12011-07-29 2 * tests/: remove some bashisms, add more explicit error reporting to 3 the test harness (trac #1, Aleksander Adamowski) 4 52011-07-28 6 * src/session.c,src/session.h: make the current open/close session 7 function into one that's called with an extra parameter to help 8 clarify when we're calling it 9 * src/auth.c: call the new open/close session "worker" function with 10 information indicating that it's really a setcred call 11 * configure.ac: add a --with-default-no-cred-session option 12 * src/options.c,src/options.h: track the cred_session option 13 * src/pam_krb5.5.in,src/pam_krb5.8.in: note "cred_session" 14 * src/session.c: when opening/closing a session, if cred_sessios is 15 false and we're called from pam_sm_setcred, just return success 16 * src/auth.c: when we get non-"external" creds, be sure to note that 17 * src/sly.c: if libpam has a KRB5CCNAME set, look there for creds 18 before looking in the default location 19 * src/stash.c: always re-read "external" creds when called by libpam 20 * src/tokens.c: create a temporary in-memory ccache for use in 21 obtaining tokens using v5 creds, since we might not be creating one 22 on disk any more 23 242011-04-27 25 * configure.ac: check for krb5_set_trace_callback() 26 * src/log.h,src/logpam.c,src/logstdio.c: add a trace() function 27 to log trace messages along with debug messages 28 * src/options.c: set the trace callback to our own logging function 29 if the "trace" option is enabled 30 * src/pam_krb5.5.in,src/pam_krb5.8.in,README: make a note about 31 the "trace" option 32 332011-04-27 34 * src/password.c(pam_sm_chauthtok): if we managed to get password 35 changing creds the first time, don't try again, but do prompt for 36 a password if we're still expected to be the module that does it 37 382011-03-25 39 * src/stash.c(_pam_krb5_stash_external_read): add a flag to track 40 whether or not our creds were externally obtained, and set it 41 correctly 42 * src/session.c(pam_sm_open_session): only create a v5 ccache if 43 the creds we have weren't externally obtained (#690832) 44 452011-03-03 46 * src/v5.c(v5_change_password): prefer krb5_change_password() over 47 krb5_set_password() 48 * configure.ac: go back to checking for address manipulation 49 declarations 50 * tests: disable tests that depend on address manipulation if we 51 didn't find those functions; run the test kdc on tcp, too 52 532010-09-07 54 * src/kuserok.c(add a double-check using krb5_aname_to_localname() 55 when options->always_allow_localname is set) 56 * src/options.c: parse options->always_allow_localname 57 582010-07-22 59 * src/v5.c(v5_validate_ccache): add, using user-to-user auth with an 60 already-present ccache to verify that the KDC that issued the just- 61 obtained creds was the same one that issued the previously-obtained 62 ones. 63 * src/v5.c(v5_validate_keytab): rename from the previous v5_validate 64 function. 65 * src/v5.c(v5_validate): try to validate using the keytab first, and 66 if we don't get a definite answer, maybe try with the default ccache 67 * src/v5.c(v5_get_creds): keep track of whether or not validation 68 found keys that could be used for validation 69 * src/options.c,src/v5.c: make validation using user-to-user logic an 70 option, and enable it by default 71 * src/v5.c(v5_validate_keytab): split out the server principal 72 selection logic into a separate "v5_select_keytab_service" function 73 * src/v5.c(v5_validate_keytab): rename to v5_validate_using_keytab, 74 using v5_select_keytab_service() to select a service name, or using 75 NULL if it fails for whatever reason. 76 * src/v5.c(v5_validate_ccache): rename to v5_validate_using_ccache 77 * src/v5.c(v5_get_creds): drop logic that cares about whether or not 78 we found acceptable keys 79 * src/options.c,src/pam_krb5.5.in,src/pam_krb5.8.in: switch to enabling 80 validation by default 81 822010-03-29 83 * src/options.c,src/options.h,src/acct.c,src/auth.c: add and heed an 84 "ignore_k5login" boolean option. 85 862010-03-08 87 * krb5.spec,configure.ac: 2.3.11 88 892010-02-24 90 * src/v5.c,v5.h: add wrapper functions for reading a cred keyblock as 91 a keyblock (v5_creds_get_key) and a ticket's client 92 (v5_ticket_get_client), and a wrapper for the set-user-to-user-key 93 function (v5_auth_con_setuserkey). 94 * src/uuauth.c: use the just-introduced abstractions 95 * src/v5.c,v5.h: add wrapper function for krb5_enctype_to_string() 96 972010-02-12 98 * src/minikafs.c: crank up debug verbosity (Chris Wing, #157107) 99 * src/kuserok.c(_pam_krb5_kuserok): also set up the user's ccache, 100 in case there's a process on the box that expects the user to have 101 creds before it can look up the location of the user's .k5login file 102 or read from it (#563442) 103 * src/harness.c: fix --debug 104 * src/kuserok.c,src/storetmp.c: don't close stdio on our helpers if 105 we don't need to 106 * src/logstdio.c: make it clear when a subprocess is debug logging 107 1082010-01-19 109 * src/minikafs.c: call krb5_allow_weak_crypto(), if defined, before 110 doing anything with DES. call krb5_enctype_enable(), if defined, 111 before attempting to get a credential with a specific enctype. 112 1132010-01-07 114 * configure.in: check for krb5_change_password, krb5_set_password, 115 krb5_xfree 116 * src/v5.c: add v5_change_password(); make v5_free_unparsed_name() 117 call krb5_xfree(), if it exists, in preference over 118 krb5_free_unparsed_name() or free() 119 * src/password.c: use v5_change_password() 120 1212009-12-11 122 * Makefile.am,configure.ac: relegate use of RPM to the 'archive' 123 target, don't use it in our regular build machinery 124 * configure.ac,src/options.c,src/stash.c,src/v4.c,src/v5.c: add a 125 'multiple_ccaches' option, and change the default behavior from on 126 to off 127 * configure.ac,src/options.c: allow setting a default value for 128 chpw_prompt 129 1302009-11-10 131 * src/harness.c: we're not using our internal logging stuff, so we can 132 eject most of the Kerberos-specific bits 133 1342009-10-07 135 * src/prompter.c(_pam_krb5_prompt_type): add, abstracting out an 136 API difference. 137 * src/prompter.c(_pam_krb5_generic_prompter): use prompt type 138 information to override prompt text for new passwords. Change saving 139 of the PAM_AUTHTOK so that we do so only when we've asked for both a 140 new password and confirmation. Fix what might have been a bug in 141 how we number responses when we're asked for the current password and 142 we're suppressing such requests in unknown cases where libkrb5 could 143 ask both for the current and new passwords. 144 * src/tokens.c,src/minikafs.c,src/afs5log.c,src/options.c: fix some 145 signedness warnings 146 1472009-10-05 148 * src/prompter.c(_pam_krb5_prompt_is_for_password): check the 149 prompt_type first. 150 1512009-10-05 152 * src/options.c(_pam_krb5_options_init): parse the "chpw_prompt" 153 flag 154 * src/initopts.c(_pam_krb5_set_init_opts): enable or disable 155 change-expired-password behavior based on the chpw_prompt setting 156 rather than forcing it off all of the time 157 * src/prompter.c(_pam_krb5_generic_prompter): when we're letting the 158 library attempt to change expired passwords, set PAM_AUTHTOK to 159 what the user typed in 160 1612009-06-26 162 * src/options.c(option_b): don't leak the list of values 163 1642009-06-26 165 * src/sly.c(_pam_krb5_sly_maybe_refresh): refresh creds in the default 166 ccache location when KRB5CCNAME isn't set in the environment (#507984) 167 1682009-06-26 169 * src/stash.c: derive the stash name from the user some bits of the 170 configuration rather than the principal name which we end up hopefully 171 deriving using the user and those bits of the configuration. 172 * src/options.c: hang on to a copy of the mappings list, in its 173 original form, for use later 174 1752009-06-15 176 * src/v5.c(v5_validate): walk the keytab, looking for a host key, 177 and fall back to just using the first one (#450776) 178 1792009-06-09 180 * src/initopts.c,src/v5.c: compile fixes for krb5 1.7 181 1822009-06-04 183 * src/prompter.c(_pam_krb5_generic_prompter): if the prompt looks 184 like a password prompt, use "Password: " instead 185 1862009-05-27 187 * src/auth.c(pam_sm_authenticate): if we need to be the module that 188 asks for a password, do so before sanity checking things like whether 189 or not the user name is valid (#502602) 190 * src/auth.c(pam_sm_authenticate), 191 src/prompter.c(_pam_krb5_generic_prompter): only allow libkrb5 to 192 ask for a password if we weren't supplied with one and didn't ask for 193 one ourselves 194 1952009-03-04 196 * src/initopts.c(_pam_krb5_set_init_opts_for_pwchange): add, for 197 setting options which are appropriate for obtaining password-changing 198 credentials 199 * src/v5.c: use temporary-for-pwchange opts when we try to get 200 password-changing creds as a way to check that an expired password 201 is correct. 202 * src/password.c: use temporary-for-pwchange opts when we try to get 203 password-changing creds as a way to check that an expired password 204 is correct. 205 2062009-02-11 207 * src/options.c(_pam_krb5_options_init): don't log ticket and 208 renew lifetimes of 0, which we interpret as "let the library use 209 its settings" anyway 210 2112009-02-06 212 * src/kuserok.c(_pam_krb5_kuserok): close the read end of the 213 pipe that's used to gather the child's result (Dan Walsh) 214 * src/storetmp.c(_pam_krb5_storetmp_data): close the write end 215 of the pipe to the child if we encounter an error writing to it 216 (Dan Walsh) 217 2182009-02-05 219 * src/minikafs.c: remove minikafs_realm_of_cell(), which is not 220 used anywhere 221 * src/minikafs.c(minikafs_4log): pass the locally-initialized 222 context to minikafs_realm_of_cell_with_context() rather than the 223 passed-in value, so that minikafs_realm_of_cell_with_context() 224 can skip the init call if we're passed NULL 225 2262008-10-29 227 * src/password.c (pam_sm_chauthtok): if the "use_shmem" option is 228 set, stash the credentials which we obtain after a password change 229 in shared memory as well. Based on patch from and initial report 230 by Michael Calmer. 