1
0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-01-22 07:52:22 +01:00

582 Commits

Author SHA1 Message Date
Klas Lindfors
1968a1ea32 add brew update for travis 2015-11-13 10:53:24 +01:00
Klas Lindfors
2f5e903922 with more thought: remove valgrind for tests
since curl+gnutls seems to leave gnutls inited data around
2015-10-08 12:04:20 +02:00
Klas Lindfors
beef2d9bd5 add valgrind-tests 2015-10-08 10:58:12 +02:00
Klas Lindfors
0bd785cf3a use correct modifier for size_t print 2015-10-08 10:29:08 +02:00
Klas Lindfors
9c8553f297 setup travis to do multi-os builds 2015-10-08 10:24:07 +02:00
Klas Lindfors
7aa75e0af8 drop the non-portable test test
it linked with the module and didn't really do anything, making the test
suite more fragile than necessary
2015-10-08 10:24:07 +02:00
Klas Lindfors
c97dac4bd9 remove forgotten references to wiki
There is no wiki for this project, that information is either in the doc
folder or in the project manpages. Both of which accessible from
https://developers.yubico.com/yubico-pam/

fixes #81
2015-10-05 10:07:56 +02:00
Klas Lindfors
8d61533c62 bump versions 2015-09-22 08:16:00 +02:00
Klas Lindfors
9b09b8d576 NEWS for 2.20 2.20 2015-09-22 08:14:06 +02:00
Klas Lindfors
0b0be7e5c1 add information about files used
thanks to @madrat- for original suggestions
fixes #78
2015-09-15 15:01:40 +02:00
Klas Lindfors
83cccf3e12 reset yk_errno when we're happy with the result 2015-09-14 13:14:51 +02:00
Klas Lindfors
056dac4794 correct fchmod() return check 2015-09-14 13:14:30 +02:00
Klas Lindfors
dd96aa71dc switch i to size_t to match usage 2015-09-14 10:34:06 +02:00
Klas Lindfors
344d1b4384 fix initialization of msg to not warn
apparently this is gcc bug 53119
2015-09-14 10:30:01 +02:00
Klas Lindfors
ec84a78453 make yubi_attr_prefix_len a size_t 2015-09-14 10:29:49 +02:00
Klas Lindfors
0eb2f8cec3 mark unused parameter with __attribute__((unused)) 2015-09-14 10:27:14 +02:00
Klas Lindfors
bc93b62489 use mkstemp() to get the tempfile instead
unfortunately means we have to fchmod() it afterwards to be sure
2015-09-14 10:24:05 +02:00
Klas Lindfors
ecafc6af84 Merge pull request #79 from madrat-/master
do_challenge_response change privileges twice at reading and writing
2015-09-14 09:17:10 +02:00
madRat
3d22ed0c15 do_chalendge needs drop privs twice at reading and writing 2015-09-11 16:50:51 +03:00
Klas Lindfors
1036873b95 in the challenge-response case only drop privileges for user dir
This allows the module to work in a case where the directory is only
writable to root.

fixes #77
2015-09-11 13:56:14 +02:00
Klas Lindfors
6f6a7b20fc don't warn about to long strings 2015-09-11 13:56:03 +02:00
Klas Lindfors
70f27b98a2 include pwd.h in util.h 2015-09-09 08:24:57 +02:00
Klas Lindfors
37f8788073 disable xmllint for a2x since it seems to cause problems 2015-09-08 09:25:58 +02:00
Klas Lindfors
237ed18b9f use pam_modutil_getpwnam() if it's available
also refactor to pass in a passwd struct to the util functions
2015-09-08 09:15:07 +02:00
Klas Lindfors
15cab00173 add a test for a user showing up twice in the file 2015-08-18 14:22:00 +02:00
Klas Lindfors
ab25973d1e add documentation for chalresp_path parameter 2015-08-11 08:25:57 +02:00
Klas Lindfors
4e13a474ff Merge pull request #71 from afeinberg/comments
Support comments in authfile
2015-08-11 08:22:53 +02:00
Alex Feinberg
362ca9cb92 Support comments in authfile
Adds support for comments (indicated by lines starting with '#') in
authfiles.
2015-08-10 14:37:02 -07:00
Klas Lindfors
50ce40bbb1 free message at end of function
it was possible message was never freed if the sprintf() call failed
2015-07-08 16:11:42 +02:00
Klas Lindfors
9a132bcd07 add cainfo option to allow usage of a cabundle instead of path
path submitted by github user @Mrten
reportedly this is needed if curl is linked with gnutls
fixes #6
2015-06-15 10:25:56 +02:00
Klas Lindfors
11326d023d add debug print for last url used 2015-04-27 11:03:34 +02:00
Klas Lindfors
e66ed787d1 export LDAPNOINIT=1 for tests so we don't run with systems ldap config
fixes #61
2015-04-07 16:33:52 +02:00
Klas Lindfors
8f61e253d3 more debugging on mocks 2015-04-07 09:21:00 +02:00
Klas Lindfors
0e77cffb67 add some debug logging to ldap and ykval mocks 2015-04-07 08:55:39 +02:00
Klas Lindfors
fe8eb203d9 change int to size_t 2015-03-30 15:25:16 +02:00
Klas Lindfors
c2a6b9c948 fixup warnings with sign 2015-03-30 15:25:15 +02:00
Klas Lindfors
9c913fd97e fixup warnings related to constness of filename 2015-03-30 15:25:15 +02:00
Klas Lindfors
076a8d2f3f Merge pull request #60 from neverpanic/master
Fix warnings on OS X with clang
2015-03-30 13:57:29 +02:00
Clemens Lang
ac5bb65013 Use unsigned, fix printf conversion spec warnings
Some of the printf conversion specifications were wrong when used on
size_t, causing

