Commit Graph

594 Commits

Author SHA1 Message Date
Ed Schouten
444999a314 Several refinements to libulog's API.
- Only set the fields in the ulog_utmpx structure that are valid for the
  command in question. This means that strings like "shutdown" or "~"
  are not visible to the user anymore.
- Rename UTXF_* to UTXI_*, indicating the indexation, instead of using
  the `antique' filename. If we ever get rid of utmp, it makes little
  sense calling it by its old name.
2009-12-26 22:36:05 +00:00
Ed Schouten
17c79ad08c Convert pam_lastlog(8) to libulog.
The information used by the "Last login:"-line is obtained by using
ulog_setutxfile(3) to switch to the lastlog database. Login and logout
are performed using the utility functions ulog_login(3) and
ulog_logout(3).

This also means we must build libulog during bootstrap.

Approved by:	des
2009-12-11 14:15:55 +00:00
Dag-Erling Smørgrav
13e1b162b9 Note that nullok should not be used by processes that can't access the
password database.

PR:		bin/126650, misc/140514
MFC after:	1 week
2009-11-13 11:19:26 +00:00
Dag-Erling Smørgrav
040b962309 pam_ssh needs roaming_dummy to link correctly against libssh. 2009-10-05 18:56:18 +00:00
Jonathan Chen
43b4dc3625 Prevents pam_lastlog from segfaulting on session close when tty is null.
MFC after:	1 month
2009-08-30 05:12:37 +00:00
Ken Smith
3ca3047aee Bump the version of all non-symbol-versioned shared libraries in
preparation for 8.0-RELEASE.  Add the previous version of those
libraries to ObsoleteFiles.inc and bump __FreeBSD_Version.

Reviewed by:    kib
Approved by:    re (rwatson)
2009-07-19 17:25:24 +00:00
Dag-Erling Smørgrav
84e3202f58 Rewrap; this was getting painful. Translators can ignore this.
MFC after:	1 week
2009-06-20 10:09:59 +00:00
Dag-Erling Smørgrav
e83105d1d9 Reword.
MFC after:	1 week
2009-06-20 10:06:10 +00:00
Ed Schouten
8bdb099ade Include <stdio.h> for asprintf().
Submitted by:	Pawel Worach
2009-06-14 12:45:48 +00:00
Dag-Erling Smørgrav
1dde0f9745 Don't try to auto-detect dynamic linking; it fails on mips. The Makefile
part of the patch is an ugly (and hopefully temporary) hack.

Discussed with:	imp@
2009-02-17 16:35:19 +00:00
Doug Rabson
c24d228096 Add new heimdal-1.1 library. 2008-05-15 15:28:18 +00:00
Doug Rabson
33f1219925 Fix conflicts after heimdal-1.1 import and add build infrastructure. Import
all non-style changes made by heimdal to our own libgssapi.
2008-05-07 13:53:12 +00:00
Dag-Erling Smørgrav
64dbe1a7af Adjust for OpenPAM Hydrangea. 2007-12-21 12:00:16 +00:00
Dag-Erling Smørgrav
c47b138a96 Correct documentation of ~/.opiealways
PR:		117512
Submitted by:	Jeremy C. Reed <reed@reedmedia.net>
MFC after:	1 week
2007-10-26 07:50:11 +00:00
Ruslan Ermilov
4f6d329f1e - Convert NO_INSTALLLIB option to a new syntax: makefiles should
test MK_INSTALLLIB, users can set WITHOUT_INSTALLLIB.  The old
  NO_INSTALLLIB is still supported as several makefiles set it.

- While here, fix an install when instructed not to install libs
  (usr.bin/lex/lib/Makefile).

PR:		bin/114200
Submitted by:	Henrik Brix Andersen
2007-10-20 19:01:50 +00:00
Dag-Erling Smørgrav
f0f1db2e4c Apply the same error checks to PAM_TTY in pam_sm_close_session() as in
pam_sm_open_session(), avoiding false negatives when no tty is present.

Submitted by:	Todd C. Miller <millert@courtesan.com>
Approved by:	re (rwatson)
MFC after:	2 weeks
2007-07-22 15:17:29 +00:00
Dag-Erling Smørgrav
1173d3bb33 Whitespace cleanup
Approved by:	re (rwatson)
2007-07-22 15:14:40 +00:00
Rong-En Fan
27cfc42fc5 - Bump share library version which were missed in last bump
Reported by: 	     jhb
Discussed with:	     deischen, des, doubg, harti
Approved by:	     re (kensmith)
2007-06-18 18:47:54 +00:00
Yaroslav Tykhiy
58d6bdcbe0 Use the current user's login class for the decisions about where
the nologin(5) file is located and whether the user may bypass its
restriction.

Add some error checks.

Approved by:	des
PR:		bin/107612
2007-06-14 13:07:06 +00:00
Yaroslav Tykhiy
9cd40e64b4 Now pam_nologin(8) will provide an account management function
instead of an authentication function.  There are a design reason
and a practical reason for that.  First, the module belongs in
account management because it checks availability of the account
and does no authentication.  Second, there are existing and potential
PAM consumers that skip PAM authentication for good or for bad.
E.g., sshd(8) just prefers internal routines for public key auth;
OTOH, cron(8) and atrun(8) do implicit authentication when running
a job on behalf of its owner, so their inability to use PAM auth
is fundamental, but they can benefit from PAM account management.

Document this change in the manpage.

Modify /etc/pam.d files accordingly, so that pam_nologin.so is listed
under the "account" function class.

Bump __FreeBSD_version (mostly for ports, as this change should be
invisible to C code outside pam_nologin.)

PR:		bin/112574
Approved by:	des, re
2007-06-10 18:57:20 +00:00
Dag-Erling Smørgrav
ca2ddac328 Re-add support for NIS netgroups (heavily modified from patch in PR)
PR:		bin/112955
Submitted by:	A. Blake Cooper <blake@cluebie.net>
MFC after:	3 weeks
2007-05-25 07:50:18 +00:00
Yaroslav Tykhiy
cf21ead53b In account management, verify whether the account has been locked
with `pw lock', so that it's impossible to log into a locked account
using an alternative authentication mechanism, such as an ssh key.
This change affects only accounts locked with pw(8), i.e., having a
`*LOCKED*' prefix in their password hash field, so people still can
use a different pattern to disable password authentication only.

Mention all account management criteria in the manpage.

Approved by:	maintainer (timeout)
PR:		bin/71147
MFC after:	1 month
2007-03-27 09:59:15 +00:00
Pawel Jakub Dawidek
d154a420f7 Send not only Access Request, but also Access Challenge with defined
NAS-Identifier and NAS-IP-Address.

Reviewed by:	bz
MFC after:	1 month
2007-01-20 08:52:04 +00:00
Dag-Erling Smørgrav
1cede0c9bd childerr needs to be volatile so gcc won't optimize it away.
PR:		bin/85830
MFC after:	1 week
2006-11-10 23:33:25 +00:00
Ruslan Ermilov
5429f49079 The pam_unix module also provides password management.
PR:		docs/93491
Submitted by:	Lior Kadosh
MFC after:	3 days
2006-10-12 15:00:17 +00:00
Ruslan Ermilov
cf15fbb46a Fix build. 2006-09-30 20:33:42 +00:00
Dag-Erling Smørgrav
f63ebe36f6 Reject user with names that are longer than OPIE is willing to deal with;
otherwise OPIE will happily truncate it.

Spotted by:	ghelmer
MFC after:	2 weeks
2006-09-15 13:42:38 +00:00
Joel Dahl
cec65ede6c Bump .Dd.
Noticed by:	danger
2006-09-13 18:34:32 +00:00
Joel Dahl
3e1f331553 Remove references to the pam(8) manual page. It does not exist.
Requested by:	novel
Discussed with:	brueffer, simon
2006-09-13 17:46:20 +00:00
Dag-Erling Smørgrav
f5e30bd1ff Additional debugging stuff I had in my tree. 2006-08-11 17:03:33 +00:00
Stefan Farfeleder
c67bd97df8 Change the GCC specific __FUNCTION__ to C99's __func__.
OK'ed by:	des
2006-07-17 11:48:52 +00:00
Dag-Erling Smørgrav
9fd9594daf Add a manual dependency on ssh_namespace.h.
Discussed with:	ru
2006-05-13 21:38:16 +00:00
Dag-Erling Smørgrav
ed22e27d8a Introduce a namespace munging hack inspired by NetBSD to avoid polluting
the namespace of applications which inadvertantly link in libssh (usually
through pam_ssh)

Suggested by:	lukem@netbsd.org
MFC after:	6 weeks
2006-05-13 13:47:45 +00:00
Wojciech A. Koszek
2ecd560bcc There is no need to pass NULL to the pam_error() as the last argument.
Remove it.

Reviewed by:	des
Approved by:	cognet (mentor)
2006-03-20 16:56:08 +00:00
Ruslan Ermilov
c365539d86 Fix build until I find a way to handle this case properly. 2006-03-19 08:52:49 +00:00
Ruslan Ermilov
9e7c92716b Revert last delta. 2006-03-19 06:14:30 +00:00
Poul-Henning Kamp
371b1253c9 Comment out MK_PROFILE until ru@ can fix this properly 2006-03-19 04:49:11 +00:00
Ruslan Ermilov
5740a2b62d Convert NO_PROFILE and NO_LIB32 to new style. 2006-03-18 21:37:05 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Yaroslav Tykhiy
4df7b351e2 Add appropriate xrefs.
MFC after:	3 days
2006-03-06 13:15:12 +00:00
Yaroslav Tykhiy
08284aaa25 Since the whole login.access feature has moved to PAM,
login.access.5 will be installed from the respective PAM
module's src directory.

MFC after:	3 days
2006-03-06 12:31:25 +00:00
Yaroslav Tykhiy
5c042d7b07 Sync with src/usr.bin/login/login.access.5.
src/usr.bin/login/login.access.5 should be removed from use
because the whole login.access feature has moved to this PAM
module.

MFC after:	3 days
2006-03-06 12:26:43 +00:00
Ruslan Ermilov
ce8bf81ff2 Commenting out WARNS actually brought it up to 4. 2005-09-28 14:36:16 +00:00
Dag-Erling Smørgrav
40e48f9362 Comment out WARNS, the OpenSSL headers don't compile cleanly on some platforms. 2005-09-28 06:23:47 +00:00
Dag-Erling Smørgrav
f8ac10df9f Increase WARNS. 2005-09-26 20:34:09 +00:00
Dag-Erling Smørgrav
bd43956b81 Correct the logic for determining whether the user has already entered
a password.  Also, work around some harmless type pun warnings.

MFC after:	3 days
2005-09-26 20:33:53 +00:00
Dag-Erling Smørgrav
c777c69bdc Do not use passphraseless keys for authentication unless the nullok
option was specified.

PR:		bin/81231
Submitted by:	"Daniel O'Connor" <doconnor@gsoft.com.au>
MFC after:	3 days
2005-09-22 05:35:24 +00:00
Dag-Erling Smørgrav
ea174c52f5 Narrow the use of user credentials.
Fix one case where openpam_restore_cred() might be called twice in a row.

MFC after:	3 days
2005-09-21 16:08:40 +00:00
Colin Percival
25284732cd When (re)allocating space for an array of pointers to char, use
sizeof(*list), not sizeof(**list).  (i.e., sizeof(pointer) rather than
sizeof(char)).

It is possible that this buffer overflow is exploitable, but it was
added after RELENG_5 forked and hasn't been MFCed, so this will not
receive an advisory.

Submitted by:	Vitezslav Novy
MFC after:	1 day
2005-09-19 18:43:11 +00:00
Ken Smith
a84020c2b9 Bump the shared library version number of all libraries that have not
been bumped since RELENG_5.

Reviewed by:	ru
Approved by:	re (not needed for commit check but in principle...)
2005-07-22 17:19:05 +00:00
Ken Smith
5adb21a681 Missed one piece of the cluster's quirk. Need to override WARNS because
if _FREEFALL_CONFIG is set gcc bails since pam_sm_setcred() in pam_krb5.c
no longer uses any of its parameters.

Pointy hat:	kensmith
Approved by:	re (scottl)
2005-07-08 14:53:45 +00:00
Ken Smith
2672e71736 This is sort of an MFS. Peter made these changes to the RELENG_*
branches but missed HEAD.  This patch extends his a little bit,
setting it up via the Makefiles so that adding _FREEFALL_CONFIG
to /etc/make.conf is the only thing needed to cluster-ize things
(current setup also requires overriding CFLAGS).

From Peter's commit to the RELENG_* branches:
> Add the freebsd.org custer's source modifications under #ifdefs to aid
> keeping things in sync.  For ksu:
> * install suid-root by default
> * don't fall back to asking for a unix password (ie: be pure kerberos)
> * allow custom user instances for things like www and not just root

The Makefile tweaks will be MFC-ed, the rest is already done.

MFC after:      3 days
Approved by:    re (dwhite)
2005-07-07 14:16:38 +00:00
Dag-Erling Smørgrav
d3cf5f1524 Use the correct login class when setting a new password.
PR:		65557, 72949
Submitted by:	Stephen P. Cravey <clists@gotbrains.org>
Approved by:	re (scottl)
MFC after:	2 weeks
2005-07-05 18:42:18 +00:00
Dag-Erling Smørgrav
0d13f5f0c6 Update for OpenPAM Figwort.
Approved by:	re (kensmith)
2005-06-17 08:14:42 +00:00
Ruslan Ermilov
f789cb8293 Assorted markup fixes.
Approved by:	re
2005-06-15 19:04:04 +00:00
Dag-Erling Smørgrav
30d0a60aed Don't use a cast as an lvalue.
Add a redundant test to make it painfully obvious to the reader that this
code does not support IPv6.

Approved by:	re (dwhite)
MFC after:	1 week
2005-06-13 21:18:52 +00:00
Dag-Erling Smørgrav
57341fbcf3 Use appropriate error codes for each facility instead of just PAM_AUTH_ERR.
Noticed by:	pjd
2005-06-10 06:16:13 +00:00
Dag-Erling Smørgrav
40e0db94af Revert the commits that made libssh an INTERNALLIB; they caused too much
trouble, especially on amd64.

Requested by:	ru
2005-06-07 09:31:28 +00:00
Dag-Erling Smørgrav
e4c2fedcc7 Fix libssh dependency. 2005-06-06 19:01:01 +00:00
Hajimu UMEMOTO
d928d41c84 NI_WITHSCOPEID cleanup
Reviewed by:	des
2005-05-13 20:51:09 +00:00
Ruslan Ermilov
0227791b40 Expand *n't contractions. 2005-02-13 22:25:33 +00:00
Dag-Erling Smørgrav
9d97c7ee0a In addition to the PAM environment, export a handful of useful PAM items.
Suggested by:	Ed Maste <emaste@phaedrus.sandvine.ca>
2005-02-01 10:37:07 +00:00
Dag-Erling Smørgrav
30984a1288 Add openpam_free_envlist(3). 2005-02-01 10:21:07 +00:00
Robert Watson
ed41980cbb When "no_ccache" is set as an argument to the pam_krb5 module, don't
copy the acquired TGT from the in-memory cache to the on-disk cache
at login.  This was documented but un-implemented behavior.

MFC after:		1 week
PR:			bin/64464
Reported and tested by:	Eric van Gyzen <vangyzen at stat dot duke dot edu>
2005-01-24 16:49:50 +00:00
Robert Watson
16417879f1 The final argument to verify_krb_v5_tgt() is the debug flag, not the
ticket forwardable flag, so key generation of debugging output to
"debug" rather than "forwardable".

Update copyright.

MFC after:	3 days
2005-01-23 15:57:07 +00:00
Ruslan Ermilov
3ac17feb8a Fixed xref. 2005-01-21 10:48:35 +00:00
Ruslan Ermilov
a216173556 NOCRYPT -> NO_CRYPT 2004-12-21 10:16:04 +00:00
Ruslan Ermilov
2c74b2cb07 NOINSTALLLIB -> NO_INSTALLLIB 2004-12-21 09:51:09 +00:00
Ruslan Ermilov
ab7a294721 NODOCCOMPRESS -> NO_DOCCOMPRESS
NOINFO -> NO_INFO
NOINFOCOMPRESS -> NO_INFOCOMPRESS
NOLINT -> NO_LINT
NOPIC -> NO_PIC
NOPROFILE -> NO_PROFILE
2004-12-21 09:33:47 +00:00
Bjoern A. Zeeb
6c58990d47 Add knob NO_NIS (fka NO_YP_LIBC) and make world compileable when set.
If turned on  no NIS support and related programs will be built.

