| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Notes:
svn path=/head/; revision=89999
|
| |
|
|
|
|
|
|
|
| |
code made redundant by various PAM modules (primarily pam_unix(8)).
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89994
|
| |
|
|
|
|
|
|
|
| |
login(1) (password & account expiry, hosts.access etc.) into pam_unix(8).
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89993
|
| |
|
|
|
|
|
|
|
|
|
| |
it a little and try to make it more resilient to various possible failure
conditions. Change the man page accordingly, and take advantage of this
opportunity to simplify its language.
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89991
|
| |
|
|
|
|
|
| |
Obtained from: TrustedBSD Project
Notes:
svn path=/head/; revision=89953
|
| |
|
|
| |
Notes:
svn path=/head/; revision=89930
|
| |
|
|
|
|
|
| |
Do this conversion on locale load stage instead.
Notes:
svn path=/head/; revision=89907
|
| |
|
|
|
|
|
|
|
| |
o update copyright dates.
Reviewed by: rwatson
Notes:
svn path=/head/; revision=89831
|
| |
|
|
|
|
|
|
|
|
|
| |
clobber a ctime buffer which is passed in.
PR: 34022
Submitted by: Hartmut Brandt <brandt@fokus.gmd.de>
MFC after: 2 weeks
Notes:
svn path=/head/; revision=89805
|
| |
|
|
| |
Notes:
svn path=/head/; revision=89761
|
| |
|
|
|
|
|
| |
warnings that are hard to fix or that I've been asked to leave alone.
Notes:
svn path=/head/; revision=89760
|
| |
|
|
|
|
|
|
|
|
| |
caller is supposed to check the PAM envlist and export the variables it
contains; if it doesn't, it's broken.
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89753
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
doesn't really make any difference, except it matches wtmp(5) better.
Don't do anything in pam_sm_close_session(); init(8) will take care of
utmp and wtmp when the tty is released. Clearing them here would make it
possible to create a ghost session by logging in, running 'login -f $USER'
and exiting the subshell.
Sponsored by: DARPA, NAI Labs (but the bugs are all mine)
Notes:
svn path=/head/; revision=89748
|
| |
|
|
|
|
|
|
|
| |
login.
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89745
|
| |
|
|
|
|
|
| |
login.
Notes:
svn path=/head/; revision=89744
|
| |
|
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89743
|
| |
|
|
|
|
|
| |
own
Notes:
svn path=/head/; revision=89739
|
| |
|
|
|
|
|
| |
* declare prototype for __time_load_locale() in timelocal.h
Notes:
svn path=/head/; revision=89736
|
| |
|
|
|
|
|
|
|
| |
entry for its terminal type in /etc/termcap.
Submitted by: bde
Notes:
svn path=/head/; revision=89735
|
| |
|
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89734
|
| |
|
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89733
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and sbrk's prototype from char *sbrk(int) to void *sbrk(intptr_t).
This makes us more consistant with NetBSD and standards which include
these functions. Bruce pointed out that ptrdiff_t would probably
have been better than intptr_t, but this doesn't match other
implimentations.
Also remove local declarations of sbrk and unnecessary casting.
PR: 32296
Tested by: Harti Brandt <brandt@fokus.gmd.de>
MFC after: 1 month
Notes:
svn path=/head/; revision=89732
|
| |
|
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89728
|
| |
|
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89727
|
| |
|
|
| |
Notes:
svn path=/head/; revision=89724
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
either PAM_RHOST or PAM_TTY against /etc/login.access.o
This uncovers a problem with PAM_RHOST, in that if we always set it, there
is no way to distinguish between a user logging in locally and a user
logging in using 'ssh localhost'. This will be fixed by first making sure
that all PAM modules can handle PAM_RHOST being unset (which is currently
not the case), and then modifying su(1) and login(1) to not set it for
local logins.
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89707
|
| |
|
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89706
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
dynamic linkage with -lssh.
Reviewed by: des, markm
Approved by: markm
Notes:
svn path=/head/; revision=89705
|
| |
|
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89704
|
| |
|
|
|
|
|
|
| |
Reviewed by: des, markm
Approved by: markm
Notes:
svn path=/head/; revision=89703
|
| |
|
|
|
|
|
| |
all interfaces, and ifnet.if_index value for a single interface.
