Commit Graph

500 Commits

Author SHA1 Message Date
ache
30b45f48f0 Set pwok to 1 for non-OPIE users 2002-01-19 03:31:39 +00:00
ache
a38e044747 Add missing check for right-now-expired password 2002-01-19 02:45:24 +00:00
ache
3d4ab3ebc5 Implement 'pwok', i.e. conditional fallback to unix password
as supposed by opieaccessfile() and opiealways()
2002-01-19 02:38:43 +00:00
bde
086017e65e Fixed a missing "const". 2001-12-28 20:59:44 +00:00
ru
ac5af7de06 mdoc(7) police: bump document date. 2001-12-14 13:49:28 +00:00
dwmalone
d9613ea383 Style improvements recommended by Bruce as a follow up to some
of the recent WARNS commits. The idea is:

1) FreeBSD id tags should follow vendor tags.
2) Vendor tags should not be compiled (though copyrights probably should).
3) There should be no blank line between including cdefs and __FBSDIF.
2001-12-10 21:13:08 +00:00
des
e82cc88ed6 Back out previous commit.
Requested by:	ru
2001-12-09 15:11:55 +00:00
ru
fe50e52a4a mdoc(7) police: sort xrefs. 2001-12-08 16:28:20 +00:00
des
2625a82abe Get pam_mod_misc.h from .CURDIR rather than .OBJDIR or /usr/include.
Sponsored by:	DARPA, NAI Labs
2001-12-07 11:51:47 +00:00
des
dd9dc87190 Now that _pam_init_handlers() works as intended, it seems clear that we
do not actually want to define PAM_READ_BOTH_CONFS, so back out previous
commit.

Sponsored by:	DARPA, NAI Labs
2001-12-07 00:38:37 +00:00
des
3b065c66cc We need pam_client.h from libpamc. This unbreaks world
Pointed out by:	jhay
Pointy hat to:	des
2001-12-06 12:35:18 +00:00
des
651dd64d0d Define PAM_READ_BOTH_CONFS. We can now have both /etc/pam.d and
/etc/pam.conf.

Sponsored by:	DARPA, NAI Labs
2001-12-05 17:06:16 +00:00
des
ffe026d003 Install the correct version of pam_misc.h.
Sponsored by:	DARPA, NAI Labs
2001-12-05 16:27:41 +00:00
des
354c4b52cc Add dummy functions for all module types. These dummies return PAM_IGNORE
rather than PAM_SUCCESS, so you'll get a failure if you list dummies but
no real modules for a particular module chain.

Sponsored by:	DARPA, NAI Labs
2001-12-05 16:06:35 +00:00
des
00b1257dba Connect the man page to the build.
Sponsored by:	DARPA, NAI Labs
2001-12-05 16:02:50 +00:00
des
01dcdd1f9a Add a pam_self authentication module that succeeds if and only if the local
and remote user names are the same.

Sponsored by:	DARPA, NAI Labs
2001-12-05 15:55:14 +00:00
markm
08eb6fed71 Use __FBSDID(). Also do a bit of cosmetic #if and header-order
cleaning-up.
2001-12-02 20:54:57 +00:00
markm
8a79fc4a5a Style fixups.
Sort function declarations, includes. Make consistent WRT use of _P()
macro (ugh!)

Inspired by:	bde
2001-12-01 21:12:04 +00:00
markm
144609e331 WARNS=2 fixes.
Reviewed by:	bde (a while back)
2001-12-01 17:46:46 +00:00
green
09990be998 Fix pam_ssh by adding an IPv4or6 (evidently, this was broken by my last
OpenSSH import) declaration and strdup(3)ing a value which is later
free(3)d, rather than letting the system try to free it invalidly.
2001-11-29 21:16:11 +00:00
des
6828ec1515 Mdoc police.
Submitted by:	ru
2001-11-28 10:07:21 +00:00
ru
18923a02f5 mdoc(7) police: fix one pam_unix(8) left-over, sort xrefs. 2001-11-28 09:25:03 +00:00
des
63b6483616 Add a pam_set_item(3) man page with an MLINK to pam_get_item(3).
PR:		docs/32294
Sponsored by:	DARPA, NAI Labs
MFC after:	3 days
2001-11-27 15:36:35 +00:00
des
22cc45b784 Create a pam_ssh(8) man page, based on a repo-copy of pam_unix(8).
License modified with original author's permission.

