a967883b9cIn openpam_ttyconv(3), wait to print the prompt until after we're ready to accept input. Otherwise, there is a small but non-zero chance that input provided after the prompt appears is discarded when we flush the tty buffer.
svn
origin/trunk
Dag-Erling Smørgrav
2020-11-19 05:41:15 +0000
e0e3406a78Enable FALLBACK_TO_OTHER since we don't use (or need) a policy.
Dag-Erling Smørgrav
2019-02-22 12:38:53 +0000
6bf8cb1753Prepare to release Tabebuia on Sunday.
Dag-Erling Smørgrav
2019-02-22 09:52:46 +0000
bb68996306Bump copyright years.
Dag-Erling Smørgrav
2019-02-22 09:49:12 +0000
9bdf428c5aFix an off-by-one bug in pam_getenv() which was inadvertantly introduced when pam_getenv() was (needlessly) rewritten as part of r913. Rewrite pam_getenv() again (but correctly, this time) to reduce the number of times we iterate over the same string. Add a few unit tests for pam_{get,put,set}env(), including one which would have caught the bug.
Dag-Erling Smørgrav
2019-02-20 13:23:51 +0000
1dce53245br940 relied on Cryb's own autoconf macros, which obviously aren't available unless Cryb itself is available, which is precisely what we're trying to figure out. Use plain pkg-config instead, as intended.
Dag-Erling Smørgrav
2019-02-20 13:19:01 +0000
251dac8e4aWe haven't needed libcrypto since the OATH code was removed.
Dag-Erling Smørgrav
2019-02-20 13:15:54 +0000
ddb34ad671Prepare to release OpenPAM Reboulia on Sunday.
Dag-Erling Smørgrav
2017-04-26 20:53:18 +0000
4876ee459dAdd PAM_BAD_FEATURE and PAM_BAD_CONSTANT.
Dag-Erling Smørgrav
2017-04-26 20:43:55 +0000
105d392c57Add two more error codes for situations where we used PAM_SYMBOL_ERR.
Dag-Erling Smørgrav
2017-04-26 20:41:59 +0000
29c7f93598Introduce an array of error strings and use it wherever applicable.
Dag-Erling Smørgrav
2017-04-26 19:23:50 +0000
0f7f351a10Remove the NONNULL annotation since we reintroduced the NULL check.
Dag-Erling Smørgrav
2017-04-26 19:22:57 +0000
c87aee7c52Add the new error codes and rewrite the error code handling to support negated entries, e.g. in cases a() calls b() and b() can return code X in certain situations, but a() ensures that this never happens.
Dag-Erling Smørgrav
2017-04-26 19:21:54 +0000
07daaf4bb2r927 should have said: introduce new error codes for situations where we have long used the wrong ones because neither XSSO not Solaris defined codes that fit the situation. Also, the definition was missing.
Dag-Erling Smørgrav
2017-04-26 19:19:52 +0000
3ebfd11150Use the correct error code in some of the places where we have long used the wrong one.
Dag-Erling Smørgrav
2017-04-26 19:15:30 +0000
e7f32a97b0Adapt to newer versions of the Cryb test framework.
Dag-Erling Smørgrav
2017-03-23 13:42:56 +0000
f5a12fb24eUpdate the release notes to reflect that code flows from OpenPAM to FreeBSD rather than the reverse.
Dag-Erling Smørgrav
2017-02-19 18:06:08 +0000
d9e44d146fFix a bug that prevented the service name from being freed, thus leaking a small amount of memory for every PAM session.
Dag-Erling Smørgrav
2017-02-19 17:46:22 +0000
2f340d61b5Add a pair of scripts to facilitate running Bullseye Coverage and Coverity Scan on the codebase.
Dag-Erling Smørgrav
2017-02-18 14:45:27 +0000
82935b7d7aDowngrade the "unexpected EOF" message from ERROR to DEBUG.
