OpenPAM

Timeline
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

50 most recent check-ins related to "trunk"

2014-11-02
13:47
Make sure we package symlinks as well as files, but don't package .la files. Leaf check-in: 1e2d96fb7a user: des tags: trunk, svn-rev-838
2014-10-28
17:50
Oops - the line count is incremented by the line continuation, not by the word that precedes it. check-in: f883983025 user: des tags: trunk, svn-rev-837
17:47
Further improve the line continuation tests. check-in: 610ace6b1f user: des tags: trunk, svn-rev-836
13:48
Add a test case for line continuation within whitespace, similar to the corresponding test in t_openpam_readword. check-in: 6c46f9eda5 user: des tags: trunk, svn-rev-835
10:25
Add configure options to build as much as possible using the system libpam and / or liboath. Doing so disables building the corresponding library and its documentation, but still builts the corresponding tools and modules and runs the unit tests. check-in: 6ed1a09c60 user: des tags: trunk, svn-rev-834
09:03
Use $() instead of @@ in Makefiles. Don't build OATH man pages if --without-oath. check-in: e4210b6251 user: des tags: trunk, svn-rev-833
2014-10-24
11:14
Change manifest syntax from YAML to UCL to match recent versions of pkg. Also, move the description out of the script. check-in: 3578152b2c user: des tags: trunk, svn-rev-832
10:58
Remove obsolete text. check-in: dc817a2483 user: des tags: trunk, svn-rev-831
08:49
staticize t_plan check-in: 5eb551d582 user: des tags: trunk, svn-rev-830
2014-10-23
08:25
Better tests for line continuation. check-in: ffc118cff2 user: des tags: trunk, svn-rev-828
2014-10-22
10:03
Add a calc command that prints the current code. check-in: 2c3e230a26 user: des tags: trunk, svn-rev-827
2014-10-18
22:35
Remove unused variable. check-in: 96303d7417 user: des tags: trunk, svn-rev-824
2014-10-16
13:44
Compare the return value from mmap() to MAP_FAILED, not NULL. check-in: f91967f73b user: des tags: trunk, svn-rev-823
2014-10-09
14:45
Avoid double-quoting function-like macros. check-in: dfdd990da0 user: des tags: trunk, svn-rev-821
14:34
Small tweak to avoid marking up initialisms and acronyms like GCC, API and PAM as code. As a side effect, this simplifies the code for CVEs. check-in: 0394c47cc9 user: des tags: trunk, svn-rev-820
14:28
Refactor. The only major change is that CVE numbers now link to the corresponding NVD database entry. check-in: d1084bd842 user: des tags: trunk, svn-rev-819
2014-10-08
11:02
- Set the sameuser flag when a non-root user manipulates their own key. - Rename the uri command to geturi (but retain backward compatibility). - Add a getkey command that prints the key in hexadecimal. check-in: 846f86fdc2 user: des tags: trunk, svn-rev-818
10:58
Remove superfluous comments and blank lines. check-in: 1e0f39de5d user: des tags: trunk, svn-rev-817
2014-09-12
07:46
Spell out option names check-in: 078b80035e user: des tags: trunk, svn-rev-814
07:46
Gavin helped out with CVE-2014-3879 check-in: b99eb61794 user: des tags: trunk, svn-rev-813
07:23
Push back one day. check-in: ba81ad34e5 user: des tags: trunk, svn-rev-811
2014-09-09
11:01
typo check-in: 285048c0f6 user: des tags: trunk, svn-rev-809
09:33
Prepare for releasing Ourouparia on Thursday. check-in: eabae2b7a6 user: des tags: trunk, svn-rev-806
09:13
Include CVE numbers when available check-in: 3f602e46ac user: des tags: trunk, svn-rev-805
09:11
Remove keywords from pure text files. check-in: 35f4088d20 user: des tags: trunk, svn-rev-804
09:07
Introduce strlset(), a memset() variant for strings where the actual size of the buffer is not necessarily known, and which can replace the "memset(str, 0, strlen(str))" idiom. Use it to clear buffers which may have contained authentication tokens. check-in: 846d7d18e9 user: des tags: trunk, svn-rev-803
08:08
From NetBSD: require at least one service function to have succeeded. check-in: 4c02729206 user: des tags: trunk, svn-rev-802
2014-09-08
12:42
Belatedly document the addition of module search paths. check-in: 2311f7fc2f user: des tags: trunk, svn-rev-800
2014-07-10
17:16
Spell the name of the University of Oslo in English. check-in: 6192379474 user: des tags: trunk, svn-rev-799
2014-06-10
21:27
