Commit Graph

326 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav
be01d58da1 Remove a bogus null password check which assumed that a user with an empty
password must necessarily have an empty pwd->pw_passwd.  Also add a check
that prevents users from setting a blank password unless the nullok option
was specified.  Root is still allowed to give anyone a blank password.
2003-04-24 12:26:25 +00:00
Dag-Erling Smørgrav
a8643c9882 Connect the pam_chroot(8) module to the build. 2003-04-08 16:52:34 +00:00
Dag-Erling Smørgrav
d4e15f10b1 Add a cwd option which specifies where to chdir(2) after the chroot(2).
When using the /home/./foo scheme, this defaults to the rhs (/foo);
otherwise it defaults to /.
2003-04-08 16:52:18 +00:00
Dag-Erling Smørgrav
eac956b2d1 Experimental pam_chroot module (not connected to the build) 2003-03-30 22:58:23 +00:00
Dag-Erling Smørgrav
f5bbe11124 This module is not WARNS-clean, due to brokenness in OpenSSL headers. 2003-03-10 09:19:08 +00:00
Dag-Erling Smørgrav
16bb3109e3 Somewhat better wording. 2003-03-10 09:15:26 +00:00
Dag-Erling Smørgrav
02a19b0184 Silence warning caused by OPIE brokenness. 2003-03-10 09:15:08 +00:00
David E. O'Brien
7f03a257ac style.Makefile(5) police
(I've tried to keep to the spirit of the original formatting)

Reviewed by:	des
2003-03-09 20:06:38 +00:00
Mark Murray
5d658b151b KerberosIV de-orbit burn continues. Remove the KerberosIV PAM module. 2003-03-08 10:33:20 +00:00
Mark Murray
b4240e6ce9 Comment-only assistance to lint to kill warnings. 2003-03-08 10:30:49 +00:00
Ruslan Ermilov
66abb7a636 mdoc(7) police: Nits. 2003-03-03 11:45:18 +00:00
Ruslan Ermilov
522ccf3f35 mdoc(7) police: markup laundry. 2003-02-23 01:47:49 +00:00
Dag-Erling Smørgrav
859ac7c46f Add an "allow_local" option which forces historical behaviour. 2003-02-16 13:01:03 +00:00
Dag-Erling Smørgrav
b645332a81 Assume "localhost" if no remote host was specified. This is safe from a
POLA point of view since the stock /etc/opieaccess now allows localhost.
2003-02-15 23:26:49 +00:00
Dag-Erling Smørgrav
48c12730cd Use pam_get_user(3) instead of pam_get_item(3) where appropriate. 2003-02-10 18:59:20 +00:00
Dag-Erling Smørgrav
d902781908 Complete rewrite of pam_ssh(8). The previous version was becoming hard
to maintain, and had security issues which would have required a major
rewrite to address anyway.

This implementation currently starts a separate agent for each session
instead of connecting each new session to the agent started by the first
one.  While this would be a Good Thing (and the old pam_ssh(8) tried to
do it), it's hard to get right.  I'll revisit this issue when I've had a
chance to test some modifications to ssh-agent(1).
2003-02-09 21:20:44 +00:00
Dag-Erling Smørgrav
687200d002 Maybe I was a little too fast? Remove debugging code, and commit the
Makefile and man page which I'd forgotten to 'cvs add'.

Sponsored by:	DARPA, NAI Labs
2003-02-06 14:27:48 +00:00
Dag-Erling Smørgrav
7cde604ebd Replace pam_wheel(8) with pam_group(8) which has a cleaner interface. The
pam_wheel(8) module was written to work in spite of a broken libpam, and
has grown organically since its inception, which is reflected in both its
functionality and implementation.  Rather than clean up pam_wheel(8) and
break backward compatibility, I've chosen to reimplement it under a new,
more generic name.

Sponsored by:	DARPA, NAI Labs
2003-02-06 14:24:14 +00:00
Dag-Erling Smørgrav
9e2409d3d5 Make sure the message is only printed once. 2003-02-06 14:19:50 +00:00
Dag-Erling Smørgrav
915bae31b7 Don't blame markm for what he didn't do - writing these man pages, for
instance.  Also bump the date since I made substantial modifications
earlier today.
2003-02-06 13:47:21 +00:00
Dag-Erling Smørgrav
37def36f9b Update copyright. 2003-02-06 12:56:51 +00:00
Dag-Erling Smørgrav
caeab58cd8 Add support for escape sequences in the arguments (e.g. %u for user name)
Sponsored by:	DARPA, NAI Labs
2003-02-06 12:56:39 +00:00
Dag-Erling Smørgrav
a76a4d449d Export the PAM environment to the child process instead of the "normal"
environment list, which may be unsafe and / or sensitive.

