12018-04-20 Klas Lindfors <klas@yubico.com> 2 3 * NEWS: NEWS for 2.26 4 52018-04-18 Klas Lindfors <klas@yubico.com> 6 7 * README: Drop the blurb about rewriting of this project 8 92018-04-13 Klas Lindfors <klas@yubico.com> 10 11 * : commit e5bd2ef8449799d06f6f8dad3e602cc047e3c1af Author: Karol 12 Babioch <karol@babioch.de> Date: Wed Apr 11 13:37:17 2018 +0200 13 142018-04-05 Karol Babioch <karol@babioch.de> 15 16 * pam_yubico.c: Use mkotemp() instead of mkstemp() This uses mkostemp() instead of mkstemp(), passing along the 17 `O_CLOEXEC` flag, which makes sure that the file descriptor is 18 closed and won't be leaked into any child process, which was 19 previously an issue due to a missing fclose() (#136). 20 212018-04-05 Karol Babioch <karol@babioch.de> 22 23 * pam_yubico.c, util.c, ykpamcfg.c: Add "e" flag to fopen() calls This adds the `e` flag to fopen() calls, making sure the `O_CLOEXEC` 24 flag is used. This makes sure that the file descriptor is being 25 closed and not leaked into child processes. This was an issues 26 previously due to a missing fclose() (#136). 27 282018-04-05 Karol Babioch <karol@babioch.de> 29 30 * pam_yubico.c, util.c: Open file descriptors with O_CLOEXEC This opens any file descriptors with the O_CLOEXEC flag, which will 31 make sure that file descriptors won't be leaked into any child 32 process. This was previously an issue due to a forgotten fclose() 33 (#136). 34 352018-04-10 Klas Lindfors <klas@yubico.com> 36 37 * : commit c845c63aecb31f10859ac177f2848c74abcaef73 Merge: 6fe39d6 38 1aacb11 Author: Klas Lindfors <klas@yubico.com> Date: Tue Apr 10 39 10:29:51 2018 +0200 40 412018-04-09 Karol Babioch <karol@babioch.de> 42 43 * tests/pam_test.c: tests: Fix compiler warnings due to wrong 44 pointer casts This fixes a couple of compiler warnings due to wrong pointer casts 45 in regards to the pamh structure, which is a bit of a hackery way to 46 access the test data. 47 482018-04-09 Karol Babioch <karol@babioch.de> 49 50 * pam_yubico.c, util.c: Fix several format string specifiers This fixes several specifiers to better represent the data type, 51 which fixes multiple compiler warnings. 52 532018-04-09 Klas Lindfors <klas@yubico.com> 54 55 * : commit d63c2f2890f65ccbc3ee7b213f7a0ea60a632708 Merge: 0f6ceab 56 8c740c1 Author: Klas Lindfors <klas@yubico.com> Date: Mon Apr 9 57 09:08:34 2018 +0200 58 592018-04-06 Karol Babioch <karol@babioch.de> 60 61 * tests/util_test.c: util_test: Use mkdtemp() instead of tempnam() The latter function is considered insecure and deprecated on some 62 platforms. This will create the directory with 0700 implicitely, 63 where it was 0755 beforehand. Since this is a more secure default 64 and the test suite runs fine, we don't bother to chmod the 65 directory. 66 672018-04-06 Karol Babioch <karol@babioch.de> 68 69 * .travis.yml: Require sudo in .travis.yml Since the install script currently requires sudo, we should state so 70 explicetely in the .travis.yml file to make sure we get a 71 sudo-enabled environment and not a container-based one, as there is 72 no sudo available in the latter one. The default was changed in 73 August 2017, so when forking this repository, the Travis CI won't 74 work out-of-the box without this modification. This is described in 75 some details here [1]. [1]: https://docs.travis-ci.com/user/reference/overview/ 76 772018-04-03 Klas Lindfors <klas@yubico.com> 78 79 * util.c: util: make sure to close the authfile before returning 80 success fixes #136 81 822018-03-27 Klas Lindfors <klas@yubico.com> 83 84 * mac.mk: bump ykpers version for mac build 85 862018-03-27 Klas Lindfors <klas@yubico.com> 87 88 * NEWS, configure.ac: bump version to 2.26 89 902018-03-27 Klas Lindfors <klas@yubico.com> 91 92 * NEWS: NEWS for 2.25 93 942018-03-20 Klas Lindfors <klas@yubico.com> 95 96 * : commit 8db623de5dfe81c4b62379fcf91e7908342afa10 Author: Karol 97 Babioch <kbabioch@suse.de> Date: Tue Mar 20 13:55:21 2018 +0100 98 992018-03-20 Karol Babioch <kbabioch@suse.de> 100 101 * pam_yubico.c: Print out nullok parameter in debug mode This prints out the nullok parameter in debug mode, which was 102 introduced previously. 103 1042017-12-15 Klas Lindfors <klas@yubico.com> 105 106 * : commit 504c838b5af4ff1341eb27217ea9358eac986dd0 Author: Robert 107 Giles <rgtx@users.noreply.github.com> Date: Thu Dec 14 11:51:20 108 2017 -0600 109 1102017-12-14 Robert Giles <rgtx@users.noreply.github.com> 111 112 * README: Typo in asciidoc syntax. 