summaryrefslogtreecommitdiffstats
path: root/lib/libpam
Commit message (Collapse)AuthorAgeFilesLines
* Commenting out WARNS actually brought it up to 4.ru2005-09-281-1/+1
|
* Comment out WARNS, the OpenSSL headers don't compile cleanly on some platforms.des2005-09-281-1/+1
|
* Increase WARNS.des2005-09-261-1/+1
|
* Correct the logic for determining whether the user has already entereddes2005-09-261-4/+7
| | | | | | a password. Also, work around some harmless type pun warnings. MFC after: 3 days
* Do not use passphraseless keys for authentication unless the nullokdes2005-09-222-2/+13
| | | | | | | | option was specified. PR: bin/81231 Submitted by: "Daniel O'Connor" <doconnor@gsoft.com.au> MFC after: 3 days
* Narrow the use of user credentials.des2005-09-211-14/+10
| | | | | | Fix one case where openpam_restore_cred() might be called twice in a row. MFC after: 3 days
* When (re)allocating space for an array of pointers to char, usecperciva2005-09-191-1/+1
| | | | | | | | | | | | sizeof(*list), not sizeof(**list). (i.e., sizeof(pointer) rather than sizeof(char)). It is possible that this buffer overflow is exploitable, but it was added after RELENG_5 forked and hasn't been MFCed, so this will not receive an advisory. Submitted by: Vitezslav Novy MFC after: 1 day
* Bump the shared library version number of all libraries that have notkensmith2005-07-221-1/+1
| | | | | | | been bumped since RELENG_5. Reviewed by: ru Approved by: re (not needed for commit check but in principle...)
* Missed one piece of the cluster's quirk. Need to override WARNS becausekensmith2005-07-081-0/+1
| | | | | | | | if _FREEFALL_CONFIG is set gcc bails since pam_sm_setcred() in pam_krb5.c no longer uses any of its parameters. Pointy hat: kensmith Approved by: re (scottl)
* This is sort of an MFS. Peter made these changes to the RELENG_*kensmith2005-07-072-0/+7
| | | | | | | | | | | | | | | | | | | branches but missed HEAD. This patch extends his a little bit, setting it up via the Makefiles so that adding _FREEFALL_CONFIG to /etc/make.conf is the only thing needed to cluster-ize things (current setup also requires overriding CFLAGS). From Peter's commit to the RELENG_* branches: > Add the freebsd.org custer's source modifications under #ifdefs to aid > keeping things in sync. For ksu: > * install suid-root by default > * don't fall back to asking for a unix password (ie: be pure kerberos) > * allow custom user instances for things like www and not just root The Makefile tweaks will be MFC-ed, the rest is already done. MFC after: 3 days Approved by: re (dwhite)
* Use the correct login class when setting a new password.des2005-07-051-1/+1
| | | | | | | PR: 65557, 72949 Submitted by: Stephen P. Cravey <clists@gotbrains.org> Approved by: re (scottl) MFC after: 2 weeks
* Update for OpenPAM Figwort.des2005-06-172-1/+6
| | | | Approved by: re (kensmith)
* Assorted markup fixes.ru2005-06-151-1/+1
| | | | Approved by: re
* Don't use a cast as an lvalue.des2005-06-131-3/+3
| | | | | | | | Add a redundant test to make it painfully obvious to the reader that this code does not support IPv6. Approved by: re (dwhite) MFC after: 1 week
* Use appropriate error codes for each facility instead of just PAM_AUTH_ERR.des2005-06-101-4/+4
| | | | Noticed by: pjd
* Revert the commits that made libssh an INTERNALLIB; they caused too muchdes2005-06-071-2/+1
| | | | | | trouble, especially on amd64. Requested by: ru
* Fix libssh dependency.des2005-06-061-1/+2
|
* NI_WITHSCOPEID cleanupume2005-05-131-1/+1
| | | | Reviewed by: des
* Expand *n't contractions.ru2005-02-131-1/+1
|
* In addition to the PAM environment, export a handful of useful PAM items.des2005-02-012-8/+62
| | | | Suggested by: Ed Maste <emaste@phaedrus.sandvine.ca>
* Add openpam_free_envlist(3).des2005-02-011-0/+2
|
* When "no_ccache" is set as an argument to the pam_krb5 module, don'trwatson2005-01-241-0/+4
| | | | | | | | | copy the acquired TGT from the in-memory cache to the on-disk cache at login. This was documented but un-implemented behavior. MFC after: 1 week PR: bin/64464 Reported and tested by: Eric van Gyzen <vangyzen at stat dot duke dot edu>
* The final argument to verify_krb_v5_tgt() is the debug flag, not therwatson2005-01-231-2/+3
| | | | | | | | | ticket forwardable flag, so key generation of debugging output to "debug" rather than "forwardable". Update copyright. MFC after: 3 days
* Fixed xref.ru2005-01-212-3/+3
|
* NOCRYPT -> NO_CRYPTru2004-12-211-2/+2
|
* NOINSTALLLIB -> NO_INSTALLLIBru2004-12-211-1/+1
|
* NODOCCOMPRESS -> NO_DOCCOMPRESSru2004-12-212-3/+3
| | | | | | | | NOINFO -> NO_INFO NOINFOCOMPRESS -> NO_INFOCOMPRESS NOLINT -> NO_LINT NOPIC -> NO_PIC NOPROFILE -> NO_PROFILE
* Add knob NO_NIS (fka NO_YP_LIBC) and make world compileable when set.bz2004-11-131-3/+7
| | | | | | | | | | | If turned on no NIS support and related programs will be built. Lost parts rediscovered by: Danny Braniss <danny at cs.huji.ac.il> PR: bin/68303 No objections: des, gshapiro, nectar Reviewed by: ru Approved by: rwatson (mentor) MFC after: 2 weeks
* For variables that are only checked with defined(), don't provideru2004-10-242-4/+4
| | | | any fake value.