231 2322008-10-16 233 * src/acct.c,src/auth.c,src/password.c,src/session.c,src/sly.c: be 234 resistant to libpam returning NULL from pam_get_user() even though it 235 results a successful result code (#467208). 236 2372008-10-01 238 * src/perms.c,src/perms.h: add functions for swapping real and 239 effective UID and GID, if they're different 240 * src/v5.c: swap the real and effective UID and GID when reading 241 credentials from an "existing_ticket" ccache 242 2432008-09-03 244 * configure.ac,src/Makefile.am: link pam_krb5.so with libpam unless 245 explicitly disabled at compile-time (#227097,#460998) 246 2472008-09-03 248 * src/options.c (option_b): if the realm name given to us is NULL, 249 don't bother consulting the appdefaults 250 * src/options.c (_pam_krb5_options_init): check for the "debug" flag 251 earlier (Simo Sorce) 252 2532008-08-08 254 * src/Makefile.am: reverse the order of libpam_krb5.la and PAM_LIBS 255 so that people adding things like -Wl,--as-needed -Wl,--no-undefined 256 will be able to (patch from Guillaume Rousse) 257 2582008-04-10 259 * po/Makevars: extract text strings correctly (#441858). 260 * po/POTFILES.in: note that input strings are planned to be UTF-8 261 (#441858). 262 2632008-04-09 264 * src/session.c(pam_sm_open_session): when setting up creds to use 265 for obtaining tokens, don't bother trying to save v4 creds if we 266 don't have any. 267 2682008-03-26 269 * src/auth.c(pam_sm_authenticate): unconditionally set PAM_AUTHTOK 270 when we prompt the user for a password (#437179) 271 2722008-03-20 273 * configure.ac,src/auth.c,src/password.c: use Y_ as a macro 274 for dgettext rather than _, because <openssl/des_old.h> will 275 undefine _, and we end up including it indirectly when building with 276 Heimdal with v4 compatibility enabled. 277 2782008-03-18 279 * src/afs5log.c(main): actually hook up the '-n' flag to the 280 null_afs_first option, so that it does something useful. 281 2822008-03-17 283 * src/auth.c,src/password.c: mark user-visible strings for 284 translation (Michael Calmer). 285 * configure.ac: call macros to set up for gettext (Michael Calmer) 286 * po/POTFILES.in: add (Michael Calmer) 287 * po/Makevars: add 288 2892008-03-10: 290 * NEWS, pam_krb5.spec: update version, note last changes 291 * README: note the new SCM location 292 * src/minikafs.c: remove workaround for NI_MAXHOST not being defined, 293 because it's noise until we need it somewhere. 294 2952008-03-07: 296 * src/password.c: force at least one attempt to authenticate using 297 the KDC, even in the pathological case where there's no previously- 298 entered password and we were told not to ask for one (#400611) 299 * src/options.c,src/minikafs.c,src/afs5log.c: merge Jan Iven's changes 300 to add a "nullafs" option, so that when we're guessing the principal 301 name for an AFS service we'll try the no-instance version first 302 (#249558) 303 * src/minikafs.c: if we're going to guess the realm name because 304 the whereis pioctl failed, guess the far-more-likely-to-be-correct 305 upper cased version of the cell's name than the cell's name. 306 3072008-03-03: 308 * src/options.c: update copyright date for token_strategy stuff. 309 3102008-03-03: 311 * src/noafs.c: fix signature of stub version of minikafs_log(). 312 3132008-02-18: 314 * src/minikafs.c: flesh out some getprop bits, but don't use them 315 because the number of KDC round trips would go _way_ up 316 3172008-02-18: 318 * src/minikafs.c: stub out the routines to use the cache manager's 319 rxk5.enctypes property, if it reports one 320 3212008-02-14: 322 * src/password.c,src/prompter.c: suppress compiler warnings about how 323 we use prompter callback data. 324 3252008-02-14: 326 * src/sly.c: suppress a compiler warning calling tf_init(). 327 3282008-02-14: 329 * src/minikafs.c: rework formatting of tokens to use indirections 330 provided by v5.c instead of poking at creds structures directly 331 3322008-02-14: 333 * src/v5.c,src/v5.h(v5_creds_get_etype): remove the need for the 334 context pointer. 335 * src/v5.c,src/v5.h(v5_creds_key_contents): return const data. 336 * src/v5.c,src/v5.h: add functions for picking out principal name 337 components and addresses and authdata from creds structures. 338 * src/v5.c(v5_principal_compare): rewrite to use these new functions. 339 * src/v5.c(v5_get_creds): correctly log the pkinit identity template. 340 3412008-02-14: 342 * src/tokens.c,src/afs5log.c: only recognize "v4" and "524" strategies 343 if we're building with krb4 support. 344 3452008-02-14: 346 * src/options.c: when we're debug-logging lifetimes, also log a 347 days/hours/minutes/seconds breakdown. 348 3492008-02-07: 350 * README,configure.ac,src/options.c,src/tokens.c,src/afs5log.c, 351 src/afs5log.1.in,src/pam_krb5.5.in: add a "token_strategy" option 352 to pam_krb5, and a matching "-s" option to afs5log. That, in 353 combination being able to specify the best guess at the principal name 354 for a cell, should really let people cut down on what's getting to be 355 a large set of round trips to the KDC. 356 3572008-02-07: 358 * configure.ac: get the sense of --enable-keyutils right, so that we 359 warn when it's not requested, and error when it's requested, instead 360 of the other way around. 361 * src/afs5log.c: reorder the default list of methods, close the ccache 362 properly, and free the temporary homedir string for debugging use. 363 * src/minikafs.c(minikafs_5settoken2): add, to set a v5 cred. 364 * src/minikafs.c(minikafs_5log,minikafs_5log_with_principal): take a 365 flag to signal that we should try rxk5, and use it and the 2b flag to 366 designate which method we want to use (no longer trying more than one 367 during a single invocation). 368 * src/minikafs.c(encode_bytes,encode_ubytes): take const input. 369 * src/minikafs.c(encode_string): add. 370 * src/tokens.c: add rxk5 to the default method lists. 371 3722008-02-07: 373 * src/kuserok.c(_pam_krb5_kuserok): add a function which wraps 374 krb5_kuserok() in a subprocess which can create a new PAG, get tokens, 375 and drop privileges to the user's account, all so that we can attempt 376 to read the user's .k5login if we need to, and without disturbing any 377 AFS creds the calling process might have. 378 * src/auth.c(pam_sm_authenticate),src/acct.c(pam_sm_acct_mgmt): use 379 _pam_krb5_kuserok() instead of trying to get tokens, call 380 krb5_kuserok(), and clear tokens 381 3822008-02-07: 383 * src/minikafs.c: don't barf on compile if NI_MAXHOST isn't defined. 384 3852008-01-29: 386 * src/options.c: log a debug message when we disable prompting 387 on behalf of libkrb5 388 3892007-12-11: 390 * src/auth.c: don't ask for another password when we've already 391 gotten an unknown-user error, since there's no point then (Paul 392 Batkowski, #400611) 393 3942007-12-05: 395 * src/pam_krb5.5.in,src/pam_krb5.8.in: give an example ("no_debug") 396 to make it more clear that you can add exceptions to "true" settings 397 that way. Stress that no_subsequent_prompt may be needed for apps 398 which do the "PAM_PROMPT_ECHO_OFF" means "what's the current 399 password?" dance, which can really screw us up when we can't disable 400 the change-password-during-get_init_creds behavoir. 401 * src/v5.c(v5_alloc_get_init_creds_opt): call the library's struct 402 init function for the we-malloc-it case. 403 * src/initopts.c(_pam_krb5_set_init_opts): disable the library's own 404 change-password-during-get_init_creds behavior, if we're building with 405 one which lets us disable it, so that we can handle it ourselves. 406 4072007-12-04: 408 * src/options.c(option_b): take a service name, and a default enable 409 and disable list. If we have no command-line argument, check for the 410 service's name in the list of values given in the config file, then 411 check for a regular boolean setting in the configuration file, and 412 lastly check our default configuration using the default enable and 413 disable lists. 414 * src/pam_krb5.5.in,src/pam_krb5.8.in: note that boolean options take 415 lists of service names now. 416 4172007-11-09: 418 * src/auth.c: fetch tokens when "tokens" is enabled and we're not 419 configured to use krb4, instead of not doing anything like that 420 * src/auth.c(pam_sm_authenticate): fetch tokens (if we haven't 421 already) before checking the user's .k5login with krb5_kuserok() 422 * src/acct.c(pam_sm_acct_mgmt): fetch tokens before checking the 423 user's .k5login with krb5_kuserok() 424 4252007-11-08: 426 * src/stash.c: if we're about to create a ccache with a name identical 427 to one which we've already created (and haven't since destroyed), try 428 to make the name unique by appending a "_" to it (mainly for keyrings). 429 When creating a temporary FILE: ccache, use mkstemp() to generate the 430 file so that mkstemp patterns don't get used literally. When removing 431 a ccache, treat EKEYREVOKED when resolving the ccache as a successful 432 result. 433 * src/*.c: when printing UIDs and GIDs, case to "unsigned long long" 434 if available. 435 * src/auth.c,src/acct.c,src/session.c: skip "minimum_uid" checks when 436 "no_user_check" was given, in which case we can't know the user's UID. 437 * configure.ac: fix some of the help text. make use of keyutils 438 something we can issue an error for if the library isn't detected, 439 if the user explicitly requests it. 440 * src/stash.c(_pam_krb5_read_keyring): add a level of indirection to 441 avoid a type-safety warning. 442 4432007-11-05: 444 * src/stash.c(_pam_krb5_stash_chown_keyring): add, to make sure that 445 keyrings we create for the user can actually be modified by the user 446 after the session is opened (spotted by Michael Calmer) 447 4482007-10-31: 449 * src/sly.c(_pam_krb5_sly_maybe_refresh): note that we stored creds 450 when we do so for non-FILE ccaches, so that we don't forget to fetch 451 new tokens if we need to do so. 452 4532007-10-26: 454 * src/sly.c(sly_v5): only free the ccache principal name if the call 455 to retrieve it succeeded. 