OpenPAM/OpenPAM
OpenPAM
/
OpenPAM
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
815 Commits 3 Branches 10 Tags 1.9 MiB
Commit Graph

815 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav a43b9256fc Log an error if open() failed for any other reason than ENOENT. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@683 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-04-14 14:49:59 +00:00
Dag-Erling Smørgrav 70d5d18643 Initialize has_ver and has_so to false, not true. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@682 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-04-14 14:48:29 +00:00
Dag-Erling Smørgrav 2fc7038ca4 Always restore errno before returning from openpam_log(). 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@681 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-04-14 14:36:05 +00:00
Dag-Erling Smørgrav 9f0aba7d25 Note need for loop detection 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@680 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-29 21:38:21 +00:00
Dag-Erling Smørgrav 9f6bdd74f4 Clean up and simplify dummy key handling. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@679 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-18 21:38:58 +00:00
Dag-Erling Smørgrav 7da9af6602 Set a reasonable, hard limit on label length. This removes the need for 
a variable-length key structure (to accommodate a variable-length label)
and vastly simplifies key parsing.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@678 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-18 21:34:29 +00:00
Dag-Erling Smørgrav f3f8ccc9c3 An 80-byte key makes no sense, since HMAC hashes keys longer than 64 
bytes.  Google Authenticator uses 20-byte keys.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@677 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-18 21:19:41 +00:00
Dag-Erling Smørgrav 496bd4632b - Add module options for specifying what to do if the user has no key 
or if the key was unreadable or invalid.

- Fix inverted success / failure logic.

The module is now in a (barely) usable state.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@676 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-18 19:20:54 +00:00
Dag-Erling Smørgrav 2be62b5732 Document the changes to the module loading code. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@675 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 20:06:01 +00:00
Dag-Erling Smørgrav c1df418c6f comment nit 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@674 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 20:04:24 +00:00
Dag-Erling Smørgrav 422a3ccd39 - Mention quoting and add a cross-reference to openpam_readword(3), 
which has a detailed explanation of how the file is parsed.

- Document the module search path.

- Warn against include loops.

- Briefly describe module options which affect libpam itself.

- Minor markup and formatting improvements.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@673 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 20:04:06 +00:00
Dag-Erling Smørgrav 794601a544 Make the .so suffix optional, so these three lines are now equivalent: 
auth	required	pam_unix.so.2	try_first_pass
auth	required	pam_unix.so	try_first_pass
auth	required	pam_unix	try_first_pass


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@672 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 19:42:33 +00:00
Dag-Erling Smørgrav 4f9b0f6342 ...and there's more to come. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@671 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 19:37:00 +00:00
Dag-Erling Smørgrav d4ab77b35c Document the effect of module options (echo_pass, *_prompt etc) 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@670 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 19:26:07 +00:00
Dag-Erling Smørgrav 30f65f8a44 Add a "maintained by" footer to ThinkSec-authored pages, like we do 
for pam(3), openpam(3) and pam.conf(5).