113 1142017-12-14 Robert Giles <rgtx@users.noreply.github.com> 115 116 * README: Clarify documentation; this example configuration is also 117 useful for just regular pam_yubico configuration elsewhere against 118 AD, too. 119 1202017-11-20 Klas Lindfors <klas@yubico.com> 121 122 * : commit 5003f3974d2b57985cd453e0f8547ac495a6305d Author: Andy 123 Neff <andyneff@users.noreply.github.com> Date: Wed Nov 15 15:46:46 124 2017 -0500 125 1262017-10-10 Klas Lindfors <klas@yubico.com> 127 128 * doc/YubiKey_and_OpenVPN_via_PAM.adoc: drop more text with 129 unnecessary old version deps 130 1312017-10-06 Klas Lindfors <klas@yubico.com> 132 133 * doc/YubiKey_and_OpenVPN_via_PAM.adoc: drop outdated version 134 recommendations 135 1362017-08-30 Klas Lindfors <klas@yubico.com> 137 138 * pam_yubico.c: improved debug messages when getpwnam_r() doesn't 139 return a user 140 1412017-08-07 Klas Lindfors <klas@yubico.com> 142 143 * README, pam_yubico.8.txt: doc: fixup which proxy schemes are 144 supported, add http and https fixes #127 145 1462017-06-26 Klas Lindfors <klas@yubico.com> 147 148 * : commit 42e8a06bfe1b53df9f11118222d7f36c55cf7d58 Author: Larhard 149 <larhard@gmail.com> Date: Sat Jun 24 08:30:40 2017 +0000 150 1512017-06-23 Larhard <larhard@gmail.com> 152 153 * util.c: clear check_user_challenge_file 154 1552017-06-16 Alessio Di Mauro <alessio@yubico.com> 156 157 * README: Add message about project rewrite to README 158 1592017-04-09 Larhard <larhard@gmail.com> 160 161 * util.c: code cleanup 162 1632017-04-08 Larhard <larhard@gmail.com> 164 165 * pam_yubico.c, util.c, util.h: add nullok support to 166 challenge-response mode 167 1682017-03-06 Klas Lindfors <klas@yubico.com> 169 170 * tests/pam_test.c: add tests for use_first_pass 171 1722017-03-06 Klas Lindfors <klas@yubico.com> 173 174 * : commit d048a4a6e2fbe55982c5fc819ab2016b89ca136b Author: Mickaël 175 Thomas <mickael9@gmail.com> Date: Sun Feb 26 20:38:33 2017 +0100 176 1772017-02-26 Micka�l Thomas <mickael9@gmail.com> 178 179 * pam_yubico.c: Compare OTP IDs against `yubi_attr` only Currently we trust the LDAP server to only return the `yubi_attr` 180 attribute, yet we loop over all possible attributes when there 181 should only be one. Since the bundled test LDAP server ignores the requested attributes 182 list, we must make sure to only match against the `yubi_attr` 183 attibute as opposed to "all of them". This also fixes an issue where AUTH_NOT_FOUND was returned instead 184 of AUTH_NO_TOKENS when there were no values returned for `yubi_attr` 185 but another attribute's value was considered as a candidate token. 186 1872017-02-26 Micka�l Thomas <mickael9@gmail.com> 188 189 * README, pam_yubico.c, tests/util_test.c, util.c, util.h: Return 190 early if the user has no authorized tokens Currently, if a user has no associated tokens, we still prompt for 191 an OTP challenge and attempt to verify it. This adds a check earlier to avoid the useless prompt in that case. The `nullok` option is also added. It changes the return value from 192 PAM_USER_UNKNOWN to PAM_IGNORE. (fixes #97) Finally, some constants have been turned to symbolic form for 193 clarity and debugging output is improved. 194 1952017-02-26 Micka�l Thomas <mickael9@gmail.com> 196 197 * pam_yubico.c: Perform OTP validation only if token is authorized When using `try_first_pass` or `use_first_pass`, the password we 198 inherit from PAM might not actually be an OTP challenge. Currently, we happily leak it to the validation server without first 199 checking if it matches an authorized token ID. This postpones sending the actual request until we know the token ID 200 is authorized. 201 2022017-02-23 Klas Lindfors <klas@yubico.com> 203 204 * : commit 0d61b263ca3ce5a912fbf4895830b93b64c52fb7 Author: Thomas 205 Patzke <thomas@patzke.org> Date: Thu Feb 23 09:01:27 2017 +0100 206 2072017-01-03 Klas Lindfors <klas@yubico.com> 208 209 * ykpamcfg.1.txt: doc: fix typo 210 2112016-11-25 Klas Lindfors <klas@yubico.com> 212 213 * tests/aux/build-and-test.sh: more stuff to make a2x work properly 214 on mac for tests 215 2162016-11-25 Klas Lindfors <klas@yubico.com> 217 218 * tests/aux/build-and-test.sh: install docbook-xsl on mac for tests will hopefully make the tests run smoother 219 2202016-11-25 Klas Lindfors <klas@yubico.com> 221 222 * NEWS, configure.ac: bump versions 223 2242016-11-25 Klas Lindfors <klas@yubico.com> 225 226 * NEWS: NEWS for 2.24 227 2282016-09-08 Klas Lindfors <klas@yubico.com> 229 230 * README, configure.ac: drop reference to dead google groups fixes #106 231 2322016-08-09 Simon Josefsson <simon@josefsson.org> 233 234 * pam_yubico.c: Fix typo. 235 2362016-06-22 Klas Lindfors <klas@yubico.com> 237 238 * README, pam_yubico.8.txt, pam_yubico.c: let debug_accept stdout. 