456 * src/sly.c(_pam_krb5_sly_maybe_refresh): debug log when we decide 457 to do things. Don't bother trying to refresh an unset KRB5CCNAME. 458 * src/shmem.c: correctly check the value returned of shmat() in 459 the place where it was being done wrong. 460 * src/v5.c: change internally-used ccaches from FILE: to MEMORY: 461 4622007-10-26: 463 * src/stash.c(_pam_krb5_stash_cc_copy): don't nuke the new ccache 464 on failure iterating it, the parent will for any error. 465 * src/stash.c: obey the ccname_template when we clone for the user, 466 which is the only time it matters anyway. 467 4682007-10-25: 469 * src/harness.c: use the PAM environment when running commands 470 4712007-10-23: 472 * src/log.c: use the AUTHPRIV facility, when defined, else AUTH, 473 else the default. 474 4752007-09-05: 476 * src/v5.c(v5_passwd_error_message): tweak some error text to 477 hopefully make more sense to people (#230438) 478 4792007-08-15: 480 * src/v4.c: if we fail to open the ticket file with TKT_FIL_ACC, 481 debug log the file's permissions and our process's identity 482 4832007-08-02: 484 * src/v4.c: warn when an fchown() fails, and don't try to give away 485 our file; that's for later 486 * src/pam_krb5.5.in,src/pam_krb5.8.in: note that "tokens" is 487 unnecessary if the calling application was written correctly. 488 * src/pam_krb5.8.in: reintroduce a missing line. 489 * COPYING: be more explicit about which BSD license we mean 490 4912007-07-27: 492 * src/v5.c: fix v5_check_initialized_pwc() with Heimdal 493 * src/v4.c: fix compilation for no-krb4-support cases, avoid cloning 494 the tktfile if we were asked not to do that 495 * src/stash.c: don't leak the v4 tktfile name when cleaning up, and 496 fix the check for whether or not we have a saved file 497 4982007-07-25: 499 * src/v4.c: try to clean up the debug message for v5->v4 principal 500 name conversion 501 5022007-07-24: 503 * configure.ac: check for krb5_get_prompt_types, though we don't do 504 anything with it yet. 505 * src/minikafs.c: factor the v5- and v4-specific bits of settoken() 506 out into a single function, and allocate the buffer from the heap 507 rather than dynamically-sizing it based on the function's arguments. 508 5092007-07-20: 510 * src/v5.c: get v5_check_initialized_pwc() working on Heimdal. 511 * src/pam_krb5_storetmp.c: silence a compiler warning comparing the 512 return code from write() with strlen(). 513 * src/password.c: tweak the error message which is logged when 514 password changing fails to avoid "()". Check for the presence of 515 password-changing creds in the update phase, and error out if they 516 aren't found. 517 * src/v5.c: add v5_check_initialized_pwc() to check specifically 518 for password-changing credentials. 519 * src/v4.c,src/v5.c,src/auth.c,src/session.c: distinguish between 520 ccache and ticket files which we create for users and those which 521 we create for our own use (which needn't involve the helper). 522 * src/options.c: let options_l() take a default value. 523 * configure.ac,src/options.c: let the user specify a default 524 "use_shmem" and "external" value at build-time. 525 5262007-07-19: 527 * src/acct.c: return ignore instead of user-unknown for client-revoked 528 errors when ignore_unknown_users has been specified, for consistency 529 5302007-07-19: 531 * src/password.c: report the synthetic PAM result from attempting to 532 get password-changing creds (part of #230439) 533 5342007-07-13: 535 * src/v5.c: treat a "client revoked" error (which is generated by 536 disabling the account, at least on a Windows KDC) as an "unknown 537 principal" error (#230442). 538 5392007-07-13: 540 * src/v5.c: initialize the entire prompter_data structure. 541 * src/v4.c,src/v5.c,src/minikafs.c,src/tokens.c,src/init.c: use the 542 error_message wrapper. 543 * src/auth.c: check for NULL or empty passwords. 544 5452007-07-12: 546 * src/stash.c: switch from saving a path and removing the file to a 547 push/pop interface, allowing multiple ccaches and ticket files to 548 exist at the same time 549 * src/v4.c,src/v5.c: use push/pop to create/remove files 550 * src/tokens.c: use the topmost ccache name 551 * src/session.c: don't skip creating ccache/ticket files when we've 552 already done so 553 5542007-07-10: 555 * src/options.c: be more careful about freeing a couple of list 556 parameters. 557 5582007-07-10: 559 * src/harness.c: add a --run option, so that I can run a command 560 when the session's set up and the credentials are initialized. 561 5622007-06-24: 563 * src/password.c: display the right string. 564 * tests/run-tests: start to adjust for getting-prompts-changes-passwords 565 behavior. 566 * tests/config/kdc.conf.in: place the location of files in the right 567 part of the file 568 5692007-06-24: 570 * src/password.c(pam_sm_chauthtok): always display result_text for 571 the user's sake. Actually check that we opened the pwhelp file, 572 like Luke's original patch did. 573 5742007-06-24: 575 * tests/pwhelp.txt,tests/run-tests: add a test for the pwhelp option. 576 5772007-06-24: 578 * Makefile.am: don't use the gmake $(shell) option; use backticks. 579 5802007-06-24: 581 * src/options.c: add a "pwhelp" option. 582 * src/password.c(pam_sm_chauthtok): display the contents of the 583 pwhelp file before doing anything else when in the preliminary check 584 phase (#230465, Luke Howard). 585 5862007-06-24: 587 * src/prompter.c(_pam_krb5_always_fail_prompter, 588 _pam_krb5_previous_prompter): output the banner and name information 589 if it was given (#230450). 590 5912007-06-24: 592 * src/password.c(pam_sm_chauthtok): when returning, note whether 593 we are here for the preliminary check or the actual update in the 594 debug message (#230444, Luke Howard). 595 5962007-06-24: 597 * src/password.c(pam_sm_chauthtok): set v5_attempted to 1 for 598 correctness (#230446, Luke Howard, Pieter Krul). 599 6002007-06-24: 601 * src/options.c: don't pass in PAM handles when we don't actually use 602 them. 603 6042007-06-24: 605 * src/acct.c(pam_sm_acct_mgmt): return PAM_USER_UNKNOWN in event of 606 a client-revoked error (#230442, Luke Howard, Christian Bolz, Pieter 607 Krul) 608 6092007-06-24: 610 * src/stash.c(_pam_krb5_stash_shm_read_v5): correct an argument size 611 mismatch calling the logging function. 612 6132006-09-21: 614 * src/auth.c(pam_sm_authenticate): try again to clean up the three 615 possible setups (pre-entered password, one for which we prompt directly, 616 libkrb5 asking questions) to minimize the number of calls we make to 617 krb5_get_init_creds_password(). 618 * src/prompter.c(_pam_krb5_prompt_is_password): take the prompter 619 callback data instead of the string. 620 * src/prompter.c(_pam_krb5_*prompter): if we're debugging sensitive 621 data, log both the answer we give and the default provided by libkrb5 622 * src/v5.c(v5_get_creds): guard against potential problems logging a 623 NULL password. 624 * src/acct.c(pam_sm_acct_mgmt): if the previous attempt to authenticate 625 gave us decrypt-integrity-check-failed or preauthentication-failed, 626 assume that there's no pam_acct_mgmt error to report (#207410) 627 6282006-09-20: 629 * src/password.c(pam_sm_chauthtok): set the AUTHTOK and OLDAUTHTOK 630 items properly (report and patch from Michael Calmer). 631 * tests/run-tests: clear any policy we've applied to the user when we 632 delete the user's entry (report and patch from Michael Calmer). 633 6342006-09-13: 635 * src/harness.c: add the ability to preset the AUTHTOK and OLDAUTHTOK 636 items. 637 6382006-09-12: 639 * src/harness.c: add the ability to preset the AUTHTOK and OLDAUTHTOK 640 items. 641 * src/prompter.c(_pam_krb5_always_fail_prompter): add a prompter which 642 always fails and one which always return a previously-input password. 643 * src/options.c,options.h: rework the processing of initial_prompt, 644 add subsequent_prompt 645 6462006-09-08: 647 * src/options.c,options.h: track whether or not we want to let libkrb5 648 ask for information via the callbacks. 649 * src/v5.c(v5_get_creds): give the caller a way to specify which 650 prompter callback we should use. 651 * src/auth.c(pam_sm_authenticate): rework the prompting bits so that 652 it makes more correct use of the initial_prompt/use_first_pass flags 653 and correctly disables use of the callback for arbitrary prompts 654 * configure.ac: provide a --with-os-distribution flag for people who 655 want to replace the "Red Hat Linux" bit in the man pages with the 656 name of a product or OS which still exists 657 * src/pam_krb5.5.in: mention pam_passwdqc.so along with pam_cracklib.so 658 6592006-08-28: 660 * configure.ac: change the preference from <krb5/krb5.h> to <krb5.h>, 661 so that we don't pick up the system <krb5/krb5.h> when we need the 662 <krb5.h> which lives in the directory pointed out by krb5-config 663 6642006-08-28: 665 * src/v5.c(v5_passwd_error_message): add a function to interpret the 666 error codes returned for password-change requests. 667 * src/password.c(pam_sm_chauthtok): log text for server-supplied error 668 code along with the failure information. 669 6702006-07-27: 671 * src/auth.c: include unistd.h to get the declaration of getuid(). 672 6732006-07-26: 674 * src/options.c(option_i): check for strtoll()/long long. 675 * configure.ac: check for strtoll(). 676 * src/v4.c(v4_save): actually set the permissions on the new file to 677 the requested values. Note in the warning why we fail to open a 678 file, which is returned as the result and not in errno. 679 * src/storetmp.c(_pam_krb5_storetmp_data): try to setreu/gid if either 680 the real or effective values don't match the desired value. 681 * src/pam_krb5_storetmp.c(main): only use strtoll() if it's 682 available, otherwise just use strtol(). 683 * src/stash.c(_pam_krb5_stash_clone): go back to overwriting the 684 template, to avoid uncontrolled growth in the filename. 685 * src/session.c(pam_sm_open_session): specify the current real 686 UID and GID when creating temporary v4 credential files. Note the 687 guessed UID and GID of the user in the debug message. 688 * src/auth.c(pam_sm_authenticate): always specify the current real 689 UID and GID when creating temporary v4 credential files. 