Fredrik Thulin
c795e84bef
challenge_response: reject bad slot
2011-12-06 14:37:57 +01:00
Fredrik Thulin
4ce59833ba
Further pointer signedness fixes.
2011-12-06 13:46:30 +01:00
Fredrik Thulin
43134038a5
do_challenge_response: Remove 2 unused variables.
2011-12-06 13:45:58 +01:00
Fredrik Thulin
a7bd2efa95
Hyphen-fix.
2011-12-06 13:31:35 +01:00
Fredrik Thulin
b27599957c
Fix implicit yubikey_* declarations.
2011-12-06 13:31:25 +01:00
Fredrik Thulin
bba72bfead
Avoid asprintf.
...
To improve portability, we do malloc() + snprintf() instead.
2011-12-06 11:58:36 +01:00
Fredrik Thulin
fa8a9ff074
Fix pointer signedness warnings.
2011-12-06 11:56:52 +01:00
Fredrik Thulin
f03314e59c
generate_random: Remove unused variable 'i'.
2011-12-06 11:54:09 +01:00
Fredrik Thulin
b671a6a350
fix lintian errors
2011-12-01 14:17:50 +01:00
Fredrik Thulin
2785c998be
Update with new things in 2.10.
2011-11-23 15:05:19 +01:00
Fredrik Thulin
f24f333867
Drop privileges before writing new C-R file.
2011-11-23 13:56:01 +01:00
Fredrik Thulin
94885d2d48
Verify that challenge-response file is a normal file.
2011-11-23 13:55:44 +01:00
Fredrik Thulin
d4acd495f0
improve debug messages
2011-11-23 13:46:26 +01:00
Fredrik Thulin
fcde64a93e
Use pam_modutil_drop_priv if it is available.
...
Utility functions for what was done in drop_priv.c appeared
in PAM 1.1.3. Use them when available.
2011-11-23 13:45:41 +01:00
Fredrik Thulin
b92902fd8f
Restore challenge-response functionality.
...
HAVE_LIBYKPERS_1 did not seem to ever get defined, so use HAVE_CR instead.
2011-11-23 13:26:02 +01:00
Ricky Zhou
a9892dbb44
Drop privileges before opening user files.
...
This change also ensures that user tokens are regular files. We may
want to add a similar check for user challenge files.
2011-11-23 10:16:00 +01:00
Fredrik Thulin
f92ee12aa9
Remove unused variable and extra undef.
2011-11-22 11:17:29 +01:00
Fredrik Thulin
47d883b600
pam_sm_authenticate: check strdup return value
2011-11-22 11:08:53 +01:00
Fredrik Thulin
57cf6ed5d6
authorize_user_token_ldap: check malloc return value
2011-11-22 11:08:28 +01:00
Fredrik Thulin
8930cca53e
parse_args: getopt() return value is int.
2011-11-22 11:03:51 +01:00
Fredrik Thulin
47e59ae8c0
Fix release date of 2.9.
2011-11-17 20:52:29 +01:00
Fredrik Thulin
22648cfcb5
Link pam_yubico.la directly with -lpam.
2011-11-17 20:50:39 +01:00
Fredrik Thulin
2ab6c26f27
updates
2011-11-08 22:21:20 +01:00
Fredrik Thulin
b8d806fd63
Prepare for version 2.9.
2011-11-08 22:05:53 +01:00
dr8
6dc10799b6
Bug fix: pam_yubico doesn't check server signature
...
Squashed commit of the following:
commit 9e7746bc53
Author: dr8 <github@dominicrutherford.co.uk>
Date: Mon Oct 31 14:27:47 2011 +0000
Bug fix: pam_yubico doesn't check server signature
commit 2f3d5e721c
Author: dr8 <github@dominicrutherford.co.uk>
Date: Sat Oct 29 16:59:08 2011 +0100
Bug fix: pam_yubico does not validate server signature
commit 58a1e6820a
Author: dr8 <github@dominicrutherford.co.uk>
Date: Fri Oct 28 22:09:49 2011 +0100
only validate server signature when key is specified
commit d705f429bc
Author: dr8 <github@dominicrutherford.co.uk>
Date: Tue Oct 25 22:45:22 2011 +0100
fix failure to validate server signature
2011-11-08 21:57:28 +01:00
Fredrik Thulin
788f826ddc
Prepare for version 2.8.
