OpenPAM/OpenPAM

Commit Graph

Author	SHA1	Message	Date
Dag-Erling Smørgrav	6bf8cb1753	Prepare to release Tabebuia on Sunday. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@945 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2019-02-22 09:52:46 +00:00
Dag-Erling Smørgrav	9cd25f7e7d	Switch from $Id$ to $OpenPAM$. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@938 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-04-30 21:34:42 +00:00
Dag-Erling Smørgrav	eefae6d5ef	Rename release to Residacea. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@936 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-04-30 21:14:17 +00:00
Dag-Erling Smørgrav	919a1250d4	Bump copyright year. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@935 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-04-26 21:04:10 +00:00
Dag-Erling Smørgrav	ddb34ad671	Prepare to release OpenPAM Reboulia on Sunday. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@934 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-04-26 20:53:18 +00:00
Dag-Erling Smørgrav	105d392c57	Add two more error codes for situations where we used PAM_SYMBOL_ERR. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@932 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-04-26 20:41:59 +00:00
Dag-Erling Smørgrav	0f7f351a10	Remove the NONNULL annotation since we reintroduced the NULL check. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@930 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-04-26 19:22:57 +00:00
Dag-Erling Smørgrav	07daaf4bb2	r927 should have said: introduce new error codes for situations where we have long used the wrong ones because neither XSSO not Solaris defined codes that fit the situation. Also, the definition was missing. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@928 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-04-26 19:19:52 +00:00
Dag-Erling Smørgrav	25bcbd2652	Prepare to release OpenPAM Radula. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@923 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-02-19 19:31:16 +00:00
Dag-Erling Smørgrav	e936857588	Newer versions of clang take __nonnull__ annotations into account not only when compiling code that calls the function, but also when compiling the function itself. This means that NULL checks in the function trigger condition-always-false warnings. We have a choice between disabling these warnings, removing the __nonnull__ annotations, or removing the NULL checks. We prefer to keep the annotations and warnings and remove the checks. In all cases, passing NULL to the function in question will result in a segmentation fault, which is often easier to debug than an error return, especially when most of these checks were for the PAM handle, which can only be NULL if the caller ignored an error return from pam_start(). git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@913 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-01-21 15:11:12 +00:00
Dag-Erling Smørgrav	a18c87672e	Postpone Radula until next Saturday. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@912 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-01-21 14:48:30 +00:00
Dag-Erling Smørgrav	adb7175c42	Prepare for releasing Radula on Saturday. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@908 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-01-18 10:11:57 +00:00
Dag-Erling Smørgrav	c75883564d	Move OATH development to a branch. OATH will soon disappear entirely from this repository as Cryb takes over. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@907 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2017-01-18 09:39:01 +00:00
Dag-Erling Smørgrav	26fbccde77	Bump dates if required on files modified in 2014 or later. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@890 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2016-01-11 16:22:09 +00:00
Dag-Erling Smørgrav	d84d7367fe	Add a feature flag to control whether to fall back to the "other" policy for chains that are still empty after the requested policy was loaded. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@862 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2015-07-30 23:42:38 +00:00
Dag-Erling Smørgrav	c7a5aa489f	Add an oath_mode(3) function which translates from mode names to numbers. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@846 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2014-12-11 13:58:15 +00:00
Dag-Erling Smørgrav	6846134790	Push back one day. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@811 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2014-09-12 07:23:27 +00:00
Dag-Erling Smørgrav	95a55b95cf	Prepare for releasing Ourouparia on Thursday. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@806 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2014-09-09 09:33:54 +00:00
Dag-Erling Smørgrav	05630b94be	Spell the name of the University of Oslo in English. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@799 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2014-07-10 17:16:48 +00:00
Dag-Erling Smørgrav	01809a1b48	Switch from uint8_t to char. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@772 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2014-03-09 11:45:05 +00:00
Dag-Erling Smørgrav	3d0d4da447	Factor out and document oath_key_from_uri(). Implement percent-decoding of the key label. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@758 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2014-01-23 20:19:54 +00:00
Dag-Erling Smørgrav	aa338bce81	Add oath_key_create(3) which creates an OATH key from scratch. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@752 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2014-01-20 10:47:10 +00:00
Dag-Erling Smørgrav	2e6439e932	Prepare for OpenPAM Nummularia, which will be released later today from the nooath branch. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@735 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-09-07 12:37:27 +00:00
Dag-Erling Smørgrav	0446934acb	Keep track of when a TOTP key was last used and prevent reuse of the same sequence number. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@729 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-08-21 15:32:14 +00:00
Dag-Erling Smørgrav	e565eb6258	Document the key structure members a little better. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@727 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-08-21 15:15:21 +00:00
Dag-Erling Smørgrav	3b992508b8	Use a dummy bit in the key structure instead of relying on the label. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@726 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-08-21 15:14:02 +00:00
Dag-Erling Smørgrav	df82cbb560	Change the label used for dummy keys to something OpenPAM-specific. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@724 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-08-21 15:08:40 +00:00
Dag-Erling Smørgrav	b9ec47c689	Don't forget to install all the liboath headers. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@706 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-08-16 12:58:05 +00:00