Dag-Erling Smørgrav
2017-02-07 12:25:58 +0000
1e09705bd7Fix FREEV() when v is NULL.
Dag-Erling Smørgrav
2017-02-07 12:03:19 +0000
c5a320988eIn pam_*env(3), set errno as the corresponding POSIX functions would.
Dag-Erling Smørgrav
2017-01-21 15:15:29 +0000
e936857588Newer versions of clang take __nonnull__ annotations into account not only when compiling code that calls the function, but also when compiling the function itself. This means that NULL checks in the function trigger condition-always-false warnings. We have a choice between disabling these warnings, removing the __nonnull__ annotations, or removing the NULL checks. We prefer to keep the annotations and warnings and remove the checks. In all cases, passing NULL to the function in question will result in a segmentation fault, which is often easier to debug than an error return, especially when most of these checks were for the PAM handle, which can only be NULL if the caller ignored an error return from pam_start().
Dag-Erling Smørgrav
2017-01-21 15:11:12 +0000
a18c87672ePostpone Radula until next Saturday.
Dag-Erling Smørgrav
2017-01-21 14:48:30 +0000
23cdf95099Correct markup for email addresses.
Dag-Erling Smørgrav
2017-01-21 12:22:08 +0000
3112c53799Remove experimental code that was accidentally committed in r908
Dag-Erling Smørgrav
2017-01-20 08:13:20 +0000
adb7175c42Prepare for releasing Radula on Saturday.
Dag-Erling Smørgrav
2017-01-18 10:11:57 +0000
38d108d285Move OATH development to a branch. OATH will soon disappear entirely from this repository as Cryb takes over.
Dag-Erling Smørgrav
2017-01-18 09:39:01 +0000
c75883564dMove OATH development to a branch. OATH will soon disappear entirely from this repository as Cryb takes over.
Dag-Erling Smørgrav
2017-01-18 09:39:01 +0000
4be13a4e6cmerge r768: fix condition for using application-provided prompt
Dag-Erling Smørgrav
2017-01-17 15:19:56 +0000
c420e0ac6amerge r768: make stdout line-buffered in unit tests
Dag-Erling Smørgrav
2017-01-17 15:17:55 +0000
6ecf20bc57r822 claimed to merge r819, r820 and r821 but only merged the first one.
Dag-Erling Smørgrav
2017-01-17 15:16:40 +0000
3699596d18Correctly compare the return value from pam_get_item() to PAM_SUCCESS instead of assuming (incorrectly) that it returns non-zero on success. Bump dates as needed.
Dag-Erling Smørgrav
2017-01-17 14:57:09 +0000
aec4e8ad16merge (r873,r884): add pam_return(8) module used by unit tests
Dag-Erling Smørgrav
2017-01-17 14:43:27 +0000
c5252af6a8merge r890: bump copyright dates for files modified in 2014 or later
Dag-Erling Smørgrav
2017-01-17 14:31:56 +0000
debbcc1b75merge r863,r874,r891: partial unit tests for openpam_dispatch() merge r864-867,r871,r880,r883: various improvements to tests and test suite
Dag-Erling Smørgrav
2017-01-17 14:29:41 +0000
abee687e7amerge r862: add control flag for fallback to "other" policy
Dag-Erling Smørgrav
2017-01-17 14:19:04 +0000
e86565c553Completely revert mismerged changes to the documentation Makefile.
Dag-Erling Smørgrav
2017-01-17 14:09:49 +0000
da26321ba8Spell the GCC pragmas correctly.
Dag-Erling Smørgrav
2016-09-19 10:04:25 +0000
26fbccde77Bump dates if required on files modified in 2014 or later.
Dag-Erling Smørgrav
2016-01-11 16:22:09 +0000
b6605f9267Add University of Oslo copyright and bump dates.
Dag-Erling Smørgrav
2016-01-11 16:21:28 +0000
c371da364cNote that the secret should also be percent-encoded.
