summaryrefslogtreecommitdiffstats
path: root/etc/inc/auth.inc
Commit message (Collapse)AuthorAgeFilesLines
...
* Require radius.inc if the webGUI is using radius as the method.Ermal2010-07-271-1/+2
|
* Flip this back the other way, the group operation will fail if the user ↵jim-p2010-07-141-5/+5
| | | | isn't set yet.
* Silence this commandjim-p2010-07-141-1/+1
|
* Add SSH tunneling privilege to list of available privileges.Erik Fonnesbeck2010-07-121-2/+3
|
* Lock out shell accounts that have no OS access, or are expired/disabled.jim-p2010-07-121-0/+11
|
* Add check for user-ssh-tunnel to give users access to the ssh tunnel shelljim-p2010-07-121-0/+2
|
* Flip this test around so it is easier to follow/read.jim-p2010-07-121-3/+3
|
* Sync groups first, since users may rely on group changes.jim-p2010-07-121-5/+5
|
* Make sure a user gets deleted from the 'all' group.jim-p2010-07-121-1/+1
|
* Clean up this code.jim-p2010-07-121-6/+5
|
* Remove home directory when deleting a user.jim-p2010-07-121-1/+5
|
* Bypass the DNS Rebind attack checks if accessing by IP address.jim-p2010-07-091-16/+2
|
* Check for locally configured IPs in DNS rebind checks, so people who port ↵jim-p2010-07-061-0/+14
| | | | forward from WAN to the LAN IP can still work.
* Add a text box where someone can enter in alternate hostnames for the system ↵jim-p2010-07-061-0/+7
| | | | to bypass the DNS rebind checks.
* Add a checkbox to disable DNS rebinding checks if needed.jim-p2010-07-061-1/+1
|
* More fixes for DNS rebinding checks (Most of this code is Scott's, with some ↵jim-p2010-07-061-10/+17
| | | | minor fixes by me)
* Correct checkScott Ullrich2010-07-061-1/+1
|
* Correct checkScott Ullrich2010-07-061-1/+1
|
* Check for 127.0.0.1 as wellScott Ullrich2010-07-061-0/+2
|
* Oops, correct checkScott Ullrich2010-07-061-1/+1
|
* Add localhost as a valid host for SSH forwarding casesScott Ullrich2010-07-061-0/+2
|
* Wrap the dns rebind check in a test to see if our error function exists. If ↵jim-p2010-07-061-12/+16
| | | | it doesn't, it's probably being called from captive portal, so skip the check. Fixes #721
* Move the skel dir to /etc/skel, where it's easier to manage from a build ↵jim-p2010-07-061-1/+1
| | | | point of view.
* Slight fix to dyndns checkjim-p2010-07-061-2/+2
|
* Check dyndns hostnames as well for DNS Rebind issuesScott Ullrich2010-07-061-5/+12
|
* ^ PotentialScott Ullrich2010-07-011-1/+1
|
* Binding -> RebindingScott Ullrich2010-07-011-1/+1
|
* Comment what we are doing here and add the ticket #.Scott Ullrich2010-07-011-0/+1
|
* More dns-rebind checks. Ticket #708Scott Ullrich2010-07-011-1/+8
|
* Give users with ssh access a real shell, but make sure that admin still gets ↵jim-p2010-06-291-0/+3
| | | | /etc/rc.initial
* Set a skeleton directory for pwjim-p2010-06-291-1/+1
|
* Let pw handle the creation of the home directory rather than do it in php.jim-p2010-06-291-5/+1
|
* Give users who have "all" privileges shell access. Part of ticket #614jim-p2010-06-291-1/+1
|
* Remove some redundant code and make sure admin's home directory is /root - ↵jim-p2010-06-251-13/+1
| | | | Fixes #218
* Fixes #613. Add correctly users to all users group.Ermal2010-06-221-1/+1
|
* Do not include functions.inc just for pfSenseHeader which is not really the ↵Ermal2010-06-171-3/+5
| | | | best place to use!
* Fixes #660. Simplify some code and correctly do an exit after a redirect is ↵Ermal2010-06-171-8/+4
| | | | issued. Thanks-to: Efonne for analysis.
* Use mwexec where it does not make sense to use popen for something that does ↵Ermal2010-05-241-10/+21
| | | | not take any parameters. Create a function to actually remove a user from its groups when the user itself is deleted.
* Correct the shell for the admin account, this should be /etc/rc.initial. Not ↵smos2010-05-131-1/+1
| | | | /bin/sh
* Fix creation of admin user account with uid of 0. This fixes ticket #574smos2010-05-111-3/+2
|
* Allow the webui admin account to have a duplicate user ID of 0.smos2010-05-101-14/+17
| | | | Make sure to create that account before attempting to modify it's attributes
* Ticket #389. Correctly make the ldap object picker work and handle various ↵Ermal2010-04-271-8/+8
| | | | errors.
* Ticket #378. Correctly handle a timeout of 0 to mean never timeout.Ermal2010-04-271-1/+5
|
* Allow users to send in the same POST authentication info and post fields. ↵Ermal2010-04-201-1/+4
| | | | This will be allowed by authentication code if the special post var 'postafterlogin' isset.
* Simplify code.Ermal2010-03-291-4/+3
|
* fix textChris Buechler2010-03-131-1/+1
|
* Add includes needed. Fix typo.Ermal2010-03-121-1/+1
|
* Fix bug where user wasn't being removed from groups upon deletion.jim-p2010-03-111-1/+1
|
* Add a function to get user groups based on authentication server. Use this ↵Ermal Luçi2010-03-091-0/+27
| | | | function to show the groups the user i member of on Diag Authentication.
* Remove the authentication fallback it does not have any meaning now.Ermal Luçi2010-03-041-1/+0
|
OpenPOWER on IntegriCloud