2011-08-26 13:58:42 +02:00
Nanakos Chrysostomos
4712da70ca
Fix big security hole: Authentication succeeded when no password
...
was given, unless use_first_pass was being used.
This is fatal if pam_yubico is considered 'sufficient' in the PAM
configuration.
Signed-off-by: Nanakos Chrysostomos <nanakos@wired-net.gr>
2011-08-26 14:32:03 +03:00
Simon Josefsson
2bf1a9b645
Fix date.
2011-06-07 00:43:48 +02:00
Simon Josefsson
6a1727bb38
Fix release target.
2011-06-07 00:43:14 +02:00
Simon Josefsson
5b96efa7d9
Ignore more.
2011-06-07 00:41:55 +02:00
Simon Josefsson
6eae809ccc
Update doc/.
2011-06-07 00:37:46 +02:00
Simon Josefsson
d75cb69439
Version 2.7.
2011-06-07 00:37:12 +02:00
Simon Josefsson
e469b630d5
Make dependency on libykpers optional.
...
Use --without-cr to force it. Reported by Jussi Sallinen <jussi@jus.si>.
2011-06-07 00:35:22 +02:00
Fredrik Thulin
eb438e782c
parse_cfg: Use memset to clear cfg struct.
...
The code will be easier to maintain if one does not have to remember
explicitly initializing all new members of the config struct.
2011-04-15 16:30:06 +02:00
Fredrik Thulin
804b537acf
Fix some D's that should've been DBG.
2011-04-15 16:28:00 +02:00
Fredrik Thulin
dfebd4173f
Make DBG macro unified.
...
Refactor authorize_user_token and authorize_user_token_ldap to take
a cfg argument instead of a number of elements from cfg.
2011-04-15 15:24:50 +02:00
Romain Riviere
1ec6d2df92
Debug: adding a dbg flag and macro so as to disable unwanted debug messages
2011-04-15 14:17:23 +02:00
Fredrik Thulin
9fd4b0295f
Add mentioning of recursive dependency on libyubikey.
2011-04-13 23:17:27 +02:00
Fredrik Thulin
60824becdc
Tag releases consistent with previous ones (no 'v').
2011-04-13 22:39:08 +02:00
Fredrik Thulin
53ca3786b8
sync
2011-04-13 15:47:36 +02:00
Fredrik Thulin
1b6bb56e86
sync
2011-04-11 15:53:02 +02:00
Fredrik Thulin
1ebaf8773f
Explicitly link with libyubikey.
2011-04-11 15:51:21 +02:00
Fredrik Thulin
70fcd66e59
Version 2.6.
2011-04-11 15:44:55 +02:00
Fredrik Thulin
1d62f8d48b
whitespace
2011-04-11 14:49:02 +02:00
Tollef Fog Heen
7923496375
Tell the user if something goes wrong after authenticating
...
If we successfully authenticate, but something then goes wrong, such
as failure to generate a new challenge, failure to update the
challenge and so on, tell the user.
2011-03-18 23:05:26 +01:00
Tollef Fog Heen
63957aad70
Merge remote branch 'fredrikt/master'
...
Conflicts:
util.c
2011-03-18 23:02:32 +01:00
Tollef Fog Heen
72d1f4bba9
Move code around slightly to make merging with Fredrik easier
2011-03-18 23:01:46 +01:00
Fredrik Thulin
839b33a0a1
Add ykpamcfg - C/R setup command line utility.
2011-03-18 22:57:46 +01:00
Fredrik Thulin
b20c0ed678
Make get_user_challenge_file() also include YubiKey serial number,
...
and move it to util.c.
2011-03-18 22:57:22 +01:00
Fredrik Thulin
568e8abf68
Version-tag challenge-response state file contents.
...
Helps in case we ever want to change the file format.
2011-03-18 22:57:00 +01:00