Sponsored by:	DARPA, NAI Labs
2001-11-27 00:57:50 +00:00
des
d387396266 Document the local_pass and nis_pass options, add a few xrefs, and reorder
the SEE ALSO section.  License modified with original author's permission.

Sponsored by:	DARPA, NAI Labs
2001-11-27 00:53:10 +00:00
dd
5dd8a71701 Spelling police: sucessful -> successful. 2001-11-24 23:41:32 +00:00
sobomax
064436f6e8 Don't put an extra space after password prompts, because it violates POLA,
makes FreeBSD inconsistent with previous releases and "other unices" as well
as with some internal password-asking services (e.g. ftp) within the same
release.
2001-10-25 15:51:50 +00:00
markm
3a691e0043 Add library exposed by KDE's use if this module. 2001-10-18 20:05:20 +00:00
dillon
fcad02973f Add __FBSDID()s to libpam 2001-09-30 22:11:06 +00:00
markm
75cc8b4799 1) repair the return value in the PAM_RETURN() macro (Side effects!!).
2) canonicalise the options use in pam_options().

Submitted by:	Gunnar Kreitz <gunnark@chello.se>
PR:		30250
2001-09-04 17:05:08 +00:00
markm
9e62e18a59 Introduce a "noroot_ok" option to make this module ignore authentications
to a non-superuser if required.
2001-08-26 18:09:00 +00:00
markm
c98dbe0779 Introduce better logging, error reporting and use of login_cap data. 2001-08-26 18:05:35 +00:00
markm
27a8adb330 Add extra logging detail. This needs a more general solution. 2001-08-26 17:57:44 +00:00
markm
67fcc4111a Big module makeover; improve logging, standardise variable names,
introduce ability to change passwords for both "usual" Unix methods
and NIS.
2001-08-26 17:41:13 +00:00
markm
ac30099bce Add 'try_mapped_pass' standard option.
Asked for by:	lukeh@PADL.COM
2001-08-20 12:43:19 +00:00
markm
78c5ea3c24 Document the no_warn option. 2001-08-15 20:05:33 +00:00
markm
0261d9dad2 Fix a couple of cross-references to reflect the reality of the module. 2001-08-15 20:03:26 +00:00
markm
384d536a12 Fix:
/usr/src/lib/libpam/modules/pam_ssh/pam_ssh.c has couple of bugs which cause:

1) xdm dumps core
2) ssh1 private key is not passed to ssh-agent
3) ssh2 RSA key seems not handled properly (just a guess from source)
4) ssh_get_authentication_connectionen() fails to get connection because of
   SSH_AUTH_SOCK not defined.

