mirrors/pam-modules
1
0
Fork 0
mirror of git://git.gnu.org.ua/pam-modules.git synced 2025-04-26 08:29:54 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
202 commits 3 branches 17 tags 505 KiB
Commit graph

43 commits

Author SHA1 Message Date
Sergey Poznyakoff
f3b7c048b8 Update copyright years 2022-02-04 09:38:17 +02:00
Sergey Poznyakoff
203524c85d pam_fshadow: new option skip-password 
* pam_fshadow/pam_fshadow.c (pam_opt): New option skip-password.
(_pam_parse,verify_user_acct,verify_user_pass): Fix log messages.
(verify_user_pass): Skip password verification, if requested.
(pam_sm_authenticate): Don't try to obtain password, if skip-password
is given.
Bugfix: even if password hash is given in passwd and verified successfully,
verify the shadow file too, this time with password set to NULL, so that
the actual account status is taken into account.
* doc/pam-modules.texi: Document skip-password
* doc/pam_fshadow.8in: Likewise.
 2022-02-03 18:48:41 +02:00
Mirsad Goran Todorovac
1af3541706 Bugfixes in pam_fshadow 
* pam_fshadow/pam_fshadow.c (verify_user_acct): Don't leave the file
open.
(pam_sm_authenticate): If the username was changed, set the changed value
in the PAM_USER item, for eventual use by subsequent modules in stack.
 2022-02-02 17:46:48 +02:00
Sergey Poznyakoff
da41d2aec4 Update copyright years 2021-01-06 18:15:52 +02:00
Sergey Poznyakoff
c20d0e4bf3 Happy GNU Year 2018-01-01 11:22:40 +02:00
Sergey Poznyakoff
55620228a8 pam_fshadow: allow the user to use arbitrary group numbers for username and domain parts. 
New options username-index and domain-index are used to indicate
indices of the parenthesized groups used to extract the user and
the domain name. The default corresponds to 'user-index=1 domain-index=1'.

Additionally, change the behavior in case if the user name doesn't
match the regexp. Previous versions would fall back to plain authentication
in this case. New behavior is to reject access.

* pam_fshadow/pam_fshadow.c (pam_opt): New options
username-index and domain-index.
(pam_sm_authenticate): Move username splitting into a separate
function.
* doc/pam_fshadow.8in: Document the new options.
 2017-12-22 15:25:58 +02:00
Sergey Poznyakoff
7974dd9073 Version 2.0 
* NEWS: Update version number
* configure.ac: Likewise.
* doc/pam-modules.texi: Fix a typo.
* doc/pam_ldaphome.8in: Likewise.
* pamck/pamck.c: Update copyright years.

* pam_fshadow/pam_fshadow.c: Suppress cc warnings.
* pam_groupmember/pam_groupmember.c: Likewise.
* pam_ldaphome/pam_ldaphome.c: Likewise.
* pam_log/pam_log.c: Likewise.
* pam_regex/pam_regex.c: Likewise.
 2015-02-26 11:22:00 +02:00
Sergey Poznyakoff
946c85c169 Update copyright dates. 2015-01-28 16:54:21 +02:00
Sergey Poznyakoff
947e0c2f8a pam_ldaphome: run initrc command as user. 
* examples/usergitconfig: Documentation formatting change.
* lib/graypam.h (gray_2nrealloc): New function.
* lib/mem.c (gray_2nrealloc): New function.
* pam_fshadow/pam_fshadow.c (fgetpwent): Skip malformed entries.
* pam_ldaphome/pam_ldaphome.c (runas): New finction.
(run_prog): Switch to user privileges unless initrc-root is true.

