Age | Commit message (Collapse) | Author | |
---|---|---|---|
2001-06-25 | Instead of trying to do clever and figure out a root instance for Kerberos, | Hans Insulander | |
send tell the auth program who the invoking user is, and rely on it to handle root instances for Kerberos. This makes the code much cleaner and simpler. ok millertt@ | |||
2001-06-25 | Add a "login" option to allow differentiation between authentication | Todd C. Miller | |
that creates a login session vs. a simple identity check. Gets passed as a -v option to the login scripts. To be used by kerberos to know when to create new tickets. | |||
2001-05-31 | nuke errant ARGSTR that I osmehow missed in the last commit | Todd C. Miller | |
2001-05-31 | no longer need ARGSTR macro; sync usage() with man page | Todd C. Miller | |
2001-05-29 | add support for BSD authentication | Todd C. Miller | |
2000-12-02 | Check for symlinks before overwriting kerberos ticket files. | Hans Insulander | |
While i'm at it, make sure not to use Kerberos at all if there is no local srvtab. Based on patch from Todd Miller. Reported by <jouko@solutions.fi>. | |||
2000-09-15 | check return value for setenv(3) for failure, and deal appropriately | Theo de Raadt | |
2000-08-20 | Add calls to setusercontext() and login_get*(). We basically call | Todd C. Miller | |
setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class. | |||
2000-06-30 | warnx?/errx? paranoia (use "%s" not a bare string unless it is a | Todd C. Miller | |
constant). These are not security holes but it is worth fixing them anyway both for robustness and so folks looking for examples in the tree are not misled into doing something potentially dangerous. Furthermore, it is a bad idea to assume that pathnames will not include '%' in them and that error routines don't return strings with '%' in them (especially in light of the possibility of locales). | |||
1998-03-25 | explicit braces to avoid ambigious `else', some small -Wall fixes | Artur Grabowski | |
and prettier output when asking for kerberos passwd. | |||
1997-09-11 | cleanup -Wall | Theo de Raadt | |
1997-06-29 | new location of des.h | Niels Provos | |
1997-06-27 | fix up KRBTKFILE confusion; dm@ and traister@gate.net | Theo de Raadt | |
1997-06-23 | long != int | Theo de Raadt | |
1997-06-22 | %u for uid | Theo de Raadt | |
1997-06-21 | push KRBTKFILE only if new ticket; dm@openbsd.org and traister@gate.net | Theo de Raadt | |
1997-06-20 | worry about #ifdef KERBEROS | Theo de Raadt | |
1997-06-20 | when building new environment, do not destroy KRBTKFILE; traister@gate.net | Theo de Raadt | |
1997-06-20 | do not conflict with realloc() in setenv(); traister@gate.net | Theo de Raadt | |
1997-02-18 | Undo last changes; it makes it impossible to suspect su in Kerberos mode, | Thorsten Lockert | |
and also interferes with multiple sessions by removing tickets potentially in use by those other sessions. | |||
1997-02-11 | Fix for non-kerberos. | Todd C. Miller | |
1997-02-11 | Handle tickets the same way as login(1) does; remove when session ends | Thorsten Lockert | |
1997-01-15 | getopt(3) returns -1 when out of args, not EOF, whee! | Todd C. Miller | |
1996-12-22 | Deal with _POSIX_SAVED_IDS when relinquishing privileges | Thorsten Lockert | |
1996-10-27 | Don't use "user" arg verbatim from argv, use the sanitized one in | Todd C. Miller | |
struct passwd just to be safe. | |||
1996-10-26 | Now sets $LOGNAME as per POSIX. | Todd C. Miller | |
1996-10-23 | skey_authenticate() now fakes up a challenge if user does not | Todd C. Miller | |
have an entry in the keys file. Don't want to give info to information gathering attack. | |||
1996-10-21 | compile | Theo de Raadt | |
1996-10-21 | Test first, then commit, eh? | Todd C. Miller | |
1996-10-21 | save a cycle on strncpy() -- pointed out by Theo | Todd C. Miller | |
1996-10-21 | sheer raging paranoia -- possible buf olfow. Does not look exploitable. | Todd C. Miller | |
1996-10-16 | Check ret val of strdup(3) -- may be NULL. | Todd C. Miller | |
1996-10-12 | su.c: minor cleanup, some from FreeBSD | Todd C. Miller | |
su.1: Examples from FreeBSD + minor nits fixed. | |||
1996-10-12 | Fix suage string to match man page. NetBSD PR #2837 | Todd C. Miller | |
1996-10-08 | export $TERM only if passed in; joerg@freebsd.org | Theo de Raadt | |
1996-07-22 | seteuid for chdir | Theo de Raadt | |
1996-06-26 | rcsid | Theo de Raadt | |
1996-01-07 | more traditional semantics. if wheel group has no listed users, anyone | Theo de Raadt | |
can su to root. default wheel group lists "root" as a user, thus defaulting to a secure envirment. from arnej@pvv.unit.no; netbsd pr#1894 | |||
1995-12-16 | Make it possible to build without SKEY support | Thorsten Lockert | |
Add support for building with kerberosIV | |||
1995-10-18 | initial import of NetBSD tree | Theo de Raadt | |