239 also check that file exists and is regular 240 2412016-06-16 Klas Lindfors <klas@yubico.com> 242 243 * : commit ebe6633425cf637758a71e330ead60dc5175f767 Merge: 914fa62 244 3debbfa Author: Klas Lindfors <klas@yubico.com> Date: Thu Jun 16 245 13:16:15 2016 +0200 246 2472016-06-16 Klas Lindfors <klas@yubico.com> 248 249 * README, pam_yubico.8.txt: documentation for debug_file option 250 2512016-06-16 Klas Lindfors <klas@yubico.com> 252 253 * pam_yubico.c: print debug_file when printing configuration 254 2552016-06-16 Klas Lindfors <klas@yubico.com> 256 257 * pam_yubico.c: open debug file with "a" not "a+" 258 2592016-06-16 Klas Lindfors <klali@avm.se> 260 261 * : Merge pull request #101 from Yubico/user_unknown-fixes User unknown fixes 262 2632016-06-16 Klas Lindfors <klas@yubico.com> 264 265 * pam_yubico.c: cleanup debug_file after we're done 266 2672016-06-16 Klas Lindfors <klas@yubico.com> 268 269 * drop_privs.c, drop_privs.h: fixup openpam drop_privs 270 implementation to support debug_file 271 2722016-06-16 Klas Lindfors <klas@yubico.com> 273 274 * Makefile.am, pam_yubico.c, tests/util_test.c, util.c, util.h, 275 ykpamcfg.c: refactor the debug mode add a debug_file option for where to write debug info (default to 276 stdout) stop compiling with DEBUG_PAM and PAM_DEBUG make debugging 277 behave the same way on linux-pam and openpam 278 2792016-06-15 Klas Lindfors <klas@yubico.com> 280 281 * NEWS, configure.ac: bump versions 282 2832016-06-15 Klas Lindfors <klas@yubico.com> 284 285 * NEWS: NEWS for 2.23 286 2872016-06-13 Klas Lindfors <klas@yubico.com> 288 289 * pam_yubico.c, tests/pam_test.c: add tests for empty OTP validation also fix around so ldap case checks with length of the authorized 290 token, not the length of the passed in id. 291 2922016-06-13 Klas Lindfors <klas@yubico.com> 293 294 * tests/util_test.c: add tests for empty otp part to 295 check_user_token() 296 2972016-06-13 Klas Lindfors <klas@yubico.com> 298 299 * pam_yubico.c: drop check for OTP length, should trigger error 300 later anyways. relates #97 301 3022016-06-13 Klas Lindfors <klas@yubico.com> 303 304 * pam_yubico.c: only process results of OTP check after user is 305 found relates #97 306 3072016-06-13 Klas Lindfors <klas@yubico.com> 308 309 * tests/aux/build-and-test.sh: install docbook-xsl instead of 310 docbook-xml for travis seems to help with a2x hangs 311 3122016-06-03 Klas Lindfors <klas@yubico.com> 313 314 * ykpamcfg.c: use umask instead of chmod to set file permissions 315 3162016-05-23 Klas Lindfors <klas@yubico.com> 317 318 * NEWS, configure.ac: bump versions 319 3202016-05-23 Klas Lindfors <klas@yubico.com> 321 322 * NEWS: NEWS for 2.22 323 3242016-04-18 Klas Lindfors <klas@yubico.com> 325 326 * configure.ac: let configure script check for ykclient_set_proxy() since it's the last symbol added to ykclient that we need, from 327 2.15. 328 3292016-04-01 Klas Lindfors <klas@yubico.com> 330 331 * : commit 0a1051f6dfd8c13d47614eaf9f38f4ee70bb109a Author: Klas 332 Lindfors <klas@yubico.com> Date: Thu Mar 31 10:12:18 2016 +0200 333 3342016-03-31 Klas Lindfors <klas@yubico.com> 335 336 * ykpamcfg.c: set file permissions when creating a new challenge 337 file 338 3392016-03-31 Klas Lindfors <klas@yubico.com> 340 341 * configure.ac, pam_yubico.c: switch 342 pam_modutils_getpwnam()/getpwnam() to always use getpwnam_r() 343 3442016-03-30 Klas Lindfors <klas@yubico.com> 345 346 * pam_yubico.c: copy ownership and modes of old challenge file when 347 creating a new one fixes #92 348 3492016-03-29 Klas Lindfors <klas@yubico.com> 350 351 * README, pam_yubico.8.txt: verbose_otp can not be used with OpenSSH fixes #25 352 3532016-02-26 Klas Lindfors <klas@yubico.com> 354 355 * doc/Authentication_Using_Challenge-Response.adoc: typo. 356 3572016-02-26 Klas Lindfors <klas@yubico.com> 358 359 * doc/Authentication_Using_Challenge-Response.adoc: document how to 360 use ykpamcfg with path instead of moving file 361 3622016-02-26 Klas Lindfors <klali@avm.se> 363 364 * : Merge pull request #89 from AmShaegar13/improve_cr_auth_docu Changed /etc/yubico to /var/yubico 365 3662016-02-19 Klas Lindfors <klas@yubico.com> 367 368 * .gitignore: ignore pkg files 369 3702016-02-19 Klas Lindfors <klas@yubico.com> 371 372 * NEWS, configure.ac: bump versions after release 373 3742016-02-19 Klas Lindfors <klas@yubico.com> 375 376 * NEWS: NEWS for 2.21 377 3782016-02-17 Klas Lindfors <klas@yubico.com> 379 380 * mac.mk: add first stab at makefile for mac installer fixes #76 381 3822016-02-17 Klas Lindfors <klas@yubico.com> 383 384 * pam_yubico.c, util.c: pass cfg->debug to check_firmware_version() 385 and let it use D macro 386 3872016-02-16 Klas Lindfors <klali@avm.se> 388 389 * : Merge pull request #88 from 390 shankerwangmiao/bug-fix-for-null-conv add check for NULL conv 391 3922015-11-16 Klas Lindfors <klas@yubico.com> 393 394 * : commit e231b8217cdfc25bffc7181a1270dfd840a3aebf Author: mikemn 395 <mikemn@users.noreply.github.com> Date: Thu Nov 12 15:02:49 2015 396 -0600 397 3982015-11-11 mikemn <mikemn@users.noreply.github.com> 399 400 * pam_yubico.8.txt, pam_yubico.c: Add proxy support via Curl 401 4022015-11-13 Klas Lindfors <klas@yubico.com> 403 404 * tests/aux/build-and-test.sh: set -e later for travis and hope for 405 the best 406 4072015-11-13 Klas Lindfors <klas@yubico.com> 408 409 * tests/aux/build-and-test.sh: add brew update for travis 410 4112015-10-08 Klas Lindfors <klas@yubico.com> 412 413 * configure.ac, m4/valgrind-tests.m4: with more thought: remove 414 valgrind for tests since curl+gnutls seems to leave gnutls inited data around 415 4162015-10-08 Klas Lindfors <klas@yubico.com> 417 418 * configure.ac, m4/valgrind-tests.m4: add valgrind-tests 419 4202015-10-08 Klas Lindfors <klas@yubico.com> 421 422 * pam_yubico.c: use correct modifier for size_t print 423 4242015-10-08 Klas Lindfors <klas@yubico.com> 425 426 * .travis.yml, tests/aux/build-and-test.sh, tests/pam_test.c: setup 427 travis to do multi-os builds 428 4292015-10-08 Klas Lindfors <klas@yubico.com> 430 431 * tests/Makefile.am, tests/test.c: drop the non-portable test test it linked with the module and didn't really do anything, making the 432 test suite more fragile than necessary 433 4342015-10-05 Klas Lindfors <klas@yubico.com> 435 436 * README, doc/YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc, 437 doc/YubiKey_and_FreeRADIUS_via_PAM.adoc: remove forgotten references 438 to wiki There is no wiki for this project, that information is either in the 439 doc folder or in the project manpages. Both of which accessible from 440 https://developers.yubico.com/yubico-pam/ fixes #81 441 4422015-09-22 Klas Lindfors <klas@yubico.com> 443 444 * NEWS, configure.ac: bump versions 445 4462015-09-22 Klas Lindfors <klas@yubico.com> 447 448 * NEWS: NEWS for 2.20 449 4502015-09-15 Klas Lindfors <klas@yubico.com> 451 452 * pam_yubico.8.txt: add information about files used thanks to @madrat- for original suggestions fixes #78 453 4542015-09-14 Klas Lindfors <klas@yubico.com> 455 456 * pam_yubico.c: reset yk_errno when we're happy with the result 457 4582015-09-14 Klas Lindfors <klas@yubico.com> 459 460 * pam_yubico.c: correct fchmod() return check 461 4622015-09-14 Klas Lindfors <klas@yubico.com> 463 464 * pam_yubico.c: switch i to size_t to match usage 465 4662015-09-14 Klas Lindfors <klas@yubico.com> 467 468 * pam_yubico.c: fix initialization of msg to not warn apparently this is gcc bug 53119 469 4702015-09-14 Klas Lindfors <klas@yubico.com> 471 472 * pam_yubico.c: make yubi_attr_prefix_len a size_t 473 4742015-09-14 Klas Lindfors <klas@yubico.com> 475 476 * pam_yubico.c: mark unused parameter with __attribute__((unused)) 477 4782015-09-14 Klas Lindfors <klas@yubico.com> 479 480 * pam_yubico.c: use mkstemp() to get the tempfile instead unfortunately means we have to fchmod() it afterwards to be sure 481 4822015-09-14 Klas Lindfors <klali@avm.se> 483 484 * : Merge pull request #79 from madrat-/master do_challenge_response change privileges twice at reading and writing 485 4862015-09-11 Klas Lindfors <klas@yubico.com> 487 488 * pam_yubico.c: in the challenge-response case only drop privileges 489 for user dir This allows the module to work in a case where the directory is only 490 writable to root. fixes #77 491 4922015-09-11 Klas Lindfors <klas@yubico.com> 493 494 * configure.ac: don't warn about to long strings 495 4962015-09-09 Klas Lindfors <klas@yubico.com> 497 498 * pam_yubico.c, util.c, util.h, ykpamcfg.c: include pwd.h in util.h 499 5002015-09-08 Klas Lindfors <klas@yubico.com> 501 502 * Makefile.am: disable xmllint for a2x since it seems to cause 503 problems 504 5052015-09-08 Klas Lindfors <klas@yubico.com> 506 507 * configure.ac, pam_yubico.c, tests/util_test.c, util.c, util.h, 508 ykpamcfg.c: use pam_modutil_getpwnam() if it's available also refactor to pass in a passwd struct to the util functions 509 5102015-08-18 Klas Lindfors <klas@yubico.com> 511 512 * tests/util_test.c: add a test for a user showing up twice in the 513 file 514 5152015-08-11 Klas Lindfors <klas@yubico.com> 516 517 * pam_yubico.8.txt: add documentation for chalresp_path parameter 518 5192015-08-11 Klas Lindfors <klali@avm.se> 520 521 * : Merge pull request #71 from afeinberg/comments Support comments in authfile 522 5232015-07-08 Klas Lindfors <klas@yubico.com> 524 525 * pam_yubico.c: free message at end of function it was possible message was never freed if the sprintf() call failed 526 5272015-06-15 Klas Lindfors <klas@yubico.com> 528 529 * pam_yubico.c: add cainfo option to allow usage of a cabundle 530 instead of path path submitted by github user @Mrten reportedly this is needed if 531 curl is linked with gnutls fixes #6 532 5332015-04-27 Klas Lindfors <klas@yubico.com> 534 535 * pam_yubico.c: add debug print for last url used 536 5372015-04-07 Klas Lindfors <klas@yubico.com> 538 539 * tests/Makefile.am: export LDAPNOINIT=1 for tests so we don't run 540 with systems ldap config fixes #61 541 5422015-04-07 Klas Lindfors <klas@yubico.com> 543 544 * tests/aux/ldap.pl, tests/aux/ykval.pl: more debugging on mocks 545 5462015-04-07 Klas Lindfors <klas@yubico.com> 547 548 * tests/aux/ldap.pl, tests/aux/ykval.pl: add some debug logging to 549 ldap and ykval mocks 550 5512015-03-30 Klas Lindfors <klas@yubico.com> 552 553 * util.c: change int to size_t 554 5552015-03-30 Klas Lindfors <klas@yubico.com> 556 557 * util.c: fixup warnings with sign 558 5592015-03-30 Klas Lindfors <klas@yubico.com> 560 561 * util.c: fixup warnings related to constness of filename 562 5632015-03-30 Klas Lindfors <klali@avm.se> 564 565 * : Merge pull request #60 from neverpanic/master Fix warnings on OS X with clang 566 5672015-03-28 Clemens Lang <neverpanic@gmail.com> 568 569 * pam_yubico.c: Fix warning if pam_message.msg isn't constant On OS X and FreeBSD, struct pam_message does not declare its msg 570 member as constant. This causes a warning when assigning a constant 571 string to it: pam_yubico.c:403:14: warning: assigning to 'char *' from 'const char 572 *' discards qualifiers 573 [-Wincompatible-pointer-types-discards-qualifiers] msg[0].msg = 574 message; ^ ~~~~~~~ 575 5762015-03-23 Klas Lindfors <klas@yubico.com> 577 578 * Makefile.am: drop save-mans 579 5802015-03-23 Klas Lindfors <klas@yubico.com> 581 582 * NEWS, configure.ac: bump versions 583 5842015-03-23 Klas Lindfors <klas@yubico.com> 585 586 * NEWS: release 2.19 587 5882015-03-17 Klas Lindfors <klas@yubico.com> 589 590 * README: fix typo 591 5922015-03-13 Klas Lindfors <klas@yubico.com> 593 594 * README: fix the git url again fixes #54 595 5962015-03-10 Henrik Str�th <minisu@users.noreply.github.com> 597 598 * doc/YubiKey_and_OpenVPN_via_PAM.adoc: Fixed broken link 599 6002015-03-10 Henrik Str�th <minisu@users.noreply.github.com> 601 602 * doc/YubiKey_and_OpenVPN_via_PAM.adoc: removed broken link 603 6042015-03-10 Klas Lindfors <klali@avm.se> 605 606 * : Merge pull request #56 from shanx/master Clarified the notion of id when using the pam_yubico module 607 6082015-03-06 Remco Wendt <remco.wendt@gmail.com> 609 610 * README: fixed typo 611 6122015-03-06 Remco Wendt <remco.wendt@gmail.com> 613 614 * README: Clarified the notion of id when using the pam_yubico 615 module 616 6172015-03-04 Klas Lindfors <klas@yubico.com> 618 619 * NEWS: fix formatting of NEWS 620 6212015-03-04 Klas Lindfors <klas@yubico.com> 622 623 * NEWS: prepare news for 2.19 624 6252015-03-04 Klas Lindfors <klas@yubico.com> 626 627 * pam_yubico.c: change datatypes to unsigned avoiding warnings about sign conversion 628 6292015-03-04 Klas Lindfors <klas@yubico.com> 630 631 * : commit 77067004e830724442004c458c0d8f59e18f7272 Author: Klas 632 Lindfors <klas@yubico.com> Date: Wed Mar 4 13:52:31 2015 +0100 633 6342015-03-04 Klas Lindfors <klas@yubico.com> 635 636 * README: use ldap_bind_user and ldap_bind_password in example 637 6382015-03-04 Klas Lindfors <klas@yubico.com> 639 640 * tests/aux/ldap.pl, tests/pam_test.c: simple ldap filter test 641 6422015-03-04 Klas Lindfors <klas@yubico.com> 643 644 * pam_yubico.c: allow ldap search with no base 645 6462015-03-04 Klas Lindfors <klas@yubico.com> 647 648 * tests/util_test.c, util.c: make sure filter is null terminated and 649 return length including null 650 6512015-03-04 Klas Lindfors <klas@yubico.com> 652 653 * tests/pam_test.c: drop authfile for ldap_cfg 654 6552015-03-04 Klas Lindfors <klas@yubico.com> 656 657 * pam_yubico.c: move debug print (and dereference of resp) inside 658 null check 659 6602015-03-04 Klas Lindfors <klas@yubico.com> 661 662 * Makefile.am: add DEFS to cppcheck 663 6642015-03-04 Klas Lindfors <klas@yubico.com> 665 666 * .travis.yml: try to survive and continue for failure in apt-get 667 update 668 6692015-03-04 Klas Lindfors <klas@yubico.com> 670 671 * pam_yubico.c: move protocol inside HAVE_LIBLDAP to avoid warning of unused variable 672 6732015-03-04 Klas Lindfors <klas@yubico.com> 674 675 * util.c: no need for a temp pointer when writing output of 676 filter_result_len() 677 6782015-03-04 Klas Lindfors <klas@yubico.com> 679 680 * pam_yubico.c: drop password parameter for 681 authorized_user_token_ldap() 682 6832015-03-04 Klas Lindfors <klas@yubico.com> 684 685 * pam_yubico.c: drop the ldap_bind_no_anonymous feature Sending the users password out in another direction is scary and 686 requires more thought. Ideally this should be solved by using ldap 687 GSSAPI or similar instead of sending a cleartext password over the 688 network. 