Dag-Erling Smørgrav	88a91c2d02	Rename oath_dummy_key() to oath_key_dummy() and move it into its own file. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@694 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-08-15 15:23:58 +00:00
Dag-Erling Smørgrav	066e2b91ff	Record the last successful use of a TOTP key. Also add commented-out logic to prevent reuse of the same code or an earlier code within the window, and make some minor type adjustments. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@693 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-08-15 15:21:31 +00:00
Dag-Erling Smørgrav	c9387115d9	Factor out oath_key_{alloc,free}() and implement wiring / locking. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@689 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-07-12 10:47:14 +00:00
Dag-Erling Smørgrav	9f6bdd74f4	Clean up and simplify dummy key handling. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@679 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-18 21:38:58 +00:00
Dag-Erling Smørgrav	7da9af6602	Set a reasonable, hard limit on label length. This removes the need for a variable-length key structure (to accommodate a variable-length label) and vastly simplifies key parsing. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@678 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-18 21:34:29 +00:00
Dag-Erling Smørgrav	f3f8ccc9c3	An 80-byte key makes no sense, since HMAC hashes keys longer than 64 bytes. Google Authenticator uses 20-byte keys. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@677 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-18 21:19:41 +00:00
Dag-Erling Smørgrav	efe65a2cab	Add a macro for marking a variable or function argument as unused. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@656 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-06 22:58:45 +00:00
Dag-Erling Smørgrav	7bcd5bb700	Split up the liboath header files. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@655 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-06 14:10:09 +00:00
Dag-Erling Smørgrav	a9a5497d3f	Reorganize: - move libpam into lib/libpam - move the OATH code into lib/liboath - move oath.h into include/security - update all pointers git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@646 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2013-03-05 17:49:06 +00:00
Dag-Erling Smørgrav	42f7e1bd47	Update for Micrampelis git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@609 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-05-26 13:57:45 +00:00
Dag-Erling Smørgrav	6d3ad38b26	Whitespace nit. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@605 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-04-20 11:05:10 +00:00
Dag-Erling Smørgrav	312b5753a5	Add an experimental mechanism for enabling / disabling optional features. Use it to control policy and module file checks. The default settings correspond to the current behavior: disallow path separators in policy names, but allow them in module names; verify ownership and permissions for both policy files and modules. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@594 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-04-14 14:18:41 +00:00
Dag-Erling Smørgrav	96357f3c52	Add an openpam_straddch() function that appends a character to a string, reallocating the string if necessary. Add an openpam_readword() function that reads a single word from a file according to the usual shell quoting rules. Add an openpam_readlinev() function that uses openpam_readword() to read an entire line and return a list of the words it contained. Rewrite openpam_parse_chain() using openpam_readlinev(), which greatly simplifies the code and ensures correct parsing of module option. Thanks to Maëlle Lesage for pointing out the issue and writing an early version of what became the main loop in openpam_readword(). git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@547 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-04-01 15:01:21 +00:00
Dag-Erling Smørgrav	8e881dbdd7	Fix some embarassing typos introduced in the openpam_straddch() cleanup. Move prototype from "opempam_impl.h" to <security/openpam.h>. Generate openpam_straddch(3) man page. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@535 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-03-31 14:55:19 +00:00
Dag-Erling Smørgrav	b616ada557	Add another log level, PAM_LOG_LIBDEBUG, with a negative priority. It is currently equivalent to PAM_LOG_DEBUG, and is used only by the library call tracing macros (ENTER() and RETURN()). It should eventually replace PAM_LOG_DEBUG throughout the library, except perhaps for a few particularly interesting messages; PAM_LOG_DEBUG will be reserved for modules. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@522 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2012-01-11 00:13:25 +00:00
Dag-Erling Smørgrav	3f02bd9df6	Set version number and release name git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@505 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-12-18 14:13:08 +00:00
Dag-Erling Smørgrav	81b5c45be2	Add a new API function, openpam_subst(3), which replaces substitution codes in a string with the values of selected PAM items. Use it for prompts. Furthermore, modify pam_get_user(3) and pam_get_authtok(3) to look for module options named {user,authtok,oldauthtok}_prompt, as appropriate. If found, these options take precedence over both the caller's prompt and the PAM_{USER,AUTHTOK,OLDAUTHTOK}_PROMPT items. The usefulness of these options is somewhat limited by the fact that the policy file parser does not support quoted strings; that's next on the todo list. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@455 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-10-29 18:31:11 +00:00
Dag-Erling Smørgrav	8b88ff5959	Finally retire _OPENPAM. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@454 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-10-29 18:31:02 +00:00
Dag-Erling Smørgrav	6970f8c093	We already have PAM_USER, PAM_RUSER and PAM_RHOST. Add PAM_HOST for the sake of completeness. It is automatically set in pam_start(3). git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@443 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-10-22 01:01:39 +00:00
Dag-Erling Smørgrav	16844f8456	Update copyright and release notes. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@437 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2011-09-13 12:00:13 +00:00
Dag-Erling Smørgrav	b4871fa6dc	Update copyright dates. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@435 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2010-03-10 11:38:49 +00:00
Dag-Erling Smørgrav	d62a8932a7	pam_end() already contains a NULL check, and it is not unreasonable to call it with a NULL pamh in a cleanup / error-handling situation. Remove OPENPAM_NONNULL, which may cause gcc to optimize away the NULL check. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@432 185d5e19-27fe-0310-9dcf-9bff6b9f3609	2010-03-10 11:23:21 +00:00

1 2 3

131 Commits