Notes:
svn path=/head/; revision=89700
|
| |
|
|
|
|
|
|
|
|
| |
size added to it in order for it to work properly when nbytes != 0.
Reviewed by: alfred
MFC after: 3 days
Notes:
svn path=/head/; revision=89676
|
| |
|
|
|
|
|
|
|
| |
standard document
Pointed by: "Jacques A. Vidrine" <n@nectar.cc>
Notes:
svn path=/head/; revision=89670
|
| |
|
|
|
|
|
|
|
| |
with uid_t usage and (user)->pw_uid.
PR: 3242
Notes:
svn path=/head/; revision=89663
|
| |
|
|
|
|
|
|
| |
Prodded by: Maxim Konovalov <maxim@macomnet.ru>
Obtained from: BSD/OS
Notes:
svn path=/head/; revision=89650
|
| |
|
|
|
|
|
| |
Submitted by: trevor
Notes:
svn path=/head/; revision=89647
|
| |
|
|
|
|
|
|
|
|
|
|
| |
argument to kvm_open() and kvm_openfiles() as unused.
BSD didn't read swap since kvm.c CSRG revision 5.21 (u-area is pageable
under new VM. no need to read from swap.)
The old !NEWVM code was removed in CSRG revision 5.23 (~ten years ago).
Notes:
svn path=/head/; revision=89640
|
| |
|
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89627
|
| |
|
|
|
|
|
|
|
|
| |
existed, but had no OPIE key, i.e. PAM_IGNORE.
Pointed out by: ache
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89621
|
| |
|
|
|
|
|
|
|
|
| |
PAM_USER_UNKNOWN will break the chain, revealing to an attacker that the
user does not exist.
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89620
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Ignore the {try,use}_first_pass options by clearing PAM_AUTHTOK before
challenging the user. These options are meaningless for pam_opie(8)
since the user can't possibly know the right response before she sees
the challenge.
- Introduce the no_fake_prompts option. If this option is set, pam_opie(8)
will fail - rather than present a bogus challenge - if the target user
does not have an OPIE key. With this option, users who haven't set up
OPIE won't have to wonder what that "weird otp-md5 s**t" means :)
Reviewed by: ache, markm
Sponsored by: DARPA, NAI Labs
Notes:
svn path=/head/; revision=89618
|
| |
|
|
|
|
|
|
|
|
|
| |
/etc/opieaccess and ~/.opiealways so we can decide what to do after
pam_opie(8) fails.
Sponsored by: DARPA, NAI Labs
Reviewed by: ache, markm
Notes:
svn path=/head/; revision=89613
|
| |
|
|
|
|
|
|
|
| |
Add getpwnam return check
Approved by: des, markm
Notes:
svn path=/head/; revision=89592
|
| |
|
|
|
|
|
|
|
|
| |
chunk.
PR: bin/33608
MFC after: 2 weeks
Notes:
svn path=/head/; revision=89590
|
| |
|
|
|
|
|
|
| |
PR: misc/34043
MFC after: 2 weeks
Notes:
svn path=/head/; revision=89589
|
| |
|
|
| |
Notes:
svn path=/head/; revision=89585
|
| |
|
|
|
|
|
|
|
|
|
| |
time_to_xxx() and xxx_to_time() functions. e.g. _time_to_xxx()
instead of time_to_xxx(), to make it more obvious that these are
stopgap functions & placemarkers and not meant to create a defacto
standard. They will eventually be replaced when a real standard
comes out of committee.
Notes:
svn path=/head/; revision=89572
|
| |
|
|
| |
Notes:
svn path=/head/; revision=89567
|
| |
|
|
|
|
|
|
| |
of producing fake prompts with random numbers which can be detected by
potential intruder in two tries and totally confuse non-OPIE users.
Notes:
svn path=/head/; revision=89555
|
| |
|
|
|
|
|
| |
old expired password assumed there
Notes:
svn path=/head/; revision=89554
|