690 * src/stash.c(_pam_krb5_stash_clone): build the new ccache name by 691 appending the mkstemp template instead of assuming the previous file 692 ended with one 693 * configure.ac: check for "long long" explicitly 694 * src/storetmp.c(_pam_krb5_storetmp_data): use a long long print 695 specifier only if we actually have a "long long" type. Fix incorrect 696 usage of sigaction. 697 6982006-07-25: 699 * src/stash.c(_pam_krb5_stash_external_read): note when we try to 700 pick up external creds, and when we fail to do so. 701 * src/storetmp.c(_pam_krb5_storetmp_data): save and set signal handlers 702 before we fork(). Go back to allowing setuid/setgid to fail, but only 703 after we attempt to drop setuid/setgid status (which gets to fail, too, 704 but renders the helper unuseful). 705 * src/sly.c,src/sly.h(_pam_krb5_sly_looks_unsafe, 706 _pam_krb5_sly_maybe_refresh): move detection of whether or not it 707 looks safe into another function. 708 * src/auth.c(pam_sm_setcred): if it doesn't look safe to refresh 709 credentials, just return PAM_IGNORE (#197428). 710 * src/storetmp.c(_pam_krb5_storetmp_data): save and restore the SIGPIPE 711 handler in case our child exits, drop any setuid/setgid pretense 712 when we're called from a setuid application (#190159, patch by Jon 713 Fautley), bail early if calls to setuid/setgid fail. 714 * configure.ac: look for krb5/krb5.h in preference to krb5.h (new in 715 MIT Kerberos 1.5) 716 * src/stash.c(_pam_krb5_stash_external_read): if the default principal 717 in the ccache doesn't match the userinfo structure, update the 718 userinfo structure, based on patch from Jan Iven (#182239,#197660). 719 * src/v4.c(v4save): always use the name of the v5 principal when saving 720 credentials, especially for the "external" case where it may not be the 721 value we originally guessed (#197660). 722 * src/pam_krb5.5.in: note that the krb4_convert_524 and krb4_use_as_req 723 options don't affect each other. 724 * src/prompter.c(_pam_krb5_prompter): be more careful about other 725 ways which our prompting callback can try to break us (noted by Michael 726 Calmer). 727 7282006-04-21: 729 * src/prompter.c(_pam_krb5_prompter): check for dumb converation 730 functions which return success but set the response to NULL. From 731 Michael Calmer. 732 7332006-02-29: 734 * src/v5.c(v5_get_creds): don't try to validate creds which aren't 735 TGTs, because the attempt will always fail unless the matching key 736 is in the keytab, which should never be the case for the 737 password-changing service (#187303, rbasch) 738 * src/tokens.c(tokens_obtain): if v4 has been disabled completely, 739 go ahead and try to set 2b tokens because we're going to end up having 740 to do that anyway (#182378). If we have a hint principal, note it in 741 debug output. 742 * src/minikafs.c(minikafs_5log_with_principal): if we read a client 743 principal from the ccache, unparse it and include it in debug messages. 744 If we fail to obtain creds from the KDC, note why we failed. 745 7462006-02-23: 747 * src/stash.c(_pam_krb5_stash_get): skip v4 creds setup when v4 isn't 748 enabled. 749 7502006-02-21: 751 * src/v4.c, src/v4.h (v4_save): make ccname a const char *. 752 * src/v5.c, src/v5.h (v5_save): make ccname a const char *. 753 * src/stash.c(_pam_krb5_stash_get): when we pick up v5 creds via either 754 "external" or "use_shmem", do 524 conversion if we need to do so. 755 * src/session.c(pam_sm_open_session): also create a v4 tktfile if 756 KRB5CCNAME was already set. 757 * src/afs5log.c, src/minikafs.c: use init_secure_context when possible. 758 * src/Makefile.am: juggle deps so that linking works again. 759 7602006-02-07: 761 * src/pam_newpag.8.in: edit 762 7632006-02-06: 764 * src/options.c,src/options.h: break down and add an explicit option 765 for disabling v4-via-as-req attempts 766 * src/minikafs.c: don't try to convert creds for use in setting v4 767 tokens when krb4_convert_524 is disabled. 768 * src/v4.c: don't try to get initial creds if krb4_use_as_req is off. 769 * src/pam_krb5.5.in,src/pam_krb5.8.in: document krb4_use_as_req. 770 * src/pam_krb5.5.in,src/pam_krb5.8.in: point out that we turn on v4 771 support if AFS is detected at run-time. 772 * README: document krb4_use_as_req. 773 * TODO: update because 2.2 was tagged a while ago 774 7752006-01-26: 776 * src/minikafs.c: wrap a debug message in an if (debugging) clause. 777 * src/session.c: wrap a pair of debugging messages in an if (debugging) 778 clause (#179037). 779 * configure.ac: if $with_gnu_ld is set, set SYMBOLIC_LINKER_FLAG to 780 the right variation on -Bsymbolic 781 * src/Makefile.am: use the SYMBOLIC_LINKER_FLAG when linking modules 782 7832006-01-16: 784 * src/afs5log.1, src/pagsh.1: fix the bug reporting instructions. 785 7862006-01-16: 787 * src/password.c(pam_sm_chauthtok): fix handling of no-password-given 788 cases. 789 * src/harness.c: work around Linux-PAM actively trying to keep us from 790 doing what we're doing. Adjust command-line parsing to allow both 791 password-change phases to be called out. 792 * tests/run-tests.c: add a password-not-good-enough-at-change-time 793 test case. 794 * src/password.c(pam_sm_chauthtok): cast away a couple of compiler 795 warnings. 796 * src/Makefile.am: tweak dependencies on dummy files for the sake of 797 distcheck. 798 7992006-01-13: 800 * src/log.h,src/log.c,src/logstdio.c: add notice_user() to for spewing 801 an error message at the user. 802 * src/password.c(pam_sm_chauthtok): if we got a result string back from 803 the password-changing server, attempt to display it. 804 8052006-01-11: 806 * src/session.c: no, I did touch that file last year. 807 * src/pam_krb5.5.in: document the "ignore_afs" option. 808 * src/pam_newpag.c: add. 809 * src/pam_newpag.5.in: add. 810 * src/pam_newpag.8.in: add. 811 * src/Makefile.am: add rules for building pam_newpag.so. 812 * configure.ac: generate man pages for pam_newpag. 813 * src/pam_dummy_acct.c: add. 814 * src/pam_dummy_chauthtok.c: add. 815 * src/Makefile.am: add rules for building harness-newpag 816 * src/pagsh.1: add. 817 8182005-12-19: 819 * src/items.c: include <stdio.h> to get the definition of NULL (Jesse 820 Keating). 821 * src/init.c: same bug, different file. 822 8232005-11-21: 824 * src/v5.c(v5_validate): don't leak the keytab file descriptor (patch 825 from Daniel Colascione, #173681). 826 8272005-11-15: 828 * src/afs5log.c: actually check for AFS support first, so that the 829 ioctl-only support case will work properly. 830 8312005-11-07: 832 * src/options.c: allow "validate" to be specified using a list of 833 service names as well. 834 8352005-11-07: 836 * src/pam_krb5.5.in,src/pam_krb5.8.in: add proper quoting for arguments 837 which include whitespace 838 8392005-11-01: 840 * src/stash.c(_pam_krb5_stash_shm_write_v5/4): initialize the segment 841 key and owner in the stash when we write to it, in case the application 842 decides to never call pam_end(), so that we can clean up the segment 843 during session close. 844 8452005-11-01: 846 * src/stash.c,src/stash.h,src/shmem.csrc/shmem.h: log debug messages 847 when we remove segments. 848 8492005-10-31: 850 * src/stash.c,src/stash.h,src/shmem.csrc/shmem.h: track the PID which 851 created the shared memory segment, so that we don't try to remove it 852 twice and accidentally stomp on another process. 853 8542005-10-28: 855 * src/session.c(pam_sm_open_session): dispose of shared memory segments 856 once we've read their contents, in case we won't be able to dispose of 857 them later (patch from Greg Wettstein). 858 * src/shmem.c,src/shmem.h: add a _pam_krb5_shm_remove() function for 859 use by the session functions (patch from Greg Wettstein). 860 * src/stash.c,src/stash.h: add a v5shm/v4shm field to the stash 861 structure to track the ID of the shared memory segment 862 * src/session.c: don't leak the values of $KRB5CCNAME and $KRBTKFILE 863 which we set; libpam makes copies of the values which are passed-in. 864 * src/session.c: unset PAM environment variables by setting "<VAR>", 865 not "<VAR>=", in accordance with the Linux-PAM docs. 866 * src/session.c: unset PAM environment variables which list the shared 867 memory segment identifiers when we destroy the segments. 868 8692005-10-20: 870 * src/shmcat.c: add. 871 * src/Makefile.am: update. 872 8732005-10-19: 874 * src/options.c: initialize options->debug correctly when it's 875 neither explicitly enabled nor disabled (patch from Greg Wettstein). 876 8772005-10-19: 878 * src/acct.c,src/pam_krb5.5.in,src/pam_krb5.8.in: note that the 879 "existing_ticket" option bypasses account management checks, too. 880 8812005-10-18: 882 * src/options.c,src/options.h: parse the "existing_ticket" option 883 (patch from Nathan Huff). 884 * src/pam_krb5.5.in,src/pam_krb5.8.in: update. 885 * src/v5.c: if the "existing_ticket" option is used, attempt to read 886 the TGT cred from the default ccache, and accept that as sufficient 887 for successful authentication (patch from Nathan Huff). 888 * src/auth.c: if the "existing_ticket" option is used, call to get 889 creds before prompting for a password (patch from Nathan Huff). 890 8912005-10-18: 892 * src/acct.c: remove an unused variable to silence a compile warning. 893 * src/harness.c: check the result of fgets(). 894 * src/minikafs.c: comment out minikafs_unpag(), which was static and 895 unused, to silence a compile warning. 896 * src/tokens.c: check for errors from readlink(). 897 8982005-10-13: 899 * configure.ac: clean up logic for setting pkgsecuritydir correctly if 900 a libdir isn't passed to configure (Greg Wettstein). 901 9022005-10-06: 903 * src/afs5log.c: recognize that "--" means "no more options". 904 9052005-10-06: 906 * autogen: use RPM's optflags for CFLAGS, if available. 907 * src/afs5log.c: don't autolog to the local cell if the '-p' flag was 908 given on the command line. 909 * src/minikafs.c,src/pagsh.c: implement an unpag() call, then check 910 and find out that it's the same as unlog(), so comment it out. 911 9122005-10-06: 913 * src/options.c: make "tokens" an option which can also take a list of 914 service names for which it should be enabled. 