Dag-Erling Smørgrav
2016-01-11 14:09:30 +0000
4a77e993a9Fix parsing of percent-encoded URIs.
Dag-Erling Smørgrav
2016-01-11 14:07:54 +0000
d040ae3d29Add a man page for pam_oath(8) which I've had lying around for years.
Dag-Erling Smørgrav
2016-01-11 13:45:17 +0000
b1895baa2dDon't forget to generate the Makefile for pam_return(8).
Dag-Erling Smørgrav
2016-01-11 13:44:33 +0000
ddfa63ca38Disable coverage analysis of tests and test infrastructure.
Dag-Erling Smørgrav
2016-01-09 18:42:28 +0000
41a50e0c57Set an upper limit to the number of codes generated by the calc command.
Dag-Erling Smørgrav
2016-01-09 18:41:46 +0000
9ff1a454ceFix off-by-one bug: we forgot to account for the terminating NUL when checking the length of the label.
Dag-Erling Smørgrav
2016-01-09 18:29:32 +0000
310b5ee125Partially revert r871 until a better solution can be found, as it only works if the file already exists.
Dag-Erling Smørgrav
2016-01-09 17:52:39 +0000
a38c5db91bFix rather embarassing #if nesting error in previous commit.
Dag-Erling Smørgrav
2016-01-09 17:43:56 +0000
f82c90afb6Coverity Scan doesn't like the no-op default case, so hide it when we're not instrumenting for coverage analysis.
Dag-Erling Smørgrav
2016-01-09 17:34:32 +0000
4e92aa7e24Plug potential memory leak reported by Coverity Scan. I'm not sure it can actually ever occur, but the extra free() is harmless, provided we make sure not to free() something we're still using.
Dag-Erling Smørgrav
2016-01-09 17:26:18 +0000
5b83650c3dDon't forget to free the line we read from the key file.
Dag-Erling Smørgrav
2016-01-09 17:23:36 +0000
e89fab019eFix NULL check in pam_oath_save_key() error-handling code, which checked the wrong variable.
Dag-Erling Smørgrav
2016-01-09 17:22:34 +0000
d4aad88c97Add a table-driven test which leverages the pam_return module to test various code paths in openpam_dispatch().
Dag-Erling Smørgrav
2015-12-01 19:40:01 +0000
17c3fff539For testing purposes, add a pam_return module which can be configured to return any value, either by name (e.g. PAM_AUTH_ERR) or by number, even if that number is out of range.
Dag-Erling Smørgrav
2015-12-01 19:38:01 +0000
f78c2be225Add missing third clause.
Dag-Erling Smørgrav
2015-12-01 19:25:07 +0000
b3cd4386faIn t_fopen(), resolve the full path to the file before opening it. In t_fprintf(), immediately flush the file after writing to it.
Dag-Erling Smørgrav
2015-12-01 19:21:50 +0000
d30df17f67Increase the TOTP window to ±2 timesteps.
Dag-Erling Smørgrav
2015-10-23 10:22:35 +0000
4a9cae719eLet the optional argument to the calc command be the total number of codes to print, not the number of codes in addition to the current code. Add a -n option which causes the calc command to print the counter or timestamp in addition to the code. Document the fact that the calc command does not work correctly for TOTP keys with count > 1.
Dag-Erling Smørgrav
2015-10-23 09:41:16 +0000
75781c2e7cDon't forget to distribute t_pam_conv.h
Dag-Erling Smørgrav
2015-10-23 09:10:04 +0000
37b1f12e58Deconstify across the board to dodge -Wcast-qual until we convert to the far superior cryb.to test framework.
Dag-Erling Smørgrav
2015-07-31 00:03:02 +0000
38c6ca93b2Start writing tests for openpam_dispatch(). The first is a regression test for the bug fixed in r802.
Dag-Erling Smørgrav
2015-07-30 23:44:31 +0000