Commit Graph

102 Commits

Author SHA1 Message Date
jnemeth 74cf788741 PR/30730 force changing password via chsh fails
PR/33502 password aging not working
copy old_pwd to new_pwd before modifying
2006-05-30 19:48:07 +00:00
christos d49dbefade Coverity CID 3783: Fix uninit variable. 2006-05-25 15:27:35 +00:00
christos 4d02435f76 Coverity CID 3677: Plug memory leak 2006-05-23 00:58:42 +00:00
christos ad04b86013 Remove old kerberos library (Jukka Salmi) 2006-03-20 21:22:40 +00:00
christos 85e611dd01 Goodbye KerberosIV 2006-03-20 04:03:10 +00:00
christos 6b8123e7e5 Coverity CID 1909: Prevent memory leak. 2006-03-19 21:21:18 +00:00
christos e5d241d0e4 Coverity CID 2480: Move variable initialization higher up to prevent
uninitialized access during error cleanup.
2006-03-19 21:15:21 +00:00
christos 81cd8f57a4 Coverity CID 2481: Move initialization of variable higher up to prevent
uninitialized access in error path.
2006-03-19 21:11:28 +00:00
christos 082737ff51 Coverity CID 2595: Don't call cc_destroy after cc_close because cc_close
free's the second argument.
2006-03-19 21:07:55 +00:00
jnemeth 0c47a67596 Fix coverity run 5, issue 2018 -- memory leak.
Approved by christos.
2006-03-19 06:52:26 +00:00
jnemeth 216a33af30 Fix Coverity run 5, issue 2022 -- memory leak.
Approved by christos@.
2006-03-18 10:53:17 +00:00
jnemeth f358706242 Fix Coverity run 5, issue 2498 -- uninitialized variable
Fix Coverity run 5, issue 707 -- unreachable code
Approved by Christos.
2006-03-18 10:06:16 +00:00
jnemeth 9804398129 PR/30923: Zafer Aydogan: pam too verbose
Syslog root login failures on insecure terminals.

Approved by christos@.
2006-03-06 23:08:20 +00:00
christos e551462e89 PR/32870: Johan Veenhuizen: login(1) does not obey .hushlogin 2006-02-19 00:12:36 +00:00
bouyer 5cd3d133bf Use the class of the user, not then default class, when checking for
nologin and ignorelogin login.conf(5) capabilities.
2006-02-15 20:28:32 +00:00
christos e531452f6f define where the dynamic modules go. 2006-02-05 02:38:25 +00:00
christos ba9fdf89e5 Add all the modules to the static pam. This is required, otherwise pam does
not work on non pic builds because it does not find modules listed in
/etc/pam.d.
2006-01-20 16:52:55 +00:00
christos 7768338003 Declare what we services provide, otherwise pam assumes that we provide
everything and this breaks static linking.
2006-01-20 16:51:15 +00:00
tsarna 9b412b7436 Implement PAM_REFRESH_CRED / PAM_REINITIALIZE_CRED
support in pam_sm_setcred()

With this and a suitably pam-aware screen locker (eg xscreensaver built
with PAM), you now get the nice Windows-style behavior of having
your tickets refreshed (and tokens, with pam_afslog) when you unlock
your screen.
2005-09-27 14:38:19 +00:00
wiz d61c7b6e74 Remove trailing whitespace. Punctuation nits. Use .Nm more.
Use .An. Sort SEE ALSO.
2005-09-23 19:56:16 +00:00
tsarna 4019a4212f pam_afslog is used in conjunction with pam_krb5 to obtain AFS tokens and
create a PAG if necessary.