Lost parts rediscovered by:	Danny Braniss <danny at cs.huji.ac.il>
PR:		bin/68303
No objections:	des, gshapiro, nectar
Reviewed by:	ru
Approved by:	rwatson (mentor)
MFC after:	2 weeks
2004-11-13 20:40:32 +00:00
Ruslan Ermilov
a35d88931c For variables that are only checked with defined(), don't provide
any fake value.
2004-10-24 15:33:08 +00:00
Colin Percival
d37df47d31 Join the 21st century: Cryptography is no longer an optional component
of releases.  The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.

Approved by:	re (scottl), markm
Discussed on:	freebsd-current, in late April 2004
2004-08-06 07:27:08 +00:00
Alexander Kabaev
2d18d113c7 Downgrade WARNS level for GCC 3.4.2. 2004-07-28 05:49:15 +00:00
Ruslan Ermilov
b9384efc1c Markup nits. 2004-07-05 06:39:03 +00:00
Ruslan Ermilov
1c85060a13 Sort SEE ALSO references (in dictionary order, ignoring case). 2004-07-04 20:55:50 +00:00
Ruslan Ermilov
1a0a934547 Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
Ruslan Ermilov
839693c44f Deal with unsafe tab characters. 2004-07-02 19:55:26 +00:00
Ruslan Ermilov
862b46f607 Markup, grammar, punctuation. 2004-07-01 18:20:57 +00:00
Alexander Kabaev
2758535974 Revert the last change. There are more 64bit platforms than amd64, and
they break due to diferent alignment restrictions.
2004-06-25 12:32:45 +00:00
Alexander Kabaev
0cb04d0b33 Remove the use of cast as lvalue. 2004-06-25 01:54:26 +00:00
Dag-Erling Smørgrav
dce2454396 Add -DDEBUG to DEBUG_FLAGS if PAM_DEBUG is defined. 2004-03-15 13:23:20 +00:00
Mark Murray
16fc3635f7 Make NULL a (void*)0 whereever possible, and fix the warnings(-Werror)
that this provokes. "Wherever possible" means "In the kernel OR NOT
C++" (implying C).

There are places where (void *) pointers are not valid, such as for
function pointers, but in the special case of (void *)0, agreement
settles on it being OK.

Most of the fixes were NULL where an integer zero was needed; many
of the fixes were NULL where ascii <nul> ('\0') was needed, and a
few were just "other".

Tested on: i386 sparc64
2004-03-05 08:10:19 +00:00
Colin Percival
d623b765cf style cleanup: Remove duplicate $FreeBSD$ tags.
These files had tags after the copyright notice,
inside the comment block (incorrect, removed),
and outside the comment block (correct).

Approved by:	rwatson (mentor)
2004-02-10 20:42:33 +00:00
Dag-Erling Smørgrav
af9b407414 Fix numerous constness and aliasing issues. 2004-02-10 10:13:21 +00:00
Ruslan Ermilov
751378136d Put libraries in the link order.
Reported by:	lorder(1) (modified to work with libraries)
2004-02-04 10:23:09 +00:00
Ruslan Ermilov
1e73d261f5 This module doesn't use libgssapi (and it looks never did). 2004-02-04 09:41:47 +00:00
Dag-Erling Smørgrav
3a59e89e73 Implement pam_sm_close_session().
PR:		bin/61657
Submitted by:	Joe R. Doupnik <jrd@cc.usu.edu>
2004-01-26 19:28:37 +00:00
Ruslan Ermilov
bb96dfc53a Deal better with the crypto version of the PAM library that goes
on the release media -- only put what is different in the crypto
version compared to the base version.  This reduces PAM entries
in /usr/lib in the "crypto" distribution to:

	libpam.a
	libpam.so@
	libpam.so.2
	pam_krb5.so@
	pam_krb5.so.2
	pam_ksu.so@
	pam_ksu.so.2
	pam_ssh.so@
	pam_ssh.so.2

The libpam.so* is still redundant (it is identical to the "base"
version), but we can't set DISTRIBUTION differently for libpam.a
and libpam.so.

(The removal of libpam.so* from the crypto distribution could be
addressed by the release/scripts/crypto-make.sh script, but then
we'd also need to remove redundant PAM headers, and I'm not sure
this is worth a hassle.)
2004-01-18 14:58:07 +00:00
Ruslan Ermilov
7372ca5c03 DISTRIBUTION is normally single-valued. 2004-01-18 09:32:52 +00:00
Jens Schweikhardt
898fc4a340 Remove crossref to pam.conf(5) which never existed. 2004-01-17 09:46:49 +00:00
Ruslan Ermilov
9bf5abe215 bsd.dep.mk,v 1.43 allows us to replace a hack with a solution. 2004-01-13 17:38:42 +00:00
Dag-Erling Smørgrav
33b7c0d94c Fix a strict aliasing issue. Also remove an unnecessary pam_get_item()
call (pam_get_authtok() will return the previous token if try_first_pass
or use_first_pass is specified).  Incidentally fix an ugly bug where the
buffer holding the prompt was freed immediately before use, instead of
after.
2003-12-11 15:51:03 +00:00
Dag-Erling Smørgrav
4911b12cba More strict aliasing fixes.
Submitted by:	Andreas Hauser <andy-freebsd@splashground.de>
2003-12-11 15:48:09 +00:00
Dag-Erling Smørgrav
91e938693e Fix strict aliasing breakage in PAM modules (except pam_krb5, which needs
more work than the others).  This should make most modules build with -O2.
2003-12-11 13:55:16 +00:00
Maxim Sobolev
cd28f89c12 Fix on sparc64.
Reported by:	rwatson/tinderbox
MFC after:	2 weeks
2003-11-12 23:36:17 +00:00
Maxim Sobolev
f142677b46 Add a new configuration variable - nas_ipaddr, which if set allows to
set NAS-IP-Address attribute in requests generated by the pam_radius
module. This attribute is mandatory for some Radius servers out there.

