OpenPAM/OpenPAM
OpenPAM
/
OpenPAM
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
848 Commits 3 Branches 10 Tags 1.9 MiB
Commit Graph

848 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav 2efb7c4b01 Support (but ignore, for now) the issuer parameter. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@777 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-09 13:08:14 +00:00
Dag-Erling Smørgrav 75a6073d2c Encoder: 
- Return the desired length when the buffer is too small.

 - Annotate the switch so Bullseye doesn't complain about an uncovered
   default case.

Decoder:

 - The table approach was a good idea, but there was no way to tell the
   difference between a character that decodes as 0 and an invalid
   character.  Modify the tables so an invalid character is indicated
   by 0xff instead of 0x00.

 - Check that padding starts in a valid position.  Note that we still
   don't check for left-over bits.

 - The overflow test always failed, because we set *olen = len before
   comparing them.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@776 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-09 12:48:48 +00:00
Dag-Erling Smørgrav d60017fe80 Additional tests (which also fail) for unexpected padding. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@775 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-09 12:04:56 +00:00
Dag-Erling Smørgrav 183cc6d511 The dummy constants have moved to oath_constants.h. 
Add annotation macros for coverage analysis.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@774 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-09 11:51:08 +00:00
Dag-Erling Smørgrav c5265319ff Completely rewrite the test suite for the RFC 4648 encoding / decoding 
functions and add many new tests, several of which fail.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@773 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-09 11:49:08 +00:00
Dag-Erling Smørgrav 01809a1b48 Switch from uint8_t to char. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@772 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-09 11:45:05 +00:00
Dag-Erling Smørgrav 17144e7a5f Replace base{32,64}_decode() with table-driven implementations. The new 
code is less strict about padding, thus ensuring compatibility with
implementations which do not understand padding, such as MIME::Base32.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@771 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-06 17:54:58 +00:00
Dag-Erling Smørgrav 4645bc1762 Fix base{32,64}_decode(). The former handled padding incorrectly; the 
latter was derived from the former, and had a couple of copy-paste bugs
in addition to the padding bug.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@770 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-06 12:35:47 +00:00
Dag-Erling Smørgrav 576e1e6b1c Add tests for base{32,64}_decode(). Both are broken. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@769 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-06 12:32:29 +00:00
Dag-Erling Smørgrav 56f7cf21f5 Make stdout line-buffered so verbose output is easier to read. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@768 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-06 12:31:31 +00:00
Dag-Erling Smørgrav 03207fcd61 oops, braino in previous commit. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@767 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-06 12:30:44 +00:00
Dag-Erling Smørgrav 3dab19018f props 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@766 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-06 12:29:36 +00:00
Dag-Erling Smørgrav 9f84c11072 props 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@765 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-03-06 09:29:06 +00:00
Dag-Erling Smørgrav 46df1b1050 Document the is_upper() bug. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@764 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-02-26 17:30:57 +00:00
Dag-Erling Smørgrav 5fadc4abb8 Credit Larry Baird for the is_upper() bug and sort the list. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@762 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-02-26 16:23:41 +00:00
Dag-Erling Smørgrav c7457cff15 Fix a bug in the is_upper() macro. 
Submitted by:	Larry Baird <lab@gta.com>


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@761 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-02-26 16:23:22 +00:00
Dag-Erling Smørgrav 58921adbab Add complete coverage for the classification macros in openpam_ctype.h. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@760 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-02-26 16:22:32 +00:00
Dag-Erling Smørgrav 9e9207fd5d Add is_xdigit() predicate. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@759 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-24 13:44:34 +00:00
Dag-Erling Smørgrav 3d0d4da447 Factor out and document oath_key_from_uri(). 
Implement percent-decoding of the key label.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@758 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-23 20:19:54 +00:00
Dag-Erling Smørgrav aec3988b2f Bump copyright 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@757 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-23 20:17:41 +00:00
Dag-Erling Smørgrav 59313f56a4 Do not use oath_[ht]otp_match() as predicates - a non-zero return can 
mean an error occurred.  We should probably switch to the standard
Unix idiom of returning 0 for success.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@756 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-22 15:13:56 +00:00
Dag-Erling Smørgrav e8cd86aade - The key length is in bytes, not bits, so the correct default is 20 
and not 160 (which would actually overflow).  This should probably
  be a macro.
- Implement random key generation using OpenSSL's RAND_bytes(3).


