d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
122,545 Commits 72 Branches 135 Tags 3.2 GiB
4df7b351e2
Commit Graph

65 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav
d3cf5f1524 Use the correct login class when setting a new password. 
PR:		65557, 72949
Submitted by:	Stephen P. Cravey <clists@gotbrains.org>
Approved by:	re (scottl)
MFC after:	2 weeks
 2005-07-05 18:42:18 +00:00
Hajimu UMEMOTO
d928d41c84 NI_WITHSCOPEID cleanup 
Reviewed by:	des
 2005-05-13 20:51:09 +00:00
Ruslan Ermilov
3ac17feb8a Fixed xref. 2005-01-21 10:48:35 +00:00
Bjoern A. Zeeb
6c58990d47 Add knob NO_NIS (fka NO_YP_LIBC) and make world compileable when set. 
If turned on  no NIS support and related programs will be built.

Lost parts rediscovered by:	Danny Braniss <danny at cs.huji.ac.il>
PR:		bin/68303
No objections:	des, gshapiro, nectar
Reviewed by:	ru
Approved by:	rwatson (mentor)
MFC after:	2 weeks
 2004-11-13 20:40:32 +00:00
Dag-Erling Smørgrav
af9b407414 Fix numerous constness and aliasing issues. 2004-02-10 10:13:21 +00:00
Jens Schweikhardt
898fc4a340 Remove crossref to pam.conf(5) which never existed. 2004-01-17 09:46:49 +00:00
Dag-Erling Smørgrav
91e938693e Fix strict aliasing breakage in PAM modules (except pam_krb5, which needs 
more work than the others).  This should make most modules build with -O2.
 2003-12-11 13:55:16 +00:00
Martin Blapp
dd01398df6 Fix the master yppasswd routines, so they really work 
for root on ypmaster. yppasswd_local() did use YPPASSWDPROG
instead of MASTER_YPPASSWDPROG, and the domain was not set,
resulting in a coredump during xdr-encode.

Reviewed by:	des
 2003-06-15 10:37:22 +00:00
Dag-Erling Smørgrav
4d6991c692 Update copyright dates. 2003-05-31 17:19:03 +00:00
Dag-Erling Smørgrav
545aa47101 Remove all instances of pam_std_option() 2003-05-31 16:55:07 +00:00
Dag-Erling Smørgrav
8f3031025b Make sure rhostip is always initialized. 
PR:		bin/51508
Submitted by:	Peter Grimshaw <peter@tesseract.demon.co.uk>
 2003-04-30 00:49:42 +00:00
Dag-Erling Smørgrav
ccd703cfe4 Treat an empty PAM_RHOST the same as a NULL one. 
PR:		bin/51508
 2003-04-30 00:44:05 +00:00
Dag-Erling Smørgrav
be01d58da1 Remove a bogus null password check which assumed that a user with an empty 
password must necessarily have an empty pwd->pw_passwd.  Also add a check
that prevents users from setting a blank password unless the nullok option
was specified.  Root is still allowed to give anyone a blank password.
 2003-04-24 12:26:25 +00:00
David E. O'Brien
7f03a257ac style.Makefile(5) police 
(I've tried to keep to the spirit of the original formatting)

Reviewed by:	des
 2003-03-09 20:06:38 +00:00
Jens Schweikhardt
57bd0fc6e8 english(4) police. 2002-12-27 12:15:40 +00:00
Juli Mallett
816c6c91e2 Free old_pwd only in the code path where it has been allocated. 
Reviewed by:	des
 2002-05-22 23:18:25 +00:00
Dag-Erling Smørgrav
f1d0592537 Use libutil and libypclnt for all passwd manipulation and NIS needs. 
Sponsored by:	DARPA, NAI Labs
 2002-05-08 00:54:29 +00:00
Dag-Erling Smørgrav
0f6517b7d8 Don't ask root for the old password, except in the NIS case. 
Sponsored by:	DARPA, NAI Labs
 2002-04-26 19:28:17 +00:00
Dag-Erling Smørgrav
c8c20c5226 Fix a really dumb bug (missing curly braces around the body of an if 
statement) that caused pam_sm_chauthtok() to always fail silently.
 2002-04-26 01:47:48 +00:00
Dag-Erling Smørgrav
c82bffaa40 Revert previous commit, it is incorrect. 2002-04-15 22:51:31 +00:00
David E. O'Brien
f01afd3101 Properly spell rpcsvc/ypclnt.h and fix the build. 2002-04-15 22:47:28 +00:00
Dag-Erling Smørgrav
7b733689a3 Prompt for new password during update phase, not during preliminary phase. 
Sponsored by:	DARPA, NAI Labs
 2002-04-15 03:00:14 +00:00
Dag-Erling Smørgrav
ff1bc287ac Dike out most of the NIS code and replace it with calls to libypclnt. 
Rework pam_sm_chauthtok() so it (mostly?) works.
The standard pw stuff still needs to move into a library somewhere.