Add missing cast. Submitted by: Jörg Sonnenberger <joerg@britannica.bec.de> check-in: 6b95d23709 user: des tags: trunk, svn-rev-797
2014-06-03
21:27
In openpam_parse_chain(): 1. Finish a comment which was meant to describe the four different termination conditions for the loop in openpam_parse_chain() but ended in mid-sentence. 2. Ensure that errno is consistently set to EINVAL if a syntax error is encountered in the policy file. 3. If openpam_load_module() fails because the module could not be loaded, set errno to ENOEXEC instead of ENOENT. This closes a hole where a missing module or a typo in a module name would cause the corresponding chain to fail open. Normally, if the policy exists but cannot be loaded, openpam_load_chain() will return an error, and openpam_configure() will discard any partially constructed chains. However, openpam_load_chain() interprets ENOENT to mean that the policy was not found, so it does not immediately return an error, the partially-loaded chain is not discarded, and the policy is incorrectly considered to have been successfully loaded. 4. Ensure that errors encountered while parsing an included policy are correctly propagated to the original policy, and that ENOENT while processing an include directive is a hard error, not a soft error. CVE-2014-3879 check-in: 0c1f0dad51 user: des tags: trunk, svn-rev-795
2014-04-11
10:35
For TOTP keys, we record when the key was last used. For HOTP keys, however, we want to record the *next* allowed counter value. check-in: 15cac5bc81 user: des tags: trunk, svn-rev-794
2014-03-17
14:27
Add a test for lines containing more words than will fit in openpam_readword()'s initial allocation. check-in: d1dba799b5 user: des tags: trunk, svn-rev-793
14:11
Support line continuation in whitespace. check-in: 3d00ab46d7 user: des tags: trunk, svn-rev-792
14:10
Missed one check-in: ba1efd50a1 user: des tags: trunk, svn-rev-791
14:08
Additional tests for various end-of-line / end-of-file corner cases, and for comments that aren't comments. check-in: e9a1b43d6c user: des tags: trunk, svn-rev-790
2014-03-12
00:04
Fix headers check-in: abfd8c88ea user: des tags: trunk, svn-rev-789
00:03
I must have been drunk when I wrote this. check-in: ef81458892 user: des tags: trunk, svn-rev-788
2014-03-10
15:43
Compress man pages before generating the manifest. check-in: 177415585f user: des tags: trunk, svn-rev-787
15:37
Move oath_key_from_file() into a separate source file and document it. check-in: 61a0543a96 user: des tags: trunk, svn-rev-786
15:37
Missing word check-in: 96d2019111 user: des tags: trunk, svn-rev-785
15:31
Implement keyfile writeback. check-in: 8259cfafd1 user: des tags: trunk, svn-rev-784
11:13
Fix buffer overflow in the b64complete test case by increasing the size of the buffer used in tests. check-in: d80350d499 user: des tags: trunk, svn-rev-783
10:03
Don't forget do distribute oath_impl.h. check-in: a55b1f9eef user: des tags: trunk, svn-rev-782
09:59
Generate man pages for oath_key_from_uri() and oath_uri_decode(). check-in: 9973a776f6 user: des tags: trunk, svn-rev-781
09:55
Rudimentary key management tool. check-in: d8f81f417a user: des tags: trunk, svn-rev-780
2014-03-09
14:11
When I changed the argument type from uint8_t * to char *, I forgot that they were being used as array indices. Cast them back to uint8_t. check-in: ce39eb9ed4 user: des tags: trunk, svn-rev-779
14:10
Add test vectors which encode to the complete alphabet. check-in: 0cd58588f8 user: des tags: trunk, svn-rev-778
13:08
Support (but ignore, for now) the issuer parameter. check-in: 4feb45a7fa user: des tags: trunk, svn-rev-777
12:48
Encoder: - Return the desired length when the buffer is too small. - Annotate the switch so Bullseye doesn't complain about an uncovered default case. Decoder: - The table approach was a good idea, but there was no way to tell the difference between a character that decodes as 0 and an invalid character. Modify the tables so an invalid character is indicated by 0xff instead of 0x00. - Check that padding starts in a valid position. Note that we still don't check for left-over bits. - The overflow test always failed, because we set *olen = len before comparing them. check-in: 8daaa8b636 user: des tags: trunk, svn-rev-776