OpenPAM/OpenPAM
OpenPAM
/
OpenPAM
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Commit Graph

  • 5fadc4abb8 Credit Larry Baird for the is_upper() bug and sort the list. Dag-Erling Smørgrav 2014-02-26 16:23:41 +0000
  • c7457cff15 Fix a bug in the is_upper() macro. Dag-Erling Smørgrav 2014-02-26 16:23:22 +0000
  • 58921adbab Add complete coverage for the classification macros in openpam_ctype.h. Dag-Erling Smørgrav 2014-02-26 16:22:32 +0000
  • 9e9207fd5d Add is_xdigit() predicate. Dag-Erling Smørgrav 2014-01-24 13:44:34 +0000
  • 3d0d4da447 Factor out and document oath_key_from_uri(). Implement percent-decoding of the key label. Dag-Erling Smørgrav 2014-01-23 20:19:54 +0000
  • aec3988b2f Bump copyright Dag-Erling Smørgrav 2014-01-23 20:17:41 +0000
  • 59313f56a4 Do not use oath_[ht]otp_match() as predicates - a non-zero return can mean an error occurred. We should probably switch to the standard Unix idiom of returning 0 for success. Dag-Erling Smørgrav 2014-01-22 15:13:56 +0000
  • e8cd86aade - The key length is in bytes, not bits, so the correct default is 20 and not 160 (which would actually overflow). This should probably be a macro. - Implement random key generation using OpenSSL's RAND_bytes(3). Dag-Erling Smørgrav 2014-01-22 15:12:15 +0000
  • 11a8c730d2 Enable OATH by default and tweak some option description strings. Dag-Erling Smørgrav 2014-01-20 11:25:44 +0000
  • 9c592d628c Note that saving the keyfile updates a TOTP key's lastused parameter. Dag-Erling Smørgrav 2014-01-20 10:48:39 +0000
  • aa338bce81 Add oath_key_create(3) which creates an OATH key from scratch. Dag-Erling Smørgrav 2014-01-20 10:47:10 +0000
  • efb78b5569 merge r748: typo in pam_conv(3) man page merge r749: update mkpkgng for pkg 1.2 merge r750: credit bapt@freebsd.org Dag-Erling Smørgrav 2014-01-13 21:34:29 +0000
  • df95e0530d Credit Baptiste Daroussin for his various contributions, including but not limited to r749. Dag-Erling Smørgrav 2014-01-13 21:27:03 +0000
  • d68deb210c Update the way we extract the pkg version and ABI to match pkg 1.2. Dag-Erling Smørgrav 2014-01-13 21:26:25 +0000
  • d9f3164b53 The maximum number of messages in a single invocation conversation function is called PAM_MAX_NUM_MSG, not PAM_NUM_MSG. Dag-Erling Smørgrav 2014-01-13 21:23:05 +0000
  • 00df607198 merge r746: typos in man pages Dag-Erling Smørgrav 2013-12-10 14:03:16 +0000
  • e2375b0d73 typo Dag-Erling Smørgrav 2013-12-10 14:02:23 +0000
  • 7b4ce30d8e Currently, openpam_policy_path is a hardcoded array of short strings, and filename is much larger than it needs to be. However, this might not be the case in the future. To be safe, add a length check after strlcpy(). This should silence a Coverity warning about possible array overflow. Dag-Erling Smørgrav 2013-09-21 23:22:48 +0000
  • cf0612ac98 I've always run aclocal before libtoolize, but the latter installs .m4 files, which requires regenerating aclocal.m4, so it should really be the other way around. Dag-Erling Smørgrav 2013-09-08 19:27:39 +0000
  • c3cacd763a merge r742: caught_signal should be static. Dag-Erling Smørgrav 2013-09-07 19:26:36 +0000
  • 914a5b3708 caught_signal should be static; gcc doesn't seem to mind, whereas some clang versions (but not all) complain. Dag-Erling Smørgrav 2013-09-07 19:25:57 +0000
  • 07287c0475 Tag OpenPAM Nummularia openpam-20130907 origin/tags/openpam-20130907 Dag-Erling Smørgrav 2013-09-07 13:34:02 +0000
