Commit Graph

29 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav
e9ae7bc234 This commit disables chain caching.
Chain caching is a feature of Linux-PAM, where pam_authenticate() and
pam_open_session() "freeze" the chain so that their companion
primitive (pam_setcred() and pam_close_session() respectively) will
call the exact same modules, skipping those that failed in the
previous call.

There are several reasons not to do this, the most prominent of which
is that it makes it impossible to call pam_setcred() without first
calling pam_authenticate() - which is perfectly valid according to
DCE/RFC 86.0 and XSSO, and is necessary to make 'login -f' work.

Instead of chain caching, implement something similar to the way
Solaris' libpam behaves: pam_setcred treats "sufficient" modules as if
they were "required", i.e. does not break the chain when they succeed.

PAM modules whose pam_sm_setcred() should not be called unless their
pam_sm_authenticate() succeeded can simply set a state variable using
pam_set_data() in pam_sm_authenticate(), and use pam_get_data() to
check it in pam_sm_setcred().

Sponsored by:	DARPA, NAI Labs
2002-01-24 15:30:03 +00:00
Mark Murray
73d7223603 WARNS=4 fixes.
OK'ed by:	des
2002-01-20 17:54:33 +00:00
Dag-Erling Smørgrav
cab8cba36f Although the previous went some way towards fixing the pam.conf / pam.d
problem, it still didn't DTRT for services that did not have a service-
specific policy if /etc/pam.d existed but did not contain an "other"
policy.  This fixes the problems some people have experienced with sudo.
And I almost didn't have to use goto.

The current configuration sequence is:

  1) Look for /etc/pam.d/foo

  2) If PAM_READ_BOTH_CONFS is defined, or step 1) failed, look for
     foo in /etc/pam.conf

  3) Look for /etc/pam.d/other (to fill in the gaps)

  4) If PAM_READ_BOTH_CONFS is defined, or step 3) failed, look for
     other in /etc/pam.conf

I believe this is the intended behaviour of the original code.  The least
surprising behaviour seems to be when PAM_READ_BOTH_CONFS is not defined -
/etc/pam.d/foo will be preferred over /etc/pam.conf, but the latter will
serve as a backup if the former does not exist.

Sponsored by:	DARPA, NAI Labs
2001-12-07 00:37:10 +00:00
Dag-Erling Smørgrav
0fbda1fc58 Fix a bug that made PAM fail if /etc/pam.d/ existed but was empty.
Sponsored by:	DARPA, NAI Labs
2001-12-05 17:05:15 +00:00
Dag-Erling Smørgrav
f6abb36383 Clean up namespace pollution by prepending underscores to argument names in
function prototypes (or, in a few cases, removing argument names altogether).

Sponsored by:	DARPA, NAI Labs
2001-12-05 16:31:34 +00:00
Dag-Erling Smørgrav
1c04976ad1 This file isn't used; it's an older version of include/security/pam_misc.h.
Sponsored by:	DARPA, NAI Labs
2001-12-05 16:14:43 +00:00
Mark Murray
0a4814ee9a Fix namespace pollution by protecting names used as arguments.
Reported by:	bde
2001-12-01 19:32:18 +00:00
Dag-Erling Smørgrav
2cddf86822 Due to incorrect include ordering, <dlfcn.h> did not get included, so
RTLD_NOW got incorrectly defined to 1 (which is RTLD_LAZY in FreeBSD).
In addition, the comment about FreeBSD requiring SHLIB_SYM_PREFIX to
be "_" is incorrect.

Submitted by:	tobez (except for the bit about the incorrect comment)
2001-11-27 15:36:21 +00:00
Dag-Erling Smørgrav
8a4ce01402 It's idiotic to return PAM_PERM_DENIED when the item argument is NULL;
PAM_BUF_ERR is much closer to the truth.
2001-11-27 15:35:44 +00:00
Peter Wemm
d6be5f6435 Fix libpam's linker set stuff to use the new API (unbreak world), and get
rid of gensetdefs from here as well.
2001-06-14 01:13:30 +00:00
Mark Murray
d9c185f10a Fix bug introduced by myself that often resulted in a session having
SIGINTR (^C) and SIGSTP (^Z) masked.

Reported by:	bde, sobomax
Submitted by:	sobomax
2001-06-07 08:45:23 +00:00
Mark Murray
341762c6f1 In the same manner as getpass(3), block SIGINTR and SIGSTP while we are
actually reading the line.
2001-06-04 20:59:49 +00:00
Mark Murray
52b026c0e5 Return an empty string rather than an error at EOF. 2001-06-04 20:08:55 +00:00
Mark Murray
13b65deafa Bring back from the er, dead some useful PAM modules. 2001-05-29 18:32:17 +00:00
Mark Murray
458a1c243f Fix problem with static linking:
> Script started on Sat May 12 22:18:47 2001
> ttyp1:bde@gamplex:/usr/src/libexec/rshd> rsh localhost ls
> rcmd: localhost: Undefined error: 0

Reported by:	bde
2001-05-16 11:05:03 +00:00
Mark Murray
bf6ff2766c Add utility PAMs for finer userland control 2001-05-11 10:12:55 +00:00
Mark Murray
de4efa569a Resolve conflicts. 2001-05-03 10:48:56 +00:00
Mark Murray
2406bb3ce7 This commit was generated by cvs2svn to compensate for changes in r76238,
which included commits to RCS files with non-trunk default branches.
2001-05-03 09:36:08 +00:00
Mark Murray
5791a4d446 Vendor import Linux PAM 0.75 2001-05-03 09:36:08 +00:00
John Polstra
d65b34db7d Revive the pam_deny and pam_permit modules from Linux-PAM. They are
simple enough to be trusted.

Add account management functionality to the pam_unix module.

These changes should make it possible to use PAM in some ports.

Submitted by:	Max Khon <fjoe@iclub.nsu.ru>
1999-05-08 01:59:27 +00:00
John Polstra
9294327d4a Make it possible to use PAM in statically-linked applications. 1999-01-20 21:55:30 +00:00
John Polstra
9748c8ad8f Remove files that we don't use and are unlikely to use. You can
still get them with "cvs upd -r pam_unpruned" if you want to look at
them.
1998-11-25 19:46:10 +00:00
John Polstra
41058e060e Eliminate a setreuid() call that doesn't make sense for FreeBSD.
We don't use this module, but still I don't want to leave this call
in the code.
1998-11-18 01:24:34 +00:00
John Polstra
06b963fe1a Fix #includes for FreeBSD. 1998-11-18 01:22:46 +00:00
John Polstra
0c6b630e95 Don't call openlog() and closelog(). Assume that the application
takes care of that.
1998-11-18 01:21:46 +00:00
John Polstra
4adeb82df8 s/Linux-PAM/PAM/g 1998-11-18 01:20:54 +00:00
John Polstra
fff5887d38 Initial import of virgin Linux-PAM 0.65, slightly stripped down. 1998-11-18 01:16:21 +00:00
John Polstra
8999aed3f1 This commit was generated by cvs2svn to compensate for changes in r41220,
which included commits to RCS files with non-trunk default branches.
1998-11-18 01:16:21 +00:00
John Polstra
4f7c48c192 Initial revision 1998-11-18 01:16:19 +00:00