* NEWS: Update.
* doc/pam-modules.texi: Update.
* doc/pam_ldaphome.8in: Update.
 2015-01-28 16:42:52 +02:00
Sergey Poznyakoff
399768dde3 Build pam_fshadow even if fgetpwent is not defined. 
* configure.ac: Only check if fgetpwent is defined,
don't disable the module if it is not.
* pam_fshadow/pam_fshadow.c [!HAVE_FGETPWENT] (fgetpwent): Provide a
replacement.
 2014-12-05 07:49:41 +02:00
Sergey Poznyakoff
e094d80820 Implement audit option 
Audit is equivalent to debug=100, i.e. it enables logging
maximum debugging output.
 2014-12-04 17:25:44 +02:00
Sergey Poznyakoff
66dcf254f5 Remove deprecated use of INCLUDES from Makefiles. 
* Make.rules: Use AM_CPPFLAGS instead of INCLUDES.
* Makefile.am (SUBDIRS): Add examples.
(dist-hook): Remove.
* configure.ac: Build examples/Makefile.
* examples/Makefile.am: New file.
* pam_fshadow/Makefile.am: Include Make.rules on top.
Use += to set AM_CPPFLAGS
* pam_groupmember/Makefile.am: Likewise.
* pam_ldaphome/Makefile.am: Likewise.
* pam_log/Makefile.am: Likewise.
* pam_regex/Makefile.am: Likewise.
* pam_sql/Makefile.am: Likewise.
* pam_umotd/Makefile.am: Likewise.
 2014-05-21 12:48:53 +03:00
Sergey Poznyakoff
db866c50c4 Update copyright years, set version 1.7.92 2014-02-11 15:06:09 +02:00
Sergey Poznyakoff
b8a5067f0c Make pam_fshadow reentrant. 
* pam_fshadow/pam_fshadow.c (_pam_parse): Initialize global
variables, in case pam_fshadow is called twice in the same
stack. Do not register rexp in pam data, this hurts
reentrability.
(pam_sm_authenticate): Free rexp.
 2012-12-08 16:59:13 +02:00
Sergey Poznyakoff
dc43cd8ee7 Update copyright years. 2012-07-04 13:10:06 +03:00
Sergey Poznyakoff
1a80b647d6 Revamp build system. Add pam_ldaphome module. 
* configure.ac: Test for ldap.
(AC_OUTPUT): Create pam_ldaphome/Makefile.
* acinclude.m4 (PM_ENABLE): Declare PAM_COND_<item>
conditional in addition to BUILD_PAM_<item> substitution
variable.
* Makefile.am (SUBDIRS): Include most modules via
conditionally defined Makefile variables.

* lib/graypam.h (gray_env): New struct.
(gray_env_get,gray_env_free,gray_env_read)
(gray_boolean_true_p): New protos.
* lib/env.c: New file.
* lib/Makefile.am (libgraypam_la_SOURCES): Add env.c

* pam_fshadow/Makefile.am: Remove BUILD_PAM_FSHADOW
substitution.
* pam_regex/Makefile.am: Remove BUILD_PAM_REGEX
substitution.
* pam_sql/pam_sql.c (free_config, boolean_true_p)
(read_config): Remove. Use gray_env_* functions
instead. All uses updated.
* pam_regex/pam_regex.c: Fix typo.

* pam_ldaphome/Makefile.am: New file.


git-svn-id: file:///svnroot/pam-modules/trunk@118 56984be4-0537-0410-a56c-fcb268c96130
 2012-05-13 09:48:57 +00:00
Sergey Poznyakoff
9a1b32df22 Various bugfixes. 
* pam_fshadow/pam_fshadow.c (pam_sm_authenticate): Fix
erroneous conditional, which allowed for logins with
arbitrary passwords if `nopasswd' option was given.
* lib/graypam.h (gray_free_transform_expr): New proto.
* lib/transform.c (transform) <has_regex>: New member.
(free_transform,free_segment): New statics.
(gray_free_transform_expr): New function.
* pam_regex/pam_regex.c (pam_sm_authenticate): Free slist and
transform expression.



git-svn-id: file:///svnroot/pam-modules/trunk@116 56984be4-0537-0410-a56c-fcb268c96130
 2011-08-31 07:34:59 +00:00
Sergey Poznyakoff
a8eb15d394 Update copyright years 
git-svn-id: file:///svnroot/pam-modules/trunk@113 56984be4-0537-0410-a56c-fcb268c96130
 2011-04-08 08:54:48 +00:00
Sergey Poznyakoff
8e3f1518fc Update copyright years. 
Happy GNU Year!


git-svn-id: file:///svnroot/pam-modules/trunk@110 56984be4-0537-0410-a56c-fcb268c96130
 2010-01-02 15:12:34 +00:00
Sergey Poznyakoff
53cd478f5c Minor changes 
* pam_fshadow/pam_fshadow.c: Protect shadow-related code with
ifdefs.
* configure.ac: Check for shadow.h, struct spwd and fgetspent. Do
not disable pam_fshadow.c if they are not present.