  • 05d3310d7e sort the manifest Dag-Erling Smørgrav 2013-09-07 13:03:20 +0000
  • 4dbe28d092 Sort the manifest. Dag-Erling Smørgrav 2013-09-07 13:02:54 +0000
  • e2fcd142ce s/trunk/nooath/ Dag-Erling Smørgrav 2013-09-07 12:56:31 +0000
  • 60d3d1dae7 Prepare for OpenPAM Nummularia. Dag-Erling Smørgrav 2013-09-07 12:53:55 +0000
  • 83162901d4 Catch up with trunk Dag-Erling Smørgrav 2013-09-07 12:52:42 +0000
  • 2e6439e932 Prepare for OpenPAM Nummularia, which will be released later today from the nooath branch. Dag-Erling Smørgrav 2013-09-07 12:37:27 +0000
  • 8568521d18 It appears that "pkg create" works correctly, even though it complains loudly about unresolved library dependencies. Dag-Erling Smørgrav 2013-09-07 12:36:18 +0000
  • 3bc114befa It is entirely possible that pkg is present but not installed as a package, or that the pkg binary in $PATH is not the one that was installed (e.g. a development version in $HOME/bin/pkg). Therefore, use pkg -vv rather than pkg query to determine the pkg version. Dag-Erling Smørgrav 2013-08-23 17:07:42 +0000
  • 7eacdef3fd This script is now sufficiently complex to merit a copyright statement and a license. Dag-Erling Smørgrav 2013-08-22 17:48:45 +0000
  • d4f3382050 various nits Dag-Erling Smørgrav 2013-08-22 15:10:16 +0000
  • ac8841d2bd Support storing the non-standard lastused parameter in a key URI. Also fix some default values. Dag-Erling Smørgrav 2013-08-21 15:32:54 +0000
  • 0446934acb Keep track of when a TOTP key was last used and prevent reuse of the same sequence number. Dag-Erling Smørgrav 2013-08-21 15:32:14 +0000
  • 2cc13d4b85 Allow digits in identifiers. Dag-Erling Smørgrav 2013-08-21 15:28:24 +0000
  • e565eb6258 Document the key structure members a little better. Dag-Erling Smørgrav 2013-08-21 15:15:21 +0000
  • 3b992508b8 Use a dummy bit in the key structure instead of relying on the label. Dag-Erling Smørgrav 2013-08-21 15:14:02 +0000
  • 01d54c2924 Use the defined constant. Dag-Erling Smørgrav 2013-08-21 15:10:31 +0000
  • df82cbb560 Change the label used for dummy keys to something OpenPAM-specific. Dag-Erling Smørgrav 2013-08-21 15:08:40 +0000
  • d216fb463e RFC 6287 (OATH OCRA) Dag-Erling Smørgrav 2013-08-21 12:39:13 +0000
  • 95539e42cf OATH roadmap. Dag-Erling Smørgrav 2013-08-20 10:26:12 +0000
  • 84543123ea Desirable improvement / extension of openpam_log(). Dag-Erling Smørgrav 2013-08-20 10:21:39 +0000
  • fd3a018fbf merge 717: svn:ignore test output and logs merge 718, 719: improved man page dependency handling Dag-Erling Smørgrav 2013-08-19 16:02:10 +0000
  • 3b1c7851e6 repetitive Dag-Erling Smørgrav 2013-08-19 15:56:32 +0000
  • 56dd3d8d03 Improved dependency handling. Dag-Erling Smørgrav 2013-08-19 15:54:21 +0000
  • 10e70f48b8 Ignore test output and logs. Dag-Erling Smørgrav 2013-08-19 15:45:54 +0000
  • f69d77aaed liboath #include nits Dag-Erling Smørgrav 2013-08-19 15:37:29 +0000
  • 1b1f9c46e4 Start generating man pages for liboath. Dag-Erling Smørgrav 2013-08-19 15:31:12 +0000
  • efcf4a9ec6 Create a nooath branch as a copy of trunk@713 with the OATH code removed. Dag-Erling Smørgrav 2013-08-19 15:30:21 +0000
  • bcafac75c2 Insert joke about double-dating. Dag-Erling Smørgrav 2013-08-19 15:11:04 +0000
  • 1f9f093691 Grr, gremlins slipped into gendoc.pl between testing and committing. Dag-Erling Smørgrav 2013-08-19 15:09:27 +0000
