Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-02-18 | Eliminate separate build tree for sss_client | Stephen Gallagher | 1 | -1166/+0 | |
2010-02-12 | Make change password errors more transparent | Sumit Bose | 1 | -0/+42 | |
2010-02-10 | Make return values more specific during password change | Sumit Bose | 1 | -0/+24 | |
- return PAM_AUTHTOK_ERR instead of PAM_SYSTEM_ERR if the password change operation fails - send a message to the user if the system is offline and the password cannot be changed | |||||
2010-02-10 | Send a message to the user if the login is delayed | Sumit Bose | 1 | -0/+59 | |
2010-02-05 | Add missing include | Jakub Hrozek | 1 | -0/+1 | |
2010-02-02 | Warn the user if authentication happens offline | Sumit Bose | 1 | -0/+82 | |
2010-02-01 | Improve logging of pam_sss | Sumit Bose | 1 | -9/+46 | |
To avoid unnecessary messages in the log files of the system we only send log messages for PAM modules type which are explicitly handled by sssd. Furthermore only the authentication modules sends a log message when the operation was successful. All other modules only sends a message if an error occurs. This patch should fix bz556534. | |||||
2010-02-01 | Avoid 'PAM' at the beginning of define and enum names | Sumit Bose | 1 | -27/+28 | |
2010-02-01 | Rename PAM_USER_INFO to PAM_SYSTEM_INFO | Sumit Bose | 1 | -2/+2 | |
2010-01-22 | Pointers to non 32 bit aligned data were being cast to uint32_t * | George McCollister | 1 | -27/+38 | |
uint32_t pointers must point to 32 bit aligned data on ARM. Instead of padding the data to force it into alignment I altered the code to memcpy the data to an aligned location. I'd appreciate any and all feedback especially on whether I took the best approach. pam_test_client auth and pam_test_client acct now work on my armeb-xscale-linux-gnueabi target. Signed-off-by: George McCollister <georgem@opteron.novatech-llc.com> | |||||
2009-12-18 | Handle chauthtok with PAM_PRELIM_CHECK separately | Sumit Bose | 1 | -1/+1 | |
If pam_sm_chauthtok is called with the flag PAM_PRELIM_CHECK set we generate a separate call to the sssd to validate the old password before asking for a new password and sending the change password request. | |||||
2009-11-06 | Clean up unused dependencies | Stephen Gallagher | 1 | -1/+0 | |
2009-10-14 | use old password if available during password change | Sumit Bose | 1 | -8/+9 | |
- if the password is reset by root we do not ask for a password during PAM_PRELIM_CHECK. But if there is one available during PAM_UPDATE_AUTHTOK we will use it, because now we are in an expired password dialog. | |||||
2009-10-08 | add syslog message similar to pam_unix | Sumit Bose | 1 | -2/+14 | |
2009-10-05 | ask for new password if password is expired | Sumit Bose | 1 | -7/+40 | |
2009-10-05 | move password handling into subroutines | Sumit Bose | 1 | -71/+117 | |
2009-09-14 | make cli_pid mandatory and increase version number of pam protocol | Sumit Bose | 1 | -2/+2 | |
2009-09-14 | remove unused client locale from PAM protocol | Sumit Bose | 1 | -19/+0 | |
2009-09-14 | Let the PAM client send its PID | Sumit Bose | 1 | -9/+34 | |
- the client sends the PID as uint32_t and sssd will use uint32_t too - fix a possible type issue where a uint32_t is sent as int32 in internal dbus communication | |||||
2009-09-11 | Add copyright notices | Jakub Hrozek | 1 | -0/+20 | |
Fixes: #138 | |||||
2009-08-27 | do not show server messages to user | Sumit Bose | 1 | -5/+0 | |
2009-07-22 | cleanup of pam_sss | Sumit Bose | 1 | -250/+241 | |
- make pam_sss work with pam_cracklib and similar pam modules - clean up the if-&&-else-|| jungle to make clear what is happening | |||||
2009-07-03 | Cleanup warnings in client and server code | Simo Sorce | 1 | -2/+2 | |
2009-07-02 | added kerberos backend with tevent_req event handling | Sumit Bose | 1 | -1/+1 | |
2009-06-25 | Implement _pam_overwrite_n(n,x) for older systems | Stephen Gallagher | 1 | -0/+1 | |
OSes based on older versions of the PAM development libraries lack the _pam_overwrite_n(n,x) macro. This patch copies the Fedora 11 pam-devel-1.0.91-6 implementation into an SSSD private header. This affects RHEL5 and SUSE10. | |||||
2009-06-02 | Don't mix strdup and static strings | Simo Sorce | 1 | -1/+1 | |
2009-05-26 | Initial gettext framework for sss_clients | Stephen Gallagher | 1 | -1/+7 | |
2009-05-17 | Build fixes | Simo Sorce | 1 | -0/+2 | |
Comment out unused function in pam_sss Add missing configure.ac to common/ini | |||||
2009-05-15 | added new pam client protocol | Sumit Bose | 1 | -2/+136 | |
2009-05-08 | added syslog support to pam_sss | Sumit Bose | 1 | -5/+40 | |
2009-05-08 | cleanup and fixes for pam_sss | Sumit Bose | 1 | -190/+352 | |
- if PAM_USER==root return PAM_USER_UNKNOWN - pam_sss now can handle to following options: - use_first_pass: forces the module to use a previous stacked modules password and will never prompt the user - use_authtok: when password changing enforce the module to set the new password to the one provided by a previously stacked password module - forward_pass: store the passwords collected by the module as pam items for modules called later in the stack | |||||
2009-04-29 | Fix Indentation | Simo Sorce | 1 | -88/+89 | |
2009-04-29 | reuse authtok which is already in the pam stack | Sumit Bose | 1 | -2/+22 | |
2009-04-23 | allow to forward the authtok to other pam modules | Sumit Bose | 1 | -0/+16 | |
Other pam modules which are called after pam_sss might want to reuse the given password so that the user is not bothered with multiple password prompt. When pam_sss is configured with the option 'forward_pass' it will use pam_set_item to safe the password for other pam modules. | |||||
2009-03-25 | Fix compilation error due to implicit cast | Stephen Gallagher | 1 | -2/+2 | |
2009-03-20 | added response type PAM_ENV_ITEM and integrated response data into dbus messages | Sumit Bose | 1 | -0/+32 | |
2009-03-10 | Remove unexisting left over header | Simo Sorce | 1 | -1/+0 | |
Also bump up the version as this error prevented a successful build of 0.2.0 | |||||
2009-03-10 | added generic PAM return messages and a false login delay | Sumit Bose | 1 | -15/+59 | |
2009-03-05 | added password reset by root | Sumit Bose | 1 | -9/+33 | |
2009-03-02 | first version of LOCAL pam backend | Sumit Bose | 1 | -0/+6 | |
2009-02-24 | Add PAM client | Sumit Bose | 1 | -0/+324 | |
Also rename nss_client to sss_client and reuse the same pipe protocol for both the NSS and PAM client libraries. Signed-off-by: Simo Sorce <ssorce@redhat.com> |