Dag-Erling Smørgrav
16ae1d5b87
Further improve the line continuation tests.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@836 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-28 17:47:55 +00:00
Dag-Erling Smørgrav
1e3740645e
Add a test case for line continuation within whitespace, similar to
...
the corresponding test in t_openpam_readword.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@835 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-28 13:48:00 +00:00
Dag-Erling Smørgrav
ac54af0d69
Add configure options to build as much as possible using the system
...
libpam and / or liboath. Doing so disables building the corresponding
library and its documentation, but still builts the corresponding tools
and modules and runs the unit tests.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@834 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-28 10:25:58 +00:00
Dag-Erling Smørgrav
385dfb33cb
Use $() instead of @@ in Makefiles.
...
Don't build OATH man pages if --without-oath.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@833 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-28 09:03:41 +00:00
Dag-Erling Smørgrav
37baf24e77
Change manifest syntax from YAML to UCL to match recent versions of pkg.
...
Also, move the description out of the script.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@832 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-24 11:14:51 +00:00
Dag-Erling Smørgrav
7ce556ed8d
Remove obsolete text.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@831 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-24 10:58:21 +00:00
Dag-Erling Smørgrav
e6dc9378f7
staticize t_plan
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@830 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-24 08:49:47 +00:00
Dag-Erling Smørgrav
e956efb61f
Better tests for line continuation.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@828 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-23 08:25:08 +00:00
Dag-Erling Smørgrav
9c55e81bbb
Add a calc command that prints the current code.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@827 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-22 10:03:14 +00:00
Dag-Erling Smørgrav
e5b05552fc
Remove unused variable.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@824 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-18 22:35:35 +00:00
Dag-Erling Smørgrav
ce08052f96
Compare the return value from mmap() to MAP_FAILED, not NULL.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@823 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-16 13:44:34 +00:00
Dag-Erling Smørgrav
2c148271ae
Avoid double-quoting function-like macros.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@821 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-09 14:45:32 +00:00
Dag-Erling Smørgrav
623d9e7b2f
Small tweak to avoid marking up initialisms and acronyms like GCC, API
...
and PAM as code. As a side effect, this simplifies the code for CVEs.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@820 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-09 14:34:03 +00:00
Dag-Erling Smørgrav
561cd87dbe
Refactor. The only major change is that CVE numbers now link to the
...
corresponding NVD database entry.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@819 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-09 14:28:41 +00:00
Dag-Erling Smørgrav
8ad7aa9039
- Set the sameuser flag when a non-root user manipulates their own key.
...
- Rename the uri command to geturi (but retain backward compatibility).
- Add a getkey command that prints the key in hexadecimal.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@818 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-08 11:02:44 +00:00
Dag-Erling Smørgrav
37ff7929a0
Remove superfluous comments and blank lines.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@817 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-10-08 10:58:11 +00:00
Dag-Erling Smørgrav
5c8ea43402
Spell out option names
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@814 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-09-12 07:46:46 +00:00
Dag-Erling Smørgrav
b94f9e7ce7
Gavin helped out with CVE-2014-3879
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@813 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-09-12 07:46:23 +00:00
Dag-Erling Smørgrav
6846134790
Push back one day.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@811 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-09-12 07:23:27 +00:00
Dag-Erling Smørgrav
1450290a72
typo
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@809 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-09-09 11:01:45 +00:00
Dag-Erling Smørgrav
95a55b95cf
Prepare for releasing Ourouparia on Thursday.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@806 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-09-09 09:33:54 +00:00
Dag-Erling Smørgrav
2ae3b8b727
Include CVE numbers when available
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@805 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-09-09 09:13:00 +00:00
Dag-Erling Smørgrav
547794d58e
Remove keywords from pure text files.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@804 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-09-09 09:11:31 +00:00
Dag-Erling Smørgrav
69b1a97268
Introduce strlset(), a memset() variant for strings where the actual
...
size of the buffer is not necessarily known, and which can replace the
"memset(str, 0, strlen(str))" idiom. Use it to clear buffers which may
have contained authentication tokens.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@803 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-09-09 09:07:51 +00:00
Dag-Erling Smørgrav
131aba915f
From NetBSD: require at least one service function to have succeeded.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@802 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-09-09 08:08:13 +00:00
Dag-Erling Smørgrav
548c44573c
Belatedly document the addition of module search paths.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@800 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-09-08 12:42:29 +00:00
Dag-Erling Smørgrav
05630b94be
Spell the name of the University of Oslo in English.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@799 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-07-10 17:16:48 +00:00
Dag-Erling Smørgrav
57429ccc0e
Add missing cast.
...
Submitted by: Jörg Sonnenberger <joerg@britannica.bec.de>
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@797 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-06-10 21:27:18 +00:00
Dag-Erling Smørgrav
7dbd5c38b7
In openpam_parse_chain():
...