PR:		29609
Submitted by:	Takanori Saneto <sanewo@ba2.so-net.ne.jp>
2001-08-11 12:37:55 +00:00
markm
0935831088 Clean up this module very extensively. Fix the logging, the coding
standards and the option handling. This module is now much more easy
to maintain as a part of the FreeBSD tree.
2001-08-10 19:24:34 +00:00
markm
d4dc7767d7 Code clean up; make logging same as other modules and fix warnings. 2001-08-10 19:21:45 +00:00
markm
74d9830e38 General code clean-up. Sort out warnings, and make the warning and
logging work the same as other modules.
2001-08-10 19:18:52 +00:00
markm
746b322ce6 Simplify code. Also verbose logging, verbose overridable error reporting. 2001-08-10 19:15:48 +00:00
markm
30eda03ef6 Verbose logging, overridable verbose error reporting. 2001-08-10 19:12:59 +00:00
markm
846c7876be Module clean-up. Verbose logging, Overridable verbose error reporting,
FreeBSD pam_prompt() usage to simplify conversation function usage.
2001-08-10 19:10:43 +00:00
markm
6d1911d4af Verbosely (overridable) report failure to the user. 2001-08-10 19:07:45 +00:00
markm
d6d9a9d422 Use the FreeBSD pam_prompt() interface to the conversation function
instead of home-rolling it. Clean up debugging code and tidy the
module.
2001-08-10 19:05:57 +00:00
markm
cda9e6f687 Verbosely report errors to the user (overridable), and make sure
that the correct failure mode is reported.
2001-08-10 19:02:21 +00:00
markm
fef690379a Fix broken logic so that this actually works for the superuser.
Verbosely log (properly).
Verbosely report errors to the user.
2001-08-10 14:21:58 +00:00
markm
12c08f0451 Rework this to prevent a nasty problem involving different modules'
option interacting with each other.
2001-08-10 14:16:47 +00:00
markm
9768c83960 Declare the new user-error reporting macro.
This is a macro to allow use of the __FILE__ and __FUNCTION__
macros.
2001-08-10 14:15:00 +00:00
markm
7b1059217e Add a routine for providing feedback via the conversation mechanism
(usually to stderr) for user-reportable errors.
2001-08-10 14:13:16 +00:00
markm
3b25221320 Fix style/consistency in Makefile and repair static module building.
Submitted by:	bde(partially)
2001-08-04 21:51:14 +00:00
markm
1f44b5f4e9 Don't clobber CFLAGS
Submitted by:	bde
2001-08-04 21:49:30 +00:00
markm
edba6eee5e Fix the bug where this modulke was not checking the priamry GID, only
the GIDS in /etc/group or NIS's group map.

Tested by:	sheldonh
PR:		29349
2001-08-04 09:19:31 +00:00
markm
79a9463a45 With the S/KEY removal, this is no longer buildable or necessary. 2001-08-02 19:04:20 +00:00
markm
9bd038a011 Don't try to make pam_ssh module if NO_OPENSSH is set. 2001-08-02 19:01:02 +00:00
markm
78112d8985 Repair the get/set UID() stuff so this works in both su(1) and login(1)
modes.
2001-08-02 10:35:41 +00:00
markm
2754e9c466 Making this major bump was a BAD idea. The API change is internal (to PAM)
and it caused problems without solving any.
2001-07-30 09:56:38 +00:00
markm
6b3146187f (Re)Add an SSH module for PAM, heavily based on Andrew Korty's module
from ports.
2001-07-29 18:31:09 +00:00
ru
b2f5024e3b mdoc(7) police: widen width of the options list. 2001-07-18 14:49:32 +00:00
markm
208d8e13d4 Update to the same level of debug-logging as the rest of the
FreeBSD/PAM modules.
2001-07-17 07:36:51 +00:00
markm
b179f8e35f Update to the same code as in the pam_krb5.so port.
According to Peter, the port works - this needs more testing.
2001-07-17 07:34:36 +00:00
dd
911ca14c87 Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
markm
ada1f4d477 Use a better method of getting user credentials to account for
(legal) UID duplication.

Rename use_uid to auth_as_self for consistency with other modules.
2001-07-14 08:42:39 +00:00
markm
921b216c2d Use a better method to get user credentials to account for (legal)
duplications of UID's in /etc/*passwd.
2001-07-14 08:38:24 +00:00
ru
5001e16d30 mdoc(7) police: -xwidth has been fold into -width. 2001-07-13 09:09:52 +00:00
ru
80f926caa5 mdoc(7) police: fixed markup, a little bit. 2001-07-11 08:36:26 +00:00
ru
36e83f27aa mdoc(7) police: fixed markup any numerous typos. 2001-07-11 08:35:34 +00:00
markm
a8b501863a Fix a horrible bug introduced by myself where the options collection
keeps on growing as the module stack is parsed.
2001-07-10 16:59:30 +00:00
ru
36f138439b mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 14:16:33 +00:00
ru
317b7d8e37 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 13:41:46 +00:00
markm
88dfad0475 Clean up (and in some cases write) the PAM mudules, using
o The new options-processing API
o The new DEBUG-logging API

Add man(1) pages for ALL modules. MDOC-Police welcome
to check this.

