| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2003-06-21 | correct sign of flags; millert ok | Theo de Raadt | |
| 2003-06-20 | Call setusershell() before using getusershell() to guarantee we | Todd C. Miller | |
| start checking on the first line of /etc/shells. Also call endusershell() when we are done. From FreeBSD. | |||
| 2003-06-03 | Remove the advertising clause in the UCB license which Berkeley | Todd C. Miller | |
| rescinded 22 July 1999. Proofed by myself and Theo. | |||
| 2002-12-17 | Only call setlogin() if this proccess is a session leader. | Todd C. Miller | |
| In practice, this means the login name will be set only if we are exec'd by a shell. This is important because otherwise the parent shell's login name would change too. | |||
| 2002-12-08 | GNU semantics say that if optstring begins with '-' then | Todd C. Miller | |
| each non-option shall be treated as arguments to option '\1'. BSD getopt match '-' in optstring with a '-' on the command line. This is used to support deprecated options like "su -" that would otherwise prevent the use of getopt(). Resolving this simply requires that the leading '-' be moved somewhere else (I moved it to the end of optstring) since position within optstring is not meaningful. | |||
| 2002-12-07 | Repair -a flag parsing which I broke in revision 1.47. | Todd C. Miller | |
| 2002-11-08 | In login emulation mode use the same setusercontext() flags as | Todd C. Miller | |
| login(1). Previously, setlogin() was not being done in -L mode. | |||
| 2002-10-16 | Add a new flag, -L, to cause su(1) to loop asking for a login/password | Todd C. Miller | |
| repeatedly until the user authenticates or interrupts things. This will be used to make login(1) no longer setuid. | |||
| 2002-07-22 | auth_close() was not actually getting called in auth_errx?() (not | Todd C. Miller | |
| that it really makes much of a difference). Call vwarnx?() instead of verrx?() and then do the exit inline after auth_close(). That's what I get for doing a cut & paste from err.c... | |||
| 2002-05-29 | KNF | Theo de Raadt | |
| 2002-02-19 | We live in an ANSI C world. Remove lots of gratuitous #ifdef __STDC__ cruft. | Todd C. Miller | |
| 2002-02-16 | Part one of userland __P removal. Done with a simple regexp with some minor ↵ | Todd C. Miller | |
| hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically. | |||
| 2001-09-18 | check strdup() rval | Todd C. Miller | |
| 2001-09-18 | Make a private copy of pwd via pw_dup() since its contents can get | Todd C. Miller | |
| clobbered later on. For some reason this only seems to affect YP. | |||
| 2001-06-25 | Instead of trying to do clever and figure out a root instance for Kerberos, | Hans Insulander | |
| send tell the auth program who the invoking user is, and rely on it to handle root instances for Kerberos. This makes the code much cleaner and simpler. ok millertt@ | |||
| 2001-06-25 | Add a "login" option to allow differentiation between authentication | Todd C. Miller | |
| that creates a login session vs. a simple identity check. Gets passed as a -v option to the login scripts. To be used by kerberos to know when to create new tickets. | |||
| 2001-05-31 | nuke errant ARGSTR that I osmehow missed in the last commit | Todd C. Miller | |
| 2001-05-31 | no longer need ARGSTR macro; sync usage() with man page | Todd C. Miller | |
| 2001-05-29 | add support for BSD authentication | Todd C. Miller | |
| 2000-12-02 | Check for symlinks before overwriting kerberos ticket files. | Hans Insulander | |
| While i'm at it, make sure not to use Kerberos at all if there is no local srvtab. Based on patch from Todd Miller. Reported by <jouko@solutions.fi>. | |||
| 2000-09-15 | check return value for setenv(3) for failure, and deal appropriately | Theo de Raadt | |
| 2000-08-20 | Add calls to setusercontext() and login_get*(). We basically call | Todd C. Miller | |
| setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class. | |||
| 2000-06-30 | warnx?/errx? paranoia (use "%s" not a bare string unless it is a | Todd C. Miller | |
| constant). These are not security holes but it is worth fixing them anyway both for robustness and so folks looking for examples in the tree are not misled into doing something potentially dangerous. Furthermore, it is a bad idea to assume that pathnames will not include '%' in them and that error routines don't return strings with '%' in them (especially in light of the possibility of locales). | |||
| 1998-03-25 | explicit braces to avoid ambigious `else', some small -Wall fixes | Artur Grabowski | |
| and prettier output when asking for kerberos passwd. | |||
| 1997-09-11 | cleanup -Wall | Theo de Raadt | |
| 1997-06-29 | new location of des.h | Niels Provos | |
| 1997-06-27 | fix up KRBTKFILE confusion; dm@ and traister@gate.net | Theo de Raadt | |
| 1997-06-23 | long != int | Theo de Raadt | |
| 1997-06-22 | %u for uid | Theo de Raadt | |
| 1997-06-21 | push KRBTKFILE only if new ticket; dm@openbsd.org and traister@gate.net | Theo de Raadt | |
| 1997-06-20 | worry about #ifdef KERBEROS | Theo de Raadt | |
| 1997-06-20 | when building new environment, do not destroy KRBTKFILE; traister@gate.net | Theo de Raadt | |
| 1997-06-20 | do not conflict with realloc() in setenv(); traister@gate.net | Theo de Raadt | |
| 1997-02-18 | Undo last changes; it makes it impossible to suspect su in Kerberos mode, | Thorsten Lockert | |
| and also interferes with multiple sessions by removing tickets potentially in use by those other sessions. | |||
| 1997-02-11 | Fix for non-kerberos. | Todd C. Miller | |
| 1997-02-11 | Handle tickets the same way as login(1) does; remove when session ends | Thorsten Lockert | |
| 1997-01-15 | getopt(3) returns -1 when out of args, not EOF, whee! | Todd C. Miller | |
| 1996-12-22 | Deal with _POSIX_SAVED_IDS when relinquishing privileges | Thorsten Lockert | |
| 1996-10-27 | Don't use "user" arg verbatim from argv, use the sanitized one in | Todd C. Miller | |
| struct passwd just to be safe. | |||
| 1996-10-26 | Now sets $LOGNAME as per POSIX. | Todd C. Miller | |
| 1996-10-23 | skey_authenticate() now fakes up a challenge if user does not | Todd C. Miller | |
| have an entry in the keys file. Don't want to give info to information gathering attack. | |||
| 1996-10-21 | compile | Theo de Raadt | |
| 1996-10-21 | Test first, then commit, eh? | Todd C. Miller | |
| 1996-10-21 | save a cycle on strncpy() -- pointed out by Theo | Todd C. Miller | |
| 1996-10-21 | sheer raging paranoia -- possible buf olfow. Does not look exploitable. | Todd C. Miller | |
| 1996-10-16 | Check ret val of strdup(3) -- may be NULL. | Todd C. Miller | |
| 1996-10-12 | su.c: minor cleanup, some from FreeBSD | Todd C. Miller | |
| su.1: Examples from FreeBSD + minor nits fixed. | |||
| 1996-10-12 | Fix suage string to match man page. NetBSD PR #2837 | Todd C. Miller | |
| 1996-10-08 | export $TERM only if passed in; joerg@freebsd.org | Theo de Raadt | |
| 1996-07-22 | seteuid for chdir | Theo de Raadt | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |