Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/pam.c
Commit message (Collapse)AuthorAgeFilesLines
...
* put all HOST_NAME_MAX fallbacks in common.h and fall ↵Arthur de Jong2011-03-121-4/+0
| | | | | | back to _POSIX_HOST_NAME_MAX (thanks Peter Bray) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1390 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix compiler warningArthur de Jong2011-03-091-1/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1383 ef36b2f9-881f-0410-afb5-c4e39611909c
* properly handle user-not-found errors when doing ↵Arthur de Jong2011-03-091-1/+3
| | | | | | authentication (CVE-2011-0438) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1382 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a fqdn variable that can be used inside ↵Arthur de Jong2011-01-291-2/+3
| | | | | | pam_authz_search filters git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1367 ef36b2f9-881f-0410-afb5-c4e39611909c
* try to update the shadowLastChange attribute of a user ↵Arthur de Jong2010-12-261-0/+5
| | | | | | on password change (the update is only tried if the attribute is present to begin with) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1345 ef36b2f9-881f-0410-afb5-c4e39611909c
* always return a positive authorisation result during ↵Arthur de Jong2010-12-121-6/+6
| | | | | | authentication because we don't do any authorisation checks during authentication and this may confuse the PAM module if it's only used for authorisation git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1327 ef36b2f9-881f-0410-afb5-c4e39611909c
* in try_bind(), perform the search ourselves instead of ↵Arthur de Jong2010-12-031-3/+22
| | | | | | using lookup_dn2uid() to also be able to match administrator DNs (thanks to Thaddeus J. Kollar for spotting this) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1318 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix handling of try_bind() result code in ↵Arthur de Jong2010-12-031-3/+3
| | | | | | nslcd_pam_authc() (patch by Thaddeus J. Kollar) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1317 ef36b2f9-881f-0410-afb5-c4e39611909c
* return correct PAM status code for when LDAP server is ↵Arthur de Jong2010-11-171-5/+15
| | | | | | unavailable (based on a patch by Pierre Gambarotto) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1315 ef36b2f9-881f-0410-afb5-c4e39611909c
* switch all internal functions to return an LDAP status codeArthur de Jong2010-11-171-27/+31
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1314 ef36b2f9-881f-0410-afb5-c4e39611909c
* return correct kind of error code from try_pwmod() (bug)Arthur de Jong2010-11-171-1/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1313 ef36b2f9-881f-0410-afb5-c4e39611909c
* log the request with any logged messagesArthur de Jong2010-11-071-0/+5
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1301 ef36b2f9-881f-0410-afb5-c4e39611909c
* avoid unneeded strdup()s by using a passed buffer to ↵Arthur de Jong2010-11-041-10/+5
| | | | | | lookup_dn2uid() and using strcmp() in dn2uid() to see if the existing cached value is ok git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1297 ef36b2f9-881f-0410-afb5-c4e39611909c
* make buffer sizes for PAM requests consistent (and large ↵Arthur de Jong2010-10-131-5/+3
| | | | | | enough for most situations) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1267 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a rootpwmodpw option that allows root users to ↵Arthur de Jong2010-09-051-2/+22
| | | | | | change user passwords without a password prompt git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1206 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix commentArthur de Jong2010-07-181-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1165 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix bug in test (r1127)Arthur de Jong2010-06-011-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1130 ef36b2f9-881f-0410-afb5-c4e39611909c
* add a debug log message when user authentication was ↵Arthur de Jong2010-06-011-0/+2
| | | | | | successful git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1127 ef36b2f9-881f-0410-afb5-c4e39611909c
* make debug logging for pam_authz_search option a little ↵Arthur de Jong2010-05-221-4/+5
| | | | | | more readable git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1113 ef36b2f9-881f-0410-afb5-c4e39611909c
* small compatibility improvementsArthur de Jong2010-05-121-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1100 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename authz_search option to pam_authz_searchArthur de Jong2010-05-081-2/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1089 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement an authz_search option to test whether the ↵Arthur de Jong2010-05-071-1/+122
| | | | | | user is authorised git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1088 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't have myldap_set_credentials() try to open a ↵Arthur de Jong2010-04-131-10/+12
| | | | | | connection but have the PAM code perform a search with the new credentials so we re-use the fail-over mechanism in myldap_search() git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1079 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename admindn option to rootpwmoddnArthur de Jong2010-02-271-9/+9
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1067 ef36b2f9-881f-0410-afb5-c4e39611909c
* add admindn configuration file option that is used when ↵Arthur de Jong2010-01-241-7/+27
| | | | | | modifying another user's password git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1059 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement password changing in the PAM module by ↵Arthur de Jong2009-10-071-27/+63
| | | | | | performing an LDAP password modify EXOP request git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1000 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix for problem when authenticating to LDAP entries ↵Arthur de Jong2009-09-241-0/+11
| | | | | | without a uid attribute git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@992 ef36b2f9-881f-0410-afb5-c4e39611909c
* change authorisation request to also include ruser, ↵Arthur de Jong2009-06-031-1/+8
| | | | | | rhost and tty (based on OpenLDAP cvs) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@916 ef36b2f9-881f-0410-afb5-c4e39611909c
* clean up code a little bit and also do username and ↵Arthur de Jong2009-06-011-82/+45
| | | | | | userdn checks for authorisation call git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@913 ef36b2f9-881f-0410-afb5-c4e39611909c
* normalize username with PAM authentication and some ↵Arthur de Jong2009-05-291-18/+40
| | | | | | reorganisation to make that easier git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@901 ef36b2f9-881f-0410-afb5-c4e39611909c
* refactor protocol reading and writing macros to the ↵Arthur de Jong2009-05-211-23/+23
| | | | | | common directory, use more logical names and in the PAM module no longer use NSS status codes git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@887 ef36b2f9-881f-0410-afb5-c4e39611909c
* cleanupsArthur de Jong2009-05-091-5/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@871 ef36b2f9-881f-0410-afb5-c4e39611909c
* set up basic PAM protocol handling and get ↵Arthur de Jong2009-05-091-109/+181
| | | | | | authentication call working by binding to the server git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@870 ef36b2f9-881f-0410-afb5-c4e39611909c
* perform NSLCD_RESULT_SUCCESS to NSLCD_RESULT_BEGIN ↵Arthur de Jong2009-04-191-7/+7
| | | | | | rename for PAM code git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@837 ef36b2f9-881f-0410-afb5-c4e39611909c
* initial version of experimental PAM support taken from ↵Arthur de Jong2009-04-181-0/+226
OpenLDAP/contrib/slapd-modules/nssov by Howard Chu <hyc@symas.com> (license change of nssov/pam.c to nslcd/pam.c is approved) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@832 ef36b2f9-881f-0410-afb5-c4e39611909c