wiz
3408fd1acc
Use getprogname(); add -F to usage. From Kouichirou Hiratsuka in PR 26222.
2004-07-13 11:56:24 +00:00
lukem
32e6b841fb
Generate the copyright string from sys/conf/copyright rather than
...
replicating it here. Idea from Simon Burge.
2004-01-05 03:53:10 +00:00
mycroft
a9866938b5
Welcome to 2004!
2004-01-01 00:00:05 +00:00
dyoung
4758291178
Fix the checkflist for builds without Kerberos 4 (MKKERBEROS4=no)
...
and without Kerberos 4 & 5 (MKKERBEROS=no). Previously checkflist
complained of missing files.
* move kerberos- and kerberos 4-only files into new flists,
distrib/sets/lists/*/krb.*
* make the flist generators grok MKKERBEROS{,4} variables
* fix Makefiles which treat MKKERBEROS=no as MKKERBEROS5=no.
9 out of 10 experts agree that it is ludicrous to build w/
KERBEROS4 and w/o KERBEROS5.
* fix header files, also, which treat MKKERBEROS=no as MKKERBEROS5=no.
* omit some Kerberos-only subdirectories from the build as
MKKERBEROS{,4} indicate
(I acknowledge the sentiment that flists are the wrong way to go,
and that the makefiles should produce the metalog directly. That
sounds to me like the right way to go, but I am not prepared to do
revamp all the makefiles. While my approach is expedient, it fits
painlessly within the current build architecture until we are
delivered from flist purgatory, and it does not postpone our
delivery. Fair enough?)
2003-12-11 09:46:26 +00:00
itojun
53284b73d0
snprintf() terminates string with \0, so there's no need for "sizeof(x)-1".
2003-10-16 05:31:47 +00:00
wiz
31fd31ccf7
Make getlastlogx have the pathname to the lastlogx database as first
...
argument, to be consistent with updlastlogx.
Approved by christos, reviewed by kleink.
[The lastlogxname function should not be used any longer.]
2003-08-26 16:48:32 +00:00
lha
afad8d1f7c
libkrb depends on libdes, patch in private mail from
...
Harold Gutch logix at foobar franken de
2003-08-23 23:03:42 +00:00
agc
89aaa1bb64
Move UCB-licensed code from 4-clause to 3-clause licence.
...
Patches provided by Joel Baker in PR 22365, verified by myself.
2003-08-07 11:13:06 +00:00
itojun
adeab29eca
include des.h, not kerberosIV/des.h
2003-07-23 20:31:18 +00:00
itojun
e63468d8cc
split MKKERBEROS4 from MKKERBEROS. based on work by lha at stacken.kth.se
...
(build confirmed with both MKKERBEROS4=yes and MKKERBEROS4=no)
2003-07-23 08:01:24 +00:00
itojun
01b2c2d070
simplify by asprintf/strdup
2003-05-15 00:52:53 +00:00
perry
a3acb5bc30
facilty->facility, from Igor Sobrado in PR 19670
2003-03-29 18:05:29 +00:00
mycroft
d73e77b28c
Update copyright notice.
2003-01-01 00:00:13 +00:00
itojun
9593086444
use strlcpy
2002-11-16 04:34:13 +00:00
itojun
e91a21c27c
add DPADD.
2002-10-23 01:25:35 +00:00
itojun
7798fe3a64
disallow users from alter log file entries by using "login foo".
...
from xs@kittenz.org
2002-09-25 03:45:32 +00:00
itojun
129dc41857
make sure to use %s on printf format string. xs@kittenz.org
2002-09-20 21:01:31 +00:00
itojun
2994867f8f
remove debugging message leftover
2002-07-30 14:37:38 +00:00
christos
51de4d82f7
make this compile without SUPPORT_UTMPX
2002-07-27 22:58:07 +00:00
christos
48715dcc0c
Factor out the utmp/wtmp/lastlog updating and add utmpx/wtmpx/lastlogx updating.
...
Both are turned on for now.
2002-07-27 20:10:32 +00:00
thorpej
9c33b55e7c
Split the notion of building Hesiod, Kerberos, S/key, and YP
...
infrastructure and using that infrastructure in programs.
* MKHESIOD, MKKERBEROS, MKSKEY, and MKYP control building
of the infratsructure (libraries, support programs, etc.)