git-svn-id: file:///svnroot/pam-modules/trunk@107 56984be4-0537-0410-a56c-fcb268c96130
 2009-02-27 15:49:13 +00:00
Sergey Poznyakoff
27cbbfe1b7 Avoid gcc warnings 
git-svn-id: file:///svnroot/pam-modules/trunk@106 56984be4-0537-0410-a56c-fcb268c96130
 2009-02-27 15:30:15 +00:00
Sergey Poznyakoff
aaf0e43331 Rewrite Makefile.am's in a clearer and simpler way 
* configure.ac: Require libtool 2.2.5a
* Make.rules (.c.lo, .lo.la): Remove
(AM_LDFLAGS, INCLUDES, LIBS): New assignments.
* pam_sql/Makefile.am, pam_fshadow/Makefile.am,
pam_sql/Makefile.am, pam_regex/Makefile.am,
pam_log/Makefile.am: Rewrite.
* pam_sql/pam_sql.h, pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c.
pam_sql/pam_sql.c: Rewrite.
* pam_sql/sha1.h, pam_sql/md5.c, pam_sql/md5.h, pam_sql/sha1.c
* pam_fshadow/pam_fshadow.c: New option [no]shadow
* doc/pam-modules.texi: Update.

* lib/graypam.h (gray_trim_ws): New proto
* lib/strutil.c: New file.
* lib/Makefile.am: Add strutil.c


git-svn-id: file:///svnroot/pam-modules/trunk@105 56984be4-0537-0410-a56c-fcb268c96130
 2009-02-27 14:54:58 +00:00
Sergey Poznyakoff
d1ae7a52a3 Fix configure script 
* pam_fshadow/Makefile.am: Build the module conditionally.
* pam_regex/Makefile.am: Likewise.
* pam_log/Makefile.am: Likewise.
* NEWS, README: Update.
* configure.ac: Raise version number to 1.5. Update bug-report
address.
Add options for disabling fshadow, log and regex.
* acinclude.m4: Prefix all macros with PM_
(PM_CHECK_LIB): Rewrite.


git-svn-id: file:///svnroot/pam-modules/trunk@98 56984be4-0537-0410-a56c-fcb268c96130
 2009-02-17 14:48:58 +00:00
Sergey Poznyakoff
80aafa9dcf * pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c: Implement `setenv' 
method.
* pam_sql/pam_sql.c, pam_fshadow/pam_fshadow (_pam_get_password):
Set PAM_AUTHTOK.


git-svn-id: file:///svnroot/pam-modules/trunk@89 56984be4-0537-0410-a56c-fcb268c96130
 2008-03-18 22:32:57 +00:00
Sergey Poznyakoff
d3b8bcfd1f * pam_fshadow/pam_fshadow.c, pam_sql/pam_mysql.c, 
pam_sql/pam_sql.c, pam_regex/pam_regex.c: Ensure passwords might
get divulged only at debugging level 100.


git-svn-id: file:///svnroot/pam-modules/trunk@87 56984be4-0537-0410-a56c-fcb268c96130
 2008-03-16 22:12:43 +00:00
Sergey Poznyakoff
1128870a98 * lib/parseopt.c: New file. 
* lib/Makefile.am (libgraypam_la_SOURCES): Add parseopt.c
* lib/graypam.h (gray_parseopt, gray_wait_debug_fun): New
functions
(CNTL_DEBUG_LEV, CNTL_SET_DEBUG_LEV): Removed.
* lib/log.c (gray_wait_debug): New functions.
* pam_fshadow/pam_fshadow.c, pam_sql/pam_sql.c,
pam_regex/pam_regex.c, pam_log/pam_log.c: Use gray_parseopt for
command line parsing.



git-svn-id: file:///svnroot/pam-modules/trunk@67 56984be4-0537-0410-a56c-fcb268c96130
 2008-03-14 12:50:10 +00:00
Sergey Poznyakoff
222d4ff807 * configure.ac (PAM_COMMON_INCLUDES): Add -I${top_srcdir}/lib. 
(AC_OUTPUT): Add lib/Makefile.
* doc/pam-modules.texi: Document `transform' option.
* Make.rules: New file.

* lib/mem.c, lib/slist.c, lib/log.c, lib/converse.c,
lib/graypam.h, lib/Makefile.am, lib/transform.c.

* pam_regex/pam_regex.c: Implement user name transformations.