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@755 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-22 15:12:15 +00:00
Dag-Erling Smørgrav 11a8c730d2 Enable OATH by default and tweak some option description strings. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@754 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-20 11:25:44 +00:00
Dag-Erling Smørgrav 9c592d628c Note that saving the keyfile updates a TOTP key's lastused parameter. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@753 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-20 10:48:39 +00:00
Dag-Erling Smørgrav aa338bce81 Add oath_key_create(3) which creates an OATH key from scratch. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@752 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-20 10:47:10 +00:00
Dag-Erling Smørgrav df95e0530d Credit Baptiste Daroussin for his various contributions, including but not 
limited to r749.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@750 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-13 21:27:03 +00:00
Dag-Erling Smørgrav d68deb210c Update the way we extract the pkg version and ABI to match pkg 1.2. 
Submitted by:	bapt@freebsd.org


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@749 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-13 21:26:25 +00:00
Dag-Erling Smørgrav d9f3164b53 The maximum number of messages in a single invocation conversation function 
is called PAM_MAX_NUM_MSG, not PAM_NUM_MSG.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@748 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-13 21:23:05 +00:00
Dag-Erling Smørgrav e2375b0d73 typo 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@746 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-12-10 14:02:23 +00:00
Dag-Erling Smørgrav 7b4ce30d8e Currently, openpam_policy_path is a hardcoded array of short strings, and 
filename is much larger than it needs to be.  However, this might not be
the case in the future.  To be safe, add a length check after strlcpy().
This should silence a Coverity warning about possible array overflow.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@745 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-21 23:22:48 +00:00
Dag-Erling Smørgrav cf0612ac98 I've always run aclocal before libtoolize, but the latter installs .m4 
files, which requires regenerating aclocal.m4, so it should really be the
other way around.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@744 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-08 19:27:39 +00:00
Dag-Erling Smørgrav 914a5b3708 caught_signal should be static; gcc doesn't seem to mind, whereas some 
clang versions (but not all) complain.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@742 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-07 19:25:57 +00:00
Dag-Erling Smørgrav 4dbe28d092 Sort the manifest. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@739 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-07 13:02:54 +00:00
Dag-Erling Smørgrav 2e6439e932 Prepare for OpenPAM Nummularia, which will be released later today from the 
nooath branch.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@735 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-07 12:37:27 +00:00
Dag-Erling Smørgrav 8568521d18 It appears that "pkg create" works correctly, even though it complains 
loudly about unresolved library dependencies.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@734 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-07 12:36:18 +00:00
Dag-Erling Smørgrav 3bc114befa It is entirely possible that pkg is present but not installed as a 
package, or that the pkg binary in $PATH is not the one that was
installed (e.g. a development version in $HOME/bin/pkg).  Therefore,
use pkg -vv rather than pkg query to determine the pkg version.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@733 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-23 17:07:42 +00:00
Dag-Erling Smørgrav 7eacdef3fd This script is now sufficiently complex to merit a copyright statement 
and a license.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@732 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-22 17:48:45 +00:00
Dag-Erling Smørgrav d4f3382050 various nits 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@731 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-22 15:10:16 +00:00
Dag-Erling Smørgrav ac8841d2bd Support storing the non-standard lastused parameter in a key URI. 
Also fix some default values.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@730 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:32:54 +00:00
Dag-Erling Smørgrav 0446934acb Keep track of when a TOTP key was last used and prevent reuse of the same 
sequence number.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@729 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:32:14 +00:00
Dag-Erling Smørgrav 2cc13d4b85 Allow digits in identifiers. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@728 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:28:24 +00:00
Dag-Erling Smørgrav e565eb6258 Document the key structure members a little better. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@727 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:15:21 +00:00
Dag-Erling Smørgrav 3b992508b8 Use a dummy bit in the key structure instead of relying on the label. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@726 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:14:02 +00:00
Dag-Erling Smørgrav 01d54c2924 Use the defined constant. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@725 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:10:31 +00:00
Dag-Erling Smørgrav df82cbb560 Change the label used for dummy keys to something OpenPAM-specific. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@724 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:08:40 +00:00
Dag-Erling Smørgrav d216fb463e RFC 6287 (OATH OCRA) 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@723 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 12:39:13 +00:00
Dag-Erling Smørgrav 95539e42cf OATH roadmap. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@722 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-20 10:26:12 +00:00
Dag-Erling Smørgrav 84543123ea Desirable improvement / extension of openpam_log(). 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@721 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-20 10:21:39 +00:00
Dag-Erling Smørgrav 3b1c7851e6 repetitive 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@719 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:56:32 +00:00
Dag-Erling Smørgrav 56dd3d8d03 Improved dependency handling. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@718 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:54:21 +00:00