as a part of the FreeBSD tree.	2001-08-10 19:24:34 +00:00
Mark Murray	530ebf8e0a	Code clean up; make logging same as other modules and fix warnings.	2001-08-10 19:21:45 +00:00
Mark Murray	34beb374a2	General code clean-up. Sort out warnings, and make the warning and logging work the same as other modules.	2001-08-10 19:18:52 +00:00
Mark Murray	0fa107a3cb	Simplify code. Also verbose logging, verbose overridable error reporting.	2001-08-10 19:15:48 +00:00
Mark Murray	65550d9b5a	Verbose logging, overridable verbose error reporting.	2001-08-10 19:12:59 +00:00
Mark Murray	b04259a5cf	Module clean-up. Verbose logging, Overridable verbose error reporting, FreeBSD pam_prompt() usage to simplify conversation function usage.	2001-08-10 19:10:43 +00:00
Mark Murray	2108fbd748	Verbosely (overridable) report failure to the user.	2001-08-10 19:07:45 +00:00
Mark Murray	ceca323626	Use the FreeBSD pam_prompt() interface to the conversation function instead of home-rolling it. Clean up debugging code and tidy the module.	2001-08-10 19:05:57 +00:00
Mark Murray	3a9cdcb91f	Verbosely report errors to the user (overridable), and make sure that the correct failure mode is reported.	2001-08-10 19:02:21 +00:00
Mark Murray	27b9f9d4a3	Fix broken logic so that this actually works for the superuser. Verbosely log (properly). Verbosely report errors to the user.	2001-08-10 14:21:58 +00:00
Mark Murray	13cde2748e	Fix style/consistency in Makefile and repair static module building. Submitted by: bde(partially)	2001-08-04 21:51:14 +00:00
Mark Murray	d5e53157cf	Don't clobber CFLAGS Submitted by: bde	2001-08-04 21:49:30 +00:00
Mark Murray	4447e914e8	Fix the bug where this modulke was not checking the priamry GID, only the GIDS in /etc/group or NIS's group map. Tested by: sheldonh PR: 29349	2001-08-04 09:19:31 +00:00
Mark Murray	f950650b78	With the S/KEY removal, this is no longer buildable or necessary.	2001-08-02 19:04:20 +00:00
Mark Murray	c52468e7ef	Don't try to make pam_ssh module if NO_OPENSSH is set.	2001-08-02 19:01:02 +00:00
Mark Murray	f5974d336f	Repair the get/set UID() stuff so this works in both su(1) and login(1) modes.	2001-08-02 10:35:41 +00:00
Mark Murray	7b22794017	(Re)Add an SSH module for PAM, heavily based on Andrew Korty's module from ports.	2001-07-29 18:31:09 +00:00

1 2 3

129 Commits