Audit, clean up while I'm here.
2001-07-09 18:20:51 +00:00
markm
ff28ba8b35 Bump the major number. The libraries API has changed incompatibly. 2001-07-09 18:16:33 +00:00
markm
1b8cb1cd38 Almost completely rewrite the PAM module options processing
routines, and provide a more extended API for doing this.

Provide an API for debug logging.

Audit and clean up the code.
2001-07-09 18:14:43 +00:00
ru
05e503d80a mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2). 2001-07-06 16:46:48 +00:00
ru
fd9d23bf28 mdoc(7) police: fixed formatting. 2001-07-06 07:29:59 +00:00
peter
dcb4453375 Fix libpam's linker set stuff to use the new API (unbreak world), and get
rid of gensetdefs from here as well.
2001-06-14 01:13:30 +00:00
chris
bf91fbcc4d Convert to mdoc(7). 2001-06-13 21:52:07 +00:00
markm
4e8273f82f Big module cleanup.
Move common stuff into Makefile.inc, and tidy up all the Makefiles
as a result.

Build new modules.

Put a commented-out dependancy on libpam for the (shared) modules.
I can't bring this in just yet, as the dependancy (modules->libpam)
is reversed for the static case (libpam->modules).
2001-06-04 19:47:56 +00:00
markm
bb5c80b440 Null file to bring back a file from the dead. This allows the real commit
to happen remotely. Damn CVS bugs :-(
2001-06-04 19:25:41 +00:00
markm
cafc16591f Add the "nullok" option that causes this module to succeed if the Unix
password is empty/null.
2001-06-04 19:16:57 +00:00
markm
c5ba97baf9 Tidy up the options list (and make it more extendable), and add some
extra "standard" options.
2001-06-04 19:12:08 +00:00
markm
a28a87bd61 Add some new utility authenticators.
pam_securetty silently succeeds if the user is on a secure tty
as defined by /etc/ttys.

pam_ftp does "anonymous ftp" style authentication with options for
specifying the anonymous user(s).
2001-06-04 18:44:47 +00:00
markm
f6fb59fd55 Add the "auth_as_self" option to the pam_unix module (there is no
reason not to add it to others later). This causes the pam_unix
module to check the user's _own_ password, not the password of the
account that the user is authenticating into. This will allow eg:
WHEELSU type behaviour from su(1).
2001-05-24 18:35:52 +00:00
markm
8f01d4f9a2 Bring in a few useful PAM modules.
pam_krb5 is a Kerberos 5 (Heimdal) authentication module.

pam_nologin checks for /etc/nologin and does the "usual stuff"
	if it is found, otherwise it silently succeeds.

pam_rootok silently succeeds if the user is root, otherwise
	it fails.

pam_wheel silently succeeds if the user is a member of group
	"wheel" (or another nominated group), and fails
	otherwise.

There is an issue with kerberosIV and kerberos5 - if both are
being built, then static linking fails with duplicate symbols.
This will take a bit of work to sort out in the kerberii.
2001-05-14 11:23:58 +00:00
green
95ca151349 Finish disconnecting pam_ssh from the build. 2001-05-04 20:40:53 +00:00
green
5b85c0e3b3 I've been meaning to take pam_ssh out of the base system for a while now.
Finally do it.
2001-05-04 03:53:48 +00:00
markm
ac445d2404 Update for (Linux-)PAM 0.75 2001-05-03 10:55:48 +00:00
ru
03fd77f5a8 mdoc(7) police: uppercase document title. 2001-04-18 08:25:26 +00:00
ru
25ef23ac1c MAN[1-9] -> MAN. 2001-03-27 17:27:19 +00:00
jhb
da015457f3 Use a unified libgcc rather than a seperate one for threaded and
non-threaded programs.  This provides threaded programs with the
needed exception frame symbols.

parts submitted by:	Max Khon <fjoe@iclub.nsu.ru>
PR:	23252
2001-01-06 18:59:46 +00:00
obrien
9ecd859376 Use a unified libgcc rather than a seperate one for threaded and
non-threaded programs.  This provides threaded programs with the
needed exception frame symbols.

parts submitted by:	Max Khon <fjoe@iclub.nsu.ru>
PR:	23252
2001-01-06 06:16:31 +00:00
ru
8ba4187688 Prepare for mdoc(7)NG. 2000-12-29 14:08:20 +00:00
ru
c23c39b3a4 mdoc(7) police: removed history info from the .Os FreeBSD call. 2000-12-14 11:52:05 +00:00
green
6202ac1614 Forgot to remove the old line in the last commit. 2000-12-05 02:41:01 +00:00
green
163406c6e5 In env_destroy(), it is a bad idea to env_swap(self, 0) to switch
back to the original environ unconditionally.  The setting of the
variable to save the previous environ is conditional; it happens when
ENV.e_committed is set.  Therefore, don't try to swap the env back
unless the previous env has been initialized.

PR:		bin/22670
Submitted by:	Takanori Saneto <sanewo@ba2.so-net.ne.jp>
2000-11-25 02:00:35 +00:00
billf
de5ab7abc1 Correct an arguement to ssh_add_identity, this matches what is currently
in ports/security/openssh/files/pam_ssh.c

PR:		22164
Submitted by:	Takanori Saneto <sanewo@ba2.so-net.ne.jp>
Reviewed by:	green
Approved by:	green
2000-11-25 01:55:42 +00:00
ru
1a6c69e84a log 2000-11-22 09:23:54 +00:00
kris
27503968d8 Update to the version of pam_ssh corresponding to OpenSSH 2.1 (taken
from the openssh port)

Submitted by:	Hajimu UMEMOTO <ume@mahoroba.org>
2000-05-30 09:03:15 +00:00
jake
961b97d434 Back out the previous change to the queue(3) interface.
It was not discussed and should probably not happen.

Requested by:		msmith and others
2000-05-26 02:09:24 +00:00
jake
d93fbc9916 Change the way that the queue(3) structures are declared; don't assume that
the type argument to *_HEAD and *_ENTRY is a struct.

Suggested by:	phk
Reviewed by:	phk
Approved by:	mdodd
2000-05-23 20:41:01 +00:00
kris
43373af8b0 Connect pam_opie to the build. 2000-04-17 00:19:30 +00:00
kris
9544efebe6 Add pam_opie, a PAM module using the OPIE one-time-password scheme.
Submitted by:	Jim Bloom <bloom@acm.org>
2000-04-17 00:14:42 +00:00
kris
77771891cb Fix a memory leak.
PR:		17360
Submitted by:	Andrew J. Korty <ajk@iu.edu>
2000-03-29 08:24:37 +00:00
bde
44d97ac9b0 Fixed missing libraries in DPADD.
Fixed some style bugs (some usual ones for DPADD and LDADD, and
misformatting of $FreeBSD$).
2000-03-27 15:24:45 +00:00
kris
0d1f47825b Buildworld fixes for NO_OPENSSH and NO_OPENSSL
Approved by:	jkh
2000-03-09 06:29:05 +00:00
peter
d441a3a421 Make pam_ssh work. It had an undefined symbol when it was dlopen()ed.
I'm not quite sure about this, I think it should be using -lssh_pic since
it's being linked into a .so, but nothing seems to complain ahd it does
work.  (well, it works for using the authorized_keys file, but I have not
figured out how to get it to start a ssh-agent and cache the key for me)

PR:		17191
Submitted by:	Adrian Pavlykevych <pam@polynet.lviv.ua>
2000-03-06 15:28:30 +00:00
sheldonh
329223e6f2 Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-02 09:14:21 +00:00
sheldonh
49c4458c80 Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-01 12:20:22 +00:00
markm
e11c910f1b Don't try to build k5 PAM; it ain't ready yet. 2000-02-28 21:00:50 +00:00
sos
fdfe7ecf9d Same fix as in ../modules, dont use the crypto stuff if its not there. 2000-02-26 12:26:25 +00:00
peter
dfef412c92 Argh, I can't win today. Spell ${.CURDIR} correctly. 2000-02-26 11:16:08 +00:00
peter
10a409ad5f Don't build pam_ssh if the crypto code is missing.
Found by:	sos
2000-02-26 11:14:17 +00:00
peter
eb77fcb95c Redo this with a repo copy from the original file and reset the
__PREFIX__ markers.
2000-02-26 09:59:14 +00:00
markm
20612f21c7 Use libcrypto instead of libdes.
Also - OpenSSH blesses us with a module for PAM.
2000-02-24 22:24:37 +00:00
chris
9d118bd000 Remove the version information from `.Os FreeBSD' here. Not only
might it confuse people, but it causes a warning message with
nroff, and no version history mentions a 1.2 version of FreeBSD.

