OpenPAM/OpenPAM
OpenPAM/OpenPAM
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
829 commits 3 branches 10 tags 1.9 MiB
Commit graph

829 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dag-Erling Smørgrav
aec3988b2f Bump copyright 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@757 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-23 20:17:41 +00:00
Dag-Erling Smørgrav
59313f56a4 Do not use oath_[ht]otp_match() as predicates - a non-zero return can 
mean an error occurred.  We should probably switch to the standard
Unix idiom of returning 0 for success.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@756 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-22 15:13:56 +00:00
Dag-Erling Smørgrav
e8cd86aade - The key length is in bytes, not bits, so the correct default is 20 
and not 160 (which would actually overflow).  This should probably
  be a macro.
- Implement random key generation using OpenSSL's RAND_bytes(3).


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@755 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-22 15:12:15 +00:00
Dag-Erling Smørgrav
11a8c730d2 Enable OATH by default and tweak some option description strings. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@754 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-20 11:25:44 +00:00
Dag-Erling Smørgrav
9c592d628c Note that saving the keyfile updates a TOTP key's lastused parameter. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@753 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-20 10:48:39 +00:00
Dag-Erling Smørgrav
aa338bce81 Add oath_key_create(3) which creates an OATH key from scratch. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@752 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-20 10:47:10 +00:00
Dag-Erling Smørgrav
df95e0530d Credit Baptiste Daroussin for his various contributions, including but not 
limited to r749.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@750 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-13 21:27:03 +00:00
Dag-Erling Smørgrav
d68deb210c Update the way we extract the pkg version and ABI to match pkg 1.2. 
Submitted by:	bapt@freebsd.org


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@749 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-13 21:26:25 +00:00
Dag-Erling Smørgrav
d9f3164b53 The maximum number of messages in a single invocation conversation function 
is called PAM_MAX_NUM_MSG, not PAM_NUM_MSG.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@748 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2014-01-13 21:23:05 +00:00
Dag-Erling Smørgrav
e2375b0d73 typo 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@746 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-12-10 14:02:23 +00:00
Dag-Erling Smørgrav
7b4ce30d8e Currently, openpam_policy_path is a hardcoded array of short strings, and 
filename is much larger than it needs to be.  However, this might not be
the case in the future.  To be safe, add a length check after strlcpy().
This should silence a Coverity warning about possible array overflow.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@745 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-21 23:22:48 +00:00
Dag-Erling Smørgrav
cf0612ac98 I've always run aclocal before libtoolize, but the latter installs .m4 
files, which requires regenerating aclocal.m4, so it should really be the
other way around.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@744 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-08 19:27:39 +00:00
Dag-Erling Smørgrav
914a5b3708 caught_signal should be static; gcc doesn't seem to mind, whereas some 
clang versions (but not all) complain.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@742 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-07 19:25:57 +00:00
Dag-Erling Smørgrav
4dbe28d092 Sort the manifest. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@739 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-07 13:02:54 +00:00
Dag-Erling Smørgrav
2e6439e932 Prepare for OpenPAM Nummularia, which will be released later today from the 
nooath branch.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@735 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-07 12:37:27 +00:00
Dag-Erling Smørgrav
8568521d18 It appears that "pkg create" works correctly, even though it complains 
loudly about unresolved library dependencies.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@734 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-09-07 12:36:18 +00:00
Dag-Erling Smørgrav
3bc114befa It is entirely possible that pkg is present but not installed as a 
package, or that the pkg binary in $PATH is not the one that was
installed (e.g. a development version in $HOME/bin/pkg).  Therefore,
use pkg -vv rather than pkg query to determine the pkg version.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@733 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-23 17:07:42 +00:00
Dag-Erling Smørgrav
7eacdef3fd This script is now sufficiently complex to merit a copyright statement 
and a license.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@732 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-22 17:48:45 +00:00
Dag-Erling Smørgrav
d4f3382050 various nits 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@731 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-22 15:10:16 +00:00
Dag-Erling Smørgrav
ac8841d2bd Support storing the non-standard lastused parameter in a key URI. 
Also fix some default values.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@730 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:32:54 +00:00
Dag-Erling Smørgrav
0446934acb Keep track of when a TOTP key was last used and prevent reuse of the same 
sequence number.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@729 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:32:14 +00:00
Dag-Erling Smørgrav
2cc13d4b85 Allow digits in identifiers. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@728 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:28:24 +00:00
Dag-Erling Smørgrav
e565eb6258 Document the key structure members a little better. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@727 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:15:21 +00:00
Dag-Erling Smørgrav
3b992508b8 Use a dummy bit in the key structure instead of relying on the label. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@726 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:14:02 +00:00
Dag-Erling Smørgrav
01d54c2924 Use the defined constant. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@725 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:10:31 +00:00
Dag-Erling Smørgrav
df82cbb560 Change the label used for dummy keys to something OpenPAM-specific. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@724 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 15:08:40 +00:00
Dag-Erling Smørgrav
d216fb463e RFC 6287 (OATH OCRA) 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@723 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-21 12:39:13 +00:00
Dag-Erling Smørgrav
95539e42cf OATH roadmap. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@722 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-20 10:26:12 +00:00
Dag-Erling Smørgrav
84543123ea Desirable improvement / extension of openpam_log(). 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@721 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-20 10:21:39 +00:00
Dag-Erling Smørgrav
3b1c7851e6 repetitive 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@719 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:56:32 +00:00
Dag-Erling Smørgrav
56dd3d8d03 Improved dependency handling. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@718 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:54:21 +00:00
Dag-Erling Smørgrav
10e70f48b8 Ignore test output and logs. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@717 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:45:54 +00:00
Dag-Erling Smørgrav
f69d77aaed liboath #include nits 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@716 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:37:29 +00:00
Dag-Erling Smørgrav
1b1f9c46e4 Start generating man pages for liboath. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@715 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:31:12 +00:00
Dag-Erling Smørgrav
bcafac75c2 Insert joke about double-dating. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@713 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:11:04 +00:00
Dag-Erling Smørgrav
1f9f093691 Grr, gremlins slipped into gendoc.pl between testing and committing. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@712 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:09:27 +00:00
Dag-Erling Smørgrav
6b2927cfc5 Hardcode utf8 input encoding without messing around with environment 
variables.

