rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-01-20 19:52:16 +01:00
Code Issues Projects Releases Wiki Activity
673 Commits 19 Branches 44 Tags
Commit Graph

23 Commits

Author SHA1 Message Date
Larhard
1d62bec277 add nullok support to challenge-response mode 2017-04-09 03:36:40 +02:00
Mickaël Thomas
7b6aad719a Return early if the user has no authorized tokens 
Currently, if a user has no associated tokens, we still prompt for an
OTP challenge and attempt to verify it.

This adds a check earlier to avoid the useless prompt in that case.

The `nullok` option is also added. It changes the return value from
PAM_USER_UNKNOWN to PAM_IGNORE. (fixes #97)

Finally, some constants have been turned to symbolic form for clarity
and debugging output is improved.
 2017-02-27 00:21:07 +01:00
Klas Lindfors
fc9a4255f0 refactor the debug mode 
add a debug_file option for where to write debug info (default to stdout)
stop compiling with DEBUG_PAM and PAM_DEBUG
make debugging behave the same way on linux-pam and openpam
 2016-06-16 09:02:49 +02:00
Klas Lindfors
70f27b98a2 include pwd.h in util.h 2015-09-09 08:24:57 +02:00
Klas Lindfors
237ed18b9f use pam_modutil_getpwnam() if it's available 
also refactor to pass in a passwd struct to the util functions
 2015-09-08 09:15:07 +02:00
Klas Lindfors
6cd0f0c1b3 simplify filter_result_len() 
and fixup warnings
 2015-02-16 14:29:21 +01:00
Meno Abels
37553c41ce enable that openvpn can now run without any local user 2014-11-20 23:22:59 +01:00
Meno Abels
dae9380ac7 added a better ldap handling, and to allow query active directory 2014-11-20 23:15:39 +01:00
Klas Lindfors
d9780eacd9 move check_user_token() to util 
for testability..
 2014-08-27 10:45:42 +02:00
Klas Lindfors
6dbcb903a5 move includes around in an attempt to include less 2014-08-27 09:44:49 +02:00
Simon Josefsson
43cd3b4621 Update copyright years. 2014-04-30 13:16:09 +02:00
Klas Lindfors
eb1ba8a52a update copyright years 2013-09-19 08:35:15 +02:00
Klas Lindfors
fb6b0911fd use pbkdf2 to process the exepected response 
this bumps the version on the state file to 2
old files can still be read but new files will use the new format
 2013-09-18 14:10:35 +02:00
Klas Lindfors
eb78d4882b refactor to use chalresp function from ykpers 
so challenge_response() now calls yk_challenge_response() to
do the yubikey internal stuff.
 2013-09-18 14:10:35 +02:00
Fredrik Thulin
da246e240c load_chalresp_state: Debug message was always shown. 2012-02-13 14:24:31 +01:00
Clemens Lang
87d1c486b7 Make yubico-pam compile without -DDEBUG_PAM 2012-01-28 02:24:43 +01:00
Simon Josefsson
3828953374 Bump version. Use silent rules. Bump copyright years. 2012-01-23 20:25:06 +01:00
Fredrik Thulin
4ce59833ba Further pointer signedness fixes. 2011-12-06 13:46:30 +01:00
Simon Josefsson
e469b630d5 Make dependency on libykpers optional. 
Use --without-cr to force it.  Reported by Jussi Sallinen <jussi@jus.si>.
 2011-06-07 00:35:22 +02:00
Fredrik Thulin
b20c0ed678 Make get_user_challenge_file() also include YubiKey serial number, 
and move it to util.c.
 2011-03-18 22:57:22 +01:00
Fredrik Thulin
69ec1bf8a0 Further cleanups to challenge response code, and move more code to util.c. 2011-03-18 22:56:41 +01:00
Fredrik Thulin
721866df0b Move more challenge-response code to util.c. 2011-03-18 21:52:07 +01:00
Fredrik Thulin
c557249503 Move soon-to-be commonly used code to util.c 2011-03-18 21:49:23 +01:00