rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2024-11-29 09:24:22 +01:00
Code Issues Projects Releases Wiki Activity
752 Commits 19 Branches 44 Tags 1.2 MiB
43d5c39880
Commit Graph

212 Commits

Author SHA1 Message Date
Klas Lindfors
602905c51d spelling 2014-03-26 09:40:01 +01:00
Klas Lindfors
3be440ec80 add urllist feature 
allowing up to 10 urls to be specified in config
 2014-03-12 15:00:22 +01:00
Simon Josefsson
387db3eba0 Merge pull request #14 from BinetReseau/master 
No match between user and token detailed pam values
 2013-09-27 02:11:20 -07:00
Klas Lindfors
7fa8cbbd46 a PAM_MODUTIL_DEV_PRIVS structure can't be reused 
so we have to allocate a second one and point to
that for the second time we want to drop privs.
relates to #28
 2013-09-23 08:56:49 +02:00
Klas Lindfors
1b2a8fdf30 reimplement drop_privs to implement the pam_modutils interface 
Original patch from maxime.deroucy@gmail.com.
http://code.google.com/p/yubico-pam/issues/detail?id=49
fixes #19
 2013-09-20 10:54:13 +02:00
Klas Lindfors
eb1ba8a52a update copyright years 2013-09-19 08:35:15 +02:00
Eugene Crosser
2aaf0fdc23 Stop leaks of memory and of privileges 
Fix several memory leaks and mishandling of the privilege status
where a function returned failure indication, and previously
allocated memory was not freed (and the referece was lost), or
previously droped privileges where not restored.
 2013-09-18 14:22:41 +02:00
Klas Lindfors
f617829f10 fixup warnings 2013-09-18 14:10:35 +02:00
Klas Lindfors
fb6b0911fd use pbkdf2 to process the exepected response 
this bumps the version on the state file to 2
old files can still be read but new files will use the new format
 2013-09-18 14:10:35 +02:00
Klas Lindfors
eb78d4882b refactor to use chalresp function from ykpers 
so challenge_response() now calls yk_challenge_response() to
do the yubikey internal stuff.
 2013-09-18 14:10:35 +02:00
Christian Hesse
7dc5c6a155 print information only if debug is specified 
The pam module is very informative. I do not want it to print any
information unless debug is specified. An attacker should not get any
information.
 2013-05-13 15:47:59 +02:00
Pierre-Alain Dupont
21c4dd3fa3 A more precise handling of user-token match errors 
Signed-off-by: Pierre-Alain Dupont <pad@melix.net>
 2013-01-26 15:59:23 +00:00
Vincent Brillault
96252b6f2b Verify the otp_length given by the configuration 
Avoid out of bound writing at ligne -920,1 +927,1:
strncpy (otp_id, password + skip_bytes, cfg->token_id_length);
 2012-08-07 19:18:43 +02:00
Klas Lindfors
2ffd54a24c use errstr to communicate with the user 2012-06-14 09:25:38 +02:00
Klas Lindfors
a5f2e9e333 check for same response in pam module, output debug for the user 2012-06-08 13:20:07 +02:00
Klas Lindfors
41c576e0cf replace fopen with open+fdopen to set more restrictive bits 2012-06-08 10:45:59 +02:00
Fredrik Thulin
da246e240c load_chalresp_state: Debug message was always shown. 2012-02-13 14:24:31 +01:00
Fredrik Thulin
82296f4632 do_challenge_response: Clear errno when done. 2012-02-10 15:13:42 +01:00
