Dag-Erling Smørgrav
04f71c5352
Three times lucky: <stddef.h>, not <sys/param.h>
2002-02-05 08:01:32 +00:00
Dag-Erling Smørgrav
93cf4c1be3
Oops, the correct header to include for NULL is <sys/param.h>.
2002-02-05 07:53:00 +00:00
Dag-Erling Smørgrav
0ae5018b3e
#include <sys/types.h> for NULL (hidden by Linux-PAM header pollution)
...
Sponsored by: DARPA, NAI Labs
2002-02-05 06:20:27 +00:00
Dag-Erling Smørgrav
8c66575de8
#include cleanup.
...
Sponsored by: DARPA, NAI Labs
2002-02-05 06:08:26 +00:00
Mark Murray
34b28989d1
Explicitly declare (gcc internal) functions.
...
Submitted by: ru
2002-02-04 17:59:25 +00:00
Dag-Erling Smørgrav
12b6e9a089
ssh_get_authentication_connection() gets its parameters from environment
...
variables, so temporarily switch to the PAM environment before calling it.
Submitted by: Takanori Saneto <sanewo@ba2.so-net.ne.jp>
2002-02-04 17:15:44 +00:00
Mark Murray
95641278ef
Protect "make buildworld" against -Werror, as this module does not
...
build cleanly.
2002-02-04 16:09:25 +00:00
Mark Murray
21e5d74291
Add the other half of the salt-generating code. No functional
...
difference except that the salt is slightly harder to build
dictionaries against, and the code does not use srandom[dev]().
2002-02-04 00:28:54 +00:00
Mark Murray
63d770d8ea
Turn on fascist warning mode.
2002-02-03 15:51:52 +00:00
Mark Murray
ac5699692e
WARNS=n fixes (and some stylistic issues).
2002-02-03 15:17:57 +00:00
Dag-Erling Smørgrav
59057a6d6f
Remove an unnecessary #include that trips up OpenPAM. The header in question
...
is an internal Linux-PAM header which shouldn't be used outside Linux-PAM
itself, and has absolutely zero effect on pam_ftp.
Sponsored by: DARPA, NAI Labs
MFC after: 1 week
2002-02-02 17:51:39 +00:00
Dag-Erling Smørgrav
ab50ade43c
Post-repocopy cleanup.
...
Sponsored by: DARPA, NAI Labs
2002-02-01 22:25:07 +00:00
Dag-Erling Smørgrav
2d0a7148b6
Connect the pam_lastlog(8) and pam_login_access(8) modules to the build.
...
Sponsored by: DARPA, NAI Labs
2002-02-01 08:49:53 +00:00
Dag-Erling Smørgrav
c60ed00a43
Still with asbestos longjohns on, completely PAMify login(1) and remove
...
code made redundant by various PAM modules (primarily pam_unix(8)).
Sponsored by: DARPA, NAI Labs
2002-01-30 19:10:21 +00:00
Dag-Erling Smørgrav
e9cc7b1d92
With asbestos longjohns on, integrate most of the checks normally done by
...
login(1) (password & account expiry, hosts.access etc.) into pam_unix(8).
Sponsored by: DARPA, NAI Labs
2002-01-30 19:09:11 +00:00
Dag-Erling Smørgrav
a2d20838b0
Move the code from pam_sm_authenticate() to pam_sm_acct_mgmt(). Simplify
...
it a little and try to make it more resilient to various possible failure
conditions. Change the man page accordingly, and take advantage of this
opportunity to simplify its language.
Sponsored by: DARPA, NAI Labs
2002-01-30 19:03:16 +00:00
Mark Murray
c2065008b5
WARNS=4 fixes. Protect with NO_WERROR for the modules that have
...
warnings that are hard to fix or that I've been asked to leave alone.
2002-01-24 18:37:17 +00:00
Dag-Erling Smørgrav
f748a713da
PAM modules shouldn't call putenv(); pam_putenv() is sufficient. The
...
caller is supposed to check the PAM envlist and export the variables it
contains; if it doesn't, it's broken.