* USE_HESIOD, USE_KERBEROS, USE_SKEY, and USE_YP control
building of support for using the corresponding API
in various libraries/programs that can use it.
As discussed on tech-toolchain.
2002-03-22 18:10:19 +00:00
joda
4929305fb3
when creating a v4 ticket file, name it after the users uid, not our
...
current (should finally fix bin/13040)
2002-02-20 08:17:17 +00:00
perry
57ff912445
Happy New Year!
2002-01-01 09:27:53 +00:00
assar
2a2aa85a8d
update infrastructure for krb4 1.1 and heimdal 0.4e
2001-09-17 12:34:40 +00:00
assar
66bcd97e0c
implement 5to4 (getting v4 tickets from the v5 ones)
...
from the patch in bin/13040 by lha@stacken.kth.se (slightly modified)
2001-09-10 00:02:29 +00:00
wiz
2e8e67fc3f
Sort SEE ALSO section, and correct section for kerberos (1 -> 8).
2001-04-04 09:37:51 +00:00
pk
992d55d2a8
* Use krb5_warn() instead of non-functional com_err().
...
* knf patrol
* De-__P()
2001-01-19 21:55:19 +00:00
cgd
d594ce939b
comment or delete text after CPP directives.
2001-01-16 02:50:27 +00:00
lukem
8ea781a956
LOG_ODELAY is deprecated. use LOG_ERR for fatal errors
2001-01-10 12:24:38 +00:00
lukem
df21faf565
don't need to specify facility LOG_AUTH as it's the default
2001-01-10 12:23:57 +00:00
thorpej
eb80878b1b
Happy new year!
2001-01-01 20:18:34 +00:00
wiz
de67766c6a
Don't strcpy the contents of an environment variable into a fixed-size
...
buffer, use strlcpy instead. Should fix security/11550.
2000-12-05 02:19:23 +00:00
aidan
631ff3454c
Replace all calls to 'error_message()' with 'krb5_get_err_text()', since
...
error_message() does not seem to display meaningful information, under
Heimdal.
2000-10-28 03:51:26 +00:00
simonb
9b22175a26
Remove INSTALLFLAGS=-fschg, as per change to usr.bin/ssh/ssh/Makefile.
2000-10-18 00:24:18 +00:00
aidan
b84b9c883a
Check retrieved TGT against local keytab, if it exists.
2000-09-01 03:12:20 +00:00
thorpej
d35819d6e3
krb5_get_in_tkt() (called by krb5_get_in_tkt_with_password()) may
...
eventually call krb5_free_principal() via krb5_free_creds_contents(),
(when it succeeds, in particular). Check for the creds.server
already being freed, and don't free it again.
2000-08-09 17:44:18 +00:00
assar
6d7f2da1a1
remove -lvers, it's not used
2000-08-03 22:56:29 +00:00
assar
549a4d9cdc
update build infrastructure for heimdal 0.3a
2000-08-03 04:02:29 +00:00
thorpej
3b5855e58d
Don't syslog that krb5_init_context() failed if it failed due
...
to Kerberos not being configured on the system.
2000-08-02 16:51:17 +00:00
thorpej
9e2765e474
If neither Kerberos IV or Kerberos V are configured, don't
...
issue "Warning: no Kerberos tickets issued."
2000-08-02 05:58:35 +00:00
thorpej
676ddec5ac
skey_keyinfo() returns const.
2000-07-28 16:36:53 +00:00
mycroft
98987090cb
Fix library order.
2000-07-23 22:23:14 +00:00
ad
682d5ce7b8
Xr passwd.conf
2000-07-11 12:12:53 +00:00
thorpej
df83a2a3cd
Add MK... variables to enable/disable various aspects of building
...
crypto support into the system. See share/mk/bsd.README for more
a full description.
2000-06-23 06:01:10 +00:00
thorpej
e7d6b96938
Merge a bunch of things from crypto-us and crypto-intl into basesrc,
...
adding support for Heimdal/KTH Kerberos where easy to do so. Eliminate
bsd.crypto.mk.
There is still a bunch more work to do, but crypto is now more-or-less
fully merged into the base NetBSD distribution.
2000-06-20 06:00:24 +00:00
aidan
dbb0b2f74d
Backout login_get_kconf function, because it breaks crypto-intl builds.
...
