Commit Graph

107 Commits

Author SHA1 Message Date
thorpej eb80878b1b Happy new year! 2001-01-01 20:18:34 +00:00
wiz de67766c6a Don't strcpy the contents of an environment variable into a fixed-size
buffer, use strlcpy instead. Should fix security/11550.
2000-12-05 02:19:23 +00:00
aidan 631ff3454c Replace all calls to 'error_message()' with 'krb5_get_err_text()', since
error_message() does not seem to display meaningful information, under
Heimdal.
2000-10-28 03:51:26 +00:00
simonb 9b22175a26 Remove INSTALLFLAGS=-fschg, as per change to usr.bin/ssh/ssh/Makefile. 2000-10-18 00:24:18 +00:00
aidan b84b9c883a Check retrieved TGT against local keytab, if it exists. 2000-09-01 03:12:20 +00:00
thorpej d35819d6e3 krb5_get_in_tkt() (called by krb5_get_in_tkt_with_password()) may
eventually call krb5_free_principal() via krb5_free_creds_contents(),
(when it succeeds, in particular).  Check for the creds.server
already being freed, and don't free it again.
2000-08-09 17:44:18 +00:00
assar 6d7f2da1a1 remove -lvers, it's not used 2000-08-03 22:56:29 +00:00
assar 549a4d9cdc update build infrastructure for heimdal 0.3a 2000-08-03 04:02:29 +00:00
thorpej 3b5855e58d Don't syslog that krb5_init_context() failed if it failed due
to Kerberos not being configured on the system.
2000-08-02 16:51:17 +00:00
thorpej 9e2765e474 If neither Kerberos IV or Kerberos V are configured, don't
issue "Warning: no Kerberos tickets issued."
2000-08-02 05:58:35 +00:00
thorpej 676ddec5ac skey_keyinfo() returns const. 2000-07-28 16:36:53 +00:00
mycroft 98987090cb Fix library order. 2000-07-23 22:23:14 +00:00
ad 682d5ce7b8 Xr passwd.conf 2000-07-11 12:12:53 +00:00
thorpej df83a2a3cd Add MK... variables to enable/disable various aspects of building
crypto support into the system.  See share/mk/bsd.README for more
a full description.
2000-06-23 06:01:10 +00:00
thorpej e7d6b96938 Merge a bunch of things from crypto-us and crypto-intl into basesrc,
adding support for Heimdal/KTH Kerberos where easy to do so.  Eliminate
bsd.crypto.mk.

