isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,528 Commits 1 Branch 0 Tags
09a7bb78fec94c3f9f14d82bb65408fc37d64ad6
Commit Graph

69 Commits

Author SHA1 Message Date
Todd C. Miller
3bc3a2e85a Set PAM_RUSER and PAM_RHOST early so they can be used during authentication. 
Based on a patch from Jamie Beverly.
 2009-08-07 14:21:51 +00:00
Todd C. Miller
62b89f9dfc Update copyright years. 2009-05-25 12:02:42 +00:00
Todd C. Miller
536ba5e23a Make sure def_prompt is always defined. This is a workaround for 
pam configs that prompt for a password in the session but don't
have an auth line.  A better fix is to expand the sudo prompt earlier
and set def_prompt to that when initializing.
 2009-02-25 12:21:11 +00:00
Todd C. Miller
743c624954 Return PAM_AUTH_ERR instead of PAM_CONV_ERR if user enters ^C at the 
password prompt.
 2008-12-09 23:48:19 +00:00
Todd C. Miller
c3d3db62f4 MacOS pam will retry conversation function if it fails so just treat 
^C as an empty password.
 2008-11-22 18:17:44 +00:00
Todd C. Miller
840acbd3ac Update copyright years. 2008-11-09 14:13:13 +00:00
Todd C. Miller
ff175f7f0a No longer treat an empty password at the prompt as special. To 
quit out of sudo you now need to hit ^C at the password prompt.
 2008-11-07 17:45:52 +00:00
Todd C. Miller
48eee67e55 Only set std_prompt for the PAM_PROMPT_* cases. The conversation function 
may be called for non-password reading purposes so we must be careful
not to use def_prompt in cases where it may not be set.
 2008-02-22 20:19:34 +00:00
Todd C. Miller
74c5dc4fad Add passprompt_override flag to sudoers that will cause the prompt 
to be overridden in all cases.  This flag is also set when the
user specifies the -p flag.
 2007-12-02 17:13:48 +00:00
Todd C. Miller
8694c73146 Add basic support for looking up the string "Password: " in the PAM 
localized text db.  This allows us to determine whether the PAM
prompt is the default "Password: " one even if it has been localized.

