isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,687 Commits 1 Branch 0 Tags
096a289d94b45348075f73f07632f8ce992bc6c8
Commit Graph

134 Commits

Author SHA1 Message Date
Todd C. Miller
26523a7ce6 Fix securid5 authentication, was not checking for ACM_OK. Also add 
default cases for the two switch()es.  Problem noted by ccon at worldbank
 2005-07-28 01:14:14 +00:00
Todd C. Miller
d281ff77e2 Fix call to pam_end() when pam_open_session() fails. 2005-06-25 18:29:17 +00:00
Todd C. Miller
d3b45ae3f1 Call pam_open_session() and pam_close_session() to give pam_limits a 
chance to run.  Idea from Karel Zak.
 2005-05-27 05:59:02 +00:00
Todd C. Miller
d857334e61 The component in krb5_principal_get_comp_string() should be 1, not 0 
for Heimdal.  From Alex Plotnick.
 2005-03-30 04:38:25 +00:00
Todd C. Miller
778d587063 Update copyright years. 2005-02-12 22:56:07 +00:00
Todd C. Miller
6548e82f20 Give user a clue when there is a missing "account" section in the PAM config. 2005-02-05 18:01:55 +00:00
Todd C. Miller
e6f51aa1af Better error handling. 2005-02-05 15:22:46 +00:00
Todd C. Miller
f7adbaddce Fix typo (missing comma) that caused an incorrect number of args 
to be passed to log_error().
 2005-02-05 02:49:53 +00:00
Todd C. Miller
3b8b88407f Add __unused to rcsids 2005-01-27 15:42:30 +00:00
Todd C. Miller
2dc559bf3e s/HAVE_AUTHENTICATE/HAVE_AIXAUTH/g 2005-01-21 15:29:55 +00:00
Todd C. Miller
2c2daa8eca Use: #include <config.h> 
Not: #include "config.h"
That way we get the correct config.h when build dir != src dir
 2004-11-19 18:39:14 +00:00
Todd C. Miller
a414762c4e Add local error/warning functions like err/warn but that call an additional 
cleanup routine in the error case.  This means we no longer need to compile
a special version of alloc.o for visudo.
 2004-11-19 17:24:20 +00:00
Todd C. Miller
529d2d200e Use pam_acct_mgmt() to check for disabled accounts; Brian Farrell 2004-06-28 14:51:50 +00:00
Todd C. Miller
ecdfa6373f update (c) year 2004-06-07 00:02:56 +00:00
Todd C. Miller
8268535ccc update (c) year 2004-06-07 00:02:56 +00:00
Todd C. Miller
77791e7ab3 Remove trailing spaces, no actual code changes. 2004-06-06 23:58:15 +00:00
Todd C. Miller
631cbc2857 krb5_mcc_ops should be const; Johnny C. Lam 2004-03-22 18:35:09 +00:00
Todd C. Miller
d2fa9af02d More to a less restrictive, ISC-style license. 2004-02-13 21:36:49 +00:00
Todd C. Miller
56b5cbc899 More to a less restrictive, ISC-style license. 2004-02-13 21:36:47 +00:00
Todd C. Miller
1a1009c060 More to a less restrictive, ISC-style license. 2004-02-13 21:36:47 +00:00
Todd C. Miller
d58c9f6f99 More to a less restrictive, ISC-style license. 2004-02-13 21:36:47 +00:00
Todd C. Miller
a1fa5aec5c More to a less restrictive, ISC-style license. 2004-02-13 21:36:47 +00:00
Todd C. Miller
c4a8ab8b99 Use the SET, CLR and ISSET macros. 2004-01-29 22:33:58 +00:00
Todd C. Miller
ae1a984afc Add support for chalnecho and display server responses used by fwtk >= 2.0 2004-01-15 20:13:47 +00:00
Todd C. Miller
149862cd9d Move PAM_CONST macro definition from config.h to pam.c where it belongs. 
We can't have this in config.h since that gets included too early.
 2004-01-09 19:39:00 +00:00
Todd C. Miller
aa4eb97ed5 Some PAM implementations put their headers in /usr/include/pam instead 
of /usr/include/security.
 2004-01-09 19:35:54 +00:00
Todd C. Miller
3944237480 Add a zero_bytes() function to do the equivalent of bzero in such a 
way that will heopfully not be optimized away by sneaky compilers.
 2003-12-31 22:46:10 +00:00
Todd C. Miller
6ad252765b Create def_* macros for each defaults value so we no longer need 
the def_{flag,ival,str,list,mode} macros (which have been removed).
This is a step toward more flexible data types in def_data.in.
 2003-12-30 22:20:21 +00:00
Todd C. Miller
d619fd43a1 Fix a core dump on Solaris by preserving the pam_handle_t we used 
during authentication for pam_prep_user().  If we didn't authenticate
(ie: ticket still valid), we call pam_init() from pam_prep_user().
This is something of a hack; it may be better to change the auth
API and add an auth_final() function that acts like pam_prep_user().
 2003-06-29 01:31:55 +00:00
Todd C. Miller
c03ffb1972 remove errant semicolon that prevented compilation under heimdal 2003-04-21 18:47:05 +00:00
Todd C. Miller
505b424a56 add DARPA credit on affected files 2003-04-16 00:42:10 +00:00
Todd C. Miller
8b45d6459c add DARPA credit on affected files 2003-04-16 00:42:10 +00:00
Todd C. Miller
94567681a7 add DARPA credit on affected files 2003-04-16 00:42:10 +00:00
Todd C. Miller
4a2da4c965 Use krb5_princ_component() instead of krb5_princ_realm() for MIT Kerberos 
like we did before I messed things up ;-)