There is still a bunch more work to do, but crypto is now more-or-less
fully merged into the base NetBSD distribution.
2000-06-20 06:00:24 +00:00
aidan dbb0b2f74d Backout login_get_kconf function, because it breaks crypto-intl builds.
Keep the variables for setting default behaviour with krb4 and krb5
compiled in, even though they act like constants, to facilitate adding
another preference mechanism later.
2000-06-02 03:01:22 +00:00
aidan 39d1e5b7fd Allow krb5 and krb4 to be compiled in to the same login binary at once,
krb5 can request a forwardable TGT,
can get both krb4 and krb5 tickets, if explicitely configured to do so
by the krb5.conf.
2000-05-30 06:56:16 +00:00
enami 1d82270b8c - For root, if ignorenologin is set in login.conf, don't call
checknologin (previously, checknologin is called if ignorenologin is set).
- For non-root user, make ignorenologin take effect.
2000-03-07 14:11:22 +00:00
enami 6dccad067d Cosmetic changes. 2000-03-07 13:59:19 +00:00
aidan d6bf7fdb89 Move include/kerberosIV/com_err.h to include/com_err.h. 2000-02-14 03:21:02 +00:00
aidan 0c25a9e4d1 Patch from assar@netbsd.org to make k5login.c work with both MIT and Heimdal
kerberos trees.
2000-02-14 03:17:43 +00:00
mjl b3204d536b Add login_getpwclass to libutil as convenience function for
programs originally for FreeBSD.
Add parsing of "setenv" parameter which can be used to set
up an initial environment on login.
2000-02-04 02:17:14 +00:00
mjl 8e380b472c Removed some fallback cases since that is now done in libutil. 2000-01-22 09:48:52 +00:00
mjl eb1d660e28 Clean up changes a bit. 2000-01-13 12:43:19 +00:00
mjl 07053cf7c1 Re-enable login_cap processing, now that a non-existing login.conf
won't make it crash. Also make it less noisy in that case.
2000-01-13 06:52:47 +00:00
mjl cfdb7e0720 Ack. Disable login caps, until problems are fixed. 2000-01-13 06:30:31 +00:00
mjl 4863ee6f07 Add login.conf capability setting. 2000-01-13 06:17:56 +00:00
billc 7ad9ba975f copyright year change (thanks cgd) so we emit , 2000 now. 2000-01-07 00:00:37 +00:00
aidan 1cda1876da Fixed 'login in free' warning in kdestroy(). 1999-12-26 17:47:18 +00:00
aidan 5375ac8703 Made login continue without kerberos when there is no krb5.conf present
(and KERBEROS5 is defined).
1999-12-05 23:39:11 +00:00
christos f5241efcfa make this compile.... 1999-08-25 19:58:15 +00:00
mycroft ee0dfce003 Make this compile again in an ELF world. 1999-07-30 01:56:49 +00:00
mrg 51a96a002f optionally include CRYPTOPATH Makefile.frag files. 1999-07-20 09:35:18 +00:00
thorpej 9630ed475e Use bsd.crypto.mk. 1999-07-12 22:11:37 +00:00
aidan 3a4abbe0d1 Kerberos5 changes to login -- now supports forwarded TGTs. 1999-07-12 21:36:10 +00:00
christos 9966d744f2 Don't declare login here. It is declared in <util.h> 1999-06-15 14:19:53 +00:00
garbled 9e44e9b578 More and more .Os cleanups. .Os is defined in the tmac.doc-common file,
so we shouldn't override it with versions in the manpages.  Many more to
come.
1999-03-22 18:16:34 +00:00
kim 0d4599522a Build domestic login on domestic systems.
Incorporated (minor) diff from domestic man page.
1999-03-05 01:07:56 +00:00
scottr 8481f548e2 Remove the crypto-related bits until such time as we have a fully-
integrated source tree.  Export-controlled versions of these are now
built during the domestic build process.
1999-02-18 21:22:51 +00:00
fair 0a35ac96da Correct documentation of /etc/nologin to note that it does not
apply to the superuser, per PR#6328.
Correct some nroff nits in the process.
1999-01-13 10:51:07 +00:00
kim 0c127d7cef Show year of last login. 1999-01-11 20:20:54 +00:00
lukem 0e36738ca6 add copyright 1999 1999-01-06 13:51:09 +00:00
tsarna c89a574ffa Execute ttyaction on termination of rlogind/telnetd sessions.
Also, say a little bit about ttyaction in the getty and login manpages.
1998-08-29 17:31:55 +00:00
ross f670fa10c5 Add { and } to shut up egcs. Reformat the more questionable code. 1998-08-25 20:59:36 +00:00
mycroft 55ac0c2da3 const poisoning. 1998-07-26 21:58:46 +00:00
mrg 95b49ba52b do _NOT_ use system(3) in setuid programs. KNF. 1998-07-11 08:12:51 +00:00
mrg 2beab49a06 - use an array MAXHOSTNAMELEN+1 size to hold hostnames
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe will buffers that hold hostnames
1998-07-06 06:45:41 +00:00
fair 3b04f8e0b1 Add .Xr ttyaction 3 per PR#4647 1998-04-10 09:31:55 +00:00
kleink fd366142a3 Need <time.h> for ctime() and time() prototypes. 1998-04-02 10:27:16 +00:00
hubertf 567c3f3e41 Also save groups before chdir($HOME). This fixes a problem pointed
out by Bernd Ernesti with /home/lusers/joe (being uid joe, gid lusers),
with /home/lusers mode 750 and owner root:lusers.
1998-01-16 00:31:53 +00:00