Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix a strict aliasing issue. Also remove an unnecessary pam_get_item() | des | 2003-12-11 | 1 | -8/+6 |
| | | | | | | | call (pam_get_authtok() will return the previous token if try_first_pass or use_first_pass is specified). Incidentally fix an ugly bug where the buffer holding the prompt was freed immediately before use, instead of after. | ||||
* | More strict aliasing fixes. | des | 2003-12-11 | 1 | -26/+29 |
| | | | | Submitted by: Andreas Hauser <andy-freebsd@splashground.de> | ||||
* | Fix strict aliasing breakage in PAM modules (except pam_krb5, which needs | des | 2003-12-11 | 9 | -42/+44 |
| | | | | more work than the others). This should make most modules build with -O2. | ||||
* | Fix on sparc64. | sobomax | 2003-11-12 | 1 | -1/+1 |
| | | | | | Reported by: rwatson/tinderbox MFC after: 2 weeks | ||||
* | Add a new configuration variable - nas_ipaddr, which if set allows to | sobomax | 2003-11-12 | 2 | -8/+47 |
| | | | | | | | | set NAS-IP-Address attribute in requests generated by the pam_radius module. This attribute is mandatory for some Radius servers out there. Reviewed by: des MFC after: 2 weeks | ||||
* | - fix to UID test description, non-zero -> zero | kensmith | 2003-10-17 | 1 | -1/+1 |
| | | | | | | PR: docs/57799 Reviewed by: des Approved by: blackend (mentor) | ||||
* | Ignore ECHILD from waitpid(2) (our child may have been reaped by the | des | 2003-09-19 | 1 | -1/+2 |
| | | | | | | calling process's SIGCHLD handler) PR: bin/45669 | ||||
* | Revert previous commit after fixing libpam. | des | 2003-07-21 | 1 | -1/+1 |
| | |||||
* | Add a __DECONST() to unbreak the build. | des | 2003-07-15 | 1 | -1/+1 |
| | |||||
* | Fix the master yppasswd routines, so they really work | mbr | 2003-06-15 | 1 | -0/+26 |
| | | | | | | | | for root on ypmaster. yppasswd_local() did use YPPASSWDPROG instead of MASTER_YPPASSWDPROG, and the domain was not set, resulting in a coredump during xdr-encode. Reviewed by: des | ||||
* | Add openpam_readline(3). | des | 2003-06-01 | 1 | -0/+2 |
| | |||||
* | Retire pam_wheel(8) (which has been disconnected for quite a while) and | des | 2003-06-01 | 6 | -657/+0 |
| | | | | pam_ftp(8). | ||||
* | Don't build pam_std_option(). | des | 2003-05-31 | 1 | -2/+1 |
| | |||||
* | Update copyright dates. | des | 2003-05-31 | 5 | -5/+5 |
| | |||||
* | Remove pam_std_option() and related functions. Add #defines for common | des | 2003-05-31 | 1 | -24/+6 |
| | | | | options. | ||||
* | Remove all instances of pam_std_option() | des | 2003-05-31 | 5 | -167/+58 |
| | |||||
* | Introduce pam_guest(8) which will replace pam_ftp(8). | des | 2003-05-31 | 4 | -1/+220 |
| | |||||
* | mdoc(7) fixes. | ru | 2003-05-24 | 1 | -4/+4 |
| | | | | Approved by: re (blanket) | ||||
* | Retire the useless NOSECURE knob. | des | 2003-05-19 | 1 | -2/+1 |
| | | | | Approved by: re (scottl) | ||||
* | OpenPAM is WANRS6-clean. | des | 2003-05-05 | 1 | -1/+1 |
| | |||||
* | Turn MAKE_KERBEROS5 into NO_KERBEROS by negating the logic. Some extra | markm | 2003-05-05 | 1 | -1/+1 |
| | | | | | cleanups were necessary in release/Makefile, and the tinderbox code was syntax checked, not run checked. | ||||
* | Trasmute moer "krb5" distibutions into "crypto". | markm | 2003-05-01 | 1 | -3/+1 |
| | |||||
* | Use C99-style varadic macros instead of the non-standard gcc syntax. | des | 2003-05-01 | 1 | -5/+5 |
| | |||||
* | Mark libpam as c99- and WARNS5-clean. | des | 2003-05-01 | 1 | -1/+2 |
| | |||||
* | Make sure rhostip is always initialized. | des | 2003-04-30 | 1 | -1/+1 |
| | | | | | PR: bin/51508 Submitted by: Peter Grimshaw <peter@tesseract.demon.co.uk> | ||||
* | Treat an empty PAM_RHOST the same as a NULL one. | des | 2003-04-30 | 4 | -5/+5 |
| | | | | PR: bin/51508 | ||||
* | Set $HOME to the correct directory (within the chroot tree). | des | 2003-04-30 | 1 | -0/+1 |
| | |||||
* | Remove a bogus null password check which assumed that a user with an empty | des | 2003-04-24 | 1 | -2/+8 |
