rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2024-11-29 00:24:11 +01:00
Code Issues Projects Releases Wiki Activity
775 Commits 19 Branches 44 Tags 1.2 MiB
55a0f78972
Commit Graph

775 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Klas Lindfors
8d61533c62 bump versions 2015-09-22 08:16:00 +02:00
Klas Lindfors
9b09b8d576 NEWS for 2.20 2015-09-22 08:14:06 +02:00
Klas Lindfors
0b0be7e5c1 add information about files used 
thanks to @madrat- for original suggestions
fixes #78
 2015-09-15 15:01:40 +02:00
Klas Lindfors
83cccf3e12 reset yk_errno when we're happy with the result 2015-09-14 13:14:51 +02:00
Klas Lindfors
056dac4794 correct fchmod() return check 2015-09-14 13:14:30 +02:00
Klas Lindfors
dd96aa71dc switch i to size_t to match usage 2015-09-14 10:34:06 +02:00
Klas Lindfors
344d1b4384 fix initialization of msg to not warn 
apparently this is gcc bug 53119
 2015-09-14 10:30:01 +02:00
Klas Lindfors
ec84a78453 make yubi_attr_prefix_len a size_t 2015-09-14 10:29:49 +02:00
Klas Lindfors
0eb2f8cec3 mark unused parameter with __attribute__((unused)) 2015-09-14 10:27:14 +02:00
Klas Lindfors
bc93b62489 use mkstemp() to get the tempfile instead 
unfortunately means we have to fchmod() it afterwards to be sure
 2015-09-14 10:24:05 +02:00
Klas Lindfors
ecafc6af84 Merge pull request #79 from madrat-/master 
do_challenge_response change privileges twice at reading and writing
 2015-09-14 09:17:10 +02:00
madRat
3d22ed0c15 do_chalendge needs drop privs twice at reading and writing 2015-09-11 16:50:51 +03:00
Klas Lindfors
1036873b95 in the challenge-response case only drop privileges for user dir 
This allows the module to work in a case where the directory is only
writable to root.

fixes #77
 2015-09-11 13:56:14 +02:00
Klas Lindfors
6f6a7b20fc don't warn about to long strings 2015-09-11 13:56:03 +02:00
Klas Lindfors
70f27b98a2 include pwd.h in util.h 2015-09-09 08:24:57 +02:00
Klas Lindfors
37f8788073 disable xmllint for a2x since it seems to cause problems 2015-09-08 09:25:58 +02:00
Klas Lindfors
237ed18b9f use pam_modutil_getpwnam() if it's available 
also refactor to pass in a passwd struct to the util functions
 2015-09-08 09:15:07 +02:00
Klas Lindfors
15cab00173 add a test for a user showing up twice in the file 2015-08-18 14:22:00 +02:00
Klas Lindfors
ab25973d1e add documentation for chalresp_path parameter 2015-08-11 08:25:57 +02:00
Klas Lindfors
4e13a474ff Merge pull request #71 from afeinberg/comments 
Support comments in authfile
 2015-08-11 08:22:53 +02:00
Alex Feinberg
362ca9cb92 Support comments in authfile 
Adds support for comments (indicated by lines starting with '#') in
authfiles.
 2015-08-10 14:37:02 -07:00
Klas Lindfors
50ce40bbb1 free message at end of function 
it was possible message was never freed if the sprintf() call failed
 2015-07-08 16:11:42 +02:00
Klas Lindfors
9a132bcd07 add cainfo option to allow usage of a cabundle instead of path 
path submitted by github user @Mrten
reportedly this is needed if curl is linked with gnutls
fixes #6
 2015-06-15 10:25:56 +02:00
Klas Lindfors
11326d023d add debug print for last url used 2015-04-27 11:03:34 +02:00
Klas Lindfors
e66ed787d1 export LDAPNOINIT=1 for tests so we don't run with systems ldap config 
fixes #61
 2015-04-07 16:33:52 +02:00
Klas Lindfors
8f61e253d3 more debugging on mocks 2015-04-07 09:21:00 +02:00
Klas Lindfors
0e77cffb67 add some debug logging to ldap and ykval mocks 2015-04-07 08:55:39 +02:00
Klas Lindfors
fe8eb203d9 change int to size_t 2015-03-30 15:25:16 +02:00
Klas Lindfors
c2a6b9c948 fixup warnings with sign 2015-03-30 15:25:15 +02:00
Klas Lindfors
9c913fd97e fixup warnings related to constness of filename 2015-03-30 15:25:15 +02:00
Klas Lindfors
076a8d2f3f Merge pull request #60 from neverpanic/master 
Fix warnings on OS X with clang
 2015-03-30 13:57:29 +02:00
Clemens Lang
ac5bb65013 Use unsigned, fix printf conversion spec warnings 
Some of the printf conversion specifications were wrong when used on
size_t, causing