915 * src/pam_krb5.5.in,src/pam_krb5.8.in: update section for "tokens". 916 * src/pam_krb5.5.in: fix header text for "external" and "use_shmem". 917 9182005-10-05: 919 * configure.ac: prereq the version of autoconf which my development 920 box has, to avoid possible AC_CONFIG_HEADER/AM_CONFIG_HEADER wackiness. 921 * src/pam_krb5_storetmp.8.in: use the actual installation paths. 922 * src/acct.c: list the actual result code in the debug message. 923 9242005-10-05: 925 clean up CVS version tags 926 * README.winbind: clear up a couple of finer points. 927 * src/Makefile.am,src/pam_krb5_storetmp.8.in: add a man page for the 928 temp file helper. 929 * pam_krb5.spec: list bindir and section 1 man page files in the files 930 manifest. 931 9322005-10-05: 933 * src/session.c: suppress duplicate success messages. 934 * src/stash.c: warn on shmem failures. 935 9362005-10-05: 937 * src/shmem.c: always detach from the segment, even in error cases. 938 * src/stash.c: note when we manipulate shared memory when debugging. 939 9402005-10-04: 941 * configure.ac: oh right, enable AFS support on *-sun-* now. 942 9432005-10-04: 944 * src/options.c,src/pam_krb5.5.in,src/pam_krb5.8.in: add 945 "ignore_unknown_upn" as an alias for the "ignore_unknown_principals", 946 to match behavior of patch from Luke Howard. Correct the option 947 parsing code so that it matches the option named in the man pages. 948 * src/acct.c,src/auth.c: Merge most of the rest of Luke's patch for 949 changed behavior when this option is supplied. 950 * configure.ac: set the default keytab path to "FILE:/etc/krb5.keytab", 951 not just "/etc/krb5.keytab". 952 * src/acct.c,src/auth.c,src/conv.c,src/harness.c,src/initopts.c, 953 src/items.c,src/map.c,src/minikafs.c,src/noafs.c,src/options.c, 954 src/password.c,src/prompter.c,src/session.c,src/shmem.c,src/sly.c, 955 src/stash.c,src/tokens.c,src/userinfo.c,src/v4.c,src/v5.c: include 956 <security/pam_appl.h> before every inclusion of <security/pam_modules.h> 957 (patch from Luke Howard). 958 * src/minikafs.c: define __NR_afs_syscall on Solaris, use the standard 959 names for sized integer types (patch from Luke Howard). 960 * src/userinfo.c: prefer __posix_getpwnam_r() to getpwnam_r() on 961 Solaris (patch from Luke Howard). 962 * configure.ac,src/pam_krb5.8.in: list the configured path for the 963 module in the example in the man pages. 964 9652005-10-04: 966 * configure.ac: check for the presence of <sys/ioccom.h> (patch from 967 Luke Howard). 968 * src/minikafs.c: include <sys/ioccom.h>, if present (patch from Luke 969 Howard). 970 9712005-10-04: 972 * src/password.c: save the result of getting new credentials with the 973 newly-set password so that we don't forget to store them in the user's 974 session ccache, and return the more correct PAM_AUTHTOK_RECOVER_ERR 975 instead of PAM_AUTHTOK_ERR if we were called with "use_authtok" and 976 there is no PAM_AUTHTOK item set (patches from Michael Calmer). 977 9782005-10-04: 979 * src/options.c,src/options.h: parse the "krb4_convert_524" option. 980 Accept "don't" and "dont" as prefixes which indicate that a boolean 981 option is disabled. 982 * src/pam_krb5.5.in,src/pam_krb5.8.in: list the "krb4_convert_524" 983 option. Conditionalize portions of the text which are specific to 984 Kerberos IV or AFS. 985 * src/pam_krb5.8.in: fix the synopsis. 986 * src/v4.c: don't attempt to use the 524 service to obtain a v4 TGT 987 if the "krb4_convert_524" option is disabled. 988 9892005-10-04: 990 * configure.ac: only trust 'krb5-config --libs krb4' to provide krb4 991 if '-lkrb4' is in the output -- krb5 1.2.7's krb5-config doesn't exit 992 with an error when built without krb4 support 993 9942005-10-04: 995 * configure.ac: sort out --with-krb4/--without-krb4 logic so that it 996 defaults to use-krb4-if-available. 997 * src/session.c, src/stash.c, src/tokens.c, src/userinfo.c: add missing 998 inclusion of <limits.h> 999 10002005-08-22: 1001 * configure.ac: add maintainer mode. Add definitions so that the 1002 preprocessed man pages will be able to omit portions which pertain to 1003 options not selected at compile-time (i.e., AFS). 1004 * src/afslog.c, src/afslog.h: add (not yet tested) -p flag support. 1005 * noafs.c: update for changed prototype for minikafs_log(). 1006 10072005-08-15: 1008 * src/password.c(pam_sm_chauthtok): save the old password as the 1009 PAM_OLDAUTHTOK item, not the PAM_AUTHTOK item. Apparently libpam 1010 doesn't do anything with these (patch from Michael Calmer). 1011 * src/password.c(pam_sm_chauthtok): double-check that we don't 1012 get NULL as an old or new password (patch from Michael Calmer). 1013 * src/password.c(pam_sm_chauthtok): better match the behavior of 1014 pam_unix and pam_ldap by treating "use_authtok" as an indication 1015 that PAM_AUTHTOK *has* to have been set already, and otherwise 1016 that it's okay to prompt (patch from Michael Calmer). 1017 10182005-07-12: 1019 * src/password.c(pam_sm_chauthtok): check the result_code returned by 1020 krb5_change_password() as well as the return code (patch from Dan Perry) 1021 10222005-06-21: 1023 * src/tokens.c(tokens_obtain): don't skip a cell if it's both the 1024 local/home and in the set of explicitly-specified cells (Jack Neely). 1025 10262005-06-20: 1027 * configure.ac: fix --disable-Werror, --disable-extra-warnings so that 1028 they actually work as expected. 1029 * src/shmem.c, src/stash.c, src/storetmp.c: fix compile warnings. 1030 10312005-06-17: 1032 * src/minikafs.c,src/minikafs.h: add a variant of cell_of_file which 1033 walks up the tree if it fails. 1034 * src/afs5log.c,src/tokens.c: use the new cell_of_file variant instead 1035 of handling the logic locally. 1036 * src/minikafs.c: increase the default size of the address list we 1037 pass to the whereis pioctl, and make its growth exponential instead of 1038 linear if we fail with E2BIG (Jack Neely). 1039 * README: note that we don't re-get tokens if the home directory is in 1040 the local cell 1041 * NEWS: note that SAM support hasn't been tested, and that "external" 1042 isn't limited to use with OpenSSH 1043 10442005-05-18: 1045 * src/afs5log.1: add 1046 * src/Makefile.am: install afs5log and afs5log.1 1047 * src/afs5log.c: debug-log when we're obtaining tokens for the local 1048 or the user's home cell 1049 * src/minikafs.c(realm_of_cell): debug-log IP->hostname conversion 1050 * src/minikafs.c(minikafs_5log): rearrange the order of things so that 1051 we don't always try to determine the realm name ourselves, so that if 1052 a principal was supplied, we actually can be faster. 1053 * src/minikafs.c(minikafs_4log): be careful for cases where we may have 1054 been passed a NULL krb5 context. 1055 10562005-05-09: 1057 * src/minikafs.c(realm_of_cell): debug-log failures in the whereis 1058 pioctl, stop looking at addresses if we hit 0.0.0.0. 1059 * src/minikafs.c(minikafs_5log): if realm_of_cell succeeds, don't 1060 clear the realm name (duh). 1061 10622005-05-09: 1063 * src/minikafs.c: add a wrapper for the ws_cell pioctl. 1064 * src/tokens.c,src/afs5log.c: use ws_cell to find the default cell 1065 instead of guessing by doing a cell_of_file on /afs (#157109) 1066 10672005-04-27: 1068 * src/minikafs.c: also try afs@DEFAULTREALM if the default realm is 1069 not the same as the derived realm (sort of from Christopher Allen Wing). 1070 * src/options.c,src/options.h: track a "ignore_unknown_principals" 1071 boolean flag, with "ignore_unknown_spn" being consulted if it's unset. 1072 Parse cell names which contain a '=' character as if they're of the 1073 form cell_name=principal_name. 1074 * src/minikafs.c,src/minikafs.h: if a principal name was given, try 1075 to get creds for the named service and use them. If that doesn't work, 1076 fall back to previous behavior. 1077 * src/afs5log.c: parse "=" signs in command-line arguments, as options.c 1078 does. 1079 * src/acct.c: return PAM_IGNORE if the error is either 1080 KDC_ERR_C_PRINCIPAL_UNKNOWN or KDC_ERR_NAME_EXP and 1081 ignore_unknown_principals was set, else PAM_USER_UNKNOWN as before. 1082 * src/v5.c: return PAM_IGNORE if the error is either 1083 KDC_ERR_C_PRINCIPAL_UNKNOWN or 5KDC_ERR_NAME_EXP and 1084 ignore_unknown_principals was set, else PAM_USER_UNKNOWN as 1085 before. 1086 * src/minikafs.c: correctly handle E2BIG errors from a WHEREIS pioctl, 1087 bug spotted by Lamont Granquist. Handle multiple IPs coming back, 1088 and try to look up a host name and realm name in turn until we either 1089 succeed or run out of addresses. 1090 * src/minikafs.c: when obtaining tokens, try to get credentials for 1091 afs@defaultrealm if defaultrealm resembles the cell name and doesn't 1092 resemble the derived realm name, which can happen if deriving the 1093 realm name didn't work for whatever reason. 1094 * src/options.c: don't leak the mappings list when freeing options 1095 structures. 1096 * src/pagsh.c: unbreak by not assuming that "-c" as a first option 1097 meant that the user wanted a help message. 1098 * src/pam_krb5.5,src/pam_krb5.8: use \fR instead of \fP for resetting 1099 formatting. 1100 * src/tokens.c: if the default or home cell was explicitly listed in 1101 the configuration, skip initial attempts to get tokens for them, in 1102 case the user specified principal names for the services. 1103 * src/tokens.c: remove tokens_getcells() and tokens_freecells(), which 1104 weren't being used. 1105 11062005-03-14: 1107 * src/options.c: accept "," as a separator for list parameters, so that 1108 we can pass parameters with list values in via argv 1109 11102005-03-14: 1111 * src/noafs.c: add. 1112 * configure.ac: fix the keytab result message. Add a --without-afs 1113 flag. 1114 11152005-03-04: 1116 * configure.ac: bail if security/pam_appl.h or security/pam_modules.h 1117 aren't found. 1118 11192005-03-04: 1120 * src/v4.h: restore the prototypes to avoid warnings, typedef the one 1121 krb4 struct we pass around to avoid an error. 