689 6902015-03-04 Klas Lindfors <klas@yubico.com> 691 692 * pam_yubico.c: consider all success as valid session 693 6942015-03-04 Klas Lindfors <klas@yubico.com> 695 696 * pam_yubico.c: don't throw const away in cast 697 6982015-03-04 Klas Lindfors <klas@yubico.com> 699 700 * pam_yubico.c: client_id is supposed to be unsigned 701 7022015-03-04 Klas Lindfors <klas@yubico.com> 703 704 * pam_yubico.c: make sure rc is initialized before using 705 7062015-03-04 Klas Lindfors <klas@yubico.com> 707 708 * pam_yubico.c: don't use c++ style comments 709 7102015-03-04 Klas Lindfors <klas@yubico.com> 711 712 * pam_yubico.c: don't use c++ style comments 713 7142015-03-04 Klas Lindfors <klas@yubico.com> 715 716 * pam_yubico.c: conform to other code 717 7182015-02-20 Klas Lindfors <klas@yubico.com> 719 720 * README: reference github with https, not git@ fixes #54 721 7222015-02-16 Klas Lindfors <klas@yubico.com> 723 724 * util.c, util.h: simplify filter_result_len() and fixup warnings 725 7262015-02-16 Klas Lindfors <klas@yubico.com> 727 728 * pam_yubico.c: drop extra options for bind dn and password 729 7302015-02-16 Klas Lindfors <klas@yubico.com> 731 732 * : Merge commit 'aa87979eb84adb3adef170dac6ff2285ba43cd26' into 733 features/ldap Conflicts: README 734 7352015-02-16 Klas Lindfors <klas@yubico.com> 736 737 * .gitignore: ignore 738 7392015-02-13 Klas Lindfors <klas@yubico.com> 740 741 * pam_yubico.c: add debug print with version 742 7432015-02-12 Klas Lindfors <klas@yubico.com> 744 745 * NEWS, configure.ac: bump versions after release 746 7472015-02-12 Klas Lindfors <klas@yubico.com> 748 749 * NEWS: NEWS for 2.18 750 7512015-02-12 Klas Lindfors <klas@yubico.com> 752 753 * tests/Makefile.am, tests/pam_test.c: make sure out-of-tree builds 754 work 755 7562015-02-12 Klas Lindfors <klas@yubico.com> 757 758 * ykpamcfg.1.txt, ykpamcfg.c: add -V for version to ykpamcfg and 759 exit earlier also error on any part of iterations being non-numeric 760 7612015-01-29 Klas Lindfors <klas@yubico.com> 762 763 * util.c: fix format specifiers 764 7652015-01-29 Klas Lindfors <klas@yubico.com> 766 767 * Makefile.am, configure.ac: add --enable-cppcheck 768 7692015-01-21 Klas Lindfors <klas@yubico.com> 770 771 * configure.ac: fixup check for pam_modutil_drop_priv() this was broken in 68d3f5879ec6782742d68d7e74066da739a0b444 fixes 772 #50 773 7742015-01-21 Klas Lindfors <klas@yubico.com> 775 776 * pam_yubico.c: free more unfreed memory in the pam_response 777 structure 778 7792015-01-21 Klas Lindfors <klas@yubico.com> 780 781 * tests/pam_test.c: strdup() the OTP returned 782 7832015-01-20 Klas Lindfors <klas@yubico.com> 784 785 * tests/aux/build-and-test.sh: update build-and-test 786 7872015-01-20 Klas Lindfors <klas@yubico.com> 788 789 * .travis.yml, tests/aux/build-and-test.sh: enable coverage build 790 for travis 791 7922015-01-20 Klas Lindfors <klas@yubico.com> 793 794 * .gitignore, Makefile.am, configure.ac, tests/Makefile.am: add a 795 --enable-coverage switch 796 7972015-01-20 Klas Lindfors <klas@yubico.com> 798 799 * tests/pam_test.c: only run the ldap "server" if we're compiling 800 with ldap 801 8022015-01-20 Klas Lindfors <klas@yubico.com> 803 804 * README: add notice about tests requiring perl and 805 Net::LDAP::Server 806 8072015-01-20 Klas Lindfors <klas@yubico.com> 808 809 * tests/aux/authfile, tests/pam_test.c: add a test for authfile user 810 with two ok public ids 811 8122015-01-20 Klas Lindfors <klas@yubico.com> 813 814 * tests/aux/ldap.pl, tests/aux/ykval.pl, tests/pam_test.c: add a 815 second successful ldap test with two valid yubiKeyId 816 8172015-01-20 Klas Lindfors <klas@yubico.com> 818 819 * tests/pam_test.c: use higher ports and put them in constants 820 8212015-01-19 Klas Lindfors <klas@yubico.com> 822 823 * .travis.yml: add more travis config 824 8252015-01-19 Klas Lindfors <klas@yubico.com> 826 827 * tests/pam_test.c: fixup some warnings in test 828 8292015-01-19 Klas Lindfors <klas@yubico.com> 830 831 * Makefile.am: add EXTRA_DIST for tests/aux 832 8332015-01-19 Klas Lindfors <klas@yubico.com> 834 835 * tests/aux/ldap.pl, tests/pam_test.c: add a mocked ldap server and 836 ldap tests relates #44 837 8382015-01-19 Klas Lindfors <klas@yubico.com> 839 840 * tests/aux/ykval.pl, tests/pam_test.c: add a test for wrong otp and 841 small fixup to mock server 842 8432015-01-19 Klas Lindfors <klas@yubico.com> 844 845 * tests/pam_test.c: drop id from data struct and use index in array 846 8472015-01-19 Klas Lindfors <klas@yubico.com> 848 849 * tests/aux/ykval.pl, tests/pam_test.c: pass port correctly 850 8512015-01-19 Klas Lindfors <klas@yubico.com> 852 853 * tests/aux/ykval.pl, tests/pam_test.c: add test for wrong otp for 854 user 855 8562015-01-19 Klas Lindfors <klas@yubico.com> 857 858 * tests/pam_test.c: add test for failure-case 859 8602015-01-19 Klas Lindfors <klas@yubico.com> 861 862 * tests/pam_test.c: add a second child and mock server 863 8642015-01-19 Klas Lindfors <klas@yubico.com> 865 866 * tests/pam_test.c: fix some warnings 867 8682015-01-19 Klas Lindfors <klas@yubico.com> 869 870 * tests/pam_test.c: restructure the test some 871 8722015-01-19 Klas Lindfors <klas@yubico.com> 873 874 * tests/pam_test.c: make the recent pam_test more modularised and 875 generic 876 8772015-01-19 Klas Lindfors <klas@yubico.com> 878 879 * tests/pam_test.c: calculate size of cfg array 880 8812015-01-16 Klas Lindfors <klas@yubico.com> 882 883 * tests/aux/ykval.pl, tests/aux/ykval.sh, tests/pam_test.c: test a 884 bit more and switch the mock to perl 885 8862015-01-16 Klas Lindfors <klas@yubico.com> 887 888 * tests/aux/authfile, tests/aux/ykval.sh, tests/pam_test.c: test an 889 OK authentication add a simple http server in bash that validates the OTP 890 8912015-01-16 Klas Lindfors <klas@yubico.com> 892 893 * .gitignore: ignore more 894 8952015-01-16 Klas Lindfors <klas@yubico.com> 896 897 * tests/Makefile.am, tests/pam_test.c: add first step of tests 898 calling the actual module 899 9002015-01-16 Klas Lindfors <klas@yubico.com> 901 902 * Makefile.am, configure.ac: prepare by building a temporary library 903 for the module also fix the linking of libpam so we only do that when we want/need 904 it 905 9062015-01-16 Klas Lindfors <klas@yubico.com> 907 908 * pam_yubico.c: fixup a memory leak the caller is responsible for freeing the pam_response from 909 conversations 910 9112014-12-17 Klas Lindfors <klas@yubico.com> 912 913 * Makefile.am: fixup doc inclusion 914 9152014-12-10 Simon Josefsson <simon@josefsson.org> 916 917 * Makefile.am: Fix. 918 9192014-12-01 Henrik Str�th <minisu@users.noreply.github.com> 920 921 * README: Update README 922 9232014-11-27 Klas Lindfors <klas@yubico.com> 924 925 * util.c: change strtok usage to strtok_r 926 9272014-11-20 Meno Abels <meno.abels@adviser.com> 928 929 * README, pam_yubico.c: integrate 930 https://github.com/Yubico/yubico-pam/pull/39/files 931 9322014-10-29 Meno Abels <meno.abels@adviser.com> 933 934 * README, pam_yubico.c, util.c, util.h: enable that openvpn can now 935 run without any local user 936 9372014-10-28 Meno Abels <meno.abels@sinnerschrader.com> 938 939 * pam_yubico.c, tests/util_test.c, util.c, util.h: added a better 940 ldap handling, and to allow query active directory 941 9422014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 943 944 * README: Update README 945 9462014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 947 948 * doc/Authentication_Using_Challenge-Response.adoc: Update 949 Authentication_Using_Challenge-Response.adoc 950 9512014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 952 953 * doc/Two_Factor_PAM_Configuration.adoc: Update 954 Two_Factor_PAM_Configuration.adoc 955 9562014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 957 958 * doc/Two_Factor_PAM_Configuration.adoc: Update 959 Two_Factor_PAM_Configuration.adoc 960 9612014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 962 963 * doc/Two_Factor_PAM_Configuration.adoc: Update 964 Two_Factor_PAM_Configuration.adoc 965 9662014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 967 968 * doc/{Yubikey_and_SELinux_on_Fedora_18_and_up.txt => 969 Yubikey_and_SELinux_on_Fedora_18_and_up.adoc}: Update and rename 970 Yubikey_and_SELinux_on_Fedora_18_and_up.txt to 971 Yubikey_and_SELinux_on_Fedora_18_and_up.adoc 972 9732014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 974 975 * doc/YubiKey_and_FreeRADIUS_via_PAM.adoc: Update 976 YubiKey_and_FreeRADIUS_via_PAM.adoc 977 9782014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 979 980 * doc/YubiKey_and_FreeRADIUS_via_PAM.adoc: Update 981 YubiKey_and_FreeRADIUS_via_PAM.adoc 982 9832014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 984 985 * doc/MacOS_X_Challenge-Response.adoc: Update 986 MacOS_X_Challenge-Response.adoc 987 9882014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 989 990 * doc/MacOS_X_Challenge-Response.adoc: Update 991 MacOS_X_Challenge-Response.adoc 992 9932014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 994 995 * doc/MacOS_X_Challenge-Response.adoc: Update 996 MacOS_X_Challenge-Response.adoc 997 9982014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 999 1000 * doc/MacOS_X_Challenge-Response.adoc: Update 1001 MacOS_X_Challenge-Response.adoc 1002 10032014-10-31 Henrik Str�th <minisu@users.noreply.github.com> 1004 1005 * doc/MacOS_X_Challenge-Response.adoc: Update 1006 MacOS_X_Challenge-Response.adoc 1007 10082014-10-31 Klas Lindfors <klas@yubico.com> 1009 1010 * ykpamcfg.c: don't write to a constant pointer instead allocate action on the stack and copy the data there 1011 10122014-10-30 Henrik