OpenPAM/OpenPAM

Author	SHA1	Message	Date
Dag-Erling Smørgrav	b9ec47c689	Don't forget to install all the liboath headers. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@706 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-08-16 12:58:05 +00:00
Dag-Erling Smørgrav	88a91c2d02	Rename oath_dummy_key() to oath_key_dummy() and move it into its own file. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@694 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-08-15 15:23:58 +00:00
Dag-Erling Smørgrav	066e2b91ff	Record the last successful use of a TOTP key. Also add commented-out logic to prevent reuse of the same code or an earlier code within the window, and make some minor type adjustments. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@693 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-08-15 15:21:31 +00:00
Dag-Erling Smørgrav	c9387115d9	Factor out oath_key_{alloc,free}() and implement wiring / locking. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@689 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-07-12 10:47:14 +00:00
Dag-Erling Smørgrav	9f6bdd74f4	Clean up and simplify dummy key handling. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@679 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-18 21:38:58 +00:00
Dag-Erling Smørgrav	7da9af6602	Set a reasonable, hard limit on label length. This removes the need for a variable-length key structure (to accommodate a variable-length label) and vastly simplifies key parsing. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@678 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-18 21:34:29 +00:00
Dag-Erling Smørgrav	f3f8ccc9c3	An 80-byte key makes no sense, since HMAC hashes keys longer than 64 bytes. Google Authenticator uses 20-byte keys. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@677 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-18 21:19:41 +00:00
Dag-Erling Smørgrav	efe65a2cab	Add a macro for marking a variable or function argument as unused. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@656 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-06 22:58:45 +00:00
Dag-Erling Smørgrav	7bcd5bb700	Split up the liboath header files. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@655 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-06 14:10:09 +00:00
Dag-Erling Smørgrav	a9a5497d3f	Reorganize: - move libpam into lib/libpam - move the OATH code into lib/liboath - move oath.h into include/security - update all pointers git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@646 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-05 17:49:06 +00:00
Dag-Erling Smørgrav	42f7e1bd47	Update for Micrampelis git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@609 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-05-26 13:57:45 +00:00
Dag-Erling Smørgrav	6d3ad38b26	Whitespace nit. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@605 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-04-20 11:05:10 +00:00
Dag-Erling Smørgrav	312b5753a5	Add an experimental mechanism for enabling / disabling optional features. Use it to control policy and module file checks. The default settings correspond to the current behavior: disallow path separators in policy names, but allow them in module names; verify ownership and permissions for both policy files and modules. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@594 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-04-14 14:18:41 +00:00
Dag-Erling Smørgrav	96357f3c52	Add an openpam_straddch() function that appends a character to a string, reallocating the string if necessary. Add an openpam_readword() function that reads a single word from a file according to the usual shell quoting rules. Add an openpam_readlinev() function that uses openpam_readword() to read an entire line and return a list of the words it contained. Rewrite openpam_parse_chain() using openpam_readlinev(), which greatly simplifies the code and ensures correct parsing of module option. Thanks to Maëlle Lesage for pointing out the issue and writing an early version of what became the main loop in openpam_readword(). git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@547 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-04-01 15:01:21 +00:00
Dag-Erling Smørgrav	8e881dbdd7	Fix some embarassing typos introduced in the openpam_straddch() cleanup. Move prototype from "opempam_impl.h" to <security/openpam.h>. Generate openpam_straddch(3) man page. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@535 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-03-31 14:55:19 +00:00
Dag-Erling Smørgrav	b616ada557	Add another log level, PAM_LOG_LIBDEBUG, with a negative priority. It is currently equivalent to PAM_LOG_DEBUG, and is used only by the library call tracing macros (ENTER() and RETURN()). It should eventually replace PAM_LOG_DEBUG throughout the library, except perhaps for a few particularly interesting messages; PAM_LOG_DEBUG will be reserved for modules. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@522 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-01-11 00:13:25 +00:00
Dag-Erling Smørgrav	3f02bd9df6	Set version number and release name git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@505 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-12-18 14:13:08 +00:00
Dag-Erling Smørgrav	81b5c45be2	Add a new API function, openpam_subst(3), which replaces substitution codes in a string with the values of selected PAM items. Use it for prompts. Furthermore, modify pam_get_user(3) and pam_get_authtok(3) to look for module options named {user,authtok,oldauthtok}_prompt, as appropriate. If found, these options take precedence over both the caller's prompt and the PAM_{USER,AUTHTOK,OLDAUTHTOK}_PROMPT items. The usefulness of these options is somewhat limited by the fact that the policy file parser does not support quoted strings; that's next on the todo list. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@455 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-10-29 18:31:11 +00:00
Dag-Erling Smørgrav	8b88ff5959	Finally retire _OPENPAM. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@454 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-10-29 18:31:02 +00:00
Dag-Erling Smørgrav	6970f8c093	We already have PAM_USER, PAM_RUSER and PAM_RHOST. Add PAM_HOST for the sake of completeness. It is automatically set in pam_start(3). git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@443 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-10-22 01:01:39 +00:00
Dag-Erling Smørgrav	16844f8456	Update copyright and release notes. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@437 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-09-13 12:00:13 +00:00
Dag-Erling Smørgrav	b4871fa6dc	Update copyright dates. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@435 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2010-03-10 11:38:49 +00:00
