summaryrefslogtreecommitdiffstats
path: root/lib/libpam/modules
Commit message (Collapse)AuthorAgeFilesLines
* MFS (r296781):des2016-03-142-5/+5
| | | | | | | | | | MFH (r296633): upgrade to 7.2p2 (fixes xauth command injection bug) MFH (r296634): re-add aes-cbc to server-side default cipher list MFH (r296651, r296657): fix gcc build of pam_ssh PR: 207679 Security: CVE-2016-3115 Approved by: re (marius)
* MFH (r265214, r294333, r294407, r294467): misc prop fixesdes2016-02-071-7/+6
| | | | | | | | | | | | | | | | MFH (r285975, r287143): register mergeinfo for security fixes MFH (r294497, r294498, r295139): internal documentation MFH (r294328): upgrade to openssh 6.7p1, re-add libwrap MFH (r294332): upgrade to openssh 6.8p1 MFH (r294367): update pam_ssh for api changes MFH (r294909): switch usedns back on MFH (r294336): upgrade to openssh 6.9p1 MFH (r294495): re-enable dsa keys MFH (r294464): upgrade to openssh 7.0p1 MFH (r294496): upgrade to openssh 7.1p2 Approved by: re (gjb) Relnotes: yes
* MFC r291941:bdrewery2016-01-071-2/+1
| | | | Replace unneeded manual dependency on header by adding it to SRCS.
* MFC r278182:ngie2015-02-111-0/+2
| | | | | | | | | r278182: Conditionalize building radius support into libpam, ppp, etc via MK_RADIUS_SUPPORT Sponsored by: EMC / Isilon Storage Division
* MFH (r277237): pass PAM_RHOST to RADIUS server as Calling-Station-IDdes2015-01-291-12/+18
|
* MFH (r272280, r272281, r272348): allow use with null user and rhostdes2014-10-011-4/+8
| | | | | PR: 83099 193927 Approved by: re (kib)
* MFH (r271256, r271617): avoid segfault if PAM_RHOST nor PAM_TTY are unset.des2014-09-181-7/+10
| | | | | Approved by: re (gjb) PR: 83099
* MFH (r268888): fix false negative for empty groupsdes2014-08-232-11/+29
| | | | | | | PR: 109416 MFH (r268890): add support for "account" facility PR: 115164
* MFH (r269115): remove useless getpwnam() calldes2014-08-231-3/+1
|
* MFC: r269875ache2014-08-181-1/+1
| | | | | | | According to opie code and even direct mention in opie(4) challenge buffer size must be OPIE_CHALLENGE_MAX + 1, not OPIE_CHALLENGE_MAX Reviewed by: des
* Make libldns and libssh private.des2013-09-081-0/+1
| | | | Approved by: re (blanket)
* Make the PAM password strength checking module WARNS=2 safe.will2013-08-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | lib/libpam/modules/pam_passwdqc/Makefile: Bump WARNS to 2. contrib/pam_modules/pam_passwdqc/pam_passwdqc.c: Bump _XOPEN_SOURCE and _XOPEN_VERSION from 500 to 600 so that vsnprint() is declared. Use the two new union types (pam_conv_item_t and pam_text_item_t) to resolve strict aliasing violations caused by casts to comply with the pam_get_item() API taking a "const void **" for all item types. Warnings are generated for casts that create "type puns" (pointers of conflicting sized types that are set to access the same memory location) since these pointers may be used in ways that violate C's strict aliasing rules. Casts to a new type must be performed through a union in order to be compliant, and access must be performed through only one of the union's data types during the lifetime of the union instance. Handle strict-aliasing warnings through pointer assignments, which drastically simplifies this change. Correct a CLANG "printf-like function with more arguments than format" error. Submitted by: gibbs Sponsored by: Spectra Logic
* Fix declaration vs. definition inconsistency. No functional change.jkim2013-04-051-3/+3
|
* remove duplicate semicolons where possible.eadler2012-10-221-1/+1
| | | | | Approved by: cperciva MFC after: 1 week
* Remove unnecessary #include.des2012-09-281-1/+0
|
* Bump date missed in r202756eadler2012-09-141-1/+1
| | | | | | | PR: docs/171624 Submitted by: bdrewery Approved by: gabor MFC after: 3 days
* Fix an instance in pam_krb5(8), where the variable 'user' could be useddim2012-08-061-2/+2
| | | | | | | | uninitialized. Found by: clang 3.2 Reviewed by: des MFC after: 1 week
* Fix two instances in pam_krb5(8), where the variable 'princ_name' coulddim2012-08-061-4/+4
| | | | | | | | be used uninitialized. Found by: clang 3.2 Reviewed by: des MFC after: 1 week
* Add an option for pam_krb5 to allow it to authenticate users which don't havedfr2012-08-051-4/+7
| | | | | | | | a local account. PR: 76678 Submitted by: daved at tamu.edu MFC after: 2 weeks
* Passing NULL as a key casues a segfault when loading SSH 1 keys. Usedes2012-05-261-1/+1
| | | | an empty string instead.
