OpenPAM/OpenPAM

Commit Graph

Author	SHA1	Message	Date
Dag-Erling Smørgrav	8372b71ce1	Add Matthias Drochner - I wish I'd remembered to do so before I rolled Lycopsida. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@508 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-12-18 17:07:53 +00:00
Dag-Erling Smørgrav	e630a92713	--with-doc defaults to yes git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@507 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-12-18 14:43:40 +00:00
Dag-Erling Smørgrav	59dc4aa601	Update release notes for Lycopsida git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@506 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-12-18 14:25:12 +00:00
Dag-Erling Smørgrav	3f02bd9df6	Set version number and release name git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@505 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-12-18 14:13:08 +00:00
Dag-Erling Smørgrav	4aca0ed827	Set release date git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@504 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-12-18 14:11:12 +00:00
Dag-Erling Smørgrav	95ed7f5d0c	Style / consistency git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@503 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-12-18 14:00:33 +00:00
Dag-Erling Smørgrav	dd498bc7ad	Use openpam_check_path_owner_perms() git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@502 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-12-18 13:59:22 +00:00
Dag-Erling Smørgrav	996a845863	Report an error if one of the modules in the chain does not implement the requested primitive. This is a significant change, but it should only affect poorly-written PAM modules, and the alternative is a potential fail-open situation. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@501 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-12-07 01:28:05 +00:00
Dag-Erling Smørgrav	229c006c86	Forgotten in previous commit: check the ownership and permissions of the policy file. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@500 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-22 12:07:03 +00:00
Dag-Erling Smørgrav	1a4edb80d7	Factor out and improve the module ownership / permission check, and add a similar (but race-proof) check for the policy file. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@499 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-22 11:51:50 +00:00
Dag-Erling Smørgrav	2b025676c7	Document increased input validation, and credit Sebastian Krahmer for bringing the issue to my attention. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@498 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-21 16:27:04 +00:00
Dag-Erling Smørgrav	b9f0b632da	Validate the service name, closing an attack vector for programs like kcheckpass that let the user specify which policy to apply. See <URL:http://c-skills.blogspot.com/2011/11/openpam-trickery.html>. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@497 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-21 16:25:49 +00:00
Dag-Erling Smørgrav	026c898ec5	Disallow changing the service name. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@496 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-21 16:20:45 +00:00
Dag-Erling Smørgrav	0e65fdb799	Document the module ownership / permissions test. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@495 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-20 03:03:22 +00:00
Dag-Erling Smørgrav	d9f7580763	nit git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@494 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-20 02:58:34 +00:00
Dag-Erling Smørgrav	d98f755c25	Refuse to load a module if it is owned by anyone else than root or the arbitrator or it is writable by group or other. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@493 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-20 02:28:15 +00:00
Dag-Erling Smørgrav	b011e58526	dst can't be const, you idiot. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@492 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-20 02:04:17 +00:00
Dag-Erling Smørgrav	6a92548403	Reorganize the headers and centralize the string tables. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@491 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-12 00:12:32 +00:00
Dag-Erling Smørgrav	ff73a20a84	Add a strlcpy(3) implementation. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@490 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-11 03:04:46 +00:00
Dag-Erling Smørgrav	e8522c7fcc	Always create optv, even if there are no options. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@488 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-05 20:50:15 +00:00
Dag-Erling Smørgrav	c86a681052	The count was never used, so ditch it and return plain PAM error codes instead. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@487 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-05 20:00:46 +00:00
Dag-Erling Smørgrav	2603985187	Document quoted option values. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@486 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 16:58:05 +00:00
Dag-Erling Smørgrav	8b3eca4161	Document quoted option values. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@485 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 16:57:37 +00:00
Dag-Erling Smørgrav	ba7de9c9c6	Remove debugging code. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@484 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 16:47:26 +00:00
Dag-Erling Smørgrav	493804d19b	Fix a couple of bugs in the option string reassembly code. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@483 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 16:46:20 +00:00