Dag-Erling Smørgrav	d62a8932a7	pam_end() already contains a NULL check, and it is not unreasonable to call it with a NULL pamh in a cleanup / error-handling situation. Remove OPENPAM_NONNULL, which may cause gcc to optimize away the NULL check. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@432 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2010-03-10 11:23:21 +00:00
Dag-Erling Smørgrav	1f70254313	Fix double-UTF git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@423 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2009-10-29 17:08:38 +00:00
Dag-Erling Smørgrav	e9776bfa73	Convert everything to UTF-8. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@422 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2009-10-18 22:19:57 +00:00
Dag-Erling Smørgrav	5a523baf2b	Update copyright git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@420 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2009-06-12 19:12:42 +00:00
Dag-Erling Smørgrav	bc44ba0ac2	Remove static build auto-detection. It was always an ugly hack, and it doesn't work at all on some platforms. Instead of trying to figure it out ourselves, rely on the user to specify it on the compiler command line. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@418 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2008-12-13 22:39:24 +00:00
Dag-Erling Smørgrav	9f0d6d6267	Update copyright, and coincidentially root out the last remaining vestige of iso-8859-1 in favor of utf-8. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@417 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2008-02-14 18:36:22 +00:00
Dag-Erling Smørgrav	6be3c3717e	Reintroduce _OPENPAM to unbreak existing applications. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@412 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2008-01-29 19:31:46 +00:00
Dag-Erling Smørgrav	f79742eaab	Final release date git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@409 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2007-12-21 11:38:50 +00:00
Dag-Erling Smørgrav	fd5e5d917d	Update copyright. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@408 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2007-12-21 11:36:24 +00:00
Dag-Erling Smørgrav	9b648b6f6c	Version number was set incorrectly in previous commit. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@407 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2007-12-19 11:39:55 +00:00
Dag-Erling Smørgrav	876e12a0c0	Rename <security/pam_attributes.h> to <security/openpam_attr.h>. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@405 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2007-12-19 11:38:27 +00:00
Dag-Erling Smørgrav	911d657644	Get rid of the module cache; it serves little purpose, and makes OpenPAM thread-unsafe. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@403 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2007-11-28 12:29:08 +00:00
Dag-Erling Smørgrav	e725df8bb1	Style cleanup; correct some namespace violations (breaking source compatibility in the process, but only for OpenPAM-specific features) git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@401 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2007-11-28 12:25:53 +00:00
Dag-Erling Smørgrav	e484c931ae	Constify. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@400 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2007-10-24 15:04:23 +00:00
Dag-Erling Smørgrav	ce5921ba4c	Convert $P4$ tags to $Id$. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@320 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2006-02-16 20:33:19 +00:00
Dag-Erling Smørgrav	4243d0384f	Centralize macros used for hiding GCC-specific attributes. Use attributes for publicly exported functions. Submitted by: "Dmitry V. Levin" <ldv@altlinux.org> git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@318 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2005-09-20 15:58:54 +00:00
Dag-Erling Smørgrav	4c55b07779	Roll OpenPAM Figwort. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@312 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2005-06-16 15:46:58 +00:00
Dag-Erling Smørgrav	0721e593ae	Add $P4$ tags to files that didn't already have them. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@309 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2005-06-09 21:35:39 +00:00
Dag-Erling Smørgrav	9443f9f3f9	Prepare for tomorrow's release of OpenPAM Feterita. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@299 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2005-01-31 16:13:22 +00:00
Dag-Erling Smørgrav	9d0dd0c39b	Add openpam_free_envlist(). I'm tired of freeing them by hand. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@289 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2005-01-28 14:47:41 +00:00
Dag-Erling Smørgrav	5dcc905a94	Prepare to release OpenPAM Eelgrass. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@278 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2004-02-10 11:00:53 +00:00
Dag-Erling Smørgrav	e38d7ba072	I originally thought the XSSO was wrong to declare pam_get_data()'s final argument as void rather than const void , but having seen the strict aliasing warnings gcc generates at higher -O levels, it makes a lot more sense. Change the prototype and definition back to what the XSSO specifies, and make the necessary changes to avoid warnings in code that calls pam_get_data(). git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@277 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2003-12-11 17:41:17 +00:00
Dag-Erling Smørgrav	187f68b10f	Tell gcc that _openpam_log() behaves like printf(). git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@276 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2003-12-11 17:37:14 +00:00
Dag-Erling Smørgrav	c8dc56b998	Revert the previous commit. It seemed like a good idea at the time, but it breaks at least one module in -CURRENT. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@272 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2003-07-21 21:52:56 +00:00
Dag-Erling Smørgrav	27480e5170	FOPEN_MAX wasn't such a reliable <stdio.h> indicator after all, so use _IOFBF instead. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@269 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2003-07-14 23:53:19 +00:00
Dag-Erling Smørgrav	bb8d609e45	Install headers in the right place. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@266 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2003-07-14 15:07:23 +00:00
Dag-Erling Smørgrav	51ec3dc33d	Prepare to release OpenPAM Dogwood later today. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@265 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2003-07-14 14:34:43 +00:00
Dag-Erling Smørgrav	21f58dc32e	Use read(2) on fileno(stdin) rather than fgets(3). This make timeout handling considerably simpler, eliminating the need for setjmp(3) and evil global variables. Portions submitted by: Dmitry V. Levin <ldv@altlinux.org> git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@264 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2003-07-14 14:17:47 +00:00

1 2 3

104 commits