1
0
mirror of https://github.com/Yubico/yubico-pam.git synced 2024-12-01 15:24:12 +01:00
Commit Graph

690 Commits

Author SHA1 Message Date
Karol Babioch
41e6554c66 Spell system-wide consistently throughout the project 2018-05-02 14:53:14 +02:00
Klas Lindfors
b86e9a2b42
Merge branch 'pr-151' 2018-05-02 14:04:32 +02:00
Klas Lindfors
0c616bc065
Merge branch 'pr-150' 2018-05-02 14:04:27 +02:00
Karol Babioch
5ad10385df README: Add missing descriptions for undocumented options 2018-05-02 14:01:17 +02:00
Karol Babioch
35407b5d4c Add documentation for cainfo option
This adds documentation about the cainfo parameter to both the README as
well as the man page.
2018-05-02 13:48:32 +02:00
Klas Lindfors
41ff09cda8
Merge branch 'pr-149' 2018-05-02 13:41:47 +02:00
Karol Babioch
44e315cdd8 README: Add a section about chalresp_path
This adds a short section about the chalresp_path option, which was missing
previously from the overview of available options in the README file.
2018-05-02 13:36:18 +02:00
Klas Lindfors
cb62c8c188
Merge branch 'pr-148' 2018-04-26 12:24:49 +02:00
Karol Babioch
bb3e2030eb Fix a couple of typos and spell phrases more consistently
Certain phrases (Challenge-response) were not spelled consistently
throughout the project. This commit adjusts for that and fixes a
couple of typos along the way and uses the base form of verbs in
case of error messages.
2018-04-25 15:22:30 +02:00
Klas Lindfors
03099cdef2
debug: drop extra \n at end of debug output 2018-04-24 08:43:33 +02:00
Klas Lindfors
3ad6fe72e7
debug: add ykpers library version to debug output where applicable 2018-04-24 08:41:03 +02:00
Klas Lindfors
9524cebc07
bump versions after release 2018-04-20 13:28:41 +02:00
Klas Lindfors
b32ad2fefa
NEWS for 2.26 2018-04-20 12:57:50 +02:00
Klas Lindfors
f567af6e41
Drop the blurb about rewriting of this project 2018-04-18 09:05:23 +02:00
Klas Lindfors
6199b071db
Merge branch 'pr-145' 2018-04-13 15:03:11 +02:00
Karol Babioch
e5bd2ef844 Open file handlers manually using open() and fdopen() instead of using fopen()
A previous commit (d51124e) added the `e` flag to the `fopen()` calls. However
this flag is not supported on all platforms (MacOS) and will be silently
dropped (see #145). This patch works around those issues by manually opening
the file descriptor using `open()` with the `O_CLOEXEC` flag, and invoking
`fd_open()` on the resulting file descriptor to open an appropriate `FILE`
stream.

This makes sure that all files used by pam_yubico will be opened with the
`O_CLOEXEC` flag on all supported platforms to mitigate issues with missing
`fclose()` invocation (see #136).
2018-04-11 14:15:53 +02:00
Karol Babioch
0b595ee1cd Use mkotemp() instead of mkstemp()
This uses mkostemp() instead of mkstemp(), passing along the `O_CLOEXEC` flag,
which makes sure that the file descriptor is closed and won't be leaked into
any child process, which was previously an issue due to a missing fclose()
(#136).
2018-04-10 11:28:06 +02:00
Karol Babioch
d51124e884 Add "e" flag to fopen() calls
This adds the `e` flag to fopen() calls, making sure the `O_CLOEXEC` flag is
used. This makes sure that the file descriptor is being closed and not leaked
into child processes. This was an issues previously due to a missing fclose()
(#136).
2018-04-10 11:28:03 +02:00
Karol Babioch
079b975469 Open file descriptors with O_CLOEXEC
This opens any file descriptors with the O_CLOEXEC flag, which will make sure
that file descriptors won't be leaked into any child process. This was
previously an issue due to a forgotten fclose() (#136).
2018-04-10 11:27:56 +02:00
Klas Lindfors
c773044edc
Merge branch 'pr-144' 2018-04-10 10:46:08 +02:00
Klas Lindfors
c845c63aec
Merge branch 'pr-143' 2018-04-10 10:29:51 +02:00
Karol Babioch
998ee88aa5 tests: Fix compiler warnings due to wrong pointer casts
This fixes a couple of compiler warnings due to wrong pointer casts in regards
to the pamh structure, which is a bit of a hackery way to access the test data.
2018-04-09 17:21:09 +02:00
Karol Babioch
1aacb11538 Fix several format string specifiers
This fixes several specifiers to better represent the data type, which fixes
multiple compiler warnings.
2018-04-09 17:18:36 +02:00
Klas Lindfors
6fe39d60d1
Merge branch 'pr-141' 2018-04-09 09:10:19 +02:00
Klas Lindfors
d63c2f2890
Merge branch 'pr-139' 2018-04-09 09:08:34 +02:00
Karol Babioch
a92a59c761 util_test: Use mkdtemp() instead of tempnam()
The latter function is considered insecure and deprecated on some platforms.
This will create the directory with 0700 implicitely, where it was 0755
beforehand. Since this is a more secure default and the test suite runs fine,
we don't bother to chmod the directory.
2018-04-06 16:59:31 +02:00
Karol Babioch
8c740c13df Require sudo in .travis.yml
Since the install script currently requires sudo, we should state so
explicetely in the .travis.yml file to make sure we get a sudo-enabled
environment and not a container-based one, as there is no sudo available
in the latter one. The default was changed in August 2017, so when
forking this repository, the Travis CI won't work out-of-the box without
this modification. This is described in some details here [1].

[1]: https://docs.travis-ci.com/user/reference/overview/
2018-04-06 13:28:26 +02:00
Klas Lindfors
0f6ceabab0
util: make sure to close the authfile before returning success
fixes #136
2018-04-03 09:19:53 +02:00
Klas Lindfors
af53411f7d
bump ykpers version for mac build 2018-03-27 13:09:26 +02:00
Klas Lindfors
25f2503b34
bump version to 2.26 2018-03-27 12:44:23 +02:00
Klas Lindfors
432d7c60a1
NEWS for 2.25 2018-03-27 12:37:33 +02:00
Klas Lindfors
5687ff95a9
Merge branch 'pr-133' 2018-03-20 14:09:06 +01:00
Karol Babioch
8db623de5d Document nullok parameter in manpage
The nullok parameter was documented in the README, but not in the manpage. This
adds the section from the README file.
2018-03-20 13:55:23 +01:00
Karol Babioch
b791091502 Print out nullok parameter in debug mode
This prints out the nullok parameter in debug mode, which was introduced
previously.
2018-03-20 13:53:09 +01:00
Klas Lindfors
49ad48b3ef
Merge branch 'pr-130' 2017-12-15 08:08:55 +01:00
Robert Giles
504c838b5a Update ldap_bind_user to wrap in brackets, in the likely case the actually bind DN will reside in an OU with spaces in the name. 2017-12-14 11:51:20 -06:00
Robert Giles
c1995a70b7 Typo in asciidoc syntax. 2017-12-14 10:06:19 -06:00
Robert Giles
c0d1646853 Clarify documentation; this example configuration is also useful for just regular pam_yubico configuration elsewhere against AD, too. 2017-12-14 10:04:48 -06:00
Klas Lindfors
db0d7a548b
Merge branch 'pr-129' 2017-11-20 10:16:40 +01:00
Andy Neff
5003f3974d
Update Yubikey_and_SELinux_on_Fedora_18_and_up.adoc
Added a quick explanation for what to do when you are using your own server that uses a custom port
2017-11-15 15:46:46 -05:00
Klas Lindfors
9a674273e4
drop more text with unnecessary old version deps 2017-10-10 09:37:50 +02:00
Klas Lindfors
1bc784a4f0
drop outdated version recommendations 2017-10-06 10:12:50 +02:00
Klas Lindfors
dbaf857ef0
improved debug messages when getpwnam_r() doesn't return a user 2017-08-30 08:32:54 +02:00
Klas Lindfors
3d0d9f52e5
doc: fixup which proxy schemes are supported, add http and https
fixes #127
2017-08-07 12:39:58 +02:00
Klas Lindfors
39cfa7d939
Merge branch 'pr-121' 2017-06-26 10:07:09 +02:00
Larhard
42e8a06bfe add check_user_challenge_file tests 2017-06-24 08:31:55 +00:00
Larhard
d3f50c43ac clear check_user_challenge_file 2017-06-23 20:10:53 +00:00
Alessio Di Mauro
f3061d627e
Add message about project rewrite to README 2017-06-16 11:20:04 +02:00
Larhard
ff87bf0ac4 code cleanup 2017-04-09 17:13:19 +02:00
Larhard
1d62bec277 add nullok support to challenge-response mode 2017-04-09 03:36:40 +02:00