1122 11232005-03-04: 1124 * configure.ac: remove -Wno-unused-parameters from the set of extra 1125 warning flags. Add a newline after inclusion of <krb5.h> when we're 1126 testing for structures defined in the krb5 API. 1127 * src/sly.c: compile in a dummy sly_v4() if USE_KRB4 isn't defined 1128 * src/v4.h: don't provide prototypes if USE_KRB4 isn't defined. 1129 11302005-02-28: 1131 * configure.in: demote -Wextra and friends --enable-extra-warnings 1132 status. 1133 11342005-02-28: 1135 * src/minikafs.c: fix compilation against releases which didn't define 1136 KRB_TICKET_GRANTING_TICKET. 1137 * src/pagsh.c: add missing <stdio.h> inclusion. 1138 * src/minikafs.c: handle cases where krb_life_to_time() isn't available. 1139 * src/pagsh.c: add a --help flag, by assuming that the command will 1140 never start with "-". 1141 11422005-02-24 nalin 1143 * src/logstdio.c: add a log_progname global to adjust log messages. 1144 * src/afs5log.c,src/harness.c: set log_progname at startup. 1145 * src/prompter.c: suppress prompts for the previously-entered password. 1146 * src/userinfo.c: clean up some valgrind-caught weirdness. 1147 * src/harness.c: use getpass() instead of fgets() for 1148 PAM_PROMPT_ECHO_OFF prompts. Kids, don't try that at home. 1149 * src/sly.c: only refresh the default krb5 ccache if its principal is 1150 the one we've authenticated. 1151 * src/tokens.c: log a debug message if we create a new PAG. When 1152 determining the user's home cell, if the user's home directory is a 1153 symlink, chase it. 11542005-02-24 nalin 1155 * configure.ac: add a --enable-default-keytab-location flag. 1156 * src/options.c,src/pam_krb5.5.in,src/pam_krb5.8.in: obey it. 1157 * README: document that it can be overridden. (Don't want to change 1158 this to README.in to actually reflect that override value.) 1159 * src/v4.c(v4_get_creds): error out if password is NULL or zero-length. 1160 * src/v5.c(v5_get_creds): provide the prompter callback to libkrb5. 1161 * src/options.c: add an "initial_prompt"/"no_initial_prompt" option 1162 which suppresses the initial password prompt. It's useless for 1163 providing a PAM_AUTHTOK to subsequent modules, but is useful now that 1164 we're providing a prompter callback to libkrb5. 1165 * src/auth.c: handle no_initial_prompt cases. Get AFS tokens if the 1166 saved password turned out to be correct. 1167 * src/log.c: fix a few memory leaks. 1168 * src/harness.c: add, to make debugging easier. 11692005-02-23 nalin 1170 * src/init.c: don't call initialize_krb5_error_table; this currently 1171 leads to a crash due to libkrb5 from MIT's 1.4 release making an 1172 invalid assumption about e2fsprogs 1.36's libcom_err (SF #1150146) 11732005-02-14 nalin 1174 * src/stash.c,src/stash.h: add a field to the stash structure for 1175 keeping of whether or not we set the KRB5CCNAME/KRBTKFILE environment 1176 variables 1177 * src/session.c: clear KRB5CCNAME/KRBTKFILE if we're removing the 1178 files *and* we set the variables. Treat zero-length values as we 1179 treate NULL values for those variables. 11802005-02-08 nalin 1181 * src/afs5log.c: properly screen out "dynroot" as a cell name, walk up 1182 from the user's home directory if we can't determine in which cell it 1183 is that it resides 1184 11852005-02-08 nalin 1186 * src/acct.c: treat a KRB5KDC_ERR_PREAUTH_FAILED error as if it were 1187 a KRB5KRB_AP_ERR_BAD_INTEGRITY error. 1188 * README,src/pam_krb5.5.in,src/pam_krb5.8.in: doc updates. 1189 11902005-02-08 nalin 1191 * src/userinfo.c,src/userinfo.h: look up and make note of the user's 1192 home directory. 1193 * src/tokens.c(tokens_obtain): attempt to determine the cell in which 1194 the user's home directory resides, and default to obtaining tokens for 1195 that cell as well, unless it's the same as the default cell. Skip 1196 cells given to the afs_cells option if they are the same as either the 1197 local cell or the user's home cell. 1198 * src/options.c: handle "external" like we handle "use_shmem". 1199 * src/stash.c: read a krbtgt key from $KRB5CCNAME if "external" was 1200 set. Try to reuse the passed-in krb5_context, if possible. 1201 * src/session.c: don't create new ccache or ticket files if KRB5CCNAME 1202 or KRBTKFILE are already set in the PAM environment, respectively. 1203 12042005-02-07 nalin 1205 * src/minikafs.c(minikafs_5log): initialize use_ccache as a handle for 1206 the default cred cache, not ccache, when ccache is NULL. 1207 * src/options.c(option_t): add, for parsing a value as a krb5_deltat if 1208 it can't be parsed as a normal integer. 1209 * src/options.h: change normal and renewable lifetimes to krb5_deltat 1210 * src/options.c(_pam_krb5_options_init): parse lifetimes using option_t 1211 instead of option_i. 1212 * src/*.c: random signed/unsigned warning corrections. 1213 12142004-09-13 nalin 1215 * src/tokens.c: skip getting tokens for the cell of /afs if that cell 1216 is "dynroot", which is what OpenAFS's dynamic-root support gives us. 1217 * src/auth.c: run the krb5_kuserok() check in the authentication phase 1218 as well (Douglas E. Engert). 1219 12202004-09-02 nalin 1221 * src/minikafs.c: add copyright statement because the ioctl patch is 1222 too much like heimdal's implementation. 1223 12242004-08-31 nalin 1225 * src/shmem.c,src/shmem.h: add, several functions for handling shared 1226 memory. 1227 * src/auth.c:(pam_sm_authenticate): log the realm as well. store 1228 credentials to shared memory on success if the "use_shmem" flag was 1229 given, or if "use_shmem=" lists the current service, or is true. 1230 * src/stash.c:(_pam_krb5_stash_shm_read,_pam_krb5_stash_shm_write): add. 1231 * src/storetmp.c(_pam_krb5_read_with_retry): make non-static. 1232 * src/storetmp.c(_pam_krb5_storetmp_file): add a hook for storing a copy 1233 of the file contents in a blob of memory. 1234 12352004-08-31 nalin 1236 * src/password.c(pam_sm_chauthtok): during the preliminary check phase, 1237 read the current password as the PAM_OLDAUTHTOK item, not PAM_AUTHTOK 1238 (Ludek Finstrle, #131246) 1239 12402004-08-27 nalin 1241 * src/userinfo.c(_pam_krb5_user_info_init): override the realm name to 1242 be the one which was passed in (Carlos A. Villegas, #116198). 1243 12442004-08-27 nalin 1245 * src/minikafs.c: handle cases where the length of the realm name > 1246 length of the cell name. 1247 12482004-08-27 nalin 1249 * src/options.c(_pam_krb5_options_init): set the default realm for 1250 ctx (#116198). 1251 12522004-08-26 nalin 1253 * src/options.h,options.c: add an ignore_afs flag to the options 1254 structure, heavily based on Matthew Miller's patch (#126345). 1255 * auth.c, session.c, sly.c: obey ignore_afs. 1256 12572004-08-26 nalin 1258 * src/acct.c(pam_sm_acct_mgmt): skip .k5login check of user_check was 1259 disabled -- it's not as if we can expect an unknown user to have a home 1260 directory. 1261 12622004-08-26 nalin 1263 * src/conv.c(_pam_krb5_conv_call): return PAM_BAD_ITEM instead of 1264 PAM_CONV_ERR if the application didn't define a conversation function. 1265 12662004-08-26 nalin 1267 * src/minikafs.c(minikafs_ioctlcall): add, from Alexander Boström 1268 (#127529). 1269 * src/minikafs.c(minikafs_call): add, calling afs_ioctlcall or 1270 afs_syscall as appropriate, from Alexander Boström (#127529). The 1271 setpag and pioctl functions now call this function instead of our 1272 afs_syscall. 1273 * src/minikafs.c(minikafs_has_afs): check for ioctl-based interface to 1274 Arla or OpenAFS for Linux 2.6, from Alexander Boström (#127529). 1275 12762004-08-26 nalin 1277 * src/password.c(pam_sm_chauthtok): prompt for the user's current 1278 password when use_first_pass isn't flagged, ignoring use_authtok 1279 during the initial-authentication pass (#130950). 1280 12812004-06-14 nalin 1282 * src/session.c(pam_sm_open_session,pam_sm_close_session): log what 1283 we return, and why, if debugging is enabled. 1284 12852004-06-14 nalin 1286 * src/acct.c(pam_sm_acct_mgmt): likewise, catch and log specific error 1287 information for EAGAIN, KRB5_REALM_CANT_RESOLVE, and KRB5_KDC_UNREACH 1288 errors. 1289 12902004-06-14 nalin 1291 * src/v5.c(v5_get_creds): return PAM_AUTHINFO_UNAVAIL if we got EAGAIN, 1292 which is triggered by a transient hostname resolution error (John 1293 Dennis). Also do this for KRB5_REALM_CANT_RESOLVE and KRB5_KDC_UNREACH 1294 error cases. 1295 12962004-04-21 nalin 1297 * Makefile.am: make configure depend on pam_krb5.spec. 1298 * autogen: run with --enable-maintainer-mode so that the dependency 1299 gets honored when autogen is used. 1300 * pam_krb5.spec: bump version. 1301 13022004-04-21 nalin 1303 * src/minikafs.c: print debug messages when doing realmofcell stuff. 1304 13052004-04-21 nalin 1306 * configure.ac: perform all checks for Kerberos functions with all of 1307 the libraries we've found. 1308 13092004-04-21 nalin 1310 * configure.ac: escape sed expressions correctly so that LDFLAGS doesn't 1311 include -l flags for Kerberos, skip all krb4 checks if --without-krb4 1312 is passed in. 1313 * src/Makefile.am: add KRB5_LIBS and KRB4_LIBS as needed. 1314 * src/minikafs.c: use krb524_convert_creds_kdc if krb5_524_convert_creds 1315 isn't available. Force v5 mode on if USE_KRB4 is not defined. 1316 13172004-04-21 nalin 1318 * configure.ac: search for PAM libraries separately 1319 * src/Makefile.am: use a convenience library to compile code only once 1320 * src/afs5log.c: supply a non-bogus ccache and options argument to 1321 minikafs, provide local logging functions which use stdio. 1322 13232004-04-15 nalin 1324 * configure.ac: default krb5-config and krb4-config to ':', add non 1325 library arguments output by --libs to LIBS 1326 * src/minikafs.c: add missing <stdio.h> include. 1327 * src/stash.c: fix compile for non-USE_KRB4 case. 1328 * src/v4.c: fix compile for non-USE_KRB4 case. 1329 * src/v5.c(v5_cc_retrieve_match): add. 1330 * src/v5.c(v5_creds_key_length): add. 1331 * src/v5.c(v5_creds_key_contents): add. 1332 13332004-03-23 nalin 1334 * configure.ac: remove kafs/krbafs checks. 1335 * src/Makefile.am: add EXTRA_PROGRAMS target for afs5log. 1336 * src/afs5log.c: add a test program for exercising minikafs. 