Dag-Erling Smørgrav
c47b138a96
Correct documentation of ~/.opiealways
...
PR: 117512
Submitted by: Jeremy C. Reed <reed@reedmedia.net>
MFC after: 1 week
2007-10-26 07:50:11 +00:00
Ruslan Ermilov
1a0a934547
Mechanically kill hard sentence breaks.
2004-07-02 23:52:20 +00:00
Colin Percival
d623b765cf
style cleanup: Remove duplicate $FreeBSD$ tags.
...
These files had tags after the copyright notice,
inside the comment block (incorrect, removed),
and outside the comment block (correct).
Approved by: rwatson (mentor)
2004-02-10 20:42:33 +00:00
Dag-Erling Smørgrav
91e938693e
Fix strict aliasing breakage in PAM modules (except pam_krb5, which needs
...
more work than the others). This should make most modules build with -O2.
2003-12-11 13:55:16 +00:00
Dag-Erling Smørgrav
ccd703cfe4
Treat an empty PAM_RHOST the same as a NULL one.
...
PR: bin/51508
2003-04-30 00:44:05 +00:00
Dag-Erling Smørgrav
16bb3109e3
Somewhat better wording.
2003-03-10 09:15:26 +00:00
Dag-Erling Smørgrav
02a19b0184
Silence warning caused by OPIE brokenness.
2003-03-10 09:15:08 +00:00
David E. O'Brien
7f03a257ac
style.Makefile(5) police
...
(I've tried to keep to the spirit of the original formatting)
Reviewed by: des
2003-03-09 20:06:38 +00:00
Ruslan Ermilov
522ccf3f35
mdoc(7) police: markup laundry.
2003-02-23 01:47:49 +00:00
Dag-Erling Smørgrav
859ac7c46f
Add an "allow_local" option which forces historical behaviour.
2003-02-16 13:01:03 +00:00
Dag-Erling Smørgrav
b645332a81
Assume "localhost" if no remote host was specified. This is safe from a
...
POLA point of view since the stock /etc/opieaccess now allows localhost.
2003-02-15 23:26:49 +00:00
Dag-Erling Smørgrav
53fd6d26b2
Use PAM_SUCCESS instead of PAM_IGNORE.
2002-04-15 06:26:32 +00:00
Dag-Erling Smørgrav
24fe7ba0d9
Major cleanup:
...
- add __unused where appropriate
- PAM_RETURN -> return since OpenPAM already logs the return value.
- make PAM_LOG use openpam_log()
- make PAM_VERBOSE_ERROR use openpam_get_option() and check flags
for PAM_SILENT
- remove dummy functions since OpenPAM handles missing service
functions
- fix various warnings
Sponsored by: DARPA, NAI Labs
2002-04-12 22:27:25 +00:00
Ruslan Ermilov
90a9863e16
Moved SHLIB_NAME definition into one place.
...
Approved by: des
2002-04-10 18:07:05 +00:00
Mark Murray
b51066a362
Fix for OPIE 2.4.
2002-03-22 09:20:05 +00:00
Ruslan Ermilov
7d1f1e9ca8
mdoc(7) police: fix SYNOPSIS, sort xrefs, kill extra whitespace.
2002-03-18 15:59:53 +00:00
Dag-Erling Smørgrav
f03a4b810a
NAI DBA update.
2002-03-14 23:27:59 +00:00
Dag-Erling Smørgrav
519b6a4c8f
Switch to OpenPAM. Bump library version. Modules are now versioned, so
...
applications linked with Linux-PAM will still work.
Remove pam_get_pass(); OpenPAM has pam_get_authtok().
Remove pam_prompt(); OpenPAM has pam_{,v}{error,info,prompt}().
Remove pam_set_item(3) man page as OpenPAM has its own.
Sponsored by: DARPA, NAI Labs
2002-03-05 21:56:25 +00:00
Dag-Erling Smørgrav
8c66575de8
#include cleanup.
...
Sponsored by: DARPA, NAI Labs
2002-02-05 06:08:26 +00:00
Mark Murray
c2065008b5
WARNS=4 fixes. Protect with NO_WERROR for the modules that have
...
warnings that are hard to fix or that I've been asked to leave alone.
2002-01-24 18:37:17 +00:00
Dag-Erling Smørgrav
ca355e5451
Correctly interpret PAM_RHOST being unset as an indicator of a local
...
login.
Sponsored by: DARPA, NAI Labs
2002-01-24 16:18:43 +00:00
Dag-Erling Smørgrav
774a10071d
Add an AUTHORS section crediting ThinkSec, DARPA and NAI Labs.
...
Sponsored by: DARPA, NAI Labs
2002-01-23 17:16:00 +00:00
Dag-Erling Smørgrav
b0aa095ad0
On second thought, getpwnam() failure should be treated just as if the user
...
existed, but had no OPIE key, i.e. PAM_IGNORE.
Pointed out by: ache
Sponsored by: DARPA, NAI Labs
2002-01-21 19:05:45 +00:00
Dag-Erling Smørgrav
b4b56d051a
Return PAM_SERVICE_ERR rather than PAM_USER_UNKNOWN if getpwnam() fails, as
...
PAM_USER_UNKNOWN will break the chain, revealing to an attacker that the
user does not exist.
Sponsored by: DARPA, NAI Labs
2002-01-21 18:53:03 +00:00
Dag-Erling Smørgrav
f460490260
Add a new module, pam_opieaccess(8), which is responsible for checking
...
/etc/opieaccess and ~/.opiealways so we can decide what to do after
pam_opie(8) fails.
Sponsored by: DARPA, NAI Labs
Reviewed by: ache, markm
2002-01-21 13:43:53 +00:00