TODO: concatenate non-std PAM prompts and user-specified sudo prompts.
 2007-12-01 16:22:25 +00:00
Todd C. Miller
5a04b3ff9d Add --disable-pam-session configure option to disable calling 
pam_{open,close}_session.  May work around bugs in some PAM
implementations.
 2007-10-09 00:04:48 +00:00
Todd C. Miller
4f5e88532f PAM wants the full tty path so add user_ttypath which holds the 
full path to the tty or is NULL if no tty was present.
 2007-09-13 23:05:34 +00:00
Todd C. Miller
bb07eea18f Set PAM_RHOST to work around a bug in Solaris 7 and lower that 
results in a segv.
 2007-09-13 22:42:15 +00:00
Todd C. Miller
19fa259480 Remove support for compilers that don't support void * 2007-08-31 23:30:07 +00:00
Todd C. Miller
42ac4fb2cf Run cleanup code if the user hits ^C at the password prompt. 2007-07-22 12:14:18 +00:00
Todd C. Miller
b166928bac Some versions of pam_lastlog have a bug that will cause a crash if 
PAM_TTY is not set so if there is no tty, set PAM_TTY to the empty
string.
 2007-07-22 12:13:07 +00:00
Todd C. Miller
f2433e0368 Linux PAM now defines __LINUX_PAM__, not __LIBPAM_VERSION. 
From Dmitry V. Levin.
 2007-04-20 16:40:59 +00:00
Todd C. Miller
8d97a8d20f If the user enters ^C at the password prompt, abort instead of 
trying to authenticate with an empty password (which causes an
annoying delay).
 2006-09-29 14:53:42 +00:00
Todd C. Miller
d281ff77e2 Fix call to pam_end() when pam_open_session() fails. 2005-06-25 18:29:17 +00:00
Todd C. Miller
d3b45ae3f1 Call pam_open_session() and pam_close_session() to give pam_limits a 
chance to run.  Idea from Karel Zak.
 2005-05-27 05:59:02 +00:00
Todd C. Miller
778d587063 Update copyright years. 2005-02-12 22:56:07 +00:00
Todd C. Miller
6548e82f20 Give user a clue when there is a missing "account" section in the PAM config. 2005-02-05 18:01:55 +00:00
Todd C. Miller
e6f51aa1af Better error handling. 2005-02-05 15:22:46 +00:00
Todd C. Miller
f7adbaddce Fix typo (missing comma) that caused an incorrect number of args 
to be passed to log_error().
 2005-02-05 02:49:53 +00:00
Todd C. Miller
3b8b88407f Add __unused to rcsids 2005-01-27 15:42:30 +00:00
Todd C. Miller
2c2daa8eca Use: #include <config.h> 
Not: #include "config.h"
That way we get the correct config.h when build dir != src dir
 2004-11-19 18:39:14 +00:00
Todd C. Miller
529d2d200e Use pam_acct_mgmt() to check for disabled accounts; Brian Farrell 2004-06-28 14:51:50 +00:00
Todd C. Miller
ecdfa6373f update (c) year 2004-06-07 00:02:56 +00:00
Todd C. Miller
77791e7ab3 Remove trailing spaces, no actual code changes. 2004-06-06 23:58:15 +00:00
Todd C. Miller
56b5cbc899 More to a less restrictive, ISC-style license. 2004-02-13 21:36:47 +00:00
Todd C. Miller
c4a8ab8b99 Use the SET, CLR and ISSET macros. 2004-01-29 22:33:58 +00:00
Todd C. Miller
149862cd9d Move PAM_CONST macro definition from config.h to pam.c where it belongs. 
We can't have this in config.h since that gets included too early.
 2004-01-09 19:39:00 +00:00
Todd C. Miller
aa4eb97ed5 Some PAM implementations put their headers in /usr/include/pam instead 
of /usr/include/security.
 2004-01-09 19:35:54 +00:00
Todd C. Miller
3944237480 Add a zero_bytes() function to do the equivalent of bzero in such a 
way that will heopfully not be optimized away by sneaky compilers.
 2003-12-31 22:46:10 +00:00
Todd C. Miller
6ad252765b Create def_* macros for each defaults value so we no longer need 
the def_{flag,ival,str,list,mode} macros (which have been removed).
This is a step toward more flexible data types in def_data.in.
 2003-12-30 22:20:21 +00:00
Todd C. Miller
d619fd43a1 Fix a core dump on Solaris by preserving the pam_handle_t we used 
during authentication for pam_prep_user().  If we didn't authenticate
(ie: ticket still valid), we call pam_init() from pam_prep_user().
This is something of a hack; it may be better to change the auth
API and add an auth_final() function that acts like pam_prep_user().
 2003-06-29 01:31:55 +00:00
Todd C. Miller
8b45d6459c add DARPA credit on affected files 2003-04-16 00:42:10 +00:00
Todd C. Miller
d6a9e16d95 update copyright year 2003-03-15 20:37:44 +00:00
Todd C. Miller
b49046433a Keep a local copy of tgetpass_flags so we don't add in TGP_ECHO to 
the global copy.  Problem noted by Peter Pentchev.
 2002-12-13 16:33:26 +00:00
Todd C. Miller
abb4e1ad35 Sprinkle some volatile qualifiers to prevent over-enthusiastic 
optimizers from removing memset() calls.
 2002-11-22 19:41:13 +00:00
Todd C. Miller
ef1f01874c Zero and free allocated memory when there is a conversation error. 2002-01-22 16:43:23 +00:00
Todd C. Miller
d195bd7f1b Make this compile w/o warnings 2002-01-21 22:46:02 +00:00
Todd C. Miller
a61088a434 Mention that we can't use pam_acct_mgmt() 2002-01-21 22:36:33 +00:00
Todd C. Miller
0ebe32423f The user's password was not zeroed after use when AIX authentication, 
BSD authentication, FWTK or PAM was in use.
 2002-01-21 22:25:14 +00:00
Todd C. Miller
73979f1a24 Avoid giving PAM a NULL password response, use the empty string instead. 
This avoids a log warning when the user hits ^C at the password prompt
when PAM is in use.
 2002-01-20 19:21:33 +00:00
Todd C. Miller
3a6c0ea2e6 Don't check the return value of pam_setcred(). In Linux-PAM 0.75 
pam_setcred() returns the last saved return code, not the return
code for the setcred module.  Because we haven't called pam_authenticate(),
this is not set and so pam_setcred() returns PAM_PERM_DENIED.
 2002-01-20 00:46:44 +00:00
Todd C. Miller
9a78f6e759 o Add pam_prep_user function to call pam_setcred() for the target user; 
on Linux this often sets resource limits.
o When calling pam_end(), try to convert the auth->result to a PAM_FOO
  value.  This is a hack--we really need to stash the last PAM_FOO
  value received and use that instead.
 2001-12-31 17:18:12 +00:00
Todd C. Miller
79df2fa423 Apparently a NULL response is OK 2001-12-15 02:21:53 +00:00
Todd C. Miller
65fad4df35 o Reorder some headers and use STDC_HEADERS define properly 
o Update copyright year
 2001-12-14 19:52:54 +00:00
Todd C. Miller
88951a3b9d Be carefule now that tgetpass() can return NULL (user hit ^C). 
PAM version needs testing.
Set SIGTSTP to SIG_DFL during password entry so user can suspend us.
 2001-12-09 05:17:00 +00:00