1
0
mirror of https://github.com/Yubico/yubico-pam.git synced 2024-12-05 00:24:13 +01:00
Commit Graph

473 Commits

Author SHA1 Message Date
Fredrik Thulin
c795e84bef challenge_response: reject bad slot 2011-12-06 14:37:57 +01:00
Fredrik Thulin
4ce59833ba Further pointer signedness fixes. 2011-12-06 13:46:30 +01:00
Fredrik Thulin
43134038a5 do_challenge_response: Remove 2 unused variables. 2011-12-06 13:45:58 +01:00
Fredrik Thulin
a7bd2efa95 Hyphen-fix. 2011-12-06 13:31:35 +01:00
Fredrik Thulin
b27599957c Fix implicit yubikey_* declarations. 2011-12-06 13:31:25 +01:00
Fredrik Thulin
bba72bfead Avoid asprintf.
To improve portability, we do malloc() + snprintf() instead.
2011-12-06 11:58:36 +01:00
Fredrik Thulin
fa8a9ff074 Fix pointer signedness warnings. 2011-12-06 11:56:52 +01:00
Fredrik Thulin
f03314e59c generate_random: Remove unused variable 'i'. 2011-12-06 11:54:09 +01:00
Fredrik Thulin
b671a6a350 fix lintian errors 2011-12-01 14:17:50 +01:00
Fredrik Thulin
2785c998be Update with new things in 2.10. 2011-11-23 15:05:19 +01:00
Fredrik Thulin
f24f333867 Drop privileges before writing new C-R file. 2011-11-23 13:56:01 +01:00
Fredrik Thulin
94885d2d48 Verify that challenge-response file is a normal file. 2011-11-23 13:55:44 +01:00
Fredrik Thulin
d4acd495f0 improve debug messages 2011-11-23 13:46:26 +01:00
Fredrik Thulin
fcde64a93e Use pam_modutil_drop_priv if it is available.
Utility functions for what was done in drop_priv.c appeared
in PAM 1.1.3. Use them when available.
2011-11-23 13:45:41 +01:00
Fredrik Thulin
b92902fd8f Restore challenge-response functionality.
HAVE_LIBYKPERS_1 did not seem to ever get defined, so use HAVE_CR instead.
2011-11-23 13:26:02 +01:00
Ricky Zhou
a9892dbb44 Drop privileges before opening user files.
This change also ensures that user tokens are regular files.  We may
want to add a similar check for user challenge files.
2011-11-23 10:16:00 +01:00
Fredrik Thulin
f92ee12aa9 Remove unused variable and extra undef. 2011-11-22 11:17:29 +01:00
Fredrik Thulin
47d883b600 pam_sm_authenticate: check strdup return value 2011-11-22 11:08:53 +01:00
Fredrik Thulin
57cf6ed5d6 authorize_user_token_ldap: check malloc return value 2011-11-22 11:08:28 +01:00
Fredrik Thulin
8930cca53e parse_args: getopt() return value is int. 2011-11-22 11:03:51 +01:00
Fredrik Thulin
47e59ae8c0 Fix release date of 2.9. 2011-11-17 20:52:29 +01:00
Fredrik Thulin
22648cfcb5 Link pam_yubico.la directly with -lpam. 2011-11-17 20:50:39 +01:00
Fredrik Thulin
2ab6c26f27 updates 2011-11-08 22:21:20 +01:00
Fredrik Thulin
b8d806fd63 Prepare for version 2.9. 2011-11-08 22:05:53 +01:00
dr8
6dc10799b6 Bug fix: pam_yubico doesn't check server signature
Squashed commit of the following:

commit 9e7746bc53
Author: dr8 <github@dominicrutherford.co.uk>
Date:   Mon Oct 31 14:27:47 2011 +0000

    Bug fix: pam_yubico doesn't check server signature

commit 2f3d5e721c
Author: dr8 <github@dominicrutherford.co.uk>
Date:   Sat Oct 29 16:59:08 2011 +0100