Sponsored by:	DARPA, NAI Labs
 2002-04-15 02:34:43 +00:00
Dag-Erling Smørgrav
24fe7ba0d9 Major cleanup: 
- add __unused where appropriate
  - PAM_RETURN -> return since OpenPAM already logs the return value.
  - make PAM_LOG use openpam_log()
  - make PAM_VERBOSE_ERROR use openpam_get_option() and check flags
    for PAM_SILENT
  - remove dummy functions since OpenPAM handles missing service
    functions
  - fix various warnings

Sponsored by:	DARPA, NAI Labs
 2002-04-12 22:27:25 +00:00
Ruslan Ermilov
90a9863e16 Moved SHLIB_NAME definition into one place. 
Approved by:	des
 2002-04-10 18:07:05 +00:00
Ruslan Ermilov
196f4c26f4 Fixed broken "make depend; make clean; make all" sequence. 
I've looked for this example for a long time, to demonstrate
some people why it's a really BAD idea to use ${.OBJDIR}
instead of ".".  I hope these people are reading this.  :-)

Approved by:	des
 2002-04-10 18:00:32 +00:00
Ruslan Ermilov
f2f306b622 Align for const poisoning in -lutil. 2002-04-08 11:07:51 +00:00
Dag-Erling Smørgrav
50000f00df Reorganize pam_sm_authenticate() to reduce code duplication. 
Sponsored by:	DARPA, NAI Labs
 2002-04-07 21:18:18 +00:00
Dag-Erling Smørgrav
a8b1e59eb2 Fix bug in previous commit that passed the wrong default value to 
login_getcapstr(3).  Also fix a longer-standing bug (login_close(3)
frees the string returned by login_getcapstr(3)) by reorganizing the
code a little, and use login_getpwclass(3) instead of login_getclass(3)
if we already have a struct pwd.

Sponsored by:	DARPA, NAI Labs
 2002-04-07 20:43:27 +00:00
Dag-Erling Smørgrav
111ccd256c Aggressive cleanup of warnings + authtok-related code in preparation for 
PAMifying passwd(1).

Sponsored by:	DARPA, NAI Labs.
 2002-04-06 19:30:04 +00:00
Dag-Erling Smørgrav
4004c08e79 Fix some style issues, a const warning, and abuse of PAM_ABORT. 
Sponsored by:	DARPA, NAI Labs
 2002-04-06 14:25:04 +00:00
Crist J. Clark
51906f452e Fix world breakage introduced by my recent modifications to 
chpass(8). The relations between libc, libpam, chpass, passwd, and
vipw are a mess and probably should be cleaned up.

Submitted by:	Peter Pentchev <roam@ringlet.net>
 2002-03-18 12:55:28 +00:00
Dag-Erling Smørgrav
f03a4b810a NAI DBA update. 2002-03-14 23:27:59 +00:00
Mark Murray
8c3ea588df Remove the use of random(3), and encapsulate the salt-generation in 
its own function. The use of arc4random(3) is hopeless overkill here,
but that does not hurt anything.

Requested by:	ache
 2002-03-14 16:41:36 +00:00
Maxim Sobolev
f651c1533c Don't ignore system CFLAGS. 2002-03-07 16:56:19 +00:00
Dag-Erling Smørgrav
519b6a4c8f Switch to OpenPAM. Bump library version. Modules are now versioned, so 
applications linked with Linux-PAM will still work.
Remove pam_get_pass(); OpenPAM has pam_get_authtok().
Remove pam_prompt(); OpenPAM has pam_{,v}{error,info,prompt}().
Remove pam_set_item(3) man page as OpenPAM has its own.

Sponsored by:	DARPA, NAI Labs
 2002-03-05 21:56:25 +00:00
Dag-Erling Smørgrav
7f28386a26 This file needs <syslog.h>. 
Sponsored by:	DARPA, NAI Labs
 2002-02-09 14:12:09 +00:00
Mark Murray
30577d19fa Remove NO_WERROR, now that WARNS=n is gone. 2002-02-06 18:46:48 +00:00
Dag-Erling Smørgrav
8c66575de8 #include cleanup. 
Sponsored by:	DARPA, NAI Labs
 2002-02-05 06:08:26 +00:00
Mark Murray
21e5d74291 Add the other half of the salt-generating code. No functional 
difference except that the salt is slightly harder to build
dictionaries against, and the code does not use srandom[dev]().
 2002-02-04 00:28:54 +00:00
Mark Murray
ac5699692e WARNS=n fixes (and some stylistic issues). 2002-02-03 15:17:57 +00:00
Dag-Erling Smørgrav
e9cc7b1d92 With asbestos longjohns on, integrate most of the checks normally done by 
login(1) (password & account expiry, hosts.access etc.) into pam_unix(8).

Sponsored by:	DARPA, NAI Labs
 2002-01-30 19:09:11 +00:00
Mark Murray
c2065008b5 WARNS=4 fixes. Protect with NO_WERROR for the modules that have 
warnings that are hard to fix or that I've been asked to leave alone.
 2002-01-24 18:37:17 +00:00
Andrey A. Chernov
0b836dfaf1 Back out recent changes 2002-01-19 18:03:11 +00:00
Andrey A. Chernov
3195cd6712 Back out second right-now-expired password check in pam_sm_chauthtok, 
old expired password assumed there
 2002-01-19 09:23:36 +00:00
Andrey A. Chernov
c8e3fac7a1 Add yet one expired-right-now password check, in pam_sm_chauthtok 
srandomdev() can't be used in libraries, replace srandomdev()+random()
by arc4random()
 2002-01-19 04:58:51 +00:00
Andrey A. Chernov
d54c36388e Add missing check for right-now-expired password 2002-01-19 02:45:24 +00:00
Ruslan Ermilov
945b9f4de9 mdoc(7) police: sort xrefs. 2001-12-08 16:28:20 +00:00
Dag-Erling Smørgrav
d65e5dfa59 Document the local_pass and nis_pass options, add a few xrefs, and reorder 
the SEE ALSO section.  License modified with original author's permission.

Sponsored by:	DARPA, NAI Labs
 2001-11-27 00:53:10 +00:00
Maxim Sobolev
bc3a4bf55d Don't put an extra space after password prompts, because it violates POLA, 
makes FreeBSD inconsistent with previous releases and "other unices" as well
as with some internal password-asking services (e.g. ftp) within the same
release.
 2001-10-25 15:51:50 +00:00