Commit Graph

145 Commits

Author SHA1 Message Date
mrg
2e19323388 add LIBKRB5_LDADD/LIBKRB5_DPADD and their static counterparts
to bsd.prog.mk.  use them instead of hard coding various lists
of libraries for krb5.

this fixes static builds.
2018-02-25 00:16:48 +00:00
ryo
101f6c9891 fix compile error without USE_PAM (-Werror,-Wmissing-noreturn) 2017-10-12 05:00:23 +00:00
christos
ce31bd9da4 add sqlite3 2017-01-28 23:42:36 +00:00
sevan
f237858c5d Remove K&R __P macros.
Remove main() function prototype if present.
Mark usage() as __dead if not already.
Binaries generated with & without these patches were compared with diff -r.
2016-09-03 02:24:04 +00:00
christos
4d0631d87c Keep the built-in support for passwd -k, but don't make the kpasswd link or
install the kpasswd man page since these are provided by heimdal. I ifdef'ed
them so that the code to install them is still with the Makefile.
2013-02-13 23:19:14 +00:00
christos
29d24e71d6 don't build kpasswd; heimdal does it for us. 2013-02-11 23:11:48 +00:00
christos
0dfe19f4d3 - fix non pam build
- merge duplicated error code
- fix opt struct leak
2012-04-22 23:43:51 +00:00
dholland
75549012e9 fix non-PAM build 2012-03-25 05:55:07 +00:00
joerg
6818646ac8 Use __dead 2011-09-16 15:39:25 +00:00
plunky
9f61b80465 NULL does not need a cast 2011-08-31 16:24:54 +00:00
elric
07b0c75a48 We no longer need -I/usr/include/krb5. 2011-04-24 21:42:06 +00:00
elric
89208b4ceb Stop using functions deprecated by Heimdal. Also, if krb5_init_context()
fails, we can't use Kerberos functions to grab error strings, we
resort to strerror(3) which is what Heimdal's deprecated function
does in this case.
2011-04-24 21:16:43 +00:00
christos
963d31a298 KNF, make error messages consistent. 2010-09-08 13:58:46 +00:00
christos
d049daf420 PR/43852: Wolfgang Stukenbrock: yp_passwd command may destroy NIS database
entries when used on a server that includes users via netgroups.
2010-09-08 13:44:44 +00:00
joerg
2c0a7fd6bd Do not call pam_end with an invalid handle if pam_start failed.
From Richard Hansen.
2010-03-09 16:14:08 +00:00
gdt
324332f31f Log successful and unsuccessful attempts to change passwords, via -l
or pam, to ease IT audit guideline compliance.  Patch from Richard
Hansen of BBN in private mail.

Proposed on tech-kern with positive comments, except a suggestion I
didn't implement:

A possible future enhancement is refraining from logging if the old
password is empty, as some people abort password changing that way.
However, it's not clear if this complies with most guidelines that
require password change logging, and at first glance that appears to
be a fairly difficult change.
2010-03-02 16:19:13 +00:00
mlelstv
333d9d13b5 avoid compiler warnings about shadowed declarations. 2009-04-18 09:04:34 +00:00
dyoung
f853fb7538 Rename variables to fix GCC warnings: local variables optopt and optarg
shadow globals.
2009-04-17 20:25:08 +00:00
lukem
b278226e33 Fix WARNS=4 issues 2009-04-12 23:59:37 +00:00
lukem
98e5374ccb Remove the \n and tabs from the __COPYRIGHT() strings.
Tweak to use a consistent format.
2008-07-21 14:19:20 +00:00
martin
11a6dbe728 Convert TNF licenses to new 2 clause variant 2008-04-30 13:10:46 +00:00
martin
ce099b4099 Remove clause 3 and 4 from TNF licenses 2008-04-28 20:22:51 +00:00
veego
638a0ef64f Apply the change in rev 1.15 also to the non PAM code. 2008-04-21 17:37:51 +00:00
mlelstv
b0f88a0388 Import Heimdal-1.1 2008-03-22 08:36:48 +00:00
christos
787a0bbadb minor lint 2008-01-25 19:36:27 +00:00
christos
1b761c7278 PR/37863: Wolfgang Stukenbrock: yp_passwd command may destroy NIS database entries when used on a server that includes users via netgroups 2008-01-25 19:36:12 +00:00
tls
4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
jnemeth
2e994af332 Display a message indicating who's password is being changed, as per
Jeremy Reed on tech-userlevel.
2007-05-06 09:19:44 +00:00
wiz
54cd24faa5 Get rid of more Kerberos 4 code. 2006-03-23 23:33:28 +00:00
hubertf
8c061da318 Xref pwhash(1),
pointed out by Stefan Schumacher at the Chemnitz Linuxdays
2006-03-07 01:52:09 +00:00
he
8e8728c45c Introduce PAM_STATIC_LDADD and PAM_STATIC_DPADD. When compiling
with MKPIC=no, possibly because the target does not support shared
libraries, these include libraries required to resolve all symbols
which end up referenced from PAM-using applications.  The libraries
presently required are -lcrypt, -lrpcsvc and -lutil.

