copy the acquired TGT from the in-memory cache to the on-disk cache
at login. This was documented but un-implemented behavior.
MFC after: 1 week
PR: bin/64464
Reported and tested by: Eric van Gyzen <vangyzen at stat dot duke dot edu>
If turned on no NIS support and related programs will be built.
Lost parts rediscovered by: Danny Braniss <danny at cs.huji.ac.il>
PR: bin/68303
No objections: des, gshapiro, nectar
Reviewed by: ru
Approved by: rwatson (mentor)
MFC after: 2 weeks
of releases. The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.
Approved by: re (scottl), markm
Discussed on: freebsd-current, in late April 2004
that this provokes. "Wherever possible" means "In the kernel OR NOT
C++" (implying C).
There are places where (void *) pointers are not valid, such as for
function pointers, but in the special case of (void *)0, agreement
settles on it being OK.
Most of the fixes were NULL where an integer zero was needed; many
of the fixes were NULL where ascii <nul> ('\0') was needed, and a
few were just "other".
Tested on: i386 sparc64
These files had tags after the copyright notice,
inside the comment block (incorrect, removed),
and outside the comment block (correct).
Approved by: rwatson (mentor)
on the release media -- only put what is different in the crypto
version compared to the base version. This reduces PAM entries
in /usr/lib in the "crypto" distribution to:
libpam.a
libpam.so@
libpam.so.2
pam_krb5.so@
pam_krb5.so.2
pam_ksu.so@
pam_ksu.so.2
pam_ssh.so@
pam_ssh.so.2
The libpam.so* is still redundant (it is identical to the "base"
version), but we can't set DISTRIBUTION differently for libpam.a
and libpam.so.
(The removal of libpam.so* from the crypto distribution could be
addressed by the release/scripts/crypto-make.sh script, but then
we'd also need to remove redundant PAM headers, and I'm not sure
this is worth a hassle.)
call (pam_get_authtok() will return the previous token if try_first_pass
or use_first_pass is specified). Incidentally fix an ugly bug where the
buffer holding the prompt was freed immediately before use, instead of
after.
set NAS-IP-Address attribute in requests generated by the pam_radius
module. This attribute is mandatory for some Radius servers out there.
Reviewed by: des
MFC after: 2 weeks
for root on ypmaster. yppasswd_local() did use YPPASSWDPROG
instead of MASTER_YPPASSWDPROG, and the domain was not set,
resulting in a coredump during xdr-encode.
Reviewed by: des
password must necessarily have an empty pwd->pw_passwd. Also add a check
that prevents users from setting a blank password unless the nullok option
was specified. Root is still allowed to give anyone a blank password.
to maintain, and had security issues which would have required a major
rewrite to address anyway.
This implementation currently starts a separate agent for each session
instead of connecting each new session to the agent started by the first
one. While this would be a Good Thing (and the old pam_ssh(8) tried to
do it), it's hard to get right. I'll revisit this issue when I've had a
chance to test some modifications to ssh-agent(1).
pam_wheel(8) module was written to work in spite of a broken libpam, and
has grown organically since its inception, which is reflected in both its
functionality and implementation. Rather than clean up pam_wheel(8) and
break backward compatibility, I've chosen to reimplement it under a new,
more generic name.
Sponsored by: DARPA, NAI Labs
initialize the context. This way, a failure to initialize the context is
not fatal unless we actually have work to do - because if we don't, we
return PAM_SUCCESS without even trying to initialize the context.
pam_krb5 to consolidate the copyright texts. The semi-official
pam_krb5 module has been distributed with this new license text ever
since, but I'm just now getting around to updating the text here.
time_t. Deal with the possibility that time_t != int32_t. This boils
down to this sort of thing:
- time(&ut.ut_time);
+ ut.ut_time = time(NULL);
and similar for ctime(3) etc. I've kept it minimal for the stuff
that may need to be portable (or 3rd party code), but used Matt's time32
stuff for cases where that isn't as much of a concern.
Approved by: re (jhb)
PAM module state (created in pam_sm_authenticate and referenced later
in pam_sm_setcred and pam_sm_acct_mgmt). However, the krb5_ccache
structure shares some data members with the krb5_context structure
that was used in its creation. Since a new krb5_context is created
and destroyed at each PAM entry point, this inevitably caused the
krb5_ccache structure to reference free'd memory.
Now instead of storing a pointer to the krb5_ccache structure,
we store the name of the cache (e.g. `MEMORY:0x123CACHE') in
pam_sm_authenticate, and resolve the name in the other entry points.
This bug was uncovered by phkmalloc's free'd memory scrubbing.
Approved by: re (jhb)
e.g.
Unknown error: -1765328378
we get
Client not found in Kerberos database
Another way to accomplish this would have been to leave
`error_message' alone, but to explicitly load the Kerberos com_err
error tables. However, I don't really like the idea of a PAM module
dorking with global tables.
Approved by: re (jhb)
group membership requirement if the group has no explicit members listed
in /etc/group. By default, this group is the wheel group; setting this
flag restores the default BSD behavior from 4.x.
Reviewed by: markm
Requested by: various
Sponsored by: DARPA, Network Associates Laboratories
the PAM_ECHO_PASS option on-the-fly is a NOP (though it wasn't with the
old pam_get_pass(3) code). Instead, call pam_prompt(3) directly. This
actually simplifies the code a bit.
MFC after: 3 days
obscene, or - as they say in New York - sophisticated, add pam_echo(8) and
pam_exec(8) to our ever-lengthening roster of PAM modules.
Sponsored by: DARPA, NAI Labs.