* pam_fshadow/Makefile.am, pam_sql/Makefile.am:
Add ../lib/libgraypam.la to LDADD
* pam_fshadow/pam_fshadow.c, pam_sql/pam_mysql.c,
pam_sql/pam_pgsql.c, pam_sql/pam_sql.c: Use functions from ../lib.


git-svn-id: file:///svnroot/pam-modules/trunk@63 56984be4-0537-0410-a56c-fcb268c96130
 2008-03-13 13:53:32 +00:00
Sergey Poznyakoff
f9f6f80133 Bugfixes 
git-svn-id: file:///svnroot/pam-modules/trunk@62 56984be4-0537-0410-a56c-fcb268c96130
 2007-08-28 13:00:56 +00:00
Sergey Poznyakoff
cf85e27af5 Lots of fixes in pam_mysql 
git-svn-id: file:///svnroot/pam-modules/trunk@61 56984be4-0537-0410-a56c-fcb268c96130
 2007-08-27 22:38:35 +00:00
Sergey Poznyakoff
1c004f2fe6 * pam_fshadow/pam_fshadow.c: Include config.h and time.h 
* pam_sql/pam_mysql.c, pam_sql/pam_pgsql.c, pam_sql/pam_sql.c: Use
_pam_log for diagnostics.
* pam_regex/pam_regex.c (pam_sm_authenticate): Remove unused variable.
* configure.ac: New option --enable-debug
* common.c (wait_debug): Bugfix
* pam_log/pam_log.c: Include ctype.h
(parse_priority): Change return type.
* pam_fshadow/Makefile.am, pam_log/Makefile.am,
pam_regex/Makefile.am, pam_sql/Makefile.am: Use CPPFLAGS in cc rules.


git-svn-id: file:///svnroot/pam-modules/trunk@58 56984be4-0537-0410-a56c-fcb268c96130
 2007-08-14 08:50:50 +00:00
Sergey Poznyakoff
21565bb98c Relicense under GPLv3. 
git-svn-id: file:///svnroot/pam-modules/trunk@50 56984be4-0537-0410-a56c-fcb268c96130
 2007-08-06 13:26:32 +00:00
Sergey Poznyakoff
045ac4dc6a Flush .cvsignore files 
git-svn-id: file:///svnroot/pam-modules/trunk@49 56984be4-0537-0410-a56c-fcb268c96130
 2007-08-06 11:06:00 +00:00
Sergey Poznyakoff
118e6711b8 Implement virtual domain authentication. 
git-svn-id: file:///svnroot/pam-modules/trunk@45 56984be4-0537-0410-a56c-fcb268c96130
 2007-08-05 15:00:10 +00:00
Sergey Poznyakoff
315ecd615d (pam_fshadow_la_LDADD): Add @LIBS@ 
git-svn-id: file:///svnroot/pam-modules/trunk@44 56984be4-0537-0410-a56c-fcb268c96130
 2007-08-05 14:59:57 +00:00
Sergey Poznyakoff
702b6cce44 Update 
git-svn-id: file:///svnroot/pam-modules/trunk@37 56984be4-0537-0410-a56c-fcb268c96130
 2006-09-06 13:08:14 +00:00
Sergey Poznyakoff
a91c9b991a (AM_CPPFLAGS): Define MODULE_NAME 
git-svn-id: file:///svnroot/pam-modules/trunk@34 56984be4-0537-0410-a56c-fcb268c96130
 2006-09-06 13:05:06 +00:00
Sergey Poznyakoff
bd863c9bbd Include <common.c> 
git-svn-id: file:///svnroot/pam-modules/trunk@30 56984be4-0537-0410-a56c-fcb268c96130
 2006-09-05 21:34:52 +00:00
Sergey Poznyakoff
dbc191b52b Update 
git-svn-id: file:///svnroot/pam-modules/trunk@29 56984be4-0537-0410-a56c-fcb268c96130
 2006-09-05 21:34:42 +00:00
Sergey Poznyakoff
7aeea82338 Updated copyright statement 
git-svn-id: file:///svnroot/pam-modules/trunk@17 56984be4-0537-0410-a56c-fcb268c96130
 2005-08-18 06:26:25 +00:00
Sergey Poznyakoff
485f37963d Minor fixes. 
git-svn-id: file:///svnroot/pam-modules/trunk@11 56984be4-0537-0410-a56c-fcb268c96130
 2004-05-27 07:52:54 +00:00
Sergey Poznyakoff
becb45487c Removed 
git-svn-id: file:///svnroot/pam-modules/trunk@10 56984be4-0537-0410-a56c-fcb268c96130
 2004-05-27 07:50:42 +00:00
Sergey Poznyakoff
0efe0ae2b1 Added to the repository 
git-svn-id: file:///svnroot/pam-modules/trunk@9 56984be4-0537-0410-a56c-fcb268c96130
 2004-05-27 07:41:05 +00:00
Sergey Poznyakoff
81ca942564 Initial revision 
git-svn-id: file:///svnroot/pam-modules/trunk@2 56984be4-0537-0410-a56c-fcb268c96130
 2004-02-09 14:51:48 +00:00