des
808a5cf7ec
Update copyright dates.
2003-05-31 17:19:03 +00:00
des
170ff8a070
Remove pam_std_option() and related functions. Add #defines for common
...
options.
2003-05-31 16:56:35 +00:00
des
ccae73b84e
Remove all instances of pam_std_option()
2003-05-31 16:55:07 +00:00
des
153e03600b
Introduce pam_guest(8) which will replace pam_ftp(8).
2003-05-31 16:52:58 +00:00
ru
8bc4d4bba7
mdoc(7) fixes.
...
Approved by: re (blanket)
2003-05-24 19:53:08 +00:00
des
e5d2d778eb
Retire the useless NOSECURE knob.
...
Approved by: re (scottl)
2003-05-19 15:52:01 +00:00
des
af2766553d
OpenPAM is WANRS6-clean.
2003-05-05 21:15:35 +00:00
markm
ee63e7dc15
Turn MAKE_KERBEROS5 into NO_KERBEROS by negating the logic. Some extra
...
cleanups were necessary in release/Makefile, and the tinderbox code
was syntax checked, not run checked.
2003-05-05 07:58:44 +00:00
markm
fad590ab7e
Trasmute moer "krb5" distibutions into "crypto".
2003-05-01 21:21:15 +00:00
des
46c06a0c42
Use C99-style varadic macros instead of the non-standard gcc syntax.
2003-05-01 15:08:55 +00:00
des
3beb053fc3
Mark libpam as c99- and WARNS5-clean.
2003-05-01 14:55:06 +00:00
des
31f8a355e2
Make sure rhostip is always initialized.
...
PR: bin/51508
Submitted by: Peter Grimshaw <peter@tesseract.demon.co.uk>
2003-04-30 00:49:42 +00:00
des
4f251ebb97
Treat an empty PAM_RHOST the same as a NULL one.
...
PR: bin/51508
2003-04-30 00:44:05 +00:00
des
c3c465c42c
Set $HOME to the correct directory (within the chroot tree).
2003-04-30 00:40:24 +00:00
des
9bee0a595d
Remove a bogus null password check which assumed that a user with an empty
...
password must necessarily have an empty pwd->pw_passwd. Also add a check
that prevents users from setting a blank password unless the nullok option
was specified. Root is still allowed to give anyone a blank password.
2003-04-24 12:26:25 +00:00
des
0275c44b31
Connect the pam_chroot(8) module to the build.
2003-04-08 16:52:34 +00:00
des
633999b852
Add a cwd option which specifies where to chdir(2) after the chroot(2).
...
When using the /home/./foo scheme, this defaults to the rhs (/foo);
otherwise it defaults to /.
2003-04-08 16:52:18 +00:00
des
5a582e1e30
Experimental pam_chroot module (not connected to the build)
2003-03-30 22:58:23 +00:00
des
ccfd2047be
This module is not WARNS-clean, due to brokenness in OpenSSL headers.
2003-03-10 09:19:08 +00:00
des
f30606f0ce
Somewhat better wording.
2003-03-10 09:15:26 +00:00
des
3e06ef8dee
Silence warning caused by OPIE brokenness.
2003-03-10 09:15:08 +00:00
obrien
e70feef239
style.Makefile(5) police
...
(I've tried to keep to the spirit of the original formatting)
Reviewed by: des
2003-03-09 20:06:38 +00:00
markm
9981c003b1
KerberosIV de-orbit burn continues. Remove the KerberosIV PAM module.
2003-03-08 10:33:20 +00:00
markm
171598b312
Comment-only assistance to lint to kill warnings.
2003-03-08 10:30:49 +00:00
ru
779559752b
mdoc(7) police: Nits.
2003-03-03 11:45:18 +00:00
ru
8b5b8ec6a7
mdoc(7) police: markup laundry.
2003-02-23 01:47:49 +00:00
des
d1e778062c
Add an "allow_local" option which forces historical behaviour.
2003-02-16 13:01:03 +00:00
des
af39bbe733
Assume "localhost" if no remote host was specified. This is safe from a
...
POLA point of view since the stock /etc/opieaccess now allows localhost.
2003-02-15 23:26:49 +00:00
des
f91e91de52
Use pam_get_user(3) instead of pam_get_item(3) where appropriate.
