OpenPAM/OpenPAM
OpenPAM
/
OpenPAM
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
443 Commits 3 Branches 10 Tags 1.9 MiB
Commit Graph

34 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav 996a845863 Report an error if one of the modules in the chain does not implement 
the requested primitive.  This is a significant change, but it should
only affect poorly-written PAM modules, and the alternative is a
potential fail-open situation.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@501 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2011-12-07 01:28:05 +00:00
Dag-Erling Smørgrav 0eae3f21c1 Fix namespace violations in some symbols which have external linkage but 
are not part of the API.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@460 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2011-11-02 13:56:03 +00:00
Dag-Erling Smørgrav 16844f8456 Update copyright and release notes. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@437 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2011-09-13 12:00:13 +00:00
Dag-Erling Smørgrav b4871fa6dc Update copyright dates. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@435 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2010-03-10 11:38:49 +00:00
Dag-Erling Smørgrav 1f70254313 Fix double-UTF 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@423 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2009-10-29 17:08:38 +00:00
Dag-Erling Smørgrav e9776bfa73 Convert everything to UTF-8. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@422 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2009-10-18 22:19:57 +00:00
Dag-Erling Smørgrav 5a523baf2b Update copyright 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@420 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2009-06-12 19:12:42 +00:00
Dag-Erling Smørgrav 9f0d6d6267 Update copyright, and coincidentially root out the last remaining vestige 
of iso-8859-1 in favor of utf-8.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@417 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2008-02-14 18:36:22 +00:00
Dag-Erling Smørgrav ba75190ad0 Convert to correct config.h idiom. We must include it before any other 
header, as it may define symbols which modify the behaviour of those headers.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@416 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2008-02-14 18:33:24 +00:00
Dag-Erling Smørgrav d0bf52fbb1 Remove a few more namespace violations. Only one remains, which we can't 
remove that without breaking binary compatibility.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@415 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2008-02-14 18:24:25 +00:00
Dag-Erling Smørgrav 8865782b1d Un-screwup the debugging code. Now the "debug" keyword will work even 
if OPENPAM_DEBUG is not defined (doing so generates far more debugging
information than you will ever want)


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@414 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2008-02-14 18:06:26 +00:00
Dag-Erling Smørgrav fd5e5d917d Update copyright. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@408 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2007-12-21 11:36:24 +00:00
Dag-Erling Smørgrav ce5921ba4c Convert $P4$ tags to $Id$. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@320 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2006-02-16 20:33:19 +00:00
Dag-Erling Smørgrav 049385996b Give up trying to keep track of what has changed and what hasn't; 
just slap a 2003 copyright on everything.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@245 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2003-06-01 14:34:11 +00:00
Dag-Erling Smørgrav a59c768d3e Update copyright dates for files that have changed this year. Also 
change the copyright date on generated man pages from 2002 to 2001-2003
since work on this part of OpenPAM started in late 2001.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@221 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2003-05-13 14:54:04 +00:00
Dag-Erling Smørgrav ef2e6d8690 If compiled with -DDEBUG, enable debugging right before calling a 
module which has the "debug" option, and disable it upon return.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@210 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2003-05-01 18:20:03 +00:00
Dag-Erling Smørgrav bf8598063a Record which primitive is currently executing before calling the 
service module.  Use that information to generate a much better
error message when indirect recursion is detected.

Instrument openpam_dispatch()'s entry and exit points.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@186 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-12-12 17:04:04 +00:00
Dag-Erling Smørgrav a9b8bb1e92 Implement the "binding" control flag (from Solaris 9) 
Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@161 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-06-30 22:41:59 +00:00
Dag-Erling Smørgrav 1b829e63eb Don't treat PAM_NEW_AUTHTOK_REQD as an error. 
Try to emulate Solaris more closely.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@158 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-06-12 18:07:05 +00:00
Dag-Erling Smørgrav ed3d5a8522 DBA update and minor whitespace fixes. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@157 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-06-07 18:22:57 +00:00
Dag-Erling Smørgrav 8c639c01ef s/Technologies/Technology/ in copyright, and regenerate docs. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@93 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-03-07 18:12:45 +00:00
Dag-Erling Smørgrav 6f75ed6572 $Id$ -> $P4$ + regenerate man pages. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@86 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-26 04:05:19 +00:00
Dag-Erling Smørgrav 8ea571eeba - pam_sm_chauthtok() can return PAM_TRY_AGAIN. 
- "sufficient" should not terminate the chain if the PAM_PRELIM_CHECK
  flag is set.

Sponsored by: DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@81 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-23 18:06:45 +00:00
Dag-Erling Smørgrav 645c7270fc Add in-line documentation. Some functions still lack descriptions. 
Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@63 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-18 19:31:10 +00:00
Dag-Erling Smørgrav 104cfd8443 Add a missing 'continue' in the code for the PAM_SUCCESS case. 
Add more debugging log messages.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@56 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-13 02:16:03 +00:00
Dag-Erling Smørgrav 0ebca05841 Log a debug message before calling the service function. 
Accept PAM_SUCCESS and PAM_ABORT as valid return codes, even though
the normal code path will not call _openpam_check_error_code() if
the module returns one of them.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@53 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-13 00:43:57 +00:00
Dag-Erling Smørgrav e683738206 Behave more like Solaris when faced with an empty chain, or a chain 
that lists modules that don't implement the required functionality.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@33 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-04 23:36:07 +00:00
Dag-Erling Smørgrav 4166f73f32 Add support for static linking. Also rename a handful of constants 
to reduce the chance of every running into a naming conflict.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@32 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-04 23:22:40 +00:00
Dag-Erling Smørgrav 2e2a611647 Store options, and pass them to modules. 
Replace the "dispatching" flag with a pam_chain_t pointer.  It is set
to point at the currently executing module right before calling the
module, and cleared right after the module returns.  Note that this
isn't intended to prevent reentrancy in multi-threaded applications,
but simply to prevent modules from using the application interface.

When recursion is detected, return PAM_ABORT rather than
PAM_SYSTEM_ERR, since this is a programmatical error rather than
a runtime one.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@25 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-04 15:00:16 +00:00
Dag-Erling Smørgrav 46638aa621 Add a flag to struct pam_handle that openpam_dispatch() uses to 
detect and prevent indirect recursion.
Fail immediately if the requested chain is empty.
If a module couldn't be loaded, or doesn't provide the requested
service, treat it as a normal failure instead of terminating the
chain.  (Solaris actually ignores this condition!)

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@20 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-02 18:22:20 +00:00
Dag-Erling Smørgrav 2a23af0e82 Whitespace cleanup + keyword expansion sweep. 
Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@16 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-01 22:20:07 +00:00
Dag-Erling Smørgrav d57c2aa6ec Rename openpam.h to openpam_impl.h to avoid confusion with 
<security/openpam.h>.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@10 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-01 20:49:12 +00:00
Dag-Erling Smørgrav 6896492a66 Change "invalid" to "unexpected", since we don't actually croak from 
this error.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@6 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-01 20:18:49 +00:00
Dag-Erling Smørgrav 5d027b0909 Import OpenPAM. 
The basics (pam_start(), pam_end(), pam_strerror(), item-,
data- and environment-related functions and the six PAM
primitives) are implemented.  A stub is provided for
pam_get_user(), which is not yet implemented.  Stubs are also
provided for XSSO mapping and secondary authentication, though
they are not built and will probably not be implemented for
quite some time.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@1 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2002-02-01 17:16:12 +00:00