> pam_yubico.c:957:57: warning: format specifies type 'int' but the argument has type 'size_t' (aka 'unsigned long') [-Wformat]
>       DBG (("OTP too short to be considered : %i < %i", password_len, (cfg->token_id_length + TOKEN_OTP_LEN)));
>                                               ~~        ^~~~~~~~~~~~
>                                               %zu
> pam_yubico.c:132:36: note: expanded from macro 'DBG'
> #define DBG(x) if (cfg->debug) { D(x); }
>                                    ^
> ./util.h:47:12: note: expanded from macro 'D'
>     printf x;                                                           \
>            ^

and

> pam_yubico.c:967:14: warning: format specifies type 'int' but the argument has type 'size_t' (aka 'unsigned long') [-Wformat]
>         skip_bytes, password_len, cfg->token_id_length, TOKEN_OTP_LEN));
>                     ^~~~~~~~~~~~
> pam_yubico.c:132:36: note: expanded from macro 'DBG'
> #define DBG(x) if (cfg->debug) { D(x); }
>                                    ^
> ./util.h:47:12: note: expanded from macro 'D'
>     printf x;                                                           \
>            ^

Fix these by using the appropriate %zu conversions for size_t. While
looking through the code, there are a couple more places where format
string specifiers could be improved, e.g. using %zu instead of casting
the result of sizeof(x) or strlen(x) to unsigned long.

In addition, convert TOKEN_OTP_LEN, MAX_TOKEN_ID_LEN and
DEFAULT_TOKEN_ID_LEN to unsigned numbers, because negative values would
not make any sense for those.
2015-03-30 13:54:37 +02:00
Clemens Lang
c1f61bae0f Fix warning if pam_message.msg isn't constant
On OS X and FreeBSD, struct pam_message does not declare its msg member
as constant. This causes a warning when assigning a constant string to
it:

pam_yubico.c:403:14: warning: assigning to 'char *' from 'const char *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
  msg[0].msg = message;
             ^ ~~~~~~~
2015-03-30 13:54:36 +02:00
Klas Lindfors
d4136a365f drop save-mans 2015-03-23 09:55:16 +01:00
Klas Lindfors
effac5f849 bump versions 2015-03-23 09:55:06 +01:00
Klas Lindfors
d130bec213 release 2.19 2.19 2015-03-23 09:53:56 +01:00
Klas Lindfors
8d93297619 fix typo 2015-03-17 09:32:50 +01:00
Klas Lindfors
2708fc90b5 fix the git url again
fixes #54
2015-03-13 21:20:28 +01:00
Henrik Stråth
7db3e2cbf0 Fixed broken link 2015-03-10 16:03:27 +01:00
Henrik Stråth
7f89cdf9cb removed broken link 2015-03-10 15:57:12 +01:00
Klas Lindfors
989d2f51f9 Merge pull request #56 from shanx/master
Clarified the notion of id when using the pam_yubico module
2015-03-10 08:15:35 +01:00
Klas Lindfors
1aba59cde0 skip the repo token for coveralls 2015-03-10 08:01:03 +01:00
Remco Wendt
d7d1bbfb1a fixed typo 2015-03-06 20:07:19 +01:00