Use krb5_principal_get_comp_string() to do the same thing w/ Heimdal.
I'm not sure if the component should be 0 or 1 in this case.

#define ENCTYPE_DES_CBC_MD5 ETYPE_DES_CBC_MD5 for Heimdal since
older versions lack ENCTYPE_DES_CBC_MD5.  This is gross and there
should be a configure check for this I guess.
 2003-04-14 20:49:27 +00:00
Todd C. Miller
cfeec138e1 Make this compile on Heimdal and MIT Kerberos 5 2003-04-04 17:46:57 +00:00
Todd C. Miller
d220757146 Replace ETYPE_DES_CBC_MD5 with ENCTYPE_DES_CBC_MD5. The former 
is no longer defined by MIT kerb5 (though it used to be and indeed
remains so in Heimdal).
 2003-04-04 03:04:09 +00:00
Todd C. Miller
58887b76b0 Correct number of args to krb5_principal_get_realm() and fix an unclosed 
comment that hid the bug.
 2003-04-02 18:57:34 +00:00
Todd C. Miller
dcf1a5acce Use warn/err and getprogname() throughout. The main exception is 
openlog().  Since the admin may be filtering logs based on the
program name in the log files, hard code this to "sudo".
 2003-04-02 18:25:30 +00:00
Todd C. Miller
c4dd20ab7f typo 2003-03-20 04:49:58 +00:00
Todd C. Miller
ecee620389 Kill remaining strcpy(), the programmer's guide says username is 32 bytes. 2003-03-16 03:03:32 +00:00
Todd C. Miller
d2ced184ec trat uid_t as unsigned long for printf and use snprintf, not sprintf 2003-03-16 02:18:57 +00:00
Todd C. Miller
dc39c56502 use snprintf 2003-03-16 02:18:34 +00:00
Todd C. Miller
d6a9e16d95 update copyright year 2003-03-15 20:37:44 +00:00
Todd C. Miller
80013dd915 Make this compile w/ Heimdal and fix some gcc warnings. 2003-03-15 19:10:38 +00:00
Todd C. Miller
27ffee8ac0 skeychallenge() on NetBSD take a size parameter 2003-03-14 02:47:55 +00:00
Todd C. Miller
b49046433a Keep a local copy of tgetpass_flags so we don't add in TGP_ECHO to 
the global copy.  Problem noted by Peter Pentchev.
 2002-12-13 16:33:26 +00:00
Todd C. Miller
abb4e1ad35 Sprinkle some volatile qualifiers to prevent over-enthusiastic 
optimizers from removing memset() calls.
 2002-11-22 19:41:13 +00:00
Todd C. Miller
3437e96a38 Fix rcsid 2002-05-20 20:51:23 +00:00
Todd C. Miller
16547b2ef8 SecurID API version 5 support from Michael Stroucken 2002-05-17 17:04:10 +00:00
Todd C. Miller
c289159953 g/c second arg to set_perms--it is no longer used 2002-05-05 00:43:38 +00:00