  • 6b2927cfc5 Hardcode utf8 input encoding without messing around with environment variables. Dag-Erling Smørgrav 2013-08-19 15:04:50 +0000
  • fa62c8c348 Shorten hash dereferences wherever possible. Dag-Erling Smørgrav 2013-08-19 15:01:44 +0000
  • 4264bfb000 Silence spurious warnings from aclocal. Dag-Erling Smørgrav 2013-08-18 14:47:20 +0000
  • 90715a13d4 Extend the append-svn-revision-to-package-version logic to all non-numeric branches, not just trunk. Dag-Erling Smørgrav 2013-08-18 12:13:21 +0000
  • a03bbedb50 Increase the default synchronization window, and provide options to control it. Dag-Erling Smørgrav 2013-08-16 13:45:55 +0000
  • b9ec47c689 Don't forget to install all the liboath headers. Dag-Erling Smørgrav 2013-08-16 12:58:05 +0000
  • 0c4d5add5f Implement key saving, and change the outcome of failing to save the key from a system error to a service error. Dag-Erling Smørgrav 2013-08-16 12:32:26 +0000
  • d34ad5ab09 liboath needs generic alloc() / free() facilities for key data; oath_key_alloc() does the right thing, but oath_key_to_uri() doesn't. Dag-Erling Smørgrav 2013-08-16 12:18:00 +0000
  • efa93c4a5f Don't log the text we read, it may contain sensitive information (such as an OATH OTP key, since liboath uses openpam_readline() to read the keyfile) Dag-Erling Smørgrav 2013-08-16 11:57:54 +0000
  • a02762c066 Update svn:ignore. Dag-Erling Smørgrav 2013-08-16 10:28:48 +0000
  • b8ec0155ab - If @PACKAGE_VERSION@ is "trunk" and svnversion prints something sensible, append the svn revision. - Implement an ugly workaround for the shlib issue. - Clean up and add comments. Dag-Erling Smørgrav 2013-08-16 10:26:24 +0000
  • d3f359e2df Major cleanup. Dag-Erling Smørgrav 2013-08-15 17:17:15 +0000
  • 929ddb1bc3 Fixed flipped condition. Dag-Erling Smørgrav 2013-08-15 17:15:35 +0000
  • 0c34187244 Update. Dag-Erling Smørgrav 2013-08-15 17:14:32 +0000
  • 880bd5c2d4 s/oath_dummy_key/oath_key_dummy/ Dag-Erling Smørgrav 2013-08-15 16:24:28 +0000
  • fe081dbbfc Unfortunately, Linux doesn't have MAP_NOCORE. Dag-Erling Smørgrav 2013-08-15 16:00:41 +0000
  • dfe04a59e4 svn:ignore the mkpkgng script. Dag-Erling Smørgrav 2013-08-15 15:24:50 +0000
  • 88a91c2d02 Rename oath_dummy_key() to oath_key_dummy() and move it into its own file. Dag-Erling Smørgrav 2013-08-15 15:23:58 +0000
  • 066e2b91ff Record the last successful use of a TOTP key. Also add commented-out logic to prevent reuse of the same code or an earlier code within the window, and make some minor type adjustments. Dag-Erling Smørgrav 2013-08-15 15:21:31 +0000
  • b578b6a715 Add a script that creates a FreeBSD pkgng package. It does not currently work as intended due to a bug in pkgng's shlib handling. Dag-Erling Smørgrav 2013-08-15 14:01:04 +0000
  • efe4bec74a Remove --with-modules-dir now that we DTRT by default. Dag-Erling Smørgrav 2013-08-15 13:59:33 +0000
  • 5847a34802 The --with-modules-dir configure option never quite worked, and became even more badly broken when the dynamic loader was rewritten in March. Reimplement it the way it was always meant to work (but never did): Dag-Erling Smørgrav 2013-08-15 13:22:51 +0000
  • c9387115d9 Factor out oath_key_{alloc,free}() and implement wiring / locking. Dag-Erling Smørgrav 2013-07-12 10:47:14 +0000
  • c05b6dd046 INFTIM is a BSDism; use -1 instead. Dag-Erling Smørgrav 2013-07-11 16:40:08 +0000
