aboutsummaryrefslogtreecommitdiff
path: root/contrib/libpam
Commit message (Collapse)AuthorAgeFilesLines
* Say good-bye, Linux-PAM.Dag-Erling Smørgrav2002-03-08150-29553/+0
| | | | Notes: svn path=/head/; revision=91884
* WARNS fix. Zap an unused variable.Mark Murray2002-02-031-1/+1
| | | | Notes: svn path=/head/; revision=90146
* This commit disables chain caching.Dag-Erling Smørgrav2002-01-241-62/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | Chain caching is a feature of Linux-PAM, where pam_authenticate() and pam_open_session() "freeze" the chain so that their companion primitive (pam_setcred() and pam_close_session() respectively) will call the exact same modules, skipping those that failed in the previous call. There are several reasons not to do this, the most prominent of which is that it makes it impossible to call pam_setcred() without first calling pam_authenticate() - which is perfectly valid according to DCE/RFC 86.0 and XSSO, and is necessary to make 'login -f' work. Instead of chain caching, implement something similar to the way Solaris' libpam behaves: pam_setcred treats "sufficient" modules as if they were "required", i.e. does not break the chain when they succeed. PAM modules whose pam_sm_setcred() should not be called unless their pam_sm_authenticate() succeeded can simply set a state variable using pam_set_data() in pam_sm_authenticate(), and use pam_get_data() to check it in pam_sm_setcred(). Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=89738
* WARNS=4 fixes.Mark Murray2002-01-208-19/+22
| | | | | | | OK'ed by: des Notes: svn path=/head/; revision=89587
* Although the previous went some way towards fixing the pam.conf / pam.dDag-Erling Smørgrav2001-12-071-117/+110
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | problem, it still didn't DTRT for services that did not have a service- specific policy if /etc/pam.d existed but did not contain an "other" policy. This fixes the problems some people have experienced with sudo. And I almost didn't have to use goto. The current configuration sequence is: 1) Look for /etc/pam.d/foo 2) If PAM_READ_BOTH_CONFS is defined, or step 1) failed, look for foo in /etc/pam.conf 3) Look for /etc/pam.d/other (to fill in the gaps) 4) If PAM_READ_BOTH_CONFS is defined, or step 3) failed, look for other in /etc/pam.conf I believe this is the intended behaviour of the original code. The least surprising behaviour seems to be when PAM_READ_BOTH_CONFS is not defined - /etc/pam.d/foo will be preferred over /etc/pam.conf, but the latter will serve as a backup if the former does not exist. Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=87469
* Fix a bug that made PAM fail if /etc/pam.d/ existed but was empty.Dag-Erling Smørgrav2001-12-051-0/+46
| | | | | | | Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=87407
* Clean up namespace pollution by prepending underscores to argument names inDag-Erling Smørgrav2001-12-056-87/+96
| | | | | | | | | function prototypes (or, in a few cases, removing argument names altogether). Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=87405
* This file isn't used; it's an older version of include/security/pam_misc.h.Dag-Erling Smørgrav2001-12-051-72/+0
| | | | | | | Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=87401
* Fix namespace pollution by protecting names used as arguments.Mark Murray2001-12-011-5/+7
| | | | | | | Reported by: bde Notes: svn path=/head/; revision=87175
* Due to incorrect include ordering, <dlfcn.h> did not get included, soDag-Erling Smørgrav2001-11-271-10/+7
| | | | | | | | | | | RTLD_NOW got incorrectly defined to 1 (which is RTLD_LAZY in FreeBSD). In addition, the comment about FreeBSD requiring SHLIB_SYM_PREFIX to be "_" is incorrect. Submitted by: tobez (except for the bit about the incorrect comment) Notes: svn path=/head/; revision=86981
* It's idiotic to return PAM_PERM_DENIED when the item argument is NULL;Dag-Erling Smørgrav2001-11-271-1/+2