Reviewed by:	des
MFC after:	2 weeks
2003-11-12 17:47:23 +00:00
Ken Smith
921e5ca770 - fix to UID test description, non-zero -> zero
PR:		docs/57799
Reviewed by:	des
Approved by:	blackend (mentor)
2003-10-17 17:03:38 +00:00
Dag-Erling Smørgrav
24db258f35 Ignore ECHILD from waitpid(2) (our child may have been reaped by the
calling process's SIGCHLD handler)

PR:		bin/45669
2003-09-19 11:33:03 +00:00
Dag-Erling Smørgrav
3a256117dc Revert previous commit after fixing libpam. 2003-07-21 19:56:28 +00:00
Dag-Erling Smørgrav
015d0cd6e2 Add a __DECONST() to unbreak the build. 2003-07-15 14:36:36 +00:00
Martin Blapp
dd01398df6 Fix the master yppasswd routines, so they really work
for root on ypmaster. yppasswd_local() did use YPPASSWDPROG
instead of MASTER_YPPASSWDPROG, and the domain was not set,
resulting in a coredump during xdr-encode.

Reviewed by:	des
2003-06-15 10:37:22 +00:00
Dag-Erling Smørgrav
2d2b70f60b Add openpam_readline(3). 2003-06-01 12:54:51 +00:00
Dag-Erling Smørgrav
008c1ace7b Retire pam_wheel(8) (which has been disconnected for quite a while) and
pam_ftp(8).
2003-06-01 11:50:35 +00:00
Dag-Erling Smørgrav
ae1e82627a Don't build pam_std_option(). 2003-05-31 23:38:16 +00:00
Dag-Erling Smørgrav
4d6991c692 Update copyright dates. 2003-05-31 17:19:03 +00:00
Dag-Erling Smørgrav
f7d39b0967 Remove pam_std_option() and related functions. Add #defines for common
options.
2003-05-31 16:56:35 +00:00
Dag-Erling Smørgrav
545aa47101 Remove all instances of pam_std_option() 2003-05-31 16:55:07 +00:00
Dag-Erling Smørgrav
d462d3923b Introduce pam_guest(8) which will replace pam_ftp(8). 2003-05-31 16:52:58 +00:00
Ruslan Ermilov
734ac3b543 mdoc(7) fixes.
Approved by:	re (blanket)
2003-05-24 19:53:08 +00:00
Dag-Erling Smørgrav
7691f66abf Retire the useless NOSECURE knob.
Approved by:	re (scottl)
2003-05-19 15:52:01 +00:00
Dag-Erling Smørgrav
8b48559cff OpenPAM is WANRS6-clean. 2003-05-05 21:15:35 +00:00
Mark Murray
dbf104e68d Turn MAKE_KERBEROS5 into NO_KERBEROS by negating the logic. Some extra
cleanups were necessary in release/Makefile, and the tinderbox code
was syntax checked, not run checked.
2003-05-05 07:58:44 +00:00
Mark Murray
aaa2c2ab24 Trasmute moer "krb5" distibutions into "crypto". 2003-05-01 21:21:15 +00:00
Dag-Erling Smørgrav
6c0510dc2f Use C99-style varadic macros instead of the non-standard gcc syntax. 2003-05-01 15:08:55 +00:00
Dag-Erling Smørgrav
e50fb9d500 Mark libpam as c99- and WARNS5-clean. 2003-05-01 14:55:06 +00:00
Dag-Erling Smørgrav
8f3031025b Make sure rhostip is always initialized.
PR:		bin/51508
Submitted by:	Peter Grimshaw <peter@tesseract.demon.co.uk>
2003-04-30 00:49:42 +00:00
Dag-Erling Smørgrav
ccd703cfe4 Treat an empty PAM_RHOST the same as a NULL one.
PR:		bin/51508
2003-04-30 00:44:05 +00:00
Dag-Erling Smørgrav
3edc7b4e0b Set $HOME to the correct directory (within the chroot tree). 2003-04-30 00:40:24 +00:00
Dag-Erling Smørgrav
be01d58da1 Remove a bogus null password check which assumed that a user with an empty
password must necessarily have an empty pwd->pw_passwd.  Also add a check
that prevents users from setting a blank password unless the nullok option
was specified.  Root is still allowed to give anyone a blank password.
2003-04-24 12:26:25 +00:00
Dag-Erling Smørgrav
a8643c9882 Connect the pam_chroot(8) module to the build. 2003-04-08 16:52:34 +00:00
Dag-Erling Smørgrav
d4e15f10b1 Add a cwd option which specifies where to chdir(2) after the chroot(2).
When using the /home/./foo scheme, this defaults to the rhs (/foo);
otherwise it defaults to /.
2003-04-08 16:52:18 +00:00
Dag-Erling Smørgrav
eac956b2d1 Experimental pam_chroot module (not connected to the build) 2003-03-30 22:58:23 +00:00
Dag-Erling Smørgrav
f5bbe11124 This module is not WARNS-clean, due to brokenness in OpenSSL headers. 2003-03-10 09:19:08 +00:00
Dag-Erling Smørgrav
16bb3109e3 Somewhat better wording. 2003-03-10 09:15:26 +00:00
Dag-Erling Smørgrav
02a19b0184 Silence warning caused by OPIE brokenness. 2003-03-10 09:15:08 +00:00
David E. O'Brien
7f03a257ac style.Makefile(5) police
(I've tried to keep to the spirit of the original formatting)

