d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
120,558 Commits 4 Branches 49 Tags 2 GiB
db662ee84c
Commit Graph

65 Commits

Author SHA1 Message Date
des
09a62d7510 Use the correct login class when setting a new password. 
PR:		65557, 72949
Submitted by:	Stephen P. Cravey <clists@gotbrains.org>
Approved by:	re (scottl)
MFC after:	2 weeks
 2005-07-05 18:42:18 +00:00
ume
a3047efe51 NI_WITHSCOPEID cleanup 
Reviewed by:	des
 2005-05-13 20:51:09 +00:00
ru
3666aefb6a Fixed xref. 2005-01-21 10:48:35 +00:00
bz
4b83c5852a Add knob NO_NIS (fka NO_YP_LIBC) and make world compileable when set. 
If turned on  no NIS support and related programs will be built.

Lost parts rediscovered by:	Danny Braniss <danny at cs.huji.ac.il>
PR:		bin/68303
No objections:	des, gshapiro, nectar
Reviewed by:	ru
Approved by:	rwatson (mentor)
MFC after:	2 weeks
 2004-11-13 20:40:32 +00:00
des
18879fb0df Fix numerous constness and aliasing issues. 2004-02-10 10:13:21 +00:00
schweikh
6cbe68d985 Remove crossref to pam.conf(5) which never existed. 2004-01-17 09:46:49 +00:00
des
9c38a55797 Fix strict aliasing breakage in PAM modules (except pam_krb5, which needs 
more work than the others).  This should make most modules build with -O2.
 2003-12-11 13:55:16 +00:00
mbr
43c169a64d Fix the master yppasswd routines, so they really work 
for root on ypmaster. yppasswd_local() did use YPPASSWDPROG
instead of MASTER_YPPASSWDPROG, and the domain was not set,
resulting in a coredump during xdr-encode.

Reviewed by:	des
 2003-06-15 10:37:22 +00:00
des
808a5cf7ec Update copyright dates. 2003-05-31 17:19:03 +00:00
des
ccae73b84e Remove all instances of pam_std_option() 2003-05-31 16:55:07 +00:00
des
31f8a355e2 Make sure rhostip is always initialized. 
PR:		bin/51508
Submitted by:	Peter Grimshaw <peter@tesseract.demon.co.uk>
 2003-04-30 00:49:42 +00:00
des
4f251ebb97 Treat an empty PAM_RHOST the same as a NULL one. 
PR:		bin/51508
 2003-04-30 00:44:05 +00:00
des
9bee0a595d Remove a bogus null password check which assumed that a user with an empty 
password must necessarily have an empty pwd->pw_passwd.  Also add a check
that prevents users from setting a blank password unless the nullok option
was specified.  Root is still allowed to give anyone a blank password.
 2003-04-24 12:26:25 +00:00
obrien
e70feef239 style.Makefile(5) police 
(I've tried to keep to the spirit of the original formatting)

Reviewed by:	des
 2003-03-09 20:06:38 +00:00
schweikh
fec6546e12 english(4) police. 2002-12-27 12:15:40 +00:00
jmallett
f49de03759 Free old_pwd only in the code path where it has been allocated. 
Reviewed by:	des
 2002-05-22 23:18:25 +00:00
des
abc14dea11 Use libutil and libypclnt for all passwd manipulation and NIS needs. 
Sponsored by:	DARPA, NAI Labs
 2002-05-08 00:54:29 +00:00
des
a6e173ee33 Don't ask root for the old password, except in the NIS case. 
Sponsored by:	DARPA, NAI Labs
 2002-04-26 19:28:17 +00:00
des
522debf4fd Fix a really dumb bug (missing curly braces around the body of an if 
statement) that caused pam_sm_chauthtok() to always fail silently.
 2002-04-26 01:47:48 +00:00
des
b41d43d579 Revert previous commit, it is incorrect. 2002-04-15 22:51:31 +00:00
obrien
f46bf6f79a Properly spell rpcsvc/ypclnt.h and fix the build. 2002-04-15 22:47:28 +00:00
des
887c2ed009 Prompt for new password during update phase, not during preliminary phase. 
Sponsored by:	DARPA, NAI Labs
 2002-04-15 03:00:14 +00:00
des
ee50be8376 Dike out most of the NIS code and replace it with calls to libypclnt. 
Rework pam_sm_chauthtok() so it (mostly?) works.
The standard pw stuff still needs to move into a library somewhere.

Sponsored by:	DARPA, NAI Labs
 2002-04-15 02:34:43 +00:00
des
a8ed917937 Major cleanup: 
- add __unused where appropriate
  - PAM_RETURN -> return since OpenPAM already logs the return value.
  - make PAM_LOG use openpam_log()
  - make PAM_VERBOSE_ERROR use openpam_get_option() and check flags
    for PAM_SILENT
  - remove dummy functions since OpenPAM handles missing service
    functions
  - fix various warnings

Sponsored by:	DARPA, NAI Labs
 2002-04-12 22:27:25 +00:00
ru
aab0c4649e Moved SHLIB_NAME definition into one place. 
Approved by:	des
 2002-04-10 18:07:05 +00:00
ru
fe715089ee Fixed broken "make depend; make clean; make all" sequence. 
I've looked for this example for a long time, to demonstrate
some people why it's a really BAD idea to use ${.OBJDIR}
instead of ".".  I hope these people are reading this.  :-)

Approved by:	des
 2002-04-10 18:00:32 +00:00
ru
54bcb55671 Align for const poisoning in -lutil. 2002-04-08 11:07:51 +00:00
des
a3ac60a8cb Reorganize pam_sm_authenticate() to reduce code duplication. 
Sponsored by:	DARPA, NAI Labs
 2002-04-07 21:18:18 +00:00
des
71240839dd Fix bug in previous commit that passed the wrong default value to 
login_getcapstr(3).  Also fix a longer-standing bug (login_close(3)
frees the string returned by login_getcapstr(3)) by reorganizing the
code a little, and use login_getpwclass(3) instead of login_getclass(3)
if we already have a struct pwd.

Sponsored by:	DARPA, NAI Labs
 2002-04-07 20:43:27 +00:00
des
ce173531cb Aggressive cleanup of warnings + authtok-related code in preparation for 
PAMifying passwd(1).

Sponsored by:	DARPA, NAI Labs.
 2002-04-06 19:30:04 +00:00
des
78c249929b Fix some style issues, a const warning, and abuse of PAM_ABORT. 
Sponsored by:	DARPA, NAI Labs
 2002-04-06 14:25:04 +00:00
cjc
51b661db90 Fix world breakage introduced by my recent modifications to 
chpass(8). The relations between libc, libpam, chpass, passwd, and
vipw are a mess and probably should be cleaned up.

Submitted by:	Peter Pentchev <roam@ringlet.net>
 2002-03-18 12:55:28 +00:00
des
7f7038bdcf NAI DBA update. 2002-03-14 23:27:59 +00:00
markm
02184350e0 Remove the use of random(3), and encapsulate the salt-generation in 
its own function. The use of arc4random(3) is hopeless overkill here,
but that does not hurt anything.

Requested by:	ache
 2002-03-14 16:41:36 +00:00
sobomax
c3acf5c512 Don't ignore system CFLAGS. 2002-03-07 16:56:19 +00:00
des
c0bbe50538 Switch to OpenPAM. Bump library version. Modules are now versioned, so 
applications linked with Linux-PAM will still work.
Remove pam_get_pass(); OpenPAM has pam_get_authtok().
Remove pam_prompt(); OpenPAM has pam_{,v}{error,info,prompt}().
Remove pam_set_item(3) man page as OpenPAM has its own.

Sponsored by:	DARPA, NAI Labs
 2002-03-05 21:56:25 +00:00
des
863a49b908 This file needs <syslog.h>. 
Sponsored by:	DARPA, NAI Labs
 2002-02-09 14:12:09 +00:00
markm
b090adde5f Remove NO_WERROR, now that WARNS=n is gone. 2002-02-06 18:46:48 +00:00
des
4bbf527773 #include cleanup. 
Sponsored by:	DARPA, NAI Labs
 2002-02-05 06:08:26 +00:00
markm
01ec73592a Add the other half of the salt-generating code. No functional 
difference except that the salt is slightly harder to build
dictionaries against, and the code does not use srandom[dev]().
 2002-02-04 00:28:54 +00:00
markm
01a4236106 WARNS=n fixes (and some stylistic issues). 2002-02-03 15:17:57 +00:00
des
1caa7bdd9e With asbestos longjohns on, integrate most of the checks normally done by 
login(1) (password & account expiry, hosts.access etc.) into pam_unix(8).

Sponsored by:	DARPA, NAI Labs
 2002-01-30 19:09:11 +00:00
markm
b63d9c7a6d WARNS=4 fixes. Protect with NO_WERROR for the modules that have 
warnings that are hard to fix or that I've been asked to leave alone.
 2002-01-24 18:37:17 +00:00
ache
d90ac373d0 Back out recent changes 2002-01-19 18:03:11 +00:00
ache
0262fc4b8f Back out second right-now-expired password check in pam_sm_chauthtok, 
old expired password assumed there
 2002-01-19 09:23:36 +00:00
ache
35ada60969 Add yet one expired-right-now password check, in pam_sm_chauthtok 
srandomdev() can't be used in libraries, replace srandomdev()+random()
by arc4random()
 2002-01-19 04:58:51 +00:00
ache
a38e044747 Add missing check for right-now-expired password 2002-01-19 02:45:24 +00:00
ru
fe50e52a4a mdoc(7) police: sort xrefs. 2001-12-08 16:28:20 +00:00
des
d387396266 Document the local_pass and nis_pass options, add a few xrefs, and reorder 
the SEE ALSO section.  License modified with original author's permission.

Sponsored by:	DARPA, NAI Labs
 2001-11-27 00:53:10 +00:00
sobomax
064436f6e8 Don't put an extra space after password prompts, because it violates POLA, 
makes FreeBSD inconsistent with previous releases and "other unices" as well
as with some internal password-asking services (e.g. ftp) within the same
release.
 2001-10-25 15:51:50 +00:00