2003-02-10 18:59:20 +00:00
des
3dcafca132
Complete rewrite of pam_ssh(8). The previous version was becoming hard
...
to maintain, and had security issues which would have required a major
rewrite to address anyway.
This implementation currently starts a separate agent for each session
instead of connecting each new session to the agent started by the first
one. While this would be a Good Thing (and the old pam_ssh(8) tried to
do it), it's hard to get right. I'll revisit this issue when I've had a
chance to test some modifications to ssh-agent(1).
2003-02-09 21:20:44 +00:00
des
1f26428646
Maybe I was a little too fast? Remove debugging code, and commit the
...
Makefile and man page which I'd forgotten to 'cvs add'.
Sponsored by: DARPA, NAI Labs
2003-02-06 14:27:48 +00:00
des
adcc3ecbe9
Replace pam_wheel(8) with pam_group(8) which has a cleaner interface. The
...
pam_wheel(8) module was written to work in spite of a broken libpam, and
has grown organically since its inception, which is reflected in both its
functionality and implementation. Rather than clean up pam_wheel(8) and
break backward compatibility, I've chosen to reimplement it under a new,
more generic name.
Sponsored by: DARPA, NAI Labs
2003-02-06 14:24:14 +00:00
des
3e6b9e7efc
Make sure the message is only printed once.
2003-02-06 14:19:50 +00:00
des
ea5370a075
Don't blame markm for what he didn't do - writing these man pages, for
...
instance. Also bump the date since I made substantial modifications
earlier today.
2003-02-06 13:47:21 +00:00
des
8e490a4ac5
Update copyright.
2003-02-06 12:56:51 +00:00
des
1859534a54
Add support for escape sequences in the arguments (e.g. %u for user name)
...
Sponsored by: DARPA, NAI Labs
2003-02-06 12:56:39 +00:00
des
18387ab2eb
Export the PAM environment to the child process instead of the "normal"
...
environment list, which may be unsafe and / or sensitive.
Sponsored by: DARPA, NAI Labs
2003-02-06 12:40:58 +00:00
des
7587cbe3ba
Minimal manual page for pam_kerberosIV(8).
...
Sponsored by: DARPA, NAI Labs
2003-02-06 10:55:11 +00:00
des
2f3f171cbe
In pam_sm_acct_mgmt(), retrieve the cached credentials before trying to
...
initialize the context. This way, a failure to initialize the context is
not fatal unless we actually have work to do - because if we don't, we
return PAM_SUCCESS without even trying to initialize the context.
2003-02-03 09:45:41 +00:00
des
4e2d7720df
Whitespace cleanup
2003-02-03 09:43:28 +00:00
des
43d52f88dc
OpenPAMify.
2003-02-02 18:43:58 +00:00
nectar
7ecaf1e74b
Do not return inappropriate error codes in pam_sm_setcred.
2003-01-29 21:20:38 +00:00
nectar
44a92fbc06
About September 2001, I consulted with all the previous authors of
...
pam_krb5 to consolidate the copyright texts. The semi-official
pam_krb5 module has been distributed with this new license text ever
since, but I'm just now getting around to updating the text here.
2003-01-10 13:38:44 +00:00
schweikh
fec6546e12
english(4) police.
2002-12-27 12:15:40 +00:00
ru
30f31561da
mdoc(7) police: removed gratuitous .Pp call.
2002-12-23 15:21:57 +00:00
des
7966ff24b5
Merge in most non-style differences from Andrew Korty's pam_ssh 1.7.
2002-12-16 14:33:18 +00:00
ru
ea54687b0d
mdoc(7) police: .Dt is ALL UPPERCASE.
...
Approved by: re
2002-12-12 08:19:47 +00:00
ru
3f859aa2ab
mdoc(7) police: formatting nits.
...
Approved by: re
2002-11-29 15:57:50 +00:00
des
c88eb4583e
Whitespace nits.
...
Approved by: re (bmah)
2002-11-28 20:11:31 +00:00
des
29b2e3446c
Add a PAM_MODULE_ENTRY to this module so it'll actually do something.
...
Approved by: re (bmah)
2002-11-28 20:05:42 +00:00