* Fixes to man8 groff mandoc style, usage mistakes, or typos.wblock2012-05-241-2/+2
| | | | | | | PR: 168016 Submitted by: Nobuyuki Koganemaru Approved by: gjb MFC after: 3 days
* Fix error messages containing the executed command namedumbbell2012-04-121-31/+77
| | | | | | | | | | | | Before, we took the first argument to pam_exec(8). With the addition of options in front of the command, this could be wrong. Now, options are parsed before calling _pam_exec() and messages contain the proper command name. While here, fix a warning. Sponsored by: Yakaz (http://www.yakaz.com)
* Remove trailing whitespace per mdoc lint warningeadler2012-03-291-1/+1
| | | | | | | Disussed with: gavin No objection from: doc Approved by: joel MFC after: 3 days
* Use program exit status as pam_exec return code (optional)dumbbell2012-03-262-38/+362
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pam_exec(8) now accepts a new option "return_prog_exit_status". When set, the program exit status is used as the pam_exec return code. It allows the program to tell why the step failed (eg. user unknown). However, if it exits with a code not allowed by the calling PAM service module function (see $PAM_SM_FUNC below), a warning is logged and PAM_SERVICE_ERR is returned. The following changes are related to this new feature but they apply no matter if the "return_prog_exit_status" option is set or not. The environment passed to the program is extended: o $PAM_SM_FUNC contains the name of the PAM service module function (eg. pam_sm_authenticate). o All valid PAM return codes' numerical values are available through variables named after the return code name. For instance, $PAM_SUCCESS, $PAM_USER_UNKNOWN or $PAM_PERM_DENIED. pam_exec return code better reflects what went on: o If the program exits with !0, the return code is now PAM_PERM_DENIED, not PAM_SYSTEM_ERR. o If the program fails because of a signal (WIFSIGNALED) or doesn't terminate normally (!WIFEXITED), the return code is now PAM_SERVICE_ERR, not PAM_SYSTEM_ERR. o If a syscall in pam_exec fails, the return code remains PAM_SYSTEM_ERR. waitpid(2) is called in a loop. If it returns because of EINTR, do it again. Before, it would return PAM_SYSTEM_ERR without waiting for the child to exit. Several log messages now include the PAM service module function name. The man page is updated accordingly. Reviewed by: gleb@, des@ Sponsored by: Yakaz (http://www.yakaz.com) MFC after: 2 weeks
* - Avoid using deprecated heimdal functions in pam_krb5.stas2012-03-242-69/+102
|
* - Avoid use of deprecated KRB5 functions.stas2012-03-222-15/+25
|
* - Update FreeBSD Heimdal distribution to version 1.5.1. This also bringsstas2012-03-222-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | several new kerberos related libraries and applications to FreeBSD: o kgetcred(1) allows one to manually get a ticket for a particular service. o kf(1) securily forwards ticket to another host through an authenticated and encrypted stream. o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1) and other user kerberos operations. klist and kswitch are just symlinks to kcc(1) now. o kswitch(1) allows you to easily switch between kerberos credentials if you're running KCM. o hxtool(1) is a certificate management tool to use with PKINIT. o string2key(1) maps a password into key. o kdigest(8) is a userland tool to access the KDC's digest interface. o kimpersonate(8) creates a "fake" ticket for a service. We also now install manpages for some lirbaries that were not installed before, libheimntlm and libhx509. - The new HEIMDAL version no longer supports Kerberos 4. All users are recommended to switch to Kerberos 5. - Weak ciphers are now disabled by default. To enable DES support (used by telnet(8)), use "allow_weak_crypto" option in krb5.conf. - libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings disabled due to the function they use (krb5_get_err_text(3)) being deprecated. I plan to work on this next. - Heimdal's KDC now require sqlite to operate. We use the bundled version and install it as libheimsqlite. If some other FreeBSD components will require it in the future we can rename it to libbsdsqlite and use for these components as well. - This is not a latest Heimdal version, the new one was released while I was working on the update. I will update it to 1.5.2 soon, as it fixes some important bugs and security issues.
* Rev 228065 (change bsd.own.mk -> bsd.init.mk) broke pam_unix.so by causingpeter2012-01-181-2/+2
| | | | | | | | | | | | the LDADD/DPADD to lose the -lpam, and causing openpam_dynamic() to fail due to "openpam_get_options" being undefined. This would cause obscure console log messages like: openpam_dynamic(): No error: 0 openpam_load_module(): no pam_unix.so found and other helpful messages which are no help in diagnosing the problem. Fortunately this change was not mfc'ed to 9.x, it isn't broken there.
* .include <bsd.init.mk> instead of <bsd.own.mk>fjoe2011-11-281-3/+1
| | | | The former allows common settings from ../Makefile.inc to be used.