Reviewed by:	des
2003-03-09 20:06:38 +00:00
Mark Murray
5d658b151b KerberosIV de-orbit burn continues. Remove the KerberosIV PAM module. 2003-03-08 10:33:20 +00:00
Mark Murray
b4240e6ce9 Comment-only assistance to lint to kill warnings. 2003-03-08 10:30:49 +00:00
Ruslan Ermilov
66abb7a636 mdoc(7) police: Nits. 2003-03-03 11:45:18 +00:00
Ruslan Ermilov
522ccf3f35 mdoc(7) police: markup laundry. 2003-02-23 01:47:49 +00:00
Dag-Erling Smørgrav
859ac7c46f Add an "allow_local" option which forces historical behaviour. 2003-02-16 13:01:03 +00:00
Dag-Erling Smørgrav
b645332a81 Assume "localhost" if no remote host was specified. This is safe from a
POLA point of view since the stock /etc/opieaccess now allows localhost.
2003-02-15 23:26:49 +00:00
Dag-Erling Smørgrav
48c12730cd Use pam_get_user(3) instead of pam_get_item(3) where appropriate. 2003-02-10 18:59:20 +00:00
Dag-Erling Smørgrav
d902781908 Complete rewrite of pam_ssh(8). The previous version was becoming hard
to maintain, and had security issues which would have required a major
rewrite to address anyway.

This implementation currently starts a separate agent for each session
instead of connecting each new session to the agent started by the first
one.  While this would be a Good Thing (and the old pam_ssh(8) tried to
do it), it's hard to get right.  I'll revisit this issue when I've had a
chance to test some modifications to ssh-agent(1).
2003-02-09 21:20:44 +00:00
Dag-Erling Smørgrav
687200d002 Maybe I was a little too fast? Remove debugging code, and commit the
Makefile and man page which I'd forgotten to 'cvs add'.

Sponsored by:	DARPA, NAI Labs
2003-02-06 14:27:48 +00:00
Dag-Erling Smørgrav
7cde604ebd Replace pam_wheel(8) with pam_group(8) which has a cleaner interface. The
pam_wheel(8) module was written to work in spite of a broken libpam, and
has grown organically since its inception, which is reflected in both its
functionality and implementation.  Rather than clean up pam_wheel(8) and
break backward compatibility, I've chosen to reimplement it under a new,
more generic name.

Sponsored by:	DARPA, NAI Labs
2003-02-06 14:24:14 +00:00
Dag-Erling Smørgrav
9e2409d3d5 Make sure the message is only printed once. 2003-02-06 14:19:50 +00:00
Dag-Erling Smørgrav
915bae31b7 Don't blame markm for what he didn't do - writing these man pages, for
instance.  Also bump the date since I made substantial modifications
earlier today.
2003-02-06 13:47:21 +00:00
Dag-Erling Smørgrav
37def36f9b Update copyright. 2003-02-06 12:56:51 +00:00
Dag-Erling Smørgrav
caeab58cd8 Add support for escape sequences in the arguments (e.g. %u for user name)
Sponsored by:	DARPA, NAI Labs
2003-02-06 12:56:39 +00:00
Dag-Erling Smørgrav
a76a4d449d Export the PAM environment to the child process instead of the "normal"
environment list, which may be unsafe and / or sensitive.

Sponsored by:	DARPA, NAI Labs
2003-02-06 12:40:58 +00:00
Dag-Erling Smørgrav
aa7f9c67e6 Minimal manual page for pam_kerberosIV(8).
Sponsored by:	DARPA, NAI Labs
2003-02-06 10:55:11 +00:00
Dag-Erling Smørgrav
8dad14b11b In pam_sm_acct_mgmt(), retrieve the cached credentials before trying to
initialize the context.  This way, a failure to initialize the context is
not fatal unless we actually have work to do - because if we don't, we
return PAM_SUCCESS without even trying to initialize the context.
2003-02-03 09:45:41 +00:00
Dag-Erling Smørgrav
bd12700b18 Whitespace cleanup 2003-02-03 09:43:28 +00:00
Dag-Erling Smørgrav
cb6e9daaa9 OpenPAMify. 2003-02-02 18:43:58 +00:00
Jacques Vidrine
8f857e88c4 Do not return inappropriate error codes in pam_sm_setcred. 2003-01-29 21:20:38 +00:00
Jacques Vidrine
e0bc74123b About September 2001, I consulted with all the previous authors of
pam_krb5 to consolidate the copyright texts.  The semi-official
pam_krb5 module has been distributed with this new license text ever
since, but I'm just now getting around to updating the text here.
2003-01-10 13:38:44 +00:00
Jens Schweikhardt
57bd0fc6e8 english(4) police. 2002-12-27 12:15:40 +00:00
Ruslan Ermilov
fb3acdd2a2 mdoc(7) police: removed gratuitous .Pp call. 2002-12-23 15:21:57 +00:00
Dag-Erling Smørgrav
32f0c0487b Merge in most non-style differences from Andrew Korty's pam_ssh 1.7. 2002-12-16 14:33:18 +00:00
Ruslan Ermilov
87e9be3900 mdoc(7) police: .Dt is ALL UPPERCASE.
Approved by:	re
2002-12-12 08:19:47 +00:00
Ruslan Ermilov
1798791d24 mdoc(7) police: formatting nits.
Approved by:	re
2002-11-29 15:57:50 +00:00
Dag-Erling Smørgrav
bb16bd87d7 Whitespace nits.
Approved by:	re (bmah)
2002-11-28 20:11:31 +00:00
Dag-Erling Smørgrav
3fdd8a4036 Add a PAM_MODULE_ENTRY to this module so it'll actually do something.
Approved by:	re (bmah)
2002-11-28 20:05:42 +00:00
Peter Wemm
6ceeb6902a utmp.ut_time and lastlog.ll_time are explicitly int32_t rather than
time_t.  Deal with the possibility that time_t != int32_t.  This boils
down to this sort of thing:
 -   time(&ut.ut_time);
 +   ut.ut_time = time(NULL);
and similar for ctime(3) etc.  I've kept it minimal for the stuff
that may need to be portable (or 3rd party code), but used Matt's time32
stuff for cases where that isn't as much of a concern.