Fredrik Thulin
2c077fba4e DBG format fix 2012-02-10 14:13:24 +01:00
Fredrik Thulin
fb6281fa3f Fix clang indicated printf format warnings. 2012-02-08 15:53:18 +01:00
Fredrik Thulin
3275b38d59 Fix debug-logging of chalresp_path. Oddity reported by clang. 2012-02-06 11:37:42 +01:00
Fredrik Thulin
dc9146ffcb snprintf returns an int, not a size_t. reported by clang. 2012-02-06 11:31:23 +01:00
Fredrik Thulin
bfbcda54ad Merge branch 'master' of https://github.com/remim/yubico-pam 2012-02-02 13:16:05 +01:00
Remi Mollon
3e1f5f6925 renaming yubi_prefix to yubi_Attr_prefix and changing debug 2012-02-01 09:29:05 +01:00
Clemens Lang
d2c14efdd4 Add missing headers 
fcntl.h in pam_yubico.c is needed on OS X with clang for the build to
succeed, while unistd.h in util.c is required so clang doesn't complain
about implicit declarations of ftruncate and fsync.
 2012-01-28 00:30:34 +01:00
Fredrik Thulin
73369beba9 Avoid double fclose() in some error cases. 
Problem reported (and patched) by Lingzhu Xiang <xianglingzhu@gmail.com>
in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657524
 2012-01-27 12:33:53 +01:00
Remi Mollon
fd465d1261 add comment 2012-01-24 17:42:49 +01:00
Simon Josefsson
3828953374 Bump version. Use silent rules. Bump copyright years. 2012-01-23 20:25:06 +01:00
Remi Mollon
b42307d169 adding yubi_prefix parameter, when looking for token_id in ldap 2012-01-18 17:04:58 +01:00
Fredrik Thulin
263012f725 authorize_user_token: Don't drop privs for system-wide file. 2011-12-13 16:56:04 +01:00
Fredrik Thulin
43134038a5 do_challenge_response: Remove 2 unused variables. 2011-12-06 13:45:58 +01:00
Fredrik Thulin
b27599957c Fix implicit yubikey_* declarations. 2011-12-06 13:31:25 +01:00
Fredrik Thulin
fa8a9ff074 Fix pointer signedness warnings. 2011-12-06 11:56:52 +01:00
Fredrik Thulin
f24f333867 Drop privileges before writing new C-R file. 2011-11-23 13:56:01 +01:00
Fredrik Thulin
94885d2d48 Verify that challenge-response file is a normal file. 2011-11-23 13:55:44 +01:00
Fredrik Thulin
d4acd495f0 improve debug messages 2011-11-23 13:46:26 +01:00
Fredrik Thulin
fcde64a93e Use pam_modutil_drop_priv if it is available. 
Utility functions for what was done in drop_priv.c appeared
in PAM 1.1.3. Use them when available.
 2011-11-23 13:45:41 +01:00
Fredrik Thulin
b92902fd8f Restore challenge-response functionality. 
HAVE_LIBYKPERS_1 did not seem to ever get defined, so use HAVE_CR instead.
 2011-11-23 13:26:02 +01:00
Ricky Zhou
a9892dbb44 Drop privileges before opening user files. 
This change also ensures that user tokens are regular files.  We may
want to add a similar check for user challenge files.
 2011-11-23 10:16:00 +01:00
Fredrik Thulin
f92ee12aa9 Remove unused variable and extra undef. 2011-11-22 11:17:29 +01:00
Fredrik Thulin
47d883b600 pam_sm_authenticate: check strdup return value 2011-11-22 11:08:53 +01:00
Fredrik Thulin
57cf6ed5d6 authorize_user_token_ldap: check malloc return value 2011-11-22 11:08:28 +01:00
dr8
6dc10799b6 Bug fix: pam_yubico doesn't check server signature 
Squashed commit of the following:

commit 9e7746bc53
Author: dr8 <github@dominicrutherford.co.uk>
Date:   Mon Oct 31 14:27:47 2011 +0000

    Bug fix: pam_yubico doesn't check server signature

commit 2f3d5e721c
Author: dr8 <github@dominicrutherford.co.uk>
Date:   Sat Oct 29 16:59:08 2011 +0100

    Bug fix: pam_yubico does not validate server signature

commit 58a1e6820a
Author: dr8 <github@dominicrutherford.co.uk>
Date:   Fri Oct 28 22:09:49 2011 +0100

    only validate server signature when key is specified

commit d705f429bc
Author: dr8 <github@dominicrutherford.co.uk>
Date:   Tue Oct 25 22:45:22 2011 +0100

    fix failure to validate server signature
 2011-11-08 21:57:28 +01:00
Nanakos Chrysostomos
4712da70ca Fix big security hole: Authentication succeeded when no password 
was given, unless use_first_pass was being used.
This is fatal if pam_yubico is considered 'sufficient' in the PAM
configuration.

Signed-off-by: Nanakos Chrysostomos <nanakos@wired-net.gr>
 2011-08-26 14:32:03 +03:00
Simon Josefsson
e469b630d5 Make dependency on libykpers optional. 
Use --without-cr to force it.  Reported by Jussi Sallinen <jussi@jus.si>.
 2011-06-07 00:35:22 +02:00
Fredrik Thulin
eb438e782c parse_cfg: Use memset to clear cfg struct. 
The code will be easier to maintain if one does not have to remember
explicitly initializing all new members of the config struct.
 2011-04-15 16:30:06 +02:00
Fredrik Thulin
804b537acf Fix some D's that should've been DBG. 2011-04-15 16:28:00 +02:00
Fredrik Thulin
dfebd4173f Make DBG macro unified. 
Refactor authorize_user_token and authorize_user_token_ldap to take
a cfg argument instead of a number of elements from cfg.
 2011-04-15 15:24:50 +02:00
Romain Riviere
1ec6d2df92 Debug: adding a dbg flag and macro so as to disable unwanted debug messages 2011-04-15 14:17:23 +02:00
Tollef Fog Heen
7923496375 Tell the user if something goes wrong after authenticating 
If we successfully authenticate, but something then goes wrong, such
as failure to generate a new challenge, failure to update the
challenge and so on, tell the user.
 2011-03-18 23:05:26 +01:00
Tollef Fog Heen
72d1f4bba9 Move code around slightly to make merging with Fredrik easier 2011-03-18 23:01:46 +01:00
Fredrik Thulin
b20c0ed678 Make get_user_challenge_file() also include YubiKey serial number, 
and move it to util.c.
 2011-03-18 22:57:22 +01:00
Fredrik Thulin
69ec1bf8a0 Further cleanups to challenge response code, and move more code to util.c. 2011-03-18 22:56:41 +01:00
Fredrik Thulin
cb16817047 Revert "Wait with declaring PAM_SUCCESS on challenge-response until new" 
Tollef has argued that the login should not fail if, for example, the
disk is full. I'd rather fail on the cautious side and make sure we
don't end up always sending the same challenge to the YubiKey, but I'll
leave it up to Tollef to decide for now.

This reverts commit 14e917ffae.

Conflicts:

	pam_yubico.c
 2011-03-18 22:50:23 +01:00
Fredrik Thulin
721866df0b Move more challenge-response code to util.c. 2011-03-18 21:52:07 +01:00
Fredrik Thulin
c557249503 Move soon-to-be commonly used code to util.c 2011-03-18 21:49:23 +01:00
Fredrik Thulin
3abc5b2d81 Remove hard coded values for challenge/responses. 
Also do some input validation on what we read from the C/R file.
 2011-03-16 22:52:36 +01:00
Fredrik Thulin
d73618f271 generate_challenge() only generated half as many bytes as it should. 
Changed generate_challenge() to generating bytes instead of a hex
encoded string, to not have to decode what we just encoded - instead
just generate plain bytes of randomness and then encode them once.
 2011-03-16 22:49:57 +01:00
Tollef Fog Heen
1364b39db7 Use a temporary file to ensure we always have a challenge 
If we use ftruncate we might end up in the situation that we do not
have a challenge on disk, leading to the user being unable to log in.
By using a temporary file, fsync and rename we avoid this problem.
 2011-03-16 22:49:51 +01:00
Fredrik Thulin
dc6cd95a98 fsync() wants file descriptor 
Also, truncate file before writing if the challenge length has
changed (became shorter) or garbage has otherwise been appended.
 2011-03-16 22:28:33 +01:00
Fredrik Thulin
ee2e8b42da Don't generate new challenge on bad response. 2011-03-16 22:28:02 +01:00
Fredrik Thulin
7360223a14 Support challenge-response files outside user's home directory. 
Having the challege-response data inside the home directory won't
work very well if the YubiKey is to unlock an ecryptfs encrypted
home directory.
 2011-03-16 22:27:02 +01:00
Tollef Fog Heen
d9ee08b97f Add challenge-response authentication 2011-03-12 15:57:07 +01:00
Tollef Fog Heen
ed1ce7e6e7 Undef USERFILE when we don't need it any more 2011-03-12 15:57:02 +01:00
Tollef Fog Heen
49c923a99d Get rid of unimplemented PAM functions 2011-03-12 15:56:48 +01:00
Fredrik Thulin
e338807cc8 Merge branch 'fix/various_ldap_fixes' 2011-03-10 20:50:48 +01:00
Fredrik Thulin
a59c6c4d71 Ignore errors from pam_get_data(). 2011-03-04 15:52:02 +01:00
Fredrik Thulin
f91a7dc99a Correct debug log message for too short OTPs. 2011-03-03 15:45:00 +01:00
Fredrik Thulin
a5594fa09c Merge branch 'devel/avoid_logging_passwords' 2011-03-03 15:07:53 +01:00
Fredrik Thulin
702ac98b21 Bugfix getting option token_id_length. 2011-03-03 15:06:15 +01:00
Fredrik Thulin
ac76947e8a Avoid logging passwords when debug is enabled. 
Problem reported in
http://code.google.com/p/yubico-pam/issues/detail?id=28
 2011-03-03 15:00:05 +01:00
Fredrik Thulin
abb0b7e4e4 authorize_user_token_ldap: Only fetch the attribute we're interested in. 
Previous version fetched ALL attributes of the identified object,
and treated them all equal when looking for the YubiKey token identifier.
 2011-03-03 14:18:00 +01:00
Fredrik Thulin
a9ef97ea4c authorize_user_token_ldap: Don't leak memory on failures. 2011-03-03 12:48:43 +01:00
Fredrik Thulin
0bb1630abf authorize_user_token_ldap: sr was under-allocated by one byte. 
Also change strcat's to sprintf to make code easier to maintain.
 2011-03-03 12:38:34 +01:00
Fredrik Thulin
bfd8efd682 Don't segfault on unset LDAP parameters. 
When ldapserver / ldap_uri was specified, but not for example
user_attr, authorize_user_token_ldap() used to cause a segmentation
fault.
 2011-03-03 10:58:34 +01:00
Fredrik Thulin
01897ebb9e Use LDAPv3 instead of LDAPv2. 
LDAPv2 was declared historical in 2003, and is now not supported by
for example Mac OS X Server's Open Directory.
Patch by maxsanna81@gmail.com.
 2011-03-03 10:31:30 +01:00
Fredrik Thulin
90a7fd0f0a Avoid LDAP warnings about deprecated functions. 
Patch by judas.iscariote.
 2011-03-03 10:19:55 +01:00
Fredrik Thulin
6a0c8fc82b authorize_user_token_ldap: Use correct LDAP free function. 
Patch by judas.iscariote.
 2011-03-03 10:11:16 +01:00
Fredrik Thulin
336f794b42 Make length of public ID part of tokens configurable. 
Now that we support setting URL, not all public ID's can be expected
to be six bytes (the length used in the YubiCloud validation service).

Unfortunately we can't support OTPs of different lengths at once,
because there is code supporting users entering their (other)
password followed by the OTP from the YubiKey.

Patch by fraser.scott@gmail.com in
http://code.google.com/p/yubico-pam/issues/detail?id=19
 2011-03-02 22:08:58 +01:00
Fredrik Thulin
bdfa3891e2 Add debug output of url and capath. 2011-02-28 15:42:56 +01:00
Remi Mollon
d122f27825 Add capath parameter to PAM module 2011-02-14 17:20:48 +08:00
Simon Josefsson
2fee6c1fcf Fix segmentation fault on 64-bit systems. 
Reported by multiple people in Issue #11
<http://code.google.com/p/yubico-pam/issues/detail?id=11>.
 2010-09-09 21:40:38 +00:00
Simon Josefsson
075cb5663f Handle ^D at su prompt. 2010-09-09 20:28:20 +00:00
Simon Josefsson
e6bed0bfcd Make deprecated "ldapserver" work again. 
Reported by giovannibajo in Issue #27:
<http://code.google.com/p/yubico-pam/issues/detail?id=27>.
 2010-07-13 16:53:24 +00:00
Simon Josefsson
d51da376c7 New keyword "verbose_otp" to allow displaying OTP characters. 
Contributed by qistoph reported in Issue #22:
<http://code.google.com/p/yubico-pam/issues/detail?id=22>.
 2010-04-14 09:07:48 +00:00
Simon Josefsson
adcf7e2c4e Add deprecated support for old ldapserver keyword. 2010-04-14 08:29:39 +00:00
Simon Josefsson
0aa245a9b2 Doc fix. 2010-04-13 19:58:35 +00:00
zubrick433
15cae15f1c Corrections in ldap part:Â 
Removed deprecated ldap functions. New functions need a ldap uri instead of a hostname. changed configuration parameter ldapserver to ldap_uri to reflect change and avoid errors in configuration.