| | | | | | | PAM_BUF_ERR is much closer to the truth. Notes: svn path=/head/; revision=86980
* Fix libpam's linker set stuff to use the new API (unbreak world), and getPeter Wemm2001-06-141-9/+9
| | | | | | | rid of gensetdefs from here as well. Notes: svn path=/head/; revision=78194
* Fix bug introduced by myself that often resulted in a session havingMark Murray2001-06-071-9/+8
| | | | | | | | | | SIGINTR (^C) and SIGSTP (^Z) masked. Reported by: bde, sobomax Submitted by: sobomax Notes: svn path=/head/; revision=77867
* In the same manner as getpass(3), block SIGINTR and SIGSTP while we areMark Murray2001-06-041-1/+12
| | | | | | | actually reading the line. Notes: svn path=/head/; revision=77725
* Return an empty string rather than an error at EOF.Mark Murray2001-06-041-2/+4
| | | | Notes: svn path=/head/; revision=77723
* Bring back from the er, dead some useful PAM modules.Mark Murray2001-05-2915-0/+1748
| | | | Notes: svn path=/head/; revision=77411
* Fix problem with static linking:Mark Murray2001-05-161-1/+1
| | | | | | | | | | | > Script started on Sat May 12 22:18:47 2001 > ttyp1:bde@gamplex:/usr/src/libexec/rshd> rsh localhost ls > rcmd: localhost: Undefined error: 0 Reported by: bde Notes: svn path=/head/; revision=76677
* Add utility PAMs for finer userland controlMark Murray2001-05-119-0/+556
| | | | Notes: svn path=/head/; revision=76467
* Resolve conflicts.Mark Murray2001-05-0318-413/+189
| | | | Notes: svn path=/head/; revision=76241
* This commit was generated by cvs2svn to compensate for changes in r76238,Mark Murray2001-05-03100-1408/+13314
|\ | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches. Notes: svn path=/head/; revision=76239
| * Vendor import Linux PAM 0.75vendor/libpamMark Murray2001-05-03248-6414/+17868
| | | | | | | | Notes: svn path=/vendor/libpam/dist/; revision=76238
* | Revive the pam_deny and pam_permit modules from Linux-PAM. They areJohn Polstra1999-05-086-0/+450
| | | | | | | | | | | | | | | | | | | | | | | | | | simple enough to be trusted. Add account management functionality to the pam_unix module. These changes should make it possible to use PAM in some ports. Submitted by: Max Khon <fjoe@iclub.nsu.ru> Notes: svn path=/head/; revision=46665
* | Make it possible to use PAM in statically-linked applications.John Polstra1999-01-202-29/+61
| | | | | | | | Notes: svn path=/head/; revision=42917
* | Remove files that we don't use and are unlikely to use. You canJohn Polstra1998-11-25163-26807/+0
| | | | | | | | | | | | | | | | still get them with "cvs upd -r pam_unpruned" if you want to look at them. Notes: svn path=/head/; revision=41336
* | Eliminate a setreuid() call that doesn't make sense for FreeBSD.John Polstra1998-11-181-0/+2
| | | | | | | | | | | | | | | | We don't use this module, but still I don't want to leave this call in the code. Notes: svn path=/head/; revision=41226
* | Fix #includes for FreeBSD.John Polstra1998-11-181-2/+1
| | | | | | | | Notes: svn path=/head/; revision=41225
* | Don't call openlog() and closelog(). Assume that the applicationJohn Polstra1998-11-181-0/+8
| | | | | | | | | | | | | | takes care of that. Notes: svn path=/head/; revision=41224
* | s/Linux-PAM/PAM/gJohn Polstra1998-11-188-43/+37
| | | | | | | | Notes: svn path=/head/; revision=41223
* | This commit was generated by cvs2svn to compensate for changes in r41220,John Polstra1998-11-18225-0/+41922
|\| | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches. Notes: svn path=/head/; revision=41221
| * Initial import of virgin Linux-PAM 0.65, slightly stripped down.vendor/libpam/0.65John Polstra1998-11-18225-0/+41922
| | | | | Notes: svn path=/vendor/libpam/dist/; revision=41220 svn path=/vendor/libpam/0.65/; revision=41222; tag=vendor/libpam/0.65
* Initial revisionJohn Polstra1998-11-182-0/+27
Notes: svn path=/head/; revision=41219
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-26 10:43:49 +0000