Sponsored by: DARPA, NAI Labs
2002-01-24 17:26:27 +00:00
Dag-Erling Smørgrav
9201dc40bf
Change the order in which pam_sm_open_session() updates the logs. This
...
doesn't really make any difference, except it matches wtmp(5) better.
Don't do anything in pam_sm_close_session(); init(8) will take care of
utmp and wtmp when the tty is released. Clearing them here would make it
possible to create a ghost session by logging in, running 'login -f $USER'
and exiting the subshell.
Sponsored by: DARPA, NAI Labs (but the bugs are all mine)
2002-01-24 17:15:04 +00:00
Dag-Erling Smørgrav
ca355e5451
Correctly interpret PAM_RHOST being unset as an indicator of a local
...
login.
Sponsored by: DARPA, NAI Labs
2002-01-24 16:18:43 +00:00
Dag-Erling Smørgrav
d233082fbe
Correctly interpret PAM_RHOST being unset as an indicator of a local
...
login.
2002-01-24 16:16:01 +00:00
Dag-Erling Smørgrav
e4536f1138
Style nits.
...
Sponsored by: DARPA, NAI Labs
2002-01-24 16:14:56 +00:00
Dag-Erling Smørgrav
f433d6afed
Document the even_root option.
...
Sponsored by: DARPA, NAI Labs
2002-01-24 13:35:06 +00:00
Dag-Erling Smørgrav
76f95f4dc2
Don't let root through unless the "even_root" option was specified.
...
Sponsored by: DARPA, NAI Labs
2002-01-24 12:47:42 +00:00
Dag-Erling Smørgrav
16e058b5d6
Add a PAM module that records sessions in utmp/wtmp/lastlog.
...
Sponsored by: DARPA, NAI Labs
2002-01-24 09:45:17 +00:00
Dag-Erling Smørgrav
c2d5249eaf
Fix some pastos. Rather shoddy of me...
...
Sponsored by: DARPA, NAI Labs
2002-01-24 09:44:22 +00:00
Dag-Erling Smørgrav
53f3167d07
Add a PAM module that provides an account management component for checking
...
either PAM_RHOST or PAM_TTY against /etc/login.access.o
This uncovers a problem with PAM_RHOST, in that if we always set it, there
is no way to distinguish between a user logging in locally and a user
logging in using 'ssh localhost'. This will be fixed by first making sure
that all PAM modules can handle PAM_RHOST being unset (which is currently
not the case), and then modifying su(1) and login(1) to not set it for
local logins.
Sponsored by: DARPA, NAI Labs
2002-01-23 17:42:16 +00:00
Dag-Erling Smørgrav
774a10071d
Add an AUTHORS section crediting ThinkSec, DARPA and NAI Labs.
...
Sponsored by: DARPA, NAI Labs
2002-01-23 17:16:00 +00:00
Ruslan Ermilov
0509dca0c3
Add pam_ssh support to the static PAM library, libpam.a:
...
- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
dynamic linkage with -lssh.
Reviewed by: des, markm
Approved by: markm
2002-01-23 15:54:17 +00:00
Dag-Erling Smørgrav
b6b756b58b
Base the comparison on UIDs, not on user names.
...
Sponsored by: DARPA, NAI Labs
2002-01-23 15:16:01 +00:00
Ruslan Ermilov
fd4ca9e02d
Make libssh.so useable (undefined reference to IPv4or6).
...
Reviewed by: des, markm
Approved by: markm
2002-01-23 15:06:47 +00:00
Dag-Erling Smørgrav
1e22a4f048
Link pam_opieaccess, pam_self and pam_ssh into the static library.
...
Sponsored by: DARPA, NAI Labs
2002-01-21 20:43:01 +00:00
Dag-Erling Smørgrav
b0aa095ad0
On second thought, getpwnam() failure should be treated just as if the user
...
existed, but had no OPIE key, i.e. PAM_IGNORE.
Pointed out by: ache
Sponsored by: DARPA, NAI Labs
2002-01-21 19:05:45 +00:00
Dag-Erling Smørgrav
b4b56d051a
Return PAM_SERVICE_ERR rather than PAM_USER_UNKNOWN if getpwnam() fails, as
...