Search string are now of variable size depending on configuration parameters length, instead of an arbitrary fixed length.

Modified README for the new ldap_uri configuration parameter
 2009-08-11 09:29:44 +00:00
Simon Josefsson
246253c379 Add new key parameter to set verification key. 2009-05-11 10:05:20 +00:00
Simon Josefsson
b6d7807da7 Don't output debug information unconditionally. 2009-05-11 08:59:22 +00:00
Simon Josefsson
35b4a6187e Avoid warning. 2009-03-30 08:11:26 +00:00
Simon Josefsson
b18d8ef79a Use and require libykclient v2.0+. 2009-03-25 10:15:13 +00:00
Simon Josefsson
a077ae56ad Improve matching logic. 2009-03-24 16:41:11 +00:00
Simon Josefsson
81d5c71a4b Fix crash on memory errors. 2009-03-24 15:21:09 +00:00
Simon Josefsson
d20569dcc3 Fix parsing of password+otp into id/otp/passwd. Fix return codes. Fix setcred. 2009-03-24 15:11:54 +00:00
Simon Josefsson
7f1a398141 Fix ykc handling. 2009-03-24 14:30:57 +00:00
Simon Josefsson
751962c4b5 Reduce failure points with live unverified OTP. 2009-03-24 14:28:21 +00:00
Simon Josefsson
8bc4f7b37d Split off configuration parsing. 2009-03-24 14:20:52 +00:00
Simon Josefsson
8d7e013726 Don't pass integers via pam_set_data/pam_get_data. 2009-03-24 13:38:33 +00:00
Simon Josefsson
0991ea610a Support use_first_pass and try_first_pass. 2009-03-24 11:13:57 +00:00
Simon Josefsson
a6043192e6 Fix typo. 2009-02-11 16:52:41 +00:00
Simon Josefsson
32e76effae Indent code. Add FIXME note. Handle NULL values in debug strings. 2009-02-11 16:50:04 +00:00
zubrick433
3abd8adc95 Added ldap support 2009-02-11 16:35:29 +00:00
Simon Josefsson
9d0ff9eafd Change license to 2-clause BSD. 2009-01-13 14:08:21 +00:00
Simon Josefsson
fc87a76136 Support debugging even on non-Linux. 2009-01-13 11:10:16 +00:00
Simon Josefsson
4711cf7c12 Avoid use of asprintf, to fix Solaris. 
Suggested by Martin Englund <Martin.Englund@Sun.COM>.
 2009-01-13 10:44:02 +00:00
Simon Josefsson
3338b6eb0c Add new parameter 'url' to specify the server template URL. 2008-09-15 14:25:14 +00:00
Simon Josefsson
02c8dce53f Indent. 2008-09-01 13:14:33 +00:00
Simon Josefsson
af09b5499c Merge in Samir's work. Support two-factor mode. Support user configurations. 2008-09-01 13:13:07 +00:00
Simon Josefsson
454d5b1bab Use libyubikey-client instead of curl directly. 2008-06-25 13:40:19 +00:00
Simon Josefsson
07840f52ac Remove obsolete comments. 2008-01-11 13:11:30 +00:00
Simon Josefsson
c28c90d068 Import from private CVS repository. 2008-01-11 12:41:21 +00:00