* Join the 21st century: Cryptography is no longer an optional componentcperciva2004-08-064-7/+0
| | | | | | | | | | of releases. The -DNOCRYPT build option still exists for anyone who really wants to build non-cryptographic binaries, but the "crypto" release distribution is now part of "base", and anyone installing from a release will get cryptographic binaries. Approved by: re (scottl), markm Discussed on: freebsd-current, in late April 2004
* Downgrade WARNS level for GCC 3.4.2.kan2004-07-282-1/+2
|
* Markup nits.ru2004-07-051-2/+2
|
* Sort SEE ALSO references (in dictionary order, ignoring case).ru2004-07-041-1/+1
|
* Mechanically kill hard sentence breaks.ru2004-07-0216-19/+23
|
* Deal with unsafe tab characters.ru2004-07-021-1/+3
|
* Markup, grammar, punctuation.ru2004-07-012-3/+3
|
* Revert the last change. There are more 64bit platforms than amd64, andkan2004-06-251-1/+1
| | | | they break due to diferent alignment restrictions.
* Remove the use of cast as lvalue.kan2004-06-251-1/+1
|
* Add -DDEBUG to DEBUG_FLAGS if PAM_DEBUG is defined.des2004-03-151-0/+4
|
* Make NULL a (void*)0 whereever possible, and fix the warnings(-Werror)markm2004-03-051-1/+1
| | | | | | | | | | | | | | | that this provokes. "Wherever possible" means "In the kernel OR NOT C++" (implying C). There are places where (void *) pointers are not valid, such as for function pointers, but in the special case of (void *)0, agreement settles on it being OK. Most of the fixes were NULL where an integer zero was needed; many of the fixes were NULL where ascii <nul> ('\0') was needed, and a few were just "other". Tested on: i386 sparc64
* style cleanup: Remove duplicate $FreeBSD$ tags.cperciva2004-02-101-2/+0
| | | | | | | | These files had tags after the copyright notice, inside the comment block (incorrect, removed), and outside the comment block (correct). Approved by: rwatson (mentor)
* Fix numerous constness and aliasing issues.des2004-02-106-19/+18
|
* Put libraries in the link order.ru2004-02-041-3/+2
| | | | Reported by: lorder(1) (modified to work with libraries)
* This module doesn't use libgssapi (and it looks never did).ru2004-02-041-3/+2
|
* Implement pam_sm_close_session().des2004-01-261-1/+13
| | | | | PR: bin/61657 Submitted by: Joe R. Doupnik <jrd@cc.usu.edu>
* Deal better with the crypto version of the PAM library that goesru2004-01-185-4/+7
| | | | | | | | | | | | | | | | | | | | | | | | | on the release media -- only put what is different in the crypto version compared to the base version. This reduces PAM entries in /usr/lib in the "crypto" distribution to: libpam.a libpam.so@ libpam.so.2 pam_krb5.so@ pam_krb5.so.2 pam_ksu.so@ pam_ksu.so.2 pam_ssh.so@ pam_ssh.so.2 The libpam.so* is still redundant (it is identical to the "base" version), but we can't set DISTRIBUTION differently for libpam.a and libpam.so. (The removal of libpam.so* from the crypto distribution could be addressed by the release/scripts/crypto-make.sh script, but then we'd also need to remove redundant PAM headers, and I'm not sure this is worth a hassle.)
* DISTRIBUTION is normally single-valued.ru2004-01-181-1/+1
|
* Remove crossref to pam.conf(5) which never existed.schweikh2004-01-171-1/+0
|
* bsd.dep.mk,v 1.43 allows us to replace a hack with a solution.ru2004-01-131-3/+3
|
* Fix a strict aliasing issue. Also remove an unnecessary pam_get_item()des2003-12-111-8/+6
| | | | | | | call (pam_get_authtok() will return the previous token if try_first_pass or use_first_pass is specified). Incidentally fix an ugly bug where the buffer holding the prompt was freed immediately before use, instead of after.
OpenPOWER on IntegriCloud