Approved by: re (jhb)
2002-11-15 22:42:00 +00:00
Ruslan Ermilov
3f66c888ec Make dynamic PAM modules depend on dynamic PAM library.
Requested by:	des, markm
2002-11-14 19:24:51 +00:00
Jacques Vidrine
7c2274dc95 The pam_krb5 module stored a reference to a krb5_ccache structure as
PAM module state (created in pam_sm_authenticate and referenced later
in pam_sm_setcred and pam_sm_acct_mgmt).  However, the krb5_ccache
structure shares some data members with the krb5_context structure
that was used in its creation.  Since a new krb5_context is created
and destroyed at each PAM entry point, this inevitably caused the
krb5_ccache structure to reference free'd memory.

Now instead of storing a pointer to the krb5_ccache structure,
we store the name of the cache (e.g. `MEMORY:0x123CACHE') in
pam_sm_authenticate, and resolve the name in the other entry points.

This bug was uncovered by phkmalloc's free'd memory scrubbing.

Approved by:	re (jhb)
2002-11-13 17:46:15 +00:00
Jacques Vidrine
88c8bcce6c Use krb5_get_err_text' instead of error_message' so that instead of
e.g.

   Unknown error: -1765328378

we get

   Client not found in Kerberos database

Another way to accomplish this would have been to leave
`error_message' alone, but to explicitly load the Kerberos com_err
error tables.  However, I don't really like the idea of a PAM module
dorking with global tables.

Approved by:	re (jhb)
2002-11-13 17:44:29 +00:00
Dag-Erling Smørgrav
a1d214e88b Allow the admin to specify a different NAS identifier than the hostname.
Submitted by:	Boris Kovalenko <boris@ntmk.ru>
2002-10-28 10:28:46 +00:00
Robert Watson
195426c211 Introduce 'exempt_if_empty' option to pam_wheel(8), which bypasses the
group membership requirement if the group has no explicit members listed
in /etc/group.  By default, this group is the wheel group; setting this
flag restores the default BSD behavior from 4.x.

Reviewed by:	markm
Requested by:	various
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-18 02:37:29 +00:00
Ruslan Ermilov
890b32ee41 Build kerberized versions of the PAM library, and install them
into corresponding distributions during "make release".  (This
also cleans the "slib" distribution up from the .o files.)

PR:		misc/43825 (inspired by)
2002-10-11 14:17:09 +00:00
Peter Wemm
224af215a6 Zap now-unused SHLIB_MINOR 2002-09-28 00:25:32 +00:00
Peter Wemm
66422f5b7a Initiate deorbit burn for the i386-only a.out related support. Moves are
under way to move the remnants of the a.out toolchain to ports.  As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL.  It has already lasted WAY beyond
that.

Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.

Tested on: i386 (extensively), alpha
2002-09-17 01:49:00 +00:00
Dag-Erling Smørgrav
68e6e4bd40 Since pam_get_authtok(3) doesn't know about our options structure, setting
the PAM_ECHO_PASS option on-the-fly is a NOP (though it wasn't with the
old pam_get_pass(3) code).  Instead, call pam_prompt(3) directly.  This
actually simplifies the code a bit.

MFC after:	3 days
2002-07-30 08:32:03 +00:00
Dag-Erling Smørgrav
99260419d6 Install more man pages - I thought I'd committed this ages ago... 2002-07-23 17:59:46 +00:00
Ruslan Ermilov
c101b5f3f3 Tidy up. 2002-06-06 13:55:01 +00:00
Dag-Erling Smørgrav
eb6f605e2f Missed one in previous commit.
Pointed out by:	nectar
2002-05-30 20:48:59 +00:00
Ruslan Ermilov
6a63652701 mdoc(7) police: kill whitespace at EOL. 2002-05-30 14:52:00 +00:00
Ruslan Ermilov
5617846748 mdoc(7) police: polish markup. 2002-05-30 14:49:57 +00:00
Ruslan Ermilov
9baa2c98cf mdoc(7) police: tidy up the markup. 2002-05-30 14:32:48 +00:00
Jacques Vidrine
3a27166692 Add pam_ksu(8), a module to do Kerberos 5 authentication and
$HOME/.k5login authorization for su(1).

Reviewed by:	des (earlier version)
2002-05-28 20:52:31 +00:00
Dag-Erling Smørgrav
c096af69cd Add openpam_nullconv.3. 2002-05-24 13:22:15 +00:00
Dag-Erling Smørgrav
f346f31b43 Add missing include. 2002-05-24 13:20:40 +00:00
Dag-Erling Smørgrav
f65b218085 Just to show that PAM can do almost anything from the ridiculous to the
obscene, or - as they say in New York - sophisticated, add pam_echo(8) and
pam_exec(8) to our ever-lengthening roster of PAM modules.

Sponsored by:	DARPA, NAI Labs.
2002-05-23 22:03:06 +00:00
Dag-Erling Smørgrav
2569c273c7 Hide a couple of unguarded error returns behind the no_fail test. 2002-05-23 00:02:59 +00:00
Juli Mallett
816c6c91e2 Free old_pwd only in the code path where it has been allocated.
Reviewed by:	des
2002-05-22 23:18:25 +00:00
David E. O'Brien
1dba4170b1 Do not build pam_ssh if NOSECURE is set (NO_OPENSSL is on a subset of NOSECURE) 2002-05-15 20:25:32 +00:00
Ruslan Ermilov
2a53f3fb35 Major cleanup of bsd.lib.mk.
Get rid of the INTERNALSTATICLIB knob and just use plain INTERNALLIB.
INTERNALLIB now means to build static library only and don't install
anything.  Added a NOINSTALLLIB knob for libpam/modules.  To not
build any library at all, just do not set LIB.
2002-05-13 10:53:24 +00:00
Ruslan Ermilov
c7b111cba8 Added new bsd.incs.mk which handles installing of header files
via INCS.  Implemented INCSLINKS (equivalent to SYMLINKS) to
handle symlinking include files.  Allow for multiple groups of
include files to be installed, with the powerful INCSGROUPS knob.
Documentation to follow.