Add use of these variables which are currently set up to use PAM,
so that they compile when MKPIC=no.

Also, in the telnetd case, reorder the order of the libraries, so
that libtelnet.a comes before -ltermcap and -lutil, again to fix
link error when MKPIC=no.

Discussed with thorpej and christos.
2005-03-04 20:41:08 +00:00
wiz
a5924c4e9e YP password -> NIS password. Ok'd by thorpej. 2005-02-28 15:19:59 +00:00
wiz
8168d38f56 Remove COPTS+=-g. 2005-02-28 10:37:49 +00:00
wiz
b34e537add infomration -> information. 2005-02-28 10:37:34 +00:00
thorpej
feee050f0e user -> principal in the krb5 synopsis. 2005-02-28 02:02:43 +00:00
thorpej
c80d0a6dc7 Fix a typo, and sort SEE ALSO correctly. 2005-02-28 02:01:35 +00:00
thorpej
4e63fd43ef Magor rework of passwd(1) for the PAM case. Add "-d <database>" option,
similar to Solaris's "-r <repository" or Mac OS X's "-i <infosystem>",
to select the password database (files, nis, krb5).  Otherwise, we default
to using whatever PAM decides.
2005-02-26 07:19:25 +00:00
thorpej
8c9dd4bba7 Add missing RCS ID. 2005-02-24 05:11:34 +00:00
wiz
823387f1c8 Drop some whitespace
XXX: -p not described.
2005-02-22 01:49:20 +00:00
christos
11e49612c8 Add a PAM passwd module.
XXX: This avoids the issue of supporting separate -l -y -k, but is the behavior
correct? Should passwd -p disable all other passwd methods? Should it become
the default if compiled in?
2005-02-22 01:08:43 +00:00
christos
5b5b914e5a adapt to pw_gensalt() changes. 2005-01-12 03:34:58 +00:00
christos
59bf3abf20 gc unused file. 2005-01-12 00:38:17 +00:00
christos
19917e71c5 use pw_gensalt() and don't dig into libcrypt. 2005-01-11 22:42:30 +00:00
dsl
e2a58c7a44 Add (unsigned char) cast to ctype functions
A password containg 80...ff could be reported (incorrectly) as being
all lower case.
2004-10-30 21:05:53 +00:00
lha
f911795b30 Switch to krb5_set_password that can handle the RFC3244 (and the older
change password protocol)
2004-10-05 14:12:56 +00:00
sjg
3a0c68edfd Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

 * The format of the encrypted password is:
 * $<tag>$<iterations>$<salt>$<digest>
 *
 * where:
 *      <tag>           is "sha1"
 *      <iterations>    is an unsigned int identifying how many rounds
 *                      have been applied to <digest>.  The number
 *                      should vary slightly for each password to make
 *                      it harder to generate a dictionary of
 *                      pre-computed hashes.  See crypt_sha1_iterations.
 *      <salt>          up to 64 bytes of random data, 8 bytes is
 *                      currently considered more than enough.
 *      <digest>        the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.
2004-07-02 00:05:23 +00:00
agc
89aaa1bb64 Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22365, verified by myself.
2003-08-07 11:13:06 +00:00
itojun
f4401cd869 upgrade openssl to 0.9.7b. (AES is now supported)
alter des.h to be friendly with openssl/des.h (you can include both in the
same file)
make libkrb to depend on libdes.  bump major.
massage various portioin of heimdal to be friendly with openssl 0.9.7b.
2003-07-24 14:16:30 +00:00
lukem
59efd8a9dd remove unnecessary rules 2003-07-22 12:34:40 +00:00
itojun
6d415bc4b0 use bounded string op 2003-07-14 11:54:06 +00:00