| | | | | | | password must necessarily have an empty pwd->pw_passwd. Also add a check that prevents users from setting a blank password unless the nullok option was specified. Root is still allowed to give anyone a blank password. | ||||
* | Connect the pam_chroot(8) module to the build. | des | 2003-04-08 | 1 | -0/+1 |
| | |||||
* | Add a cwd option which specifies where to chdir(2) after the chroot(2). | des | 2003-04-08 | 2 | -6/+22 |
| | | | | | When using the /home/./foo scheme, this defaults to the rhs (/foo); otherwise it defaults to /. | ||||
* | Experimental pam_chroot module (not connected to the build) | des | 2003-03-30 | 3 | -0/+193 |
| | |||||
* | This module is not WARNS-clean, due to brokenness in OpenSSL headers. | des | 2003-03-10 | 1 | -0/+1 |
| | |||||
* | Somewhat better wording. | des | 2003-03-10 | 1 | -8/+6 |
| | |||||
* | Silence warning caused by OPIE brokenness. | des | 2003-03-10 | 1 | -2/+3 |
| | |||||
* | style.Makefile(5) police | obrien | 2003-03-09 | 28 | -221/+223 |
| | | | | | | (I've tried to keep to the spirit of the original formatting) Reviewed by: des | ||||
* | KerberosIV de-orbit burn continues. Remove the KerberosIV PAM module. | markm | 2003-03-08 | 7 | -454/+0 |
| | |||||
* | Comment-only assistance to lint to kill warnings. | markm | 2003-03-08 | 1 | -0/+4 |
| | |||||
* | mdoc(7) police: Nits. | ru | 2003-03-03 | 2 | -4/+4 |
| | |||||
* | mdoc(7) police: markup laundry. | ru | 2003-02-23 | 2 | -2/+2 |
| | |||||
* | Add an "allow_local" option which forces historical behaviour. | des | 2003-02-16 | 2 | -2/+20 |
| | |||||
* | Assume "localhost" if no remote host was specified. This is safe from a | des | 2003-02-15 | 1 | -3/+4 |
| | | | | POLA point of view since the stock /etc/opieaccess now allows localhost. | ||||
* | Use pam_get_user(3) instead of pam_get_item(3) where appropriate. | des | 2003-02-10 | 2 | -4/+4 |
| | |||||
* | Complete rewrite of pam_ssh(8). The previous version was becoming hard | des | 2003-02-09 | 4 | -557/+307 |
| | | | | | | | | | | | to maintain, and had security issues which would have required a major rewrite to address anyway. This implementation currently starts a separate agent for each session instead of connecting each new session to the agent started by the first one. While this would be a Good Thing (and the old pam_ssh(8) tried to do it), it's hard to get right. I'll revisit this issue when I've had a chance to test some modifications to ssh-agent(1). | ||||
* | Maybe I was a little too fast? Remove debugging code, and commit the | des | 2003-02-06 | 3 | -2/+90 |
| | | | | | | Makefile and man page which I'd forgotten to 'cvs add'. Sponsored by: DARPA, NAI Labs | ||||
* | Replace pam_wheel(8) with pam_group(8) which has a cleaner interface. The | des | 2003-02-06 | 2 | -1/+119 |
| | | | | | | | | | | pam_wheel(8) module was written to work in spite of a broken libpam, and has grown organically since its inception, which is reflected in both its functionality and implementation. Rather than clean up pam_wheel(8) and break backward compatibility, I've chosen to reimplement it under a new, more generic name. Sponsored by: DARPA, NAI Labs | ||||
* | Make sure the message is only printed once. | des | 2003-02-06 | 1 | -3/+5 |
| | |||||
* | Don't blame markm for what he didn't do - writing these man pages, for | des | 2003-02-06 | 2 | -6/+2 |
| | | | | | instance. Also bump the date since I made substantial modifications earlier today. | ||||
* | Update copyright. | des | 2003-02-06 | 1 | -1/+1 |
| | |||||
* | Add support for escape sequences in the arguments (e.g. %u for user name) | des | 2003-02-06 | 2 | -24/+82 |
| | | | | Sponsored by: DARPA, NAI Labs | ||||
* | Export the PAM environment to the child process instead of the "normal" | des | 2003-02-06 | 2 | -3/+12 |
| | | | | | | environment list, which may be unsafe and / or sensitive. Sponsored by: DARPA, NAI Labs |