If anything, a ``HISTORY'' section should show which version this
appeared in.
2000-02-14 01:47:54 +00:00
green
8b8214b6d3 Upgrade to the pam_ssh module, version 1.1..
(From the author:)
Primarily, I have added built-in functions for manipulating the
environment, so putenv() is no longer used.  XDM and its variants
should now work without modification.  Note that the new code uses
the macros in <sys/queue.h>.

Submitted by:	Andrew J. Korty <ajk@iu.edu>
1999-12-28 05:32:54 +00:00
green
bcc4466e40 Add the PAM SSH RSA key authentication module. For example, you can add,
"login  auth    sufficient      pam_ssh.so" to your /etc/pam.conf, and
users with a ~/.ssh/identity can login(1) with their SSH key :)

PR:		15158
Submitted by:	Andrew J. Korty <ajk@waterspout.com>
Reviewed by:	obrien
1999-11-29 07:09:44 +00:00
marcel
83affd600f Don't include Kerberos if NOCRYPT is defined, because it isn't build
if NOCRYPT is defined. Likewise, don't include DES if NOSECURE is
defined.
1999-11-14 15:48:29 +00:00
markm
cb50d7f72c Add libcrypt. This previously/coincidentally worked for login,
because login was already linked against it, but others have a
problem.
1999-09-30 18:53:34 +00:00
markm
68941a839a Common Error libraries are needed here. 1999-09-20 06:23:16 +00:00
peter
3b842d34e8 $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
peter
76f0c923fe $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
abial
9fb26545f7 Restore INTERNALLIB.
Noticed by:	bde,jdp
1999-08-20 18:32:45 +00:00
abial
d9e7423c65 Add pam_radius.so manual page.
Reviewed by:	jdp
1999-08-18 19:04:24 +00:00
nik
6578739ddb Add $Id$, to make it simpler for members of the translation teams to
track.

The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;

     .\"    $Id$
     .\"

If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.

Approved by:            bde
1999-07-12 20:24:20 +00:00
jdp
3b1a00d745 Revive the pam_deny and pam_permit modules from Linux-PAM. They are
simple enough to be trusted.

Add account management functionality to the pam_unix module.

These changes should make it possible to use PAM in some ports.

Submitted by:	Max Khon <fjoe@iclub.nsu.ru>
1999-05-08 01:59:27 +00:00
jdp
23908fa2e8 Fix bug that prevented accounts with empty passwords from logging
in.

Submitted by:	Paul Traina <pst@juniper.net>
1999-04-06 19:48:53 +00:00
jdp
97c5848571 Fix breakage for the static a.out case. The a.out linker doesn't
consider a linker set definition to be sufficient reason to pull an
object module from an archive library.  This caused undefined
symbols when linking with libpam.a using a.out.  I solved it by
linking in the object that references the linker set in the "ld -r"
step.
1999-01-22 12:43:42 +00:00
jdp
25c77b90fd Revert my last change, "Rename some globals to reduce namespace
pollution."  Unfortunately, some of these globals are used by ftpd,
and I broke make world.  Pointy hat, please.
1999-01-21 22:02:31 +00:00
jdp
27b3c47e84 Rename some globals to reduce namespace pollution. 1999-01-20 22:50:37 +00:00
jdp
cf32a03bc9 Make it possible to use PAM in statically-linked applications. 1999-01-20 21:55:30 +00:00
jdp
436f184e78 Fix an NFS-related installation problem.
Submitted by:	asami
1999-01-11 16:08:02 +00:00
dillon
0cb646b080 Obtained from: "Jan B. Koum " <jkb@best.com>
Add a reference to pam(8) in the login(1) and login.access(5) manual
    pages.
1998-12-01 17:05:08 +00:00
jdp
7f58facc96 Install PAM modules into ${SHLIBDIR}, not ${LIBDIR}.
Noticed by:	bde
1998-11-22 19:33:27 +00:00
jdp
26d57f4008 This commit was generated by cvs2svn to compensate for changes in r41227,
which included commits to RCS files with non-trunk default branches.
1998-11-18 01:44:37 +00:00
jdp
94faf60509 Build structure for contribified Linux-PAM, plus some home-grown
modules for FreeBSD's standard authentication methods.  Although
the Linux-PAM modules are present in the contrib tree, we don't
use any of them.