Stop pasting a (potentially incorrect) copyright statement and license
into generated files.  Instead, refer to the source, and if possible,
include the source revision number.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@711 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:04:50 +00:00
Dag-Erling Smørgrav
fa62c8c348 Shorten hash dereferences wherever possible. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@710 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-19 15:01:44 +00:00
Dag-Erling Smørgrav
4264bfb000 Silence spurious warnings from aclocal. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@709 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-18 14:47:20 +00:00
Dag-Erling Smørgrav
90715a13d4 Extend the append-svn-revision-to-package-version logic to all 
non-numeric branches, not just trunk.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@708 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-18 12:13:21 +00:00
Dag-Erling Smørgrav
a03bbedb50 Increase the default synchronization window, and provide options to 
control it.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@707 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-16 13:45:55 +00:00
Dag-Erling Smørgrav
b9ec47c689 Don't forget to install all the liboath headers. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@706 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-16 12:58:05 +00:00
Dag-Erling Smørgrav
0c4d5add5f Implement key saving, and change the outcome of failing to save the 
key from a system error to a service error.

Note that currently, an error saving the key may destroy the original
keyfile.  This needs to be adressed.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@705 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-16 12:32:26 +00:00
Dag-Erling Smørgrav
d34ad5ab09 liboath needs generic alloc() / free() facilities for key data; 
oath_key_alloc() does the right thing, but oath_key_to_uri() doesn't.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@704 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-16 12:18:00 +00:00
Dag-Erling Smørgrav
efa93c4a5f Don't log the text we read, it may contain sensitive information (such 
as an OATH OTP key, since liboath uses openpam_readline() to read the
keyfile)


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@703 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-16 11:57:54 +00:00
Dag-Erling Smørgrav
a02762c066 Update svn:ignore. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@702 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-16 10:28:48 +00:00
Dag-Erling Smørgrav
b8ec0155ab - If @PACKAGE_VERSION@ is "trunk" and svnversion prints something 
sensible, append the svn revision.
- Implement an ugly workaround for the shlib issue.
- Clean up and add comments.


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@701 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-16 10:26:24 +00:00
Dag-Erling Smørgrav
d3f359e2df Major cleanup. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@700 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-15 17:17:15 +00:00
Dag-Erling Smørgrav
929ddb1bc3 Fixed flipped condition. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@699 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-15 17:15:35 +00:00
Dag-Erling Smørgrav
0c34187244 Update. 
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@698 185d5e19-27fe-0310-9dcf-9bff6b9f3609
 2013-08-15 17:14:32 +00:00