Dag-Erling Smørgrav
2e6439e932
Prepare for OpenPAM Nummularia, which will be released later today from the
...
nooath branch.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@735 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-09-07 12:37:27 +00:00
Dag-Erling Smørgrav
8568521d18
It appears that "pkg create" works correctly, even though it complains
...
loudly about unresolved library dependencies.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@734 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-09-07 12:36:18 +00:00
Dag-Erling Smørgrav
3bc114befa
It is entirely possible that pkg is present but not installed as a
...
package, or that the pkg binary in $PATH is not the one that was
installed (e.g. a development version in $HOME/bin/pkg). Therefore,
use pkg -vv rather than pkg query to determine the pkg version.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@733 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-23 17:07:42 +00:00
Dag-Erling Smørgrav
7eacdef3fd
This script is now sufficiently complex to merit a copyright statement
...
and a license.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@732 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-22 17:48:45 +00:00
Dag-Erling Smørgrav
d4f3382050
various nits
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@731 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-22 15:10:16 +00:00
Dag-Erling Smørgrav
ac8841d2bd
Support storing the non-standard lastused parameter in a key URI.
...
Also fix some default values.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@730 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-21 15:32:54 +00:00
Dag-Erling Smørgrav
0446934acb
Keep track of when a TOTP key was last used and prevent reuse of the same
...
sequence number.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@729 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-21 15:32:14 +00:00
Dag-Erling Smørgrav
2cc13d4b85
Allow digits in identifiers.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@728 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-21 15:28:24 +00:00
Dag-Erling Smørgrav
e565eb6258
Document the key structure members a little better.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@727 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-21 15:15:21 +00:00
Dag-Erling Smørgrav
3b992508b8
Use a dummy bit in the key structure instead of relying on the label.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@726 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-21 15:14:02 +00:00
Dag-Erling Smørgrav
01d54c2924
Use the defined constant.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@725 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-21 15:10:31 +00:00
Dag-Erling Smørgrav
df82cbb560
Change the label used for dummy keys to something OpenPAM-specific.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@724 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-21 15:08:40 +00:00
Dag-Erling Smørgrav
d216fb463e
RFC 6287 (OATH OCRA)
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@723 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-21 12:39:13 +00:00
Dag-Erling Smørgrav
95539e42cf
OATH roadmap.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@722 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-20 10:26:12 +00:00
Dag-Erling Smørgrav
84543123ea
Desirable improvement / extension of openpam_log().
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@721 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-20 10:21:39 +00:00
Dag-Erling Smørgrav
3b1c7851e6
repetitive
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@719 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-19 15:56:32 +00:00
Dag-Erling Smørgrav
56dd3d8d03
Improved dependency handling.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@718 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-19 15:54:21 +00:00
Dag-Erling Smørgrav
10e70f48b8
Ignore test output and logs.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@717 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-19 15:45:54 +00:00
Dag-Erling Smørgrav
f69d77aaed
liboath #include nits
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@716 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-19 15:37:29 +00:00
Dag-Erling Smørgrav
1b1f9c46e4
Start generating man pages for liboath.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@715 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-19 15:31:12 +00:00
Dag-Erling Smørgrav
bcafac75c2
Insert joke about double-dating.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@713 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-19 15:11:04 +00:00
Dag-Erling Smørgrav
1f9f093691
Grr, gremlins slipped into gendoc.pl between testing and committing.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@712 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-19 15:09:27 +00:00
Dag-Erling Smørgrav
6b2927cfc5
Hardcode utf8 input encoding without messing around with environment
...
variables.
Stop pasting a (potentially incorrect) copyright statement and license
into generated files. Instead, refer to the source, and if possible,
include the source revision number.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@711 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-19 15:04:50 +00:00
Dag-Erling Smørgrav
fa62c8c348
Shorten hash dereferences wherever possible.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@710 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-19 15:01:44 +00:00
Dag-Erling Smørgrav
4264bfb000
Silence spurious warnings from aclocal.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@709 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-18 14:47:20 +00:00
Dag-Erling Smørgrav
90715a13d4
Extend the append-svn-revision-to-package-version logic to all
...
non-numeric branches, not just trunk.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@708 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-18 12:13:21 +00:00
Dag-Erling Smørgrav
a03bbedb50
Increase the default synchronization window, and provide options to
...
control it.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@707 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-16 13:45:55 +00:00
Dag-Erling Smørgrav
b9ec47c689
Don't forget to install all the liboath headers.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@706 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-16 12:58:05 +00:00
Dag-Erling Smørgrav
0c4d5add5f
Implement key saving, and change the outcome of failing to save the
...
key from a system error to a service error.
