Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/pam
Commit message (Collapse)AuthorAgeFilesLines
* Various spelling fixesArthur de Jong2019-09-171-1/+1
|
* Fix logic errorArthur de Jong2016-02-221-1/+1
| | | | | | | | | This could result in a free(NULL) call. This code path can only be triggered if pam_ldap changes the logged-in username (introduced in 6a74d8d). Thanks 依云, see https://github.com/arthurdejong/nss-pam-ldapd/issues/11
* Have PAM module log messages to syslogArthur de Jong2015-08-151-0/+8
| | | | | | This logs informational messages that are presented to the user tot syslog. This normally includes password expiry and grace login information which may be useful to log.
* Use correct PIC arg for non-GCC compilersTim Rice2015-03-231-1/+1
|
* Avoid comparison of static array to null pointerPatrick McLean2015-03-111-2/+2
| | | | | | | There are several places where a static length array in a struct is compared to a null pointer. These comparisons will always be false, since an array in a struct is not actually a pointer, so they can be removed.
* Allow configuration of NSS and PAM namesArthur de Jong2015-01-191-3/+3
| | | | This introduces the --with-module-name configure option to allow building of NSS and PAM modules with different namespaces than ldap.
* Add a test for pam_get_item() argument typeArthur de Jong2013-11-251-5/+5
| | | | | | This checks whether pam_get_item() takes a const void ** or void ** item value argument and defines a PAM_ITEM_CONST macro that is const when it should. This avoids some compiler warnings.
* Fix a number of compiler warningsArthur de Jong2013-10-291-3/+3
| | | | | This includes a number of small fixes for issues that were formerly masked by the incorrect AC_LANG_PROGRAM check.
* Initialise msg to avoid potential NULL pointer dereferenceArthur de Jong2013-09-131-1/+1
| | | | | | The NULL pointer dereference in the PAM module should not occur due to the relationship with the rc value that is handled alongside it. This change mostly silences the compiler and protects from future changes.
* Small fix in NEW_AUTHTOK_REQD handlingArthur de Jong2013-08-181-1/+1
| | | | | | | There is a potential memory leak if the old password is saved multiple times. Furthermore, PAM_NEW_AUTHTOK_REQD is only allowed as a result of the authorisation phase, not the authentication phase so there is no use in checking.
* do not recheck the user password in first password phase ↵Arthur de Jong2013-01-061-9/+5
| | | | | | if it was stored in the authentication phase git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1904 ef36b2f9-881f-0410-afb5-c4e39611909c
* save the old password if either the authentication or ↵Arthur de Jong2013-01-051-2/+2
| | | | | | the authorisation response is NEW_AUTHTOK_REQD git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1899 ef36b2f9-881f-0410-afb5-c4e39611909c
* update C coding style to a more commonly used styleArthur de Jong2012-12-222-359/+406
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1873 ef36b2f9-881f-0410-afb5-c4e39611909c
* change PAM protocol to be more consistent and simplerArthur de Jong2012-12-162-163/+207
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1865 ef36b2f9-881f-0410-afb5-c4e39611909c
* switch protocol from host byte order to network byte ↵Arthur de Jong2012-12-162-6/+4
| | | | | | order and switch use of uid_t and gid_t in the protocol to int32 git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1864 ef36b2f9-881f-0410-afb5-c4e39611909c
* use pam_modutil_getpwnam() instead of getpwnam() in PAM ↵Arthur de Jong2012-11-171-1/+1
| | | | | | module git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1832 ef36b2f9-881f-0410-afb5-c4e39611909c
* log the PAM error message along with the message from ↵Arthur de Jong2012-11-111-1/+5
| | | | | | nslcd if it is available git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1823 ef36b2f9-881f-0410-afb5-c4e39611909c
* also check pam_password_prohibit_message in ↵Arthur de Jong2012-07-111-0/+14
| | | | | | pam_sm_authenticate() because Solaris does authentication before pam_sm_chauthtok() (thanks Ted Cheng) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1716 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a pam_password_prohibit_message nslcd.conf ↵Arthur de Jong2012-07-081-0/+23
| | | | | | option to deny password change introducing a NSLCD_ACTION_CONFIG_GET request thanks to Ted Cheng git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1715 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix problem with returning wrong error code when ↵Arthur de Jong2012-06-151-3/+7
| | | | | | changing password with wrong old password (thanks Anton Helwart) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1702 ef36b2f9-881f-0410-afb5-c4e39611909c
* put external libraries at the end when linkingArthur de Jong2011-08-141-3/+4
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1504 ef36b2f9-881f-0410-afb5-c4e39611909c
* make log message clearer when nslcd returns an empty ↵Arthur de Jong2011-04-301-1/+1
| | | | | | response (user not handled) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1450 ef36b2f9-881f-0410-afb5-c4e39611909c
* split setting up of configuration into separate functionArthur de Jong2011-04-301-14/+22
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1448 ef36b2f9-881f-0410-afb5-c4e39611909c
* do not attempt to change password as root when changing ↵Arthur de Jong2011-04-301-1/+1
| | | | | | an expired password git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1445 ef36b2f9-881f-0410-afb5-c4e39611909c
* support more PAM status codes over the nslcd protocolArthur de Jong2011-04-291-0/+2