Keep the variables for setting default behaviour with krb4 and krb5
compiled in, even though they act like constants, to facilitate adding
another preference mechanism later.
2000-06-02 03:01:22 +00:00
aidan
39d1e5b7fd
Allow krb5 and krb4 to be compiled in to the same login binary at once,
...
krb5 can request a forwardable TGT,
can get both krb4 and krb5 tickets, if explicitely configured to do so
by the krb5.conf.
2000-05-30 06:56:16 +00:00
enami
1d82270b8c
- For root, if ignorenologin is set in login.conf, don't call
...
checknologin (previously, checknologin is called if ignorenologin is set).
- For non-root user, make ignorenologin take effect.
2000-03-07 14:11:22 +00:00
enami
6dccad067d
Cosmetic changes.
2000-03-07 13:59:19 +00:00
aidan
d6bf7fdb89
Move include/kerberosIV/com_err.h to include/com_err.h.
2000-02-14 03:21:02 +00:00
aidan
0c25a9e4d1
Patch from assar@netbsd.org to make k5login.c work with both MIT and Heimdal
...
kerberos trees.
2000-02-14 03:17:43 +00:00
mjl
b3204d536b
Add login_getpwclass to libutil as convenience function for
...
programs originally for FreeBSD.
Add parsing of "setenv" parameter which can be used to set
up an initial environment on login.
2000-02-04 02:17:14 +00:00
mjl
8e380b472c
Removed some fallback cases since that is now done in libutil.
2000-01-22 09:48:52 +00:00
mjl
eb1d660e28
Clean up changes a bit.
2000-01-13 12:43:19 +00:00
mjl
07053cf7c1
Re-enable login_cap processing, now that a non-existing login.conf
...
won't make it crash. Also make it less noisy in that case.
2000-01-13 06:52:47 +00:00
mjl
cfdb7e0720
Ack. Disable login caps, until problems are fixed.
2000-01-13 06:30:31 +00:00
mjl
4863ee6f07
Add login.conf capability setting.
2000-01-13 06:17:56 +00:00
billc
7ad9ba975f
copyright year change (thanks cgd) so we emit , 2000 now.
2000-01-07 00:00:37 +00:00
aidan
1cda1876da
Fixed 'login in free' warning in kdestroy().
1999-12-26 17:47:18 +00:00
aidan
5375ac8703
Made login continue without kerberos when there is no krb5.conf present
...
(and KERBEROS5 is defined).
1999-12-05 23:39:11 +00:00
christos
f5241efcfa
make this compile....
1999-08-25 19:58:15 +00:00
mycroft
ee0dfce003
Make this compile again in an ELF world.
1999-07-30 01:56:49 +00:00
mrg
51a96a002f
optionally include CRYPTOPATH Makefile.frag files.
1999-07-20 09:35:18 +00:00
thorpej
9630ed475e
Use bsd.crypto.mk.
1999-07-12 22:11:37 +00:00
aidan
3a4abbe0d1
Kerberos5 changes to login -- now supports forwarded TGTs.
1999-07-12 21:36:10 +00:00
christos
9966d744f2
Don't declare login here. It is declared in <util.h>
1999-06-15 14:19:53 +00:00
garbled
9e44e9b578
More and more .Os cleanups. .Os is defined in the tmac.doc-common file,
...
so we shouldn't override it with versions in the manpages. Many more to
come.
1999-03-22 18:16:34 +00:00
kim
0d4599522a
Build domestic login on domestic systems.
...
Incorporated (minor) diff from domestic man page.
1999-03-05 01:07:56 +00:00
scottr
8481f548e2
Remove the crypto-related bits until such time as we have a fully-
...
integrated source tree. Export-controlled versions of these are now
built during the domestic build process.
1999-02-18 21:22:51 +00:00
fair
0a35ac96da
Correct documentation of /etc/nologin to note that it does not
...
apply to the superuser, per PR#6328.
Correct some nroff nits in the process.
1999-01-13 10:51:07 +00:00
kim
0c127d7cef
Show year of last login.
1999-01-11 20:20:54 +00:00
lukem
0e36738ca6
add copyright 1999
1999-01-06 13:51:09 +00:00
tsarna
c89a574ffa
Execute ttyaction on termination of rlogind/telnetd sessions.
...
Also, say a little bit about ttyaction in the getty and login manpages.