1. Finish a comment which was meant to describe the four different
termination conditions for the loop in openpam_parse_chain() but
ended in mid-sentence.
2. Ensure that errno is consistently set to EINVAL if a syntax error
is encountered in the policy file.
3. If openpam_load_module() fails because the module could not be
loaded, set errno to ENOEXEC instead of ENOENT. This closes a hole
where a missing module or a typo in a module name would cause the
corresponding chain to fail open. Normally, if the policy exists
but cannot be loaded, openpam_load_chain() will return an error,
and openpam_configure() will discard any partially constructed
chains. However, openpam_load_chain() interprets ENOENT to mean
that the policy was not found, so it does not immediately return an
error, the partially-loaded chain is not discarded, and the policy
is incorrectly considered to have been successfully loaded.
4. Ensure that errors encountered while parsing an included policy are
correctly propagated to the original policy, and that ENOENT while
processing an include directive is a hard error, not a soft error.
CVE-2014-3879
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@795 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-06-03 21:27:48 +00:00
Dag-Erling Smørgrav
1efe822057
For TOTP keys, we record when the key was last used. For HOTP keys,
...
however, we want to record the *next* allowed counter value.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@794 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-04-11 10:35:18 +00:00
Dag-Erling Smørgrav
b61b6f9c74
Add a test for lines containing more words than will fit in
...
openpam_readword()'s initial allocation.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@793 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-17 14:27:03 +00:00
Dag-Erling Smørgrav
e58f05403e
Support line continuation in whitespace.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@792 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-17 14:11:41 +00:00
Dag-Erling Smørgrav
4614107c94
Missed one
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@791 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-17 14:10:33 +00:00
Dag-Erling Smørgrav
f7e8328354
Additional tests for various end-of-line / end-of-file corner cases,
...
and for comments that aren't comments.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@790 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-17 14:08:31 +00:00
Dag-Erling Smørgrav
14d31b83e8
Fix headers
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@789 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-12 00:04:20 +00:00
Dag-Erling Smørgrav
a4ff6191f7
I must have been drunk when I wrote this.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@788 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-12 00:03:53 +00:00
Dag-Erling Smørgrav
925436a04f
Compress man pages before generating the manifest.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@787 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-10 15:43:17 +00:00
Dag-Erling Smørgrav
078ac6bb4a
Move oath_key_from_file() into a separate source file and document it.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@786 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-10 15:37:55 +00:00
Dag-Erling Smørgrav
6722d714f5
Missing word
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@785 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-10 15:37:38 +00:00
Dag-Erling Smørgrav
38622bad18
Implement keyfile writeback.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@784 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-10 15:31:30 +00:00
Dag-Erling Smørgrav
ebdefa45ca
Fix buffer overflow in the b64complete test case by increasing the size
...
of the buffer used in tests.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@783 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-10 11:13:05 +00:00
Dag-Erling Smørgrav
7914208b2d
Don't forget do distribute oath_impl.h.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@782 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-10 10:03:57 +00:00
Dag-Erling Smørgrav
9853f0d8d5
Generate man pages for oath_key_from_uri() and oath_uri_decode().
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@781 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-10 09:59:01 +00:00
Dag-Erling Smørgrav
6243755aa2
Rudimentary key management tool.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@780 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-10 09:55:15 +00:00
Dag-Erling Smørgrav
5d59548018
When I changed the argument type from uint8_t * to char *, I forgot that
...
they were being used as array indices. Cast them back to uint8_t.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@779 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-09 14:11:44 +00:00
Dag-Erling Smørgrav
6c087dd523
Add test vectors which encode to the complete alphabet.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@778 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-09 14:10:06 +00:00
Dag-Erling Smørgrav
2efb7c4b01
Support (but ignore, for now) the issuer parameter.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@777 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-09 13:08:14 +00:00
Dag-Erling Smørgrav
75a6073d2c
Encoder:
...
- Return the desired length when the buffer is too small.
- Annotate the switch so Bullseye doesn't complain about an uncovered
default case.
Decoder:
- The table approach was a good idea, but there was no way to tell the
difference between a character that decodes as 0 and an invalid
character. Modify the tables so an invalid character is indicated
by 0xff instead of 0x00.
- Check that padding starts in a valid position. Note that we still
don't check for left-over bits.
- The overflow test always failed, because we set *olen = len before
comparing them.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@776 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-09 12:48:48 +00:00
Dag-Erling Smørgrav
d60017fe80
Additional tests (which also fail) for unexpected padding.
...
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@775 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-09 12:04:56 +00:00
Dag-Erling Smørgrav
183cc6d511
The dummy constants have moved to oath_constants.h.
...
Add annotation macros for coverage analysis.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@774 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-03-09 11:51:08 +00:00