  • 93d104bfd6 Reimplement, hopefully with marginally fewer bugs. There is an unfortunate amount of code duplication between the tty and non-tty paths, but the alternative is greatly increased complexity. Dag-Erling Smørgrav 2013-07-11 16:37:25 +0000
  • 3a53d5117b Document that openpam_log(3) saves and restores errno(2). Dag-Erling Smørgrav 2013-07-11 16:36:02 +0000
  • 6950b99458 Add a command-line option that controls openpam_ttyconv_timeout. Dag-Erling Smørgrav 2013-07-11 16:33:34 +0000
  • 3ab09a4f26 OPENPAM_DEBUG (--enable-debug) has a double action: it enables the debugging macros, and sets the initial value of openpam_debug to 1. This effectively gives the user a choice between no debugging at all, or drowning in debugging messages from every part of the system. Dag-Erling Smørgrav 2013-04-14 15:44:32 +0000
  • a43b9256fc Log an error if open() failed for any other reason than ENOENT. Dag-Erling Smørgrav 2013-04-14 14:49:59 +0000
  • 70d5d18643 Initialize has_ver and has_so to false, not true. Dag-Erling Smørgrav 2013-04-14 14:48:29 +0000
  • 2fc7038ca4 Always restore errno before returning from openpam_log(). Dag-Erling Smørgrav 2013-04-14 14:36:05 +0000
  • 9f0aba7d25 Note need for loop detection Dag-Erling Smørgrav 2013-03-29 21:38:21 +0000
  • 9f6bdd74f4 Clean up and simplify dummy key handling. Dag-Erling Smørgrav 2013-03-18 21:38:58 +0000
  • 7da9af6602 Set a reasonable, hard limit on label length. This removes the need for a variable-length key structure (to accommodate a variable-length label) and vastly simplifies key parsing. Dag-Erling Smørgrav 2013-03-18 21:34:29 +0000
  • f3f8ccc9c3 An 80-byte key makes no sense, since HMAC hashes keys longer than 64 bytes. Google Authenticator uses 20-byte keys. Dag-Erling Smørgrav 2013-03-18 21:19:41 +0000
  • 496bd4632b - Add module options for specifying what to do if the user has no key or if the key was unreadable or invalid. Dag-Erling Smørgrav 2013-03-18 19:20:54 +0000
  • 2be62b5732 Document the changes to the module loading code. Dag-Erling Smørgrav 2013-03-17 20:06:01 +0000
  • c1df418c6f comment nit Dag-Erling Smørgrav 2013-03-17 20:04:24 +0000
  • 422a3ccd39 - Mention quoting and add a cross-reference to openpam_readword(3), which has a detailed explanation of how the file is parsed. Dag-Erling Smørgrav 2013-03-17 20:04:06 +0000
  • 794601a544 Make the .so suffix optional, so these three lines are now equivalent: Dag-Erling Smørgrav 2013-03-17 19:42:33 +0000
  • 4f9b0f6342 ...and there's more to come. Dag-Erling Smørgrav 2013-03-17 19:37:00 +0000
  • d4ab77b35c Document the effect of module options (echo_pass, *_prompt etc) Dag-Erling Smørgrav 2013-03-17 19:26:07 +0000
  • 30f65f8a44 Add a "maintained by" footer to ThinkSec-authored pages, like we do for pam(3), openpam(3) and pam.conf(5). Dag-Erling Smørgrav 2013-03-17 19:21:55 +0000
  • bcebdf0ea8 Support tagged lists of module options. Dag-Erling Smørgrav 2013-03-17 14:48:43 +0000
  • 32d5e093bd Remove unneeded #include Dag-Erling Smørgrav 2013-03-17 14:24:00 +0000
  • 3353ad06ce Add predicates for letters and digits. Dag-Erling Smørgrav 2013-03-17 14:22:17 +0000
  • 2dd5f46e84 Add a few more verbose messages Dag-Erling Smørgrav 2013-03-17 12:46:51 +0000
  • 0f25be4e42 unbreak static linking Dag-Erling Smørgrav 2013-03-17 10:56:15 +0000
  • b501509854 update Dag-Erling Smørgrav 2013-03-11 16:34:01 +0000