1337 * src/minikafs.c, src/minikafs.h: add a less-portable but more-flexible 1338 krbafs implementation. 1339 * src/options.c(_pam_krb5_options_init): distinguish between v4 for 1340 general use and v4 because we're using AFS. 1341 13422004-03-16 nalin 1343 * src/pam_krb5_storetmp.c: remove the file if it's not a valid mkstemp 1344 pattern, even if we were passed a UID/GID. 1345 13462004-03-16 nalin 1347 * src/storetmp.c: drop privileges before we exec the helper. 1348 13492004-03-16 nalin 1350 * src/pam_krb5_storetmp.c: only attempt to change to the required 1351 UID/GID if we are not already running with that UID/GID, and only 1352 attempt to clear the supplemental groups list if uid == 0 (we're root). 1353 13542004-03-16 nalin 1355 * src/session.c: remove explict calls to chown(), which would be denied 1356 by SELinux in enforcing mode, instead expecting the helper to handle it 1357 all. 1358 * src/v5.c: remove explict calls to chown(), which would be denied by 1359 SELinux in enforcing mode, instead expecting the helper to handle it 1360 all. 1361 * src/v4.c: remove explict calls to chown(), which would be denied by 1362 SELinux in enforcing mode, instead expecting the helper to handle it 1363 all. 1364 * src/storetmp.c: pass the user's uid and gid to the helper, it already 1365 knows what to do. 1366 * src/tokens.c(tokens_useful): add. 1367 * src/session.c: when opening a session, create temporary tickets for 1368 grabbing tokens with the current permissions so that libkrb4 doesn't 1369 reject them, then clean them up, then create those for the user. 1370 13712004-03-10 nalin 1372 * src/pam_krb5_storetmp.c: if the filename pattern supplied is not a 1373 valid pattern (does not end with XXXXXX), delete the file instead, 1374 reporting success in the same way. 1375 * src/session.c(pam_sm_close_session): note ticket file deletions when 1376 debugging. 1377 * src/storetmp.c(_pam_krb5_storetmp_delete): add, to invoke the helper 1378 for removal of a file. 1379 * src/stash.c(_pam_krb5_stash_clean): add, to attempt to remove a file 1380 using the helper, falling back to unlink() if the helper fails. 1381 * src/v4.c(v4_destroy): use _pam_krb5_stash_clean instead of unlink() 1382 to remove ticket files. 1383 * src/v5.c(v5_destroy): use _pam_krb5_stash_clean instead of unlink() 1384 to remove ccache files. 1385 13862004-02-27 nalin 1387 * src/session.c(pam_sm_open_session): only set variables if the ticket 1388 files have non-zero-length filenames. 1389 13902004-02-27 nalin 1391 * src/storetmp.c(_pam_krb5_storetmp_data): open /dev/null three times to 1392 ensure that pipe() won't give us any stdio descriptors. Reintroduce the 1393 call to execl() which got dropped earlier. 1394 13952004-02-27 nalin 1396 * src/pam_krb5_storetmp.c: add this helper, which creates a file using 1397 mkstemp, filling it with supplied data. 1398 * src/storetmp.c: add routines for using pam_krb5_storetmp to create 1399 copies of session-specific ticket files after crossing an exec(), so 1400 that a new SELinux context can apply to the new file. 1401 * everything: update copyright statements to include this year. 1402 * src/stash.c(_pam_krb5_stash_clone_v5): add, to call 1403 _pam_krb5_storetmp_file to copy the ccache. 1404 * src/v5.c(v5_save): clone the ticket file after creating it. 1405 * src/stash.c(_pam_krb5_stash_clone_v4): add, to call 1406 _pam_krb5_storetmp_file to copy the ccache. 1407 * src/v4.c(v4_save): clone the ticket file after creating it. 1408 14092004-01-07 nalin 1410 * src/stash.h: always have a v4present field in the structure. 1411 * src/v4.h: don't try 524 conversion if we don't have krb4 -- we 1412 wouldn't be able to do anything with the results. Noted by Jörg 1413 Albert. 1414 14152004-01-07 nalin 1416 * src/v4.c(v4_save): make the stub v4_save function match the 1417 non-stub's prototype. Noted by Jörg Albert. 1418 * src/v4.c(v4_destroy): don't return a value from this function, which 1419 returns void. Noted by Jörg Albert. 1420 14212003-11-25 nalin 1422 * README: updates 1423 14242003-11-20 nalin 1425 * src/userinfo.c, src/userinfo.h: when setting things up for a user, 1426 obey "mappings" settings. Because we can't be certain that the 1427 generated principal will pass through aname_to_lname correctly, don't 1428 do that any more. 1429 14302003-11-20 nalin 1431 * src/initopts.c(_pam_krb5_set_init_opts): set the ticket lifetime, 1432 if configured, as an initopt. This change lets us fix #109331. 1433 14342003-11-20 nalin 1435 * src/options.c, src/options.h: add code for parsing a "mappings" 1436 setting. Reintroduce ticket_lifetime, which I mistakenly thought was 1437 a libdefault setting now. 1438 14392003-11-20 nalin 1440 * src/map.c, src/map.h: add mapping functions which mimic OpenLDAP's 1441 saslRegexp functionality for mapping local user names to principal 1442 names. 1443 14442003-11-20 nalin 1445 * src/init.c: instead of forcing the realm when parsing principals, 1446 make realm= set the default realm. 1447 14482003-11-19 nalin 1449 * src/v5.c(v5_get_creds): use the realm from the unparsed version of 1450 the principal name when constructing service principals. 1451 14522003-09-22 nalin 1453 * src/session.c: actually return where we were supposed to return. 1454 14552003-09-19 nalin 1456 * src/session.c: if v5attempted is 0 or v5result is not 0, don't 1457 mess with tokens or credentials. This allows apps which change their 1458 UIDs to keep tokens unless they obtained some of their own. 1459 * src/auth.c: before attempting authentication, reset v5attempted so 1460 that we don't count a previous authentication failure as a failure 1461 forever. 1462 * src/acct.c: if v5attempted is not set in the user's stash, attempt 1463 to get initial credentials for the user. If the password check fails, 1464 assume the user name is valid. 1465 14662003-09-05 nalin 1467 * src/stash.h: add a v5attempted field to track whether or not we've 1468 attempted to get v5 creds for this user. add an afspag field to track 1469 whether or not we've created an afs PAG. 1470 * src/stash.c: initialize v5attempted and other fields, even if it's 1471 redundant after using memset to clear the whole structure. 1472 * src/auth.c: set v5attempted in the user's stash immediately after 1473 all calls to v5_get_creds. 1474 * src/acct.c: if v5attempted is not set in the user's stash, just 1475 return PAM_IGNORE. 1476 * src/tokens.c: only delete tokens on session close if we created a 1477 pag, lest we lose tokens when reverting back in su. Only warn about 1478 errors getting tokens if v5attempted was set (else these become debug 1479 messages). 1480 * src/pam_krb5.8.in: note the behavior of the module in acct stacks. 1481 14822003-09-05 nalin 1483 * configure.ac: check for krb_time_to_life. 1484 * src/v4.c: use krb_time_to_life to convert lifetimes from seconds to 1485 bytes, not krb_life_to_time, which does the opposite. 1486 14872003-08-14 nalin 1488 * configure.ac: check for __posix_getpwnam_r. 1489 * src/userinfo.c(get_pw): use __posix_getpwnam_r if it is available and 1490 getpwnam_r isn't available 1491 14922003-08-14 nalin 1493 * src/session.c(pam_close_session), src/sly.c: return PAM_USER_UNKNOWN 1494 instead of PAM_SERVICE_ERR if we fail to get information about the user. 1495 14962003-08-14 nalin 1497 * src/auth.c(pam_sm_authenticate): log the PAM error code we're 1498 returning if we're returning a failure after all attempts have been 1499 made. Save the password entered by the user in the normal we-prompted 1500 case. 1501 * pam_krb5.spec: bump version to 2.0.1 1502 15032003-08-14 nalin 1504 * src/auth.c, src/acct.c, src/session.c(pam_open_session), 1505 src/password.c: return PAM_USER_UNKNOWN instead of PAM_SERVICE_ERR if 1506 we fail to get information about the user. 1507 15082003-08-14 nalin 1509 * tests/run-tests: leave some time between expiring of passwords and 1510 attempts to check if they've truly been expired, in case the server 1511 implementation considers expiration time to be the end of the second 1512 instead of the start 1513 15142003-08-13 nalin 1515 * src/xstr.c, src/xstr.h: add xstrfree(). 1516 * src/auth.c, src/options.c, src/password.c, src/prompter.c, 1517 src/stash.c, src/userinfo.c, src/v4.c, src/v5.c: use xstrfree() to 1518 free strings. 1519 1520Thu Aug 7 2003 nalin 1521- Major overhaul and refactoring of everything. 1522 1523Thu Jan 30 2003 Nalin Dahyabhai <nalin@redhat.com> 1524- Fix uninitialized pointer crash when we fail to retrieve cached return values. 1525 1526Wed Jan 29 2003 Nalin Dahyabhai <nalin@redhat.com> 1527- Fix accidental double-free because libpam doesn't appear to make copies of 1528 the names for data items. 1529 1530Fri Aug 23 2002 Nalin Dahyabhai <nalin@redhat.com> 1531- Update docs on the location of the anoncvs tree. 1532- Add warnings to the list of options we invoke $(CC) with. 1533- Use per-user stash and stored return value names. 1534 1535Wed Aug 7 2002 Nalin Dahyabhai <nalin@redhat.com> 1536- Treat PAM_REFRESH_CRED like PAM_REINITIALIZE_CRED. From Jason Heiss. 1537 1538Fri May 24 2002 Nalin Dahyabhai <nalin@redhat.com> 1539- Fix a parser bug, pointed out by Balazs GAL. 1540 1541Wed May 22 2002 Nalin Dahyabhai <nalin@redhat.com> 1542- Guess that the current cell name is the same as the realm name, lower-cased. 1543 1544Fri Feb 15 2002 Nalin Dahyabhai <nalin@redhat.com> 1545- Update docs to give info about the account management function. 1546 1547Mon Feb 11 2002 Nalin Dahyabhai <nalin@redhat.com> 1548- Add account management, which checks for key expiration and .k5login files. 1549 1550Tue Sep 25 2001 Nalin Dahyabhai <nalin@redhat.com> 1551- Fix parsing of options which have multiple whitespace-separated values, 1552 like afs_cells. 1553 1554Wed Sep 5 2001 Nalin Dahyabhai <nalin@redhat.com> 1555- Link with libresolv to get res_search, tip from Justin McNutt, who 1556 built it statically. 1557- Explicitly link with libdes425. 1558- Handle cases where getpwnam_r fails but still sets the result pointer. 1559- If use_authtok is given and there is no authtok, error out. 1560 1561Mon Aug 27 2001 Nalin Dahyabhai <nalin@redhat.com> 1562- Set the default realm when a default realm is specified. 