Sponsored by:	DARPA, NAI Labs
2003-02-06 12:40:58 +00:00
Dag-Erling Smørgrav
aa7f9c67e6 Minimal manual page for pam_kerberosIV(8).
Sponsored by:	DARPA, NAI Labs
2003-02-06 10:55:11 +00:00
Dag-Erling Smørgrav
8dad14b11b In pam_sm_acct_mgmt(), retrieve the cached credentials before trying to
initialize the context.  This way, a failure to initialize the context is
not fatal unless we actually have work to do - because if we don't, we
return PAM_SUCCESS without even trying to initialize the context.
2003-02-03 09:45:41 +00:00
Dag-Erling Smørgrav
bd12700b18 Whitespace cleanup 2003-02-03 09:43:28 +00:00
Dag-Erling Smørgrav
cb6e9daaa9 OpenPAMify. 2003-02-02 18:43:58 +00:00
Jacques Vidrine
8f857e88c4 Do not return inappropriate error codes in pam_sm_setcred. 2003-01-29 21:20:38 +00:00
Jacques Vidrine
e0bc74123b About September 2001, I consulted with all the previous authors of
pam_krb5 to consolidate the copyright texts.  The semi-official
pam_krb5 module has been distributed with this new license text ever
since, but I'm just now getting around to updating the text here.
2003-01-10 13:38:44 +00:00
Jens Schweikhardt
57bd0fc6e8 english(4) police. 2002-12-27 12:15:40 +00:00
Ruslan Ermilov
fb3acdd2a2 mdoc(7) police: removed gratuitous .Pp call. 2002-12-23 15:21:57 +00:00
Dag-Erling Smørgrav
32f0c0487b Merge in most non-style differences from Andrew Korty's pam_ssh 1.7. 2002-12-16 14:33:18 +00:00
Ruslan Ermilov
87e9be3900 mdoc(7) police: .Dt is ALL UPPERCASE.
Approved by:	re
2002-12-12 08:19:47 +00:00
Ruslan Ermilov
1798791d24 mdoc(7) police: formatting nits.
Approved by:	re
2002-11-29 15:57:50 +00:00
Dag-Erling Smørgrav
bb16bd87d7 Whitespace nits.
Approved by:	re (bmah)
2002-11-28 20:11:31 +00:00
Dag-Erling Smørgrav
3fdd8a4036 Add a PAM_MODULE_ENTRY to this module so it'll actually do something.
Approved by:	re (bmah)
2002-11-28 20:05:42 +00:00
Peter Wemm
6ceeb6902a utmp.ut_time and lastlog.ll_time are explicitly int32_t rather than
time_t.  Deal with the possibility that time_t != int32_t.  This boils
down to this sort of thing:
 -   time(&ut.ut_time);
 +   ut.ut_time = time(NULL);
and similar for ctime(3) etc.  I've kept it minimal for the stuff
that may need to be portable (or 3rd party code), but used Matt's time32
stuff for cases where that isn't as much of a concern.

Approved by: re (jhb)
2002-11-15 22:42:00 +00:00
Ruslan Ermilov
3f66c888ec Make dynamic PAM modules depend on dynamic PAM library.
Requested by:	des, markm
2002-11-14 19:24:51 +00:00
Jacques Vidrine
7c2274dc95 The pam_krb5 module stored a reference to a krb5_ccache structure as
PAM module state (created in pam_sm_authenticate and referenced later
in pam_sm_setcred and pam_sm_acct_mgmt).  However, the krb5_ccache
structure shares some data members with the krb5_context structure
that was used in its creation.  Since a new krb5_context is created
and destroyed at each PAM entry point, this inevitably caused the
krb5_ccache structure to reference free'd memory.

Now instead of storing a pointer to the krb5_ccache structure,
we store the name of the cache (e.g. `MEMORY:0x123CACHE') in
pam_sm_authenticate, and resolve the name in the other entry points.

This bug was uncovered by phkmalloc's free'd memory scrubbing.

Approved by:	re (jhb)
2002-11-13 17:46:15 +00:00
Jacques Vidrine
88c8bcce6c Use krb5_get_err_text' instead of error_message' so that instead of
e.g.

   Unknown error: -1765328378

we get

   Client not found in Kerberos database

Another way to accomplish this would have been to leave
`error_message' alone, but to explicitly load the Kerberos com_err
error tables.  However, I don't really like the idea of a PAM module
dorking with global tables.

Approved by:	re (jhb)
2002-11-13 17:44:29 +00:00
Dag-Erling Smørgrav
a1d214e88b Allow the admin to specify a different NAS identifier than the hostname.
Submitted by:	Boris Kovalenko <boris@ntmk.ru>
2002-10-28 10:28:46 +00:00
Robert Watson
195426c211 Introduce 'exempt_if_empty' option to pam_wheel(8), which bypasses the
group membership requirement if the group has no explicit members listed
in /etc/group.  By default, this group is the wheel group; setting this
flag restores the default BSD behavior from 4.x.

Reviewed by:	markm
Requested by:	various
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-18 02:37:29 +00:00
Ruslan Ermilov
890b32ee41 Build kerberized versions of the PAM library, and install them
into corresponding distributions during "make release".  (This
also cleans the "slib" distribution up from the .o files.)

PR:		misc/43825 (inspired by)
2002-10-11 14:17:09 +00:00
Peter Wemm
224af215a6 Zap now-unused SHLIB_MINOR 2002-09-28 00:25:32 +00:00
Peter Wemm
66422f5b7a Initiate deorbit burn for the i386-only a.out related support. Moves are
under way to move the remnants of the a.out toolchain to ports.  As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL.  It has already lasted WAY beyond
that.

Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.

Tested on: i386 (extensively), alpha
2002-09-17 01:49:00 +00:00
Dag-Erling Smørgrav
68e6e4bd40 Since pam_get_authtok(3) doesn't know about our options structure, setting
the PAM_ECHO_PASS option on-the-fly is a NOP (though it wasn't with the
old pam_get_pass(3) code).  Instead, call pam_prompt(3) directly.  This
actually simplifies the code a bit.

MFC after:	3 days
2002-07-30 08:32:03 +00:00
Dag-Erling Smørgrav
99260419d6 Install more man pages - I thought I'd committed this ages ago... 2002-07-23 17:59:46 +00:00
Ruslan Ermilov
c101b5f3f3 Tidy up. 2002-06-06 13:55:01 +00:00
Dag-Erling Smørgrav
eb6f605e2f Missed one in previous commit.
Pointed out by:	nectar
2002-05-30 20:48:59 +00:00
Ruslan Ermilov
6a63652701 mdoc(7) police: kill whitespace at EOL. 2002-05-30 14:52:00 +00:00