* Revert r227841 and part of r227798. We still build libpam in two passes,des2011-11-241-1/+10
| | | | | | but we use STATIC_CFLAGS instead of our own private .c.o rule. MFC after: 3 weeks
* Simplify the libpam build by removing the shared modules' dependencydes2011-11-211-13/+1
| | | | | | | on the shared library. The modules are loaded by the library, so we know it'll be there when we need it. MFC after: 3 weeks
* key_load_private() ignores the passphrase argument if the private keydes2011-11-201-7/+18
| | | | | | | | | | | | is unencrypted. This defeats the nullok check, because it means a non-null passphrase will successfully unlock the key. To address this, try at first to load the key without a passphrase. If this succeeds and the user provided a non-empty passphrase *or* nullok is false, reject the key. MFC after: 1 week Noticed by: Guy Helmer <guy.helmer@palisadesystems.com>
* Ensure pam_lastlog removes the /dev/ component of the TTY name.ed2011-11-071-0/+5
| | | | | | | | | | Some consumers of PAM remove the /dev/ component (i.e. login), while others don't (i.e. su). We must ensure that the /dev/ component is removed to ensure that the utmpx entries properly work with tools such as w(1). Discussed with: des MFC after: 1 week
* Remove an unused variable from pam_unix.ed2011-11-051-2/+0
| | | | | | | | This variable was added in r82352 back in 2001, but even then it didn't have any use. Because it's not marked static, the C compiler won't complain about it. Discussed with: des
* Note that pam_unix(8) does not respect PAM_CHANGE_EXPIRED_AUTHTOK.des2011-11-021-0/+6
|
* Load the ECDSA key if there is one.des2011-10-072-2/+7
| | | | MFC after: 1 week
* Mention the name of the module in warning messages.des2011-03-121-2/+2
|
* Add "ruser" and "luser" options. The former corresponds to the currentdes2011-03-122-5/+35
| | | | | | | | | | behavior, where the module checks that the supplicant is a member of the required group. The latter checks the target user instead. If neither option was specified, pam_group(8) assumes "ruser" and issues a warning. I intend to eventually change the default to "luser" to match the behavior of similarly-named service modules in other operating systems. MFC after: 1 month
* No newline required.des2011-03-091-2/+2
| | | | MFC after: 2 weeks
* Add <time.h> for ctime(), which we accidentally picked up throughdes2010-11-221-0/+1
| | | | | | | <sys/time.h>. Submitted by: Garrett Cooper <yanegomi@gmail.com> MFC after: 3 days
* Bump .Dd date.delphij2010-05-031-1/+1
| | | | Forgotten by: delphij
* Code indent according to style(9).mm2010-05-031-23/+23
| | | | | | | PR: bin/146186 Submitted by: myself Approved by: delphij (mentor) MFC after: 2 weeks
* Implement the no_user_check option to pam_krb5.mm2010-05-032-1/+12
| | | | | | | | | | | | | | | This option is available in the Linux implementation of pam_krb5 and allows to authorize a user not known to the local system. Ccache is not used as we don't have a secure uid/gid for the cache file. Usable for authentication of external kerberos users (e.g Active Directory) via PAM from applications like Cyrus saslauthd, PHP or perl. PR: bin/146186 Submitted by: myself Approved by: deplhij (mentor) MFC after: 2 weeks
* Upgrade to OpenSSH 5.4p1.des2010-03-091-0/+3
| | | | MFC after: 1 month
* Remove redundant WARNS?=6 overrides and inherit the WARNS setting fromuqs2010-03-021-1/+0
| | | | | | | | the toplevel directory. This does not change any WARNS level and survives a make universe. Approved by: ed (co-mentor)
* Always assign WARNS using ?=uqs2010-03-021-1/+1
| | | | | | | - fix some nearby style bugs - include Makefile.inc where it makes sense and reduces duplication Approved by: ed (co-mentor)
* %U was macroized in mdoc(7), escape.ru2010-02-161-1/+1
|
* Respect passwordtime from login.conf if set.des2010-02-021-2/+9
| | | | | | PR: bin/93473 Submitted by: Björn König <bkoenig@cs.tu-berlin.de> MFC after: 1 week
* Remove stale references to utmp(5) and its corresponding filenames.ed2010-01-211-7/+2
| | | | I removed utmp and its manpage, but not other manpages referring to it.
* Let pam_lastlog use random ut_id's.ed2010-01-182-14/+42
| | | | | | | | | | | | | | | | | By using random values for ut_id, not based on the TTY name, it is possible to run for example login(1) multiple times on the same TTY, without overwriting any previous records. The output of w(1) will then be as follows: | 12:26PM up 2 days, 2:31, 5 users, load averages: 0.01, 0.03, 0.03 | USER TTY FROM LOGIN@ IDLE WHAT | ed pts/2 mekker.80386.nl 12:26PM - w | root pts/2 - 12:26PM - w | root pts/2 - 12:26PM - w | root pts/2 - 12:26PM - w Approved by: des
OpenPOWER on IntegriCloud