PAM_USER_UNKNOWN will break the chain, revealing to an attacker that the
user does not exist.
Sponsored by: DARPA, NAI Labs
2002-01-21 18:53:03 +00:00
Dag-Erling Smørgrav
03adba96a0
Further changes to allow enabling pam_opie(8) by default:
...
- Ignore the {try,use}_first_pass options by clearing PAM_AUTHTOK before
challenging the user. These options are meaningless for pam_opie(8)
since the user can't possibly know the right response before she sees
the challenge.
- Introduce the no_fake_prompts option. If this option is set, pam_opie(8)
will fail - rather than present a bogus challenge - if the target user
does not have an OPIE key. With this option, users who haven't set up
OPIE won't have to wonder what that "weird otp-md5 s**t" means :)
Reviewed by: ache, markm
Sponsored by: DARPA, NAI Labs
2002-01-21 18:46:25 +00:00
Dag-Erling Smørgrav
f460490260
Add a new module, pam_opieaccess(8), which is responsible for checking
...
/etc/opieaccess and ~/.opiealways so we can decide what to do after
pam_opie(8) fails.
Sponsored by: DARPA, NAI Labs
Reviewed by: ache, markm
2002-01-21 13:43:53 +00:00
Andrey A. Chernov
186caeedcb
snprintf bloat -> strlcpy
...
Add getpwnam return check
Approved by: des, markm
2002-01-20 20:56:47 +00:00
Andrey A. Chernov
0b836dfaf1
Back out recent changes
2002-01-19 18:03:11 +00:00
Andrey A. Chernov
6874115893
If user not exist in OPIE system, return failure immediately instead
...
of producing fake prompts with random numbers which can be detected by
potential intruder in two tries and totally confuse non-OPIE users.
2002-01-19 10:09:05 +00:00
Andrey A. Chernov
3195cd6712
Back out second right-now-expired password check in pam_sm_chauthtok,
...
old expired password assumed there
2002-01-19 09:23:36 +00:00
Andrey A. Chernov
012400dfcd
Previous commit was incomplete, use new error code PAM_CRED_ERR to
...
indicate die case, different from PAM_SUCCESS and PAM_AUTH_ERR
2002-01-19 08:36:47 +00:00
Andrey A. Chernov
d97cc81fa4
Rewrite 'pwok' fallback in the way it can be properly chained with pam_unix
...
Replace snprintf %s with strlcpy
Check for NULL returned from getpwnam()
2002-01-19 07:23:48 +00:00
Andrey A. Chernov
c8e3fac7a1
Add yet one expired-right-now password check, in pam_sm_chauthtok
...
srandomdev() can't be used in libraries, replace srandomdev()+random()
by arc4random()
2002-01-19 04:58:51 +00:00
Andrey A. Chernov
8c70adab72
Set pwok to 1 for non-OPIE users
2002-01-19 03:31:39 +00:00
Andrey A. Chernov
d54c36388e
Add missing check for right-now-expired password
2002-01-19 02:45:24 +00:00
Andrey A. Chernov
3f9a326a7a
Implement 'pwok', i.e. conditional fallback to unix password
...
as supposed by opieaccessfile() and opiealways()
2002-01-19 02:38:43 +00:00
Bruce Evans
b2035c2b74
Fixed a missing "const".
2001-12-28 20:59:44 +00:00
Ruslan Ermilov
7f432ff831
mdoc(7) police: bump document date.
2001-12-14 13:49:28 +00:00
David Malone
9f5b04e925
Style improvements recommended by Bruce as a follow up to some
...
of the recent WARNS commits. The idea is:
1) FreeBSD id tags should follow vendor tags.
2) Vendor tags should not be compiled (though copyrights probably should).
3) There should be no blank line between including cdefs and __FBSDIF.
2001-12-10 21:13:08 +00:00
Dag-Erling Smørgrav
18a85de04b
Back out previous commit.
...
Requested by: ru
2001-12-09 15:11:55 +00:00