Dag-Erling Smørgrav	6835696a2a	Revert large parts of r478. I had forgotten that the module arguments are actually passed to each service function in the classic (argc, argv) form. The only place where the compiler could have caught this used a type cast, and it did not show up in testing either because all of the modules I tested use openpam_get_option(3) instead of manipulating argv directly. The cleaned-up policy parsing code remains in place, but options are once more stored as strings, pretty much the way they appear in the policy file, except that quotes are stripped. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@482 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 16:33:02 +00:00
Dag-Erling Smørgrav	c16faba34e	The include directive expects a service name, not a filename. While there, remember to check for trailing garbage. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@481 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 16:09:22 +00:00
Dag-Erling Smørgrav	28c2e4049f	past tense git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@480 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 15:55:56 +00:00
Dag-Erling Smørgrav	b373991f87	namespace violation mumble mumble git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@479 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 15:40:15 +00:00
Dag-Erling Smørgrav	55f6a50684	Major overhaul of the policy parser to support quoted option values. As a bonus, it should now be much easier to read and understand. This also changes the way options are stored: they are now stored as a list of { key, value } pairs rather than "key=value" strings. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@478 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 15:39:18 +00:00
Dag-Erling Smørgrav	11b10d0991	Minor simplification. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@477 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 15:30:34 +00:00
Dag-Erling Smørgrav	d40a8fb860	"facility" is more appropriate than "function class" git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@476 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 15:30:03 +00:00
Dag-Erling Smørgrav	9b234e1f88	Provide strlcmp(3) internally on systems that don't already have it. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@475 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 15:29:24 +00:00
Dag-Erling Smørgrav	f229d69d05	Fix the case where match_word() matches the last word on the line. It would previously return 0 because it expected the next character after the matched word to be a space. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@474 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 10:56:10 +00:00
Dag-Erling Smørgrav	ebccc4d687	- Deduplicate the trailing-whitespace code. - Don't treat "\\\n" as whitespace. It's not what most people would expect, and the documentation doesn't mention it. - Improve the documentation a bit now that gendoc.pl supports bullet lists. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@473 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 10:48:25 +00:00
Dag-Erling Smørgrav	c20b753856	Remove commented-out code git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@472 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 09:46:52 +00:00
Dag-Erling Smørgrav	94ca0f4d08	Expand $Id$ git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@471 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-03 09:44:40 +00:00
Dag-Erling Smørgrav	f0280932cb	Rewrap git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@470 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 23:44:05 +00:00
Dag-Erling Smørgrav	a3fc39b15b	Mention pamtest(1). git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@469 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 23:43:54 +00:00
Dag-Erling Smørgrav	e6545c355d	Build pamtest. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@468 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 23:42:51 +00:00
Dag-Erling Smørgrav	e53b12a47e	Add a tool for testing modules and policies. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@467 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 23:42:21 +00:00
Dag-Erling Smørgrav	dd2c21f7b6	Mention that the service function is called twice. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@466 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 23:33:43 +00:00
Dag-Erling Smørgrav	eed493316e	Add support for bullet lists. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@465 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 20:34:26 +00:00
Dag-Erling Smørgrav	85ca38e143	ignore openpam_subst.3 git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@464 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 20:00:31 +00:00
Dag-Erling Smørgrav	fa542b0736	Add a trailing slash if the user forgot it. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@463 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 16:17:40 +00:00
Dag-Erling Smørgrav	956ef0df60	If a module directory was specified on the configure command line, the OPENPAM_MODULES_DIR macro was defined in config.h in addition to CFLAGS. Place OPENPAM_MODULES_DIR unconditionally in config.h and remove it from CFLAGS. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@462 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 15:04:31 +00:00
Dag-Erling Smørgrav	a1be39bf2d	Fix namespace violations in local variables used to prevent double evaluation in macros. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@461 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 14:00:38 +00:00
Dag-Erling Smørgrav	0eae3f21c1	Fix namespace violations in some symbols which have external linkage but are not part of the API. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@460 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 13:56:03 +00:00
Dag-Erling Smørgrav	8799ff11b9	Eliminate a potential double evaluation in one of the tracing macros. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@459 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 13:50:56 +00:00
Dag-Erling Smørgrav	2d1f74e6da	Add a man page, tweak the usage string, remove useless -h option. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@458 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-11-02 13:10:25 +00:00

1 2 3 4 5 ...

443 Commits All Branches Search

443 Commits

All Branches