Added standard `includes' and `incsinstall' targets, use them
in Makefile.inc1.  Headers from the following makefiles were
not installed before (during `includes' in Makefile.inc1):

	kerberos5/lib/libtelnet/Makefile
	lib/libbz2/Makefile
	lib/libdevinfo/Makefile
	lib/libform/Makefile
	lib/libisc/Makefile
	lib/libmenu/Makefile
	lib/libmilter/Makefile
	lib/libpanel/Makefile

Replaced all `beforeinstall' targets for installing includes
with the INCS stuff.

Renamed INCDIR to INCSDIR, for consistency with FILES and SCRIPTS,
and for compatibility with NetBSD.  Similarly for INCOWN, INCGRP,
and INCMODE.

Consistently use INCLUDEDIR instead of /usr/include.

gnu/lib/libstdc++/Makefile and gnu/lib/libsupc++/Makefile changes
were only lightly tested due to the missing contrib/libstdc++-v3.
I fully tested the pre-WIP_GCC31 version of this patch with the
contrib/libstdc++.295 stuff.

These changes have been tested on i386 with the -DNO_WERROR "make
world" and "make release".
2002-05-12 16:01:00 +00:00
Dag-Erling Smørgrav
55589c84e2 Don't declare krb5_mcc_ops, it's already declared in <krb5.h> 2002-05-12 07:06:27 +00:00
Dag-Erling Smørgrav
f1d0592537 Use libutil and libypclnt for all passwd manipulation and NIS needs.
Sponsored by:	DARPA, NAI Labs
2002-05-08 00:54:29 +00:00
Dag-Erling Smørgrav
89136eab16 Add a no_fail option.
Sponsored by:	DARPA, NAI Labs
2002-05-08 00:31:45 +00:00
Dag-Erling Smørgrav
2256d3698a Add pam_ftpusers(8), which enforces /etc/ftpusers.
Sponsored by:	DARPA, NAI Labs
2002-05-08 00:30:10 +00:00
Dag-Erling Smørgrav
597aaec942 Add openpam_nullconv.c to SRCS. 2002-05-02 04:42:59 +00:00
Dag-Erling Smørgrav
0f6517b7d8 Don't ask root for the old password, except in the NIS case.
Sponsored by:	DARPA, NAI Labs
2002-04-26 19:28:17 +00:00
Dag-Erling Smørgrav
c8c20c5226 Fix a really dumb bug (missing curly braces around the body of an if
statement) that caused pam_sm_chauthtok() to always fail silently.
2002-04-26 01:47:48 +00:00
Dag-Erling Smørgrav
750e6876cf Oops, fix an inverted if test. 2002-04-20 16:52:41 +00:00
Dag-Erling Smørgrav
1583027008 Strip /dev/ from tty name, and clean up the "last login" printout.
Sponsored by:	DARPA, NAI Labs
2002-04-20 16:44:32 +00:00
Ruslan Ermilov
3cb7acc2cd Revert previous change. bsd.dep.mk,v 1.31 had a bug that was fixed
in revision 1.32 and made this change OBE.
2002-04-17 05:46:41 +00:00
Dag-Erling Smørgrav
b1e0b30d83 Add a missing .El and fix a typo.
Spotted by:	Solar Designer <solar@openwall.com>
Sponsored by:	DARPA, NAI Labs
2002-04-16 22:38:47 +00:00
Ruslan Ermilov
c34f0a19f7 Reflect change in share/mk/bsd.dep.mk,v 1.31. 2002-04-16 12:52:22 +00:00
Dag-Erling Smørgrav
c82bffaa40 Revert previous commit, it is incorrect. 2002-04-15 22:51:31 +00:00
David E. O'Brien
f01afd3101 Properly spell rpcsvc/ypclnt.h and fix the build. 2002-04-15 22:47:28 +00:00
Dag-Erling Smørgrav
4c8153125a Throw in NO_WERROR to please the peanut gallery. 2002-04-15 13:10:28 +00:00
Dag-Erling Smørgrav
53fd6d26b2 Use PAM_SUCCESS instead of PAM_IGNORE. 2002-04-15 06:26:32 +00:00
Dag-Erling Smørgrav
ab4f115e57 Whitespace nits. 2002-04-15 03:52:22 +00:00
Dag-Erling Smørgrav
f71d08000d Add a manual page based on Solar Designer's README.
Sponsored by:	DARPA, NAI Labs
2002-04-15 03:45:14 +00:00
Dag-Erling Smørgrav
a11a75ce7c pam_passwdqc depends on libcrypt. 2002-04-15 03:44:42 +00:00
Dag-Erling Smørgrav
7b733689a3 Prompt for new password during update phase, not during preliminary phase.
Sponsored by:	DARPA, NAI Labs
2002-04-15 03:00:14 +00:00
Dag-Erling Smørgrav
ff1bc287ac Dike out most of the NIS code and replace it with calls to libypclnt.
Rework pam_sm_chauthtok() so it (mostly?) works.
The standard pw stuff still needs to move into a library somewhere.

Sponsored by:	DARPA, NAI Labs
2002-04-15 02:34:43 +00:00