|
Revision tags: v6.2.1, v6.2.0, v6.3.0, v6.0.1, v6.0.0, v6.0.0rc1, v6.1.0, v5.8.3, v5.8.2, v5.8.1, v5.8.0, v5.9.0, v5.8.0rc1, v5.6.3, v5.6.2, v5.6.1, v5.6.0, v5.6.0rc1, v5.7.0, v5.4.3 |
|
| #
ed5666c1 |
| 22-Apr-2019 |
zrj <rimvydas.jasinskas@gmail.com> |
Deprecate and remove OPIE from PAM.
This will require user intervention to manually disable OPIE usage or
cleanly reinstall pam.d/* (even better if no modifications were done).
Due to very strict us
Deprecate and remove OPIE from PAM.
This will require user intervention to manually disable OPIE usage or
cleanly reinstall pam.d/* (even better if no modifications were done).
Due to very strict used "requisite" requirements any pam_opie loading
error will result in unusable system except for singe user mode.
Add warning for the user. Sooner or later this will need to be done.
While there, disable installing /etc/pam.d/rsh script. It can be removed.
show more ...
|
|
Revision tags: v5.4.2, v5.4.1, v5.4.0, v5.5.0, v5.4.0rc1, v5.2.2, v5.2.1, v5.2.0, v5.3.0, v5.2.0rc, v5.0.2, v5.0.1, v5.0.0, v5.0.0rc2, v5.1.0, v5.0.0rc1, v4.8.1, v4.8.0, v4.6.2, v4.9.0, v4.8.0rc, v4.6.1, v4.6.0, v4.6.0rc2, v4.6.0rc, v4.7.0, v4.4.3, v4.4.2, v4.4.1, v4.4.0, v4.5.0, v4.4.0rc, v4.2.4, v4.3.1, v4.2.3, v4.2.1, v4.2.0, v4.0.6, v4.3.0, v4.2.0rc, v4.0.5, v4.0.4, v4.0.3, v4.0.2, v4.0.1, v4.0.0, v4.0.0rc3, v4.0.0rc2, v4.0.0rc, v4.1.0, v3.8.2, v3.8.1, v3.6.3, v3.8.0, v3.8.0rc2, v3.9.0, v3.8.0rc, v3.6.2, v3.6.1, v3.6.0, v3.7.1, v3.6.0rc, v3.7.0, v3.4.3, v3.4.2, v3.4.0, v3.4.1, v3.4.0rc, v3.5.0, v3.2.2, v3.2.1, v3.2.0, v3.3.0, v3.0.3 |
|
| #
2edc29ca |
| 11-Jul-2012 |
Peter Avalos <pavalos@dragonflybsd.org> |
pam.d: Delete some files that don't belong.
While I'm here, fix some whitespace issues and pam_ssh examples (add
want_agent).
|
|
Revision tags: v3.0.2, v3.0.1, v3.1.0, v3.0.0 |
|
| #
86d7f5d3 |
| 26-Nov-2011 |
John Marino <draco@marino.st> |
Initial import of binutils 2.22 on the new vendor branch
Future versions of binutils will also reside on this branch rather
than continuing to create new binutils branches for each new version.
|
|
Revision tags: v2.12.0, v2.13.0, v2.10.1, v2.11.0, v2.10.0, v2.9.1, v2.8.2, v2.8.1, v2.8.0, v2.9.0, v2.6.3, v2.7.3, v2.6.2, v2.7.2, v2.7.1, v2.6.1, v2.7.0, v2.6.0, v2.5.1, v2.4.1, v2.5.0, v2.4.0, v2.3.2, v2.3.1, v2.2.1, v2.2.0, v2.3.0 |
|
| #
bf9ce431 |
| 02-Jan-2009 |
Peter Avalos <pavalos@theshell.com> |
Sync ftpd(8) with FreeBSD. Here are the highlights:
-Prevent cross-site forgery attacks on ftpd(8) due to splitting
long commands into multiple requests.
-Switch from S/Key to OPIE.
-Add PAM suppo
Sync ftpd(8) with FreeBSD. Here are the highlights:
-Prevent cross-site forgery attacks on ftpd(8) due to splitting
long commands into multiple requests.
-Switch from S/Key to OPIE.
-Add PAM support for account management and sessions.
-Avoid calling uninitialized function pointers in protocol switch
code.
-Add support for RFC 2389 (FEAT) and RFC 2640 (UTF8) to ftpd(8).
-Use uniform punctuation, capitalization, and language style
in server messages wherever this doesn't contradict to a particular
message format.
-Use the standardized CHAR_BIT constant instead of NBBY.
-Let tilde expansion be done even if a file/directory doesn't exist yet.
This makes such natural commands as "MKD ~user/newdir" or "STOR
~/newfile" do what they are supposed to instead of failing miserably
with the "File not found" error.
-ANSI function declarations.
-Remove (void) casts and register keyword.
-Block SIGURG while reading from the control channel.
SIGURG is configured by ftpd to interrupt system calls, which is useful
during data transfers. However, SIGURG could interrupt I/O on the
control channel as well, which was mistaken for the end of the session.
A practical example could be aborting the download of a tiny file,
when the abort sequence reached ftpd after ftpd had passed the file
data to the system and returned to its command loop.
-Improve error handling in getline().
-Log pathname arguments to ftp commands as the user specified them;
add the working directory pathname to the log message if any of
such arguments isn't absolute. This has advantage over the old
way of logging that an admin can see what users are actually trying
to do, and where. The old code was also not too robust when it
came to a chrooted session and an absolute pathname.
-Improve handling SIGURG and OOB commands on the control channel.
The major change is to process STAT sent as an OOB command w/o
breaking the current data transfer. As a side effect, this gives
better error checking in the code performing data transfers.
-Never emit a message to stderr: use syslog instead.
When in inetd mode, this prevents bogus messages from
appearing on the control channel. When running as a
daemon, we shouldn't write to the terminal we used to
have at all.
-Don't depend on IPv4-mapped IPv6 address to bind to both IPv4
and IPv6.
-Work around a bug in some clients by never returning raw directory
contents in reply to a RETR command. Such clients consider RETR
as a way to tell a file from a directory.
-Log the actual number of bytes sent on the wire to /var/log/ftpd
instead of the disk size of the file sent. Since the log file
is intended to provide data for anonymous ftp traffic accounting,
the disk size of the file isn't really informative in this case.
show more ...
|
|
Revision tags: v2.1.1, v2.0.1 |
|
| #
73c4f380 |
| 22-Jul-2005 |
Joerg Sonnenberger <joerg@dragonflybsd.org> |
Split monolithic /etc/pam.conf into separate files for each service
under /etc/pam.d. The README was obtained from FreeBSD, the convert.sh
script is inspired by convert.pl, but works with sh and awk
Split monolithic /etc/pam.conf into separate files for each service
under /etc/pam.d. The README was obtained from FreeBSD, the convert.sh
script is inspired by convert.pl, but works with sh and awk only.
If you just want to convert your existing configuration to the new
format, run "sh /etc/pam.d/convert.sh". You can remove /etc/pam.conf
afterwards.
show more ...
|