d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
100,650 Commits 4 Branches 49 Tags
Commit Graph

366 Commits

Author SHA1 Message Date
markm
ac30099bce Add 'try_mapped_pass' standard option. 
Asked for by:	lukeh@PADL.COM
 2001-08-20 12:43:19 +00:00
markm
78c5ea3c24 Document the no_warn option. 2001-08-15 20:05:33 +00:00
markm
0261d9dad2 Fix a couple of cross-references to reflect the reality of the module. 2001-08-15 20:03:26 +00:00
markm
384d536a12 Fix: 
/usr/src/lib/libpam/modules/pam_ssh/pam_ssh.c has couple of bugs which cause:

1) xdm dumps core
2) ssh1 private key is not passed to ssh-agent
3) ssh2 RSA key seems not handled properly (just a guess from source)
4) ssh_get_authentication_connectionen() fails to get connection because of
   SSH_AUTH_SOCK not defined.

PR:		29609
Submitted by:	Takanori Saneto <sanewo@ba2.so-net.ne.jp>
 2001-08-11 12:37:55 +00:00
markm
0935831088 Clean up this module very extensively. Fix the logging, the coding 
standards and the option handling. This module is now much more easy
to maintain as a part of the FreeBSD tree.
 2001-08-10 19:24:34 +00:00
markm
d4dc7767d7 Code clean up; make logging same as other modules and fix warnings. 2001-08-10 19:21:45 +00:00
markm
74d9830e38 General code clean-up. Sort out warnings, and make the warning and 
logging work the same as other modules.
 2001-08-10 19:18:52 +00:00
markm
746b322ce6 Simplify code. Also verbose logging, verbose overridable error reporting. 2001-08-10 19:15:48 +00:00
markm
30eda03ef6 Verbose logging, overridable verbose error reporting. 2001-08-10 19:12:59 +00:00
markm
846c7876be Module clean-up. Verbose logging, Overridable verbose error reporting, 
FreeBSD pam_prompt() usage to simplify conversation function usage.
 2001-08-10 19:10:43 +00:00
markm
6d1911d4af Verbosely (overridable) report failure to the user. 2001-08-10 19:07:45 +00:00
markm
d6d9a9d422 Use the FreeBSD pam_prompt() interface to the conversation function 
instead of home-rolling it. Clean up debugging code and tidy the
module.
 2001-08-10 19:05:57 +00:00
markm
cda9e6f687 Verbosely report errors to the user (overridable), and make sure 
that the correct failure mode is reported.
 2001-08-10 19:02:21 +00:00
markm
fef690379a Fix broken logic so that this actually works for the superuser. 
Verbosely log (properly).
Verbosely report errors to the user.
 2001-08-10 14:21:58 +00:00
markm
12c08f0451 Rework this to prevent a nasty problem involving different modules' 
option interacting with each other.
 2001-08-10 14:16:47 +00:00
markm
9768c83960 Declare the new user-error reporting macro. 
This is a macro to allow use of the __FILE__ and __FUNCTION__
macros.
 2001-08-10 14:15:00 +00:00
markm
7b1059217e Add a routine for providing feedback via the conversation mechanism 
(usually to stderr) for user-reportable errors.
 2001-08-10 14:13:16 +00:00
markm
3b25221320 Fix style/consistency in Makefile and repair static module building. 
Submitted by:	bde(partially)
 2001-08-04 21:51:14 +00:00
markm
1f44b5f4e9 Don't clobber CFLAGS 
Submitted by:	bde
 2001-08-04 21:49:30 +00:00
markm
edba6eee5e Fix the bug where this modulke was not checking the priamry GID, only 
the GIDS in /etc/group or NIS's group map.