The main library "libpam" is composed of sources taken from three
places.  First are the standard Linux-PAM libpam sources from the
contrib tree.  Second are the Linux-PAM "libpam_misc" sources, also
from the contrib tree.  In Linux these form a separate library.
But as Mike Smith pointed out to me, that seems pointless, so I
have combined them into the libpam library.  Third are some additional
sources from the "src/lib/libpam" tree with some common functions
that make it easier to write modules.  Those I wrote myself.

This work has been donated to FreeBSD by Juniper Networks, Inc.
1998-11-18 01:44:37 +00:00
jdp
6cec28d59d Build structure for contribified Linux-PAM, plus some home-grown
modules for FreeBSD's standard authentication methods.  Although
the Linux-PAM modules are present in the contrib tree, we don't
use any of them.

The main library "libpam" is composed of sources taken from three
places.  First are the standard Linux-PAM libpam sources from the
contrib tree.  Second are the Linux-PAM "libpam_misc" sources, also
from the contrib tree.  In Linux these form a separate library.
But as Mike Smith pointed out to me, that seems pointless, so I
have combined them into the libpam library.  Third are some additional
sources from the "src/lib/libpam" tree with some common functions
that make it easier to write modules.  Those I wrote myself.

This work has been donated to FreeBSD by Juniper Networks, Inc.
1998-11-18 01:44:37 +00:00
charnier
409a50cddf .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq. 1998-03-23 07:48:45 +00:00
markm
991f2e7747 Changes for KTH KerberosIV.
Also quieten -Wall a bit.
1997-09-28 08:57:24 +00:00
charnier
f14112b4c1 = -> ==, strcpy -> strncpy from OpenBSD.
update man page. Add usage().
Obtained from: OpenBSD
1997-07-22 07:39:43 +00:00
max
2b582ce5f1 Fix the man page's title (.Dt).
(It has been ``SKEY.ACCESS''.)
1997-06-02 17:24:36 +00:00
pst
e6146b2184 Cruft cleanup to eliminate useless warnings 1997-02-02 21:33:37 +00:00
pst
8ddc5c2acb Fix some compilation warnings. 1996-09-21 18:01:23 +00:00
markm
532cda9998 #include <kerberosIV/des.h> -> #include <des.h> 1996-02-11 09:18:18 +00:00
rgrimes
a14d555c87 Remove trailing whitespace. 1995-05-30 06:41:30 +00:00
wollman
cc0c7809c4 In the non-PARANOID case, make sure to set `notickets' to 0 sothat login.c
doesn't complain.
1995-01-20 23:07:10 +00:00
wollman
20054cbaa0 Modify klogin to:
1) Don't spit out an error message if Kerberos is installed but not yet
   set up.

2) Don't attempt to verify the ticket you got back, as workstations
   are not intended to have srvtab files of their own.

Both behaviors can be re-enabled with KLOGIN_PARANOID.
1995-01-14 22:57:41 +00:00
guido
cec2fb9e65 Add skey supprot
Reviewed by:
Submitted by:	guido
1994-08-21 19:26:22 +00:00
rgrimes
6afce27cfe Initial revision 1994-05-27 12:32:03 +00:00