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1440 ef36b2f9-881f-0410-afb5-c4e39611909c
* small code improvementsArthur de Jong2011-03-192-5/+7
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1400 ef36b2f9-881f-0410-afb5-c4e39611909c
* check for user existence before trying password changeArthur de Jong2011-03-141-0/+29
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1394 ef36b2f9-881f-0410-afb5-c4e39611909c
* update copyright headers to add missing yearsArthur de Jong2011-03-101-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1384 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix distcheck by passing --with-pam-seclib-dir to ↵Arthur de Jong2010-12-291-3/+3
| | | | | | configure and remove unneeded slashes git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1348 ef36b2f9-881f-0410-afb5-c4e39611909c
* fallback to standard PAM error message if one wasn't ↵Arthur de Jong2010-12-121-0/+5
| | | | | | returned by nslcd git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1326 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix installation directory for PAM module (was broken in ↵Arthur de Jong2010-11-071-1/+1
| | | | | | r1239) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1307 ef36b2f9-881f-0410-afb5-c4e39611909c
* make use of UNUSED() consistent throughout the codeArthur de Jong2010-10-101-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1256 ef36b2f9-881f-0410-afb5-c4e39611909c
* put all logic on how to run linker for NSS and PAM ↵Arthur de Jong2010-10-101-5/+0
| | | | | | components in configure script (remove stuff from Makefile.ams) and add Solaris version script (renaming version scripts as needed) (r1250 from -solaris branch) git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1253 ef36b2f9-881f-0410-afb5-c4e39611909c
* improve consistency of code layoutArthur de Jong2010-10-041-2/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1240 ef36b2f9-881f-0410-afb5-c4e39611909c
* merge some of the changes for Solaris portability to ↵Arthur de Jong2010-10-041-3/+6
| | | | | | ease merging, adding --with-pam-seclib-dir, --with-pam-ldap-soname and --with-nss-flavour options and having some auto-detection for SONAMEs and NSS flavour git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1239 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement a rootpwmodpw option that allows root users to ↵Arthur de Jong2010-09-051-1/+14
| | | | | | change user passwords without a password prompt git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1206 ef36b2f9-881f-0410-afb5-c4e39611909c
* rename symbol map files and check for the linker option ↵Arthur de Jong2010-06-152-3/+6
| | | | | | to specify the file with git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1143 ef36b2f9-881f-0410-afb5-c4e39611909c
* make include guard names consistent throughout the ↵Arthur de Jong2010-06-141-3/+3
| | | | | | source and avoid conflicts with system headers git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1140 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix nullok test for password modificationArthur de Jong2010-06-041-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1134 ef36b2f9-881f-0410-afb5-c4e39611909c
* simplify PAM module splitting remapping for ignore_* ↵Arthur de Jong2010-06-021-95/+61
| | | | | | options to a separate function, parsing of try_first_pass and use_first_pass is done by pam_get_authtok(), don't report session errors to the user and make error handling consistent git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1131 ef36b2f9-881f-0410-afb5-c4e39611909c
* implement an nullok PAM option and disable empty ↵Arthur de Jong2010-06-011-1/+18
| | | | | | passwords by default git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1129 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't log failure to do nslcd request to user and log ↵Arthur de Jong2010-06-011-5/+5
| | | | | | authentication errors during password change git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1128 ef36b2f9-881f-0410-afb5-c4e39611909c
* fix typoArthur de Jong2010-05-311-3/+3
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1125 ef36b2f9-881f-0410-afb5-c4e39611909c
* make code more consistentArthur de Jong2010-05-241-9/+9
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1120 ef36b2f9-881f-0410-afb5-c4e39611909c
* don't store use_authtok because pam_get_authtok() looks ↵Arthur de Jong2010-05-241-3/+1
| | | | | | at the arguments itself git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1118 ef36b2f9-881f-0410-afb5-c4e39611909c
* print uid as a longArthur de Jong2010-05-141-1/+1
| | | | git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1107 ef36b2f9-881f-0410-afb5-c4e39611909c
* perform logging from PAM module to syslog and support ↵Arthur de Jong2010-05-142-25/+91
| | | | | | the debug option to log debugging information git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1106 ef36b2f9-881f-0410-afb5-c4e39611909c
* centralise initialising functions needed for every PAM ↵Arthur de Jong2010-05-131-116/+60
| | | | | | call into one function git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1105 ef36b2f9-881f-0410-afb5-c4e39611909c
* also use PAM username instead of one from context for ↵Arthur de Jong2010-05-131-3/+4
| | | | | | session open and close git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1103 ef36b2f9-881f-0410-afb5-c4e39611909c
* replace my_pam_get_authtok() with standard ↵Arthur de Jong2010-05-131-113/+16
| | | | | | pam_get_authtok() function, get rid of get_old_password() and general cleanups and simplifications git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1102 ef36b2f9-881f-0410-afb5-c4e39611909c