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@669 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 19:21:55 +00:00
Dag-Erling Smørgrav bcebdf0ea8 Support tagged lists of module options. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@668 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 14:48:43 +00:00
Dag-Erling Smørgrav 32d5e093bd Remove unneeded #include 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@667 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 14:24:00 +00:00
Dag-Erling Smørgrav 3353ad06ce Add predicates for letters and digits. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@666 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 14:22:17 +00:00
Dag-Erling Smørgrav 2dd5f46e84 Add a few more verbose messages 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@665 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 12:46:51 +00:00
Dag-Erling Smørgrav 0f25be4e42 unbreak static linking 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@664 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-17 10:56:15 +00:00
Dag-Erling Smørgrav b501509854 update 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@663 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-11 16:34:01 +00:00
Dag-Erling Smørgrav 567ecaa2af Clean up the dynamic module loading code, and add support for the 
module path which was added in r695.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@662 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-11 16:33:27 +00:00
Dag-Erling Smørgrav 2b8f7a6154 nit: the argument is a module name, which may or may not be a path. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@661 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-11 15:44:22 +00:00
Dag-Erling Smørgrav fe2e691204 Use dlfunc() if available; if not, fake it in terms of dlsym(). 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@660 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-11 15:08:52 +00:00
Dag-Erling Smørgrav 785bc19867 Move openpam_policy_path into openpam_constants.c, and add a corresponding 
openpam_module_path.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@659 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-11 14:10:13 +00:00
Dag-Erling Smørgrav 429089e868 Add missing #include 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@658 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-06 22:59:15 +00:00
Dag-Erling Smørgrav 26d543d484 __unused is a FreeBSDism, use OPENPAM_UNUSED(). 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@657 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-06 22:59:05 +00:00
Dag-Erling Smørgrav efe65a2cab Add a macro for marking a variable or function argument as unused. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@656 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-06 22:58:45 +00:00
Dag-Erling Smørgrav 7bcd5bb700 Split up the liboath header files. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@655 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-06 14:10:09 +00:00
Dag-Erling Smørgrav 93a9982d45 Link with -lcrypto 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@654 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 19:03:59 +00:00
Dag-Erling Smørgrav 0ba869e872 Test cases for base 32 and 64 encoders 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@653 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 18:54:22 +00:00
Dag-Erling Smørgrav a810f26399 OpenSSL_add_all_algorithms() is actually a macro, and therefore 
unsuitable for the purpose of locating libcrypto.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@652 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 18:40:37 +00:00
Dag-Erling Smørgrav 7ab83ce826 Support tests that require arguments 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@651 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 18:11:59 +00:00
Dag-Erling Smørgrav e6ad0c668c Update TODO list 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@650 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 17:58:43 +00:00
Dag-Erling Smørgrav 0da2f07cfb PAM_LOG_DEBUG -> PAM_LOG_LIBDEBUG 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@649 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 17:58:33 +00:00
Dag-Erling Smørgrav f6205baa20 prop sweep 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@648 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 17:54:27 +00:00
Dag-Erling Smørgrav d3b7a7843e Replace with useful content. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@647 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 17:49:55 +00:00
Dag-Erling Smørgrav a9a5497d3f Reorganize: 
- move libpam into lib/libpam
 - move the OATH code into lib/liboath
 - move oath.h into include/security
 - update all pointers


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@646 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 17:49:06 +00:00
Dag-Erling Smørgrav 374a1769ca Relevant RFCs. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@645 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 16:56:27 +00:00
Dag-Erling Smørgrav bbcd45ace7 Add code to load a key and obtain and verify a response from the user. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@644 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 15:25:22 +00:00
Dag-Erling Smørgrav e39d0abb85 - Add a provisional API for computing the current HOTP or TOTP code. 
- Add a provisional API for matching a user response.
- Add a provisional API for generating a dummy key.  When one of the
  matching functions recognizes a dummy key, it will go through the
  motions but never report a match.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@643 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 15:24:00 +00:00
Dag-Erling Smørgrav 2fe7fdd088 Move WITH_PAM_* up from the leaf Makefiles into the parent Makefile. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@642 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 10:27:29 +00:00
Dag-Erling Smørgrav a263be7c26 Fix encoder bugs: increment *olen rather than olen, and use the correct 
mask for base64 (which was copy-pasted from the base32 code)


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@641 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-05 09:53:33 +00:00
Dag-Erling Smørgrav a9c6523c52 If setlogmask(3) is available, suppress logging during tests. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@640 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-04 10:38:45 +00:00
Dag-Erling Smørgrav 9187daa2ac Split up AC_CHECK_FUNCS. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@639 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-04 10:37:36 +00:00
Dag-Erling Smørgrav 2ec4f668a9 Add prototypes for the functions in oath_key.c. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@638 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-03 23:34:50 +00:00
Dag-Erling Smørgrav a1ee57dd24 Start preparing for the next release. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@637 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-03 23:28:04 +00:00
Dag-Erling Smørgrav f8a727ec0c Always use openpam_straddch(3) to bootstrap the string, even if we 
have nothing to add to it.  This simplifies the code and fixes a bug
introduced in r553 where the first character in the string would
always be set to '\0', instead of only when bootstrapping.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@636 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-03 23:27:35 +00:00
Dag-Erling Smørgrav 75420a1e07 Simplify by using openpam_straddch(3) to bootstrap the string. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@635 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-03 23:23:58 +00:00
Dag-Erling Smørgrav 54d9167cea If ch == '\0', do not grow the string or advance the length counter, 
but do allocate a string if there is none to begin with.  This makes
it possible to use openpam_straddch(3) to preallocate the string (if
necessary) instead of manually calling malloc(3) or calloc(3) and
initializing size and len.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@634 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-03-03 23:23:10 +00:00