1998-08-29 17:31:55 +00:00
ross
f670fa10c5
Add { and } to shut up egcs. Reformat the more questionable code.
1998-08-25 20:59:36 +00:00
mycroft
55ac0c2da3
const poisoning.
1998-07-26 21:58:46 +00:00
mrg
95b49ba52b
do _NOT_ use system(3) in setuid programs. KNF.
1998-07-11 08:12:51 +00:00
mrg
2beab49a06
- use an array MAXHOSTNAMELEN+1 size to hold hostnames
...
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe will buffers that hold hostnames
1998-07-06 06:45:41 +00:00
fair
3b04f8e0b1
Add .Xr ttyaction 3 per PR#4647
1998-04-10 09:31:55 +00:00
kleink
fd366142a3
Need <time.h> for ctime() and time() prototypes.
1998-04-02 10:27:16 +00:00
hubertf
567c3f3e41
Also save groups before chdir($HOME). This fixes a problem pointed
...
out by Bernd Ernesti with /home/lusers/joe (being uid joe, gid lusers),
with /home/lusers mode 750 and owner root:lusers.
1998-01-16 00:31:53 +00:00
thorpej
974b59d07c
Happy new year!
1998-01-07 00:41:43 +00:00
hubertf
5dda445628
Give up special privileges before chdir($HOME) and access(.hushlogin),
...
fixing PR 4636 by myself with some help from Jason Thorpe.
1997-12-05 08:29:39 +00:00
mrg
6bb686b3be
print TNF copyright, like the kernel does.
1997-11-07 20:32:05 +00:00
mycroft
41b9ae035f
Use S_IS*(), not S_IF*.
1997-10-19 19:11:56 +00:00
lukem
13ee7130b1
s/bzero/memset
1997-10-19 04:18:46 +00:00
lukem
33b5dd5c52
fix .Nm usage
1997-10-19 04:18:08 +00:00
lukem
ca15d8c056
don't define WARNS=1 here
1997-10-19 03:44:21 +00:00
mycroft
83ef48db0a
Undo part of the previous; don't allow logins if we've passed pw_change.
...
The semantics of this are not well documented. *sigh*
1997-10-12 15:21:24 +00:00
mycroft
97734d5e35
Refuse login only when we've past pw_expire, not pw_change. Check pw_expire
...
first.
1997-10-12 15:11:24 +00:00
mycroft
879c3292d6
Several things:
...
* Change the semantics of the `-s' option somewhat. If specified, allow
either Kerberos or S/Key login, but not a plain password.
* Eliminate the special `s/key' password; just type it at the prompt.
* Remove the root instance special case. This is a serious security hole
waiting to happen, and no other system works this way.
* Don't force a password change if Kerberos was used. Also, don't call
/bin/passwd at all if the password change isn't required.
1997-10-12 15:05:24 +00:00
mycroft
2b4b3f1ded
SRCS must be defined *before* bsd.prog.mk is included...
1997-10-12 14:07:38 +00:00
mycroft
fc2c065578
Get rid of special cases for `s/key' password.
1997-10-12 14:07:06 +00:00
mycroft
d91c72fbd3
Minor changes.
1997-10-12 13:10:16 +00:00
mycroft
e6751fc584
Minor changes.
1997-10-12 12:54:55 +00:00
mycroft
1434f98d69
If we compile without SKEY, abort if a -s option is used, rather than silently
...
failing to enforce it.
1997-10-12 12:42:38 +00:00
mycroft
40471d4e79
Pull in bsd.own.mk for SKEY, KERBEROS, KERBEROS5.
1997-10-12 12:39:17 +00:00
mycroft
5171059387
Fix uninitialized variable.
1997-10-12 12:31:40 +00:00
christos
470e6b8604
CFLAGS->CPPFLAGS; Conditionalize SKEY
1997-10-11 19:19:11 +00:00
kleink
66105c37fc
Lseek(2) usage cleanup: the use of L_SET/L_INCR/L_XTND is deprecated,
...
use SEEK_SET/SEEK_CUR/SEEK_END instead.
1997-08-25 19:31:43 +00:00
mycroft
3110c7add1
Various changes to keep up with krb5, mostly addition of the kcontext
...
structure. From PR 3826, by Chris Jones.
1997-08-19 17:26:13 +00:00