1563 1564Thu Aug 23 2001 Nalin Dahyabhai <nalin@redhat.com> 1565- Only use Kerberos error codes when there is no PAM error yet. 1566 1567Wed Aug 22 2001 Nalin Dahyabhai <nalin@redhat.com> 1568- Add minimum UID support. (#52358) 1569- Don't link pam_krb5 with libkrbafs; that dependency should only exist for 1570 pam_krb5afs. 1571 1572Wed Aug 22 2001 Nalin Dahyabhai <nalin@redhat.com> 1573- Add minimum UID support (suggested by Matthew Miller). 1574- Don't link pam_krb5 with libkrbafs. 1575- Make all options in krb5.conf available as PAM config options. This should 1576 make things more interesting. 1577 1578Tue Jul 31 2001 Nalin Dahyabhai <nalin@redhat.com> 1579- Merge patch from Chris Chiappa for building with Heimdal. 1580 1581Mon Jul 24 2001 Nalin Dahyabhai <nalin@redhat.com> 1582- Note that we had to prepend the current directory to a given path in 1583 dlopen.c when we had to (noted by Onime Clement). 1584 1585Tue Jul 17 2001 Nalin Dahyabhai <nalin@redhat.com> 1586- Return PAM_NEW_AUTHTOK_REQD when attempts to get initial credentials 1587 fail with KRB5KDC_ERR_KEY_EXP (noted by Onime Clement). 1588 1589Thu Jul 12 2001 Nalin Dahyabhai <nalin@redhat.com> 1590- Add info about accessing the CVS repository to the README. 1591- Parser cleanups (thanks to Dane Skow for a more complicated sample). 1592 1593Fri Jul 6 2001 Nalin Dahyabhai <nalin@redhat.com> 1594- Don't set forwardable and assorted other flags when getting password- 1595 changing service ticket (noted, and fix supplied, by Onime Clement). 1596- Try __posix_getpwnam_r on Solaris before we try getpwnam_r, which may 1597 or may not be expecting the same number/type of arguments (noted by 1598 Onime Clement). 1599- Use krb5_aname_to_localname to convert the principal to a login name 1600 and set PAM_USER to the result when authenticating. 1601- Some autoconf fixes for failure cases. 1602 1603Wed Jun 26 2001 Nalin Dahyabhai <nalin@redhat.com> 1604- Use krb5_change_password() to change passwords. 1605 1606Tue Jun 12 2001 Nalin Dahyabhai <nalin@redhat.com> 1607- Use getpwnam_r instead of getpwnam when available. 1608 1609Fri Jun 8 2001 Nalin Dahyabhai <nalin@redhat.com> 1610- Cleanup some autoconf checks. 1611 1612Thu Jun 7 2001 Nalin Dahyabhai <nalin@redhat.com> 1613- Don't call initialize_krb5_error_table() or initialize_ovk_error_table() 1614 if they're not found at compile-time (reported for RHL 6.x by Chris Riley). 1615 1616Thu May 31 2001 Nalin Dahyabhai <nalin@redhat.com> 1617- Note that [pam] is still checked in addition to [appdefaults]. 1618- Note that AFS and Kerberos IV support requires working Kerberos IV 1619 configuration files (i.e., kinit -4 needs to work) (doc changes 1620 suggested by Martin Schulz). 1621 1622Tue May 29 2001 Nalin Dahyabhai <nalin@redhat.com> 1623- Add max_timeout, timeout_shift, initial_timeout, and addressless options 1624 (patches from Simon Wilkinson). 1625- Fix the README to document the [appdefaults] section instead of [pam]. 1626- Change example host and cell names in the README to use example domains. 1627 1628Wed May 2 2001 Nalin Dahyabhai <nalin@redhat.com> 1629- Don't delete tokens unless we're also removing ticket files (report and 1630 patch from Sean Dilda). 1631- Report initialization errors better. 1632 1633Thu Apr 26 2001 Nalin Dahyabhai <nalin@redhat.com> 1634- Treat semicolons as a comment character, like hash marks (bug reported by 1635 Greg Francis at Gonzaga University). 1636- Use the [:blank:] equivalence class to simplify the configuration file parser. 1637- Don't mess with the real environment. 1638- Implement mostly-complete aging support. 1639 1640Sat Apr 7 2001 Nalin Dahyabhai <nalin@redhat.com> 1641- Tweak the man page (can't use italics and bold simultaneously). 1642 1643Fri Apr 6 2001 Nalin Dahyabhai <nalin@redhat.com> 1644- Restore the default TGS value (#35015). 1645 1646Wed Mar 28 2001 Nalin Dahyabhai <nalin@redhat.com> 1647- Fix a debug message. 1648- Fix uninitialized pointer error. 1649 1650Mon Mar 26 2001 Nalin Dahyabhai <nalin@redhat.com> 1651- Don't fail to fixup the krb5 ccache if something goes wrong obtaining 1652 v4 credentials or creating a krb4 ticket file (#33262). 1653 1654Thu Mar 22 2001 Nalin Dahyabhai <nalin@redhat.com> 1655- Fixup the man page. 1656- Log return code from k_setpag() when debugging. 1657- Create credentials and get tokens when setcred is called for REINITIALIZE. 1658 1659Wed Mar 21 2001 Nalin Dahyabhai <nalin@redhat.com> 1660- Don't twiddle ownerships until after we get AFS tokens. 1661- Use the current time instead of the issue time when storing v4 creds, since 1662 we don't know the issuing host's byte order. 1663- Depend on a PAM development header again instead of pam-devel. 1664 1665Tue Mar 20 2001 Nalin Dahyabhai <nalin@redhat.com> 1666- Add a separate config file parser for compatibility with settings that 1667 predate the appdefault API. 1668- Use a version script under Linux to avoid polluting the global namespace. 1669- Don't have a default for afs_cells. 1670- Need to close the file when we succeed in fixing permissions (noted by 1671 jlkatz@eos.ncsu.edu). 1672 1673Mon Mar 19 2001 Nalin Dahyabhai <nalin@redhat.com> 1674- Use the appdefault API to read krb5.conf if available. 1675- Create v4 tickets in such a way as to allow 1.2.2 to not think there's 1676 something fishy going on. 1677 1678Tue Feb 13 2001 Nalin Dahyabhai <nalin@redhat.com> 1679- Don't log unknown user names to syslog -- they might be sensitive information. 1680 1681Fri Feb 9 2001 Nalin Dahyabhai <nalin@redhat.com> 1682- Handle cases where krb5_init_context() fails. 1683 1684Wed Jan 17 2001 Nalin Dahyabhai <nalin@redhat.com> 1685- Be more careful around memory allocation (fixes from David J. MacKenzie). 1686 1687Mon Jan 15 2001 Nalin Dahyabhai <nalin@redhat.com> 1688- No fair trying to make me authenticate '(null)'! 1689 1690Wed Nov 7 2000 Nalin Dahyabhai <nalin@redhat.com> 1691- Only try to delete ccache files once. 1692- Ignore extra data in v4 TGTs, but do log it. 1693- Require "validate" to be true to try validating, and fail if validation fails. 1694 1695Thu Aug 10 2000 Nalin Dahyabhai <nalin@redhat.com> 1696- Fix handing of null passwords. 1697 1698Wed Jul 5 2000 Nalin Dahyabhai <nalin@redhat.com> 1699- Integrate some fixes for Solaris 7 from Trevor Schroeder (flock.c is 1700 entirely his). 1701 1702Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com> 1703- Integrate Seth Vidal's "no_user_check" argument, so that non-privileged 1704 users (i.e., secure web servers) can also do checks. 1705 1706Wed May 17 2000 Nalin Dahyabhai <nalin@redhat.com> 1707- Make errors chown()ing ccache files non-fatal if (getuid() != 0), suggested 1708 by Steve Langasek. 1709 1710Mon May 15 2000 Nalin Dahyabhai <nalin@redhat.com> 1711- Attempt to get initial Kerberos IV credentials when we get Kerberos 5 creds 1712 1713Thu Apr 20 2000 Nalin Dahyabhai <nalin@redhat.com> 1714- Chris Chiappa's modifications for customizing the ccache directory 1715 1716Wed Apr 19 2000 Nalin Dahyabhai <nalin@redhat.com> 1717- Mark Dawson's fix for krb4_convert not being forced on when afs_cells defined 1718 1719Thu March 23 2000 Nalin Dahyabhai <nalin@redhat.com> 1720- fix problem with leftover ticket files after multiple setcred() calls 1721 1722Mon March 20 2000 Nalin Dahyabhai <nalin@redhat.com> 1723- add proper copyright statements 1724- save password for modules later in the stack 1725 1726Fri March 03 2000 Nalin Dahyabhai <nalin@redhat.com> 1727- clean up prompter 1728 1729Thu March 02 2000 Nalin Dahyabhai <nalin@redhat.com> 1730- add krbafs as a requirement 1731 1732Fri February 04 2000 Nalin Dahyabhai <nalin@redhat.com> 1733- pick up non-afs PAM config files again 1734 1735Wed February 02 2000 Nalin Dahyabhai <nalin@redhat.com> 1736- autoconf and putenv() fixes for broken apps 1737- fix for compressed man pages 1738 1739Fri January 14 2000 Nalin Dahyabhai <nalin@redhat.com> 1740- fix stupid bug in password-changing 1741- add check that user exists in Kerberos before prompting to make password- 1742 changing sane for mixed environments 1743 1744Thu January 6 2000 Nalin Dahyabhai <nalin@redhat.com> 1745- merge in spelling and other fixes from Michael K. Johnson 1746- modify to build both normal and AFS-aware version if krbafs.h is found 1747 1748Fri December 31 1999 Nalin Dahyabhai <nalin@redhat.com> 1749- change to using ticket files created with mkstemp() 1750 1751Tue December 28 1999 Nalin Dahyabhai <nalin@redhat.com> 1752- make setcred() return the same code as authenticate() to make sure that libpam 1753 walks the auth stack the same way for both functions 1754 1755Wed December 22 1999 Nalin Dahyabhai <nalin@redhat.com> 1756- add man pages that don't mention AFS at all 1757 1758Tue November 30 1999 Nalin Dahyabhai <nalin.dahyabhai@pobox.com> 1759- add linking with libcrypt, remove linking with libpam 1760 1761Mon November 29 1999 Nalin Dahyabhai <nalin.dahyabhai@pobox.com> 1762- Make creating the Kerberos IV ticket a non-fatal error if there are problems. 1763- Add man pages. 1764 1765Mon November 8 1999 Nalin Dahyabhai <nalin.dahyabhai@pobox.com> 1766- Clean up PAM_AUTHTOK_RECOVER{,Y}_ERR definition problems and Solaris LD flags. 1767 Problems spotted and solution proposed by Nitin Dahyabhai <nitind@pobox.com>. 1768 1769Wed November 3 1999 Nalin Dahyabhai <nalin.dahyabhai@pobox.com> 1770- Massive restructuring and cleaning out of 1.0-specific code. 1771 1772Mon October 4 1999 Nalin Dahyabhai <nalin.dahyabhai@pobox.com> 1773- Update for krb5 1.1 release 1774 1775Mon July 26 1999 Nalin Dahyabhai <nalin.dahyabhai@pobox.com> 1776- Configure should die if krb5.h or krbafs.h isn't found (bfdimmic@eos.ncsu.edu) 1777 1778Thu July 15 1999 Nalin Dahyabhai <nalin.dahyabhai@pobox.com> 1779- Added reason to authentication failure messages (wjlyerly@eos.ncsu.edu) 1780- Only prompt for second password if first password fails 1781 1782Fri June 18 1999 Nalin Dahyabhai <nalin.dahyabhai@pobox.com> 1783- First public release. Bwah-ha-ha-ha-ha-ha-ha! 1784