> pam_yubico.c:957:57: warning: format specifies type 'int' but the argument has type 'size_t' (aka 'unsigned long') [-Wformat]
>       DBG (("OTP too short to be considered : %i < %i", password_len, (cfg->token_id_length + TOKEN_OTP_LEN)));
>                                               ~~        ^~~~~~~~~~~~
>                                               %zu
> pam_yubico.c:132:36: note: expanded from macro 'DBG'
> #define DBG(x) if (cfg->debug) { D(x); }
>                                    ^
> ./util.h:47:12: note: expanded from macro 'D'
>     printf x;                                                           \
>            ^

and

> pam_yubico.c:967:14: warning: format specifies type 'int' but the argument has type 'size_t' (aka 'unsigned long') [-Wformat]
>         skip_bytes, password_len, cfg->token_id_length, TOKEN_OTP_LEN));
>                     ^~~~~~~~~~~~
> pam_yubico.c:132:36: note: expanded from macro 'DBG'
> #define DBG(x) if (cfg->debug) { D(x); }
>                                    ^
> ./util.h:47:12: note: expanded from macro 'D'
>     printf x;                                                           \
>            ^

Fix these by using the appropriate %zu conversions for size_t. While
looking through the code, there are a couple more places where format
string specifiers could be improved, e.g. using %zu instead of casting
the result of sizeof(x) or strlen(x) to unsigned long.

In addition, convert TOKEN_OTP_LEN, MAX_TOKEN_ID_LEN and
DEFAULT_TOKEN_ID_LEN to unsigned numbers, because negative values would
not make any sense for those.
 2015-03-30 13:54:37 +02:00
Clemens Lang
c1f61bae0f Fix warning if pam_message.msg isn't constant 
On OS X and FreeBSD, struct pam_message does not declare its msg member
as constant. This causes a warning when assigning a constant string to
it:

pam_yubico.c:403:14: warning: assigning to 'char *' from 'const char *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
  msg[0].msg = message;
             ^ ~~~~~~~
 2015-03-30 13:54:36 +02:00
Klas Lindfors
d4136a365f drop save-mans 2015-03-23 09:55:16 +01:00
Klas Lindfors
effac5f849 bump versions 2015-03-23 09:55:06 +01:00
Klas Lindfors
d130bec213 release 2.19 2015-03-23 09:53:56 +01:00
Klas Lindfors
8d93297619 fix typo 2015-03-17 09:32:50 +01:00
Klas Lindfors
2708fc90b5 fix the git url again 
fixes #54
 2015-03-13 21:20:28 +01:00
Henrik Stråth
7db3e2cbf0 Fixed broken link 2015-03-10 16:03:27 +01:00
Henrik Stråth
7f89cdf9cb removed broken link 2015-03-10 15:57:12 +01:00
Klas Lindfors
989d2f51f9 Merge pull request #56 from shanx/master 
Clarified the notion of id when using the pam_yubico module
 2015-03-10 08:15:35 +01:00
Klas Lindfors
1aba59cde0 skip the repo token for coveralls 2015-03-10 08:01:03 +01:00
Remco Wendt
d7d1bbfb1a fixed typo 2015-03-06 20:07:19 +01:00
Remco Wendt
70540bd02d Clarified the notion of id when using the pam_yubico module 2015-03-06 20:05:52 +01:00
Klas Lindfors
6065655593 fix formatting of NEWS 2015-03-04 15:31:09 +01:00
Klas Lindfors
ca72be3b9d prepare news for 2.19 2015-03-04 15:29:02 +01:00
Klas Lindfors
252f582712 change datatypes to unsigned 
avoiding warnings about sign conversion
 2015-03-04 14:52:28 +01:00
Klas Lindfors
8241cd0423 Merge branch 'feature/ldap_refactor' 
Conflicts:
	pam_yubico.c
 2015-03-04 14:40:57 +01:00
Klas Lindfors
77067004e8 update documentation with new ldap parameters 2015-03-04 13:52:31 +01:00
Klas Lindfors
951d02252d use ldap_bind_user and ldap_bind_password in example 2015-03-04 13:08:30 +01:00