Tested by:	sheldonh
PR:		29349
 2001-08-04 09:19:31 +00:00
markm
79a9463a45 With the S/KEY removal, this is no longer buildable or necessary. 2001-08-02 19:04:20 +00:00
markm
9bd038a011 Don't try to make pam_ssh module if NO_OPENSSH is set. 2001-08-02 19:01:02 +00:00
markm
78112d8985 Repair the get/set UID() stuff so this works in both su(1) and login(1) 
modes.
 2001-08-02 10:35:41 +00:00
markm
2754e9c466 Making this major bump was a BAD idea. The API change is internal (to PAM) 
and it caused problems without solving any.
 2001-07-30 09:56:38 +00:00
markm
6b3146187f (Re)Add an SSH module for PAM, heavily based on Andrew Korty's module 
from ports.
 2001-07-29 18:31:09 +00:00
ru
b2f5024e3b mdoc(7) police: widen width of the options list. 2001-07-18 14:49:32 +00:00
markm
208d8e13d4 Update to the same level of debug-logging as the rest of the 
FreeBSD/PAM modules.
 2001-07-17 07:36:51 +00:00
markm
b179f8e35f Update to the same code as in the pam_krb5.so port. 
According to Peter, the port works - this needs more testing.
 2001-07-17 07:34:36 +00:00
dd
911ca14c87 Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
markm
ada1f4d477 Use a better method of getting user credentials to account for 
(legal) UID duplication.

Rename use_uid to auth_as_self for consistency with other modules.
 2001-07-14 08:42:39 +00:00
markm
921b216c2d Use a better method to get user credentials to account for (legal) 
duplications of UID's in /etc/*passwd.
 2001-07-14 08:38:24 +00:00
ru
5001e16d30 mdoc(7) police: -xwidth has been fold into -width. 2001-07-13 09:09:52 +00:00
ru
80f926caa5 mdoc(7) police: fixed markup, a little bit. 2001-07-11 08:36:26 +00:00
ru
36e83f27aa mdoc(7) police: fixed markup any numerous typos. 2001-07-11 08:35:34 +00:00
markm
a8b501863a Fix a horrible bug introduced by myself where the options collection 
keeps on growing as the module stack is parsed.
 2001-07-10 16:59:30 +00:00
ru
36f138439b mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 14:16:33 +00:00
ru
317b7d8e37 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 13:41:46 +00:00
markm
88dfad0475 Clean up (and in some cases write) the PAM mudules, using 
o The new options-processing API
o The new DEBUG-logging API

Add man(1) pages for ALL modules. MDOC-Police welcome
to check this.

Audit, clean up while I'm here.
 2001-07-09 18:20:51 +00:00
markm
ff28ba8b35 Bump the major number. The libraries API has changed incompatibly. 2001-07-09 18:16:33 +00:00
markm
1b8cb1cd38 Almost completely rewrite the PAM module options processing 
routines, and provide a more extended API for doing this.

Provide an API for debug logging.

Audit and clean up the code.
 2001-07-09 18:14:43 +00:00
ru
05e503d80a mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2). 2001-07-06 16:46:48 +00:00
ru
fd9d23bf28 mdoc(7) police: fixed formatting. 2001-07-06 07:29:59 +00:00
peter
dcb4453375 Fix libpam's linker set stuff to use the new API (unbreak world), and get 
rid of gensetdefs from here as well.
 2001-06-14 01:13:30 +00:00
chris
bf91fbcc4d Convert to mdoc(7). 2001-06-13 21:52:07 +00:00
markm
4e8273f82f Big module cleanup. 
Move common stuff into Makefile.inc, and tidy up all the Makefiles
as a result.

Build new modules.

Put a commented-out dependancy on libpam for the (shared) modules.
I can't bring this in just yet, as the dependancy (modules->libpam)
is reversed for the static case (libpam->modules).
 2001-06-04 19:47:56 +00:00
markm
bb5c80b440 Null file to bring back a file from the dead. This allows the real commit 
to happen remotely. Damn CVS bugs :-(
 2001-06-04 19:25:41 +00:00
markm
cafc16591f Add the "nullok" option that causes this module to succeed if the Unix 
password is empty/null.
 2001-06-04 19:16:57 +00:00
markm
c5ba97baf9 Tidy up the options list (and make it more extendable), and add some 
extra "standard" options.
 2001-06-04 19:12:08 +00:00
markm
a28a87bd61 Add some new utility authenticators. 
pam_securetty silently succeeds if the user is on a secure tty
as defined by /etc/ttys.

pam_ftp does "anonymous ftp" style authentication with options for
specifying the anonymous user(s).
 2001-06-04 18:44:47 +00:00
markm
f6fb59fd55 Add the "auth_as_self" option to the pam_unix module (there is no 
reason not to add it to others later). This causes the pam_unix
module to check the user's _own_ password, not the password of the
account that the user is authenticating into. This will allow eg:
WHEELSU type behaviour from su(1).
 2001-05-24 18:35:52 +00:00