    Bug fix: pam_yubico does not validate server signature

commit 58a1e6820a
Author: dr8 <github@dominicrutherford.co.uk>
Date:   Fri Oct 28 22:09:49 2011 +0100

    only validate server signature when key is specified

commit d705f429bc
Author: dr8 <github@dominicrutherford.co.uk>
Date:   Tue Oct 25 22:45:22 2011 +0100

    fix failure to validate server signature
2011-11-08 21:57:28 +01:00
Fredrik Thulin
788f826ddc Prepare for version 2.8. 2011-08-26 13:58:42 +02:00
Nanakos Chrysostomos
4712da70ca Fix big security hole: Authentication succeeded when no password
was given, unless use_first_pass was being used.
This is fatal if pam_yubico is considered 'sufficient' in the PAM
configuration.

Signed-off-by: Nanakos Chrysostomos <nanakos@wired-net.gr>
2011-08-26 14:32:03 +03:00
Simon Josefsson
2bf1a9b645 Fix date. 2011-06-07 00:43:48 +02:00
Simon Josefsson
6a1727bb38 Fix release target. 2011-06-07 00:43:14 +02:00
Simon Josefsson
5b96efa7d9 Ignore more. 2011-06-07 00:41:55 +02:00
Simon Josefsson
6eae809ccc Update doc/. 2011-06-07 00:37:46 +02:00
Simon Josefsson
d75cb69439 Version 2.7. 2011-06-07 00:37:12 +02:00
Simon Josefsson
e469b630d5 Make dependency on libykpers optional.
Use --without-cr to force it.  Reported by Jussi Sallinen <jussi@jus.si>.
2011-06-07 00:35:22 +02:00
Fredrik Thulin
eb438e782c parse_cfg: Use memset to clear cfg struct.
The code will be easier to maintain if one does not have to remember
explicitly initializing all new members of the config struct.
2011-04-15 16:30:06 +02:00
Fredrik Thulin
804b537acf Fix some D's that should've been DBG. 2011-04-15 16:28:00 +02:00
Fredrik Thulin
dfebd4173f Make DBG macro unified.
Refactor authorize_user_token and authorize_user_token_ldap to take
a cfg argument instead of a number of elements from cfg.
2011-04-15 15:24:50 +02:00
Romain Riviere
1ec6d2df92 Debug: adding a dbg flag and macro so as to disable unwanted debug messages 2011-04-15 14:17:23 +02:00
Fredrik Thulin
9fd4b0295f Add mentioning of recursive dependency on libyubikey. 2011-04-13 23:17:27 +02:00
Fredrik Thulin
60824becdc Tag releases consistent with previous ones (no 'v'). 2011-04-13 22:39:08 +02:00
Fredrik Thulin
53ca3786b8 sync 2011-04-13 15:47:36 +02:00
Fredrik Thulin
1b6bb56e86 sync 2011-04-11 15:53:02 +02:00
Fredrik Thulin
1ebaf8773f Explicitly link with libyubikey. 2011-04-11 15:51:21 +02:00
Fredrik Thulin
70fcd66e59 Version 2.6. 2011-04-11 15:44:55 +02:00
Fredrik Thulin
1d62f8d48b whitespace 2011-04-11 14:49:02 +02:00
Tollef Fog Heen
7923496375 Tell the user if something goes wrong after authenticating
If we successfully authenticate, but something then goes wrong, such
as failure to generate a new challenge, failure to update the
challenge and so on, tell the user.
2011-03-18 23:05:26 +01:00
Tollef Fog Heen
63957aad70 Merge remote branch 'fredrikt/master'
Conflicts:
	util.c
2011-03-18 23:02:32 +01:00
Tollef Fog Heen
72d1f4bba9 Move code around slightly to make merging with Fredrik easier 2011-03-18 23:01:46 +01:00
Fredrik Thulin
839b33a0a1 Add ykpamcfg - C/R setup command line utility. 2011-03-18 22:57:46 +01:00
Fredrik Thulin
b20c0ed678 Make get_user_challenge_file() also include YubiKey serial number,
and move it to util.c.
2011-03-18 22:57:22 +01:00
Fredrik Thulin
568e8abf68 Version-tag challenge-response state file contents.
Helps in case we ever want to change the file format.
2011-03-18 22:57:00 +01:00