Note that currently, an error saving the key may destroy the original
keyfile. This needs to be adressed.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@705 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-16 12:32:26 +00:00
Dag-Erling Smørgrav
d34ad5ab09
liboath needs generic alloc() / free() facilities for key data;
...
oath_key_alloc() does the right thing, but oath_key_to_uri() doesn't.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@704 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-16 12:18:00 +00:00
Dag-Erling Smørgrav
efa93c4a5f
Don't log the text we read, it may contain sensitive information (such
...
as an OATH OTP key, since liboath uses openpam_readline() to read the
keyfile)
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@703 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-16 11:57:54 +00:00
Dag-Erling Smørgrav
a02762c066
Update svn:ignore.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@702 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-16 10:28:48 +00:00
Dag-Erling Smørgrav
b8ec0155ab
- If @PACKAGE_VERSION@ is "trunk" and svnversion prints something
...
sensible, append the svn revision.
- Implement an ugly workaround for the shlib issue.
- Clean up and add comments.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@701 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-16 10:26:24 +00:00
Dag-Erling Smørgrav
d3f359e2df
Major cleanup.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@700 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 17:17:15 +00:00
Dag-Erling Smørgrav
929ddb1bc3
Fixed flipped condition.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@699 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 17:15:35 +00:00
Dag-Erling Smørgrav
0c34187244
Update.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@698 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 17:14:32 +00:00
Dag-Erling Smørgrav
880bd5c2d4
s/oath_dummy_key/oath_key_dummy/
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@697 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 16:24:28 +00:00
Dag-Erling Smørgrav
fe081dbbfc
Unfortunately, Linux doesn't have MAP_NOCORE.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@696 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 16:00:41 +00:00
Dag-Erling Smørgrav
dfe04a59e4
svn:ignore the mkpkgng script.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@695 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 15:24:50 +00:00
Dag-Erling Smørgrav
88a91c2d02
Rename oath_dummy_key() to oath_key_dummy() and move it into its own file.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@694 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 15:23:58 +00:00
Dag-Erling Smørgrav
066e2b91ff
Record the last successful use of a TOTP key. Also add commented-out
...
logic to prevent reuse of the same code or an earlier code within the
window, and make some minor type adjustments.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@693 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 15:21:31 +00:00
Dag-Erling Smørgrav
b578b6a715
Add a script that creates a FreeBSD pkgng package. It does not currently
...
work as intended due to a bug in pkgng's shlib handling.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@692 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 14:01:04 +00:00
Dag-Erling Smørgrav
efe4bec74a
Remove --with-modules-dir now that we DTRT by default.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@691 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 13:59:33 +00:00
Dag-Erling Smørgrav
5847a34802
The --with-modules-dir configure option never quite worked, and became
...
even more badly broken when the dynamic loader was rewritten in March.
Reimplement it the way it was always meant to work (but never did):
If --with-modules-dir was specified, modules will be installed in that
directory and the dynamic loader will look for them there. If it was
not specified, modules will be installed in libdir and the dynamic
loader will use the standard search path (/usr/lib:/usr/local/lib). In
both cases, a policy file can still name a module by its full path.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@690 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-08-15 13:22:51 +00:00
Dag-Erling Smørgrav
c9387115d9
Factor out oath_key_{alloc,free}() and implement wiring / locking.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@689 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-07-12 10:47:14 +00:00
Dag-Erling Smørgrav
c05b6dd046
INFTIM is a BSDism; use -1 instead.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@688 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-07-11 16:40:08 +00:00
Dag-Erling Smørgrav
93d104bfd6
Reimplement, hopefully with marginally fewer bugs. There is an
...
unfortunate amount of code duplication between the tty and non-tty
paths, but the alternative is greatly increased complexity.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@687 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-07-11 16:37:25 +00:00
Dag-Erling Smørgrav
3a53d5117b
Document that openpam_log(3) saves and restores errno(2).
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@686 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-07-11 16:36:02 +00:00
Dag-Erling Smørgrav
6950b99458
Add a command-line option that controls openpam_ttyconv_timeout.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@685 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-07-11 16:33:34 +00:00
Dag-Erling Smørgrav
3ab09a4f26
OPENPAM_DEBUG (--enable-debug) has a double action: it enables the
...
debugging macros, and sets the initial value of openpam_debug to 1.
This effectively gives the user a choice between no debugging at all,
or drowning in debugging messages from every part of the system.
Assuming that the primary use case for debugging is to allow admins to
troubleshoot their policies by adding the debug option to selected
pam.conf entries, remove the initialization of openpam_debug to 1.
This allows integrators to ship OpenPAM with OPENPAM_DEBUG defined
without spamming /var/log.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@684 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2013-04-14 15:44:32 +00:00