Especially important for home directories on AFS.
2005-09-21 14:19:08 +00:00
christos 98785bd85a Get rid of pam debugging.
XXX: We should do this on the 3.0 branch too.
2005-08-28 07:41:41 +00:00
matt ae59c445be Remove CPPFLAGS 2005-04-25 17:21:31 +00:00
matt 51ba88ed0f Add ${DESTDIR}/usr/include/krb5 to CPPFLAGS so <parse_units.h> can be found. 2005-04-25 15:43:34 +00:00
matt bb1ca526b7 Don't cast the lvalue; cast the rhs instead. 2005-04-25 15:42:46 +00:00
yamt 8c79aa408b s!/var/run/nologin!/etc/nologin!g to match with the code. 2005-04-25 10:24:06 +00:00
christos b4073cddaf Fix getgrnam -> getgrnam_r 2005-04-19 13:04:38 +00:00
christos e640241b82 fix getgrnam -> getgrnam_r and add a forgotten getpwnam -> gepwnam_r
From john nemeth
2005-04-19 13:04:19 +00:00
lukem 01cf9d0263 Safety boots: don't depend upon getpwnam_r() to set pwd to NULL on all
failures, especially if we're going to ignore the return result.
2005-04-19 03:40:16 +00:00
lukem a767f5ec9c getpw*_r() may return 0 and set pwd==NULL 2005-04-19 03:38:08 +00:00
christos 2a62e4e1ad check for pwd != in getpw*_r functions. 2005-04-19 03:15:34 +00:00
christos b4eda329f4 Don't print an error if we are doing authentication. 2005-04-05 18:24:17 +00:00
thorpej 59cbc9e205 Use getpwnam_r(). 2005-03-31 15:11:54 +00:00
christos 611fb1aa58 Make S/Key prompt compliant with RFC 2289. Patch supplied by Dave Huang
in PR bin/23167.
2005-03-20 16:48:47 +00:00
christos dbf71d82fb remove debugging printf's 2005-03-17 01:14:40 +00:00
christos 99186ebfc8 Clear the authorization token at the entry of each loop, so that
we get a chance to re-enter.
2005-03-17 01:13:59 +00:00
christos 52ffc9e55d remove code to deal with authorized keys. it has no place here. 2005-03-14 23:39:26 +00:00
christos 041bcdce98 Go back to rev-1.5. This is better than what was there before, but I am
still uncertain about the proper way to dealing what keys to accept.
2005-03-14 05:45:48 +00:00
christos 56cc440468 Revert previous. This is not the right fix. 2005-03-14 05:40:35 +00:00
christos adb433f9e5 Do not let keys that are not listed in authorized_keys participate
in authentication. Problem reported by Maximum Entropy.
2005-03-14 05:35:23 +00:00
christos 811c70b5c5 Free the prompt response. 2005-03-05 20:33:40 +00:00
christos a3df4155fc PR/29566: Izumi Tsutsui: login(1) shows wrong last-login-from host
Caused by improper initialization of struct lastlogx. Code has been
completely restructured, and we also now use pam_prompt() instead of
printf().
cvs: ----------------------------------------------------------------------
2005-03-05 20:32:41 +00:00
christos fde63d0ea8 If authentication failed because the user was not in wheel, say so like
the old su did. From John Nemeth
2005-03-05 15:39:43 +00:00
he 21b1464ae4 Build openpam_free_envlist as part of libpam, and install it's man
page.  This is required for ports not yet supporting shared libraries.
2005-03-03 22:40:49 +00:00
christos 3d37b7e762 Document the no_nested option. 2005-03-03 02:11:49 +00:00
christos fa02801fbd - Fix the quiet option; use login_cap to determine if we should print or not.
- Add nested user handling, including a no_nested option to control it.
2005-03-03 02:11:40 +00:00
wiz 15a3d47d36 Improve wording of the BUGS section to make it easier to understand.
Ok'd by christos.
2005-02-28 15:21:25 +00:00
wiz 49d2a708c0 Bump date for previous. Remove trailing whitespace. Sort SEE ALSO.
Remove superfluous .Pp.
2005-02-28 10:34:17 +00:00
wiz e368145667 Bump date for new SECURITY CONSIDERATIONS section. 2005-02-28 10:31:41 +00:00
christos d747ae24a0 Document that this is broken and not used. 2005-02-28 01:25:01 +00:00