Str�th <henrik.strath@gmail.com> 1013 1014 * doc/Yubikey_and_SSH_via_PAM.adoc: Fixed adoc error 1015 10162014-10-30 Henrik Str�th <minisu@users.noreply.github.com> 1017 1018 * doc/YubiKey_and_OpenVPN_via_PAM.adoc: Update 1019 YubiKey_and_OpenVPN_via_PAM.adoc 1020 10212014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1022 1023 * doc/YubiKey_and_FreeRADIUS_via_PAM.adoc: Update 1024 YubiKey_and_FreeRADIUS_via_PAM.adoc 1025 10262014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1027 1028 * doc/YubiKey_and_FreeRADIUS_via_PAM.adoc: Update 1029 YubiKey_and_FreeRADIUS_via_PAM.adoc 1030 10312014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1032 1033 * doc/{Local_Authentication_Using_Challenge-Response.adoc => 1034 Authentication_Using_Challenge-Response.adoc}: Update and rename 1035 Local_Authentication_Using_Challenge-Response.adoc to 1036 Authentication_Using_Challenge-Response.adoc 1037 10382014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1039 1040 * doc/YubiKey_and_OpenVPN_via_PAM.adoc: Update 1041 YubiKey_and_OpenVPN_via_PAM.adoc 1042 10432014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1044 1045 * doc/YubiKey_and_OpenVPN_via_PAM.adoc: Update 1046 YubiKey_and_OpenVPN_via_PAM.adoc 1047 10482014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1049 1050 * doc/YubiKey_and_OpenVPN_via_PAM.adoc: Update 1051 YubiKey_and_OpenVPN_via_PAM.adoc 1052 10532014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1054 1055 * doc/YubiKey_and_OpenVPN_via_PAM.adoc: Update 1056 YubiKey_and_OpenVPN_via_PAM.adoc 1057 10582014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1059 1060 * doc/YubiKey_and_OpenVPN_via_PAM.adoc: Update 1061 YubiKey_and_OpenVPN_via_PAM.adoc 1062 10632014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1064 1065 * doc/Yubikey_and_SSH_via_PAM.adoc: Update 1066 Yubikey_and_SSH_via_PAM.adoc 1067 10682014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1069 1070 * doc/Yubikey_and_SSH_via_PAM.adoc: Update 1071 Yubikey_and_SSH_via_PAM.adoc 1072 10732014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1074 1075 * doc/Yubikey_and_SSH_via_PAM.adoc: Update 1076 Yubikey_and_SSH_via_PAM.adoc 1077 10782014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1079 1080 * doc/Yubikey_and_SSH_via_PAM.adoc: Update 1081 Yubikey_and_SSH_via_PAM.adoc 1082 10832014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1084 1085 * doc/Yubikey_and_SSH_via_PAM.adoc: Update 1086 Yubikey_and_SSH_via_PAM.adoc 1087 10882014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1089 1090 * doc/Yubikey_and_SSH_via_PAM.adoc: Update 1091 Yubikey_and_SSH_via_PAM.adoc 1092 10932014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1094 1095 * doc/{YubikeyAndSSHViaPAM.txt => Yubikey_and_SSH_via_PAM.adoc}: 1096 Update and rename YubikeyAndSSHViaPAM.txt to 1097 Yubikey_and_SSH_via_PAM.adoc 1098 10992014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1100 1101 * doc/{YubikeyAndRadiusViaPAM.txt => 1102 Yubikey_and_Radius_via_PAM.adoc}: Update and rename 1103 YubikeyAndRadiusViaPAM.txt to Yubikey_and_Radius_via_PAM.adoc 1104 11052014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1106 1107 * doc/{Yubikey-and-SELinux-on-Fedora-18-and-up.txt => 1108 Yubikey_and_SELinux_on_Fedora_18_and_up.txt}: Rename 1109 Yubikey-and-SELinux-on-Fedora-18-and-up.txt to 1110 Yubikey_and_SELinux_on_Fedora_18_and_up.txt 1111 11122014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1113 1114 * doc/{YubiKeyAndOpenVPNviaPAM.txt => 1115 YubiKey_and_OpenVPN_via_PAM.adoc}: Update and rename 1116 YubiKeyAndOpenVPNviaPAM.txt to YubiKey_and_OpenVPN_via_PAM.adoc 1117 11182014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1119 1120 * doc/{YubiKeyAndFreeRADIUSwithsinglefactorauthenticationviaPAM.txt 1121 => YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc}: Rename 1122 YubiKeyAndFreeRADIUSwithsinglefactorauthenticationviaPAM.txt to 1123 YubiKey_and_FreeRADIUS_1FA_via_PAM.adoc 1124 11252014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1126 1127 * doc/{YubiKeyAndFreeRADIUSviaPAM.txt => 1128 YubiKey_and_FreeRADIUS_via_PAM.adoc}: Rename 1129 YubiKeyAndFreeRADIUSviaPAM.txt to 1130 YubiKey_and_FreeRADIUS_via_PAM.adoc 1131 11322014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1133 1134 * doc/{UbuntuFreeRadiusYubiKey.txt => 1135 Ubuntu_FreeRadius_YubiKey.adoc}: Update and rename 1136 UbuntuFreeRadiusYubiKey.txt to Ubuntu_FreeRadius_YubiKey.adoc 1137 11382014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1139 1140 * doc/{TwoFactorPAMConfiguration.txt => 1141 Two_Factor_PAM_Configuration.adoc}: Rename 1142 TwoFactorPAMConfiguration.txt to Two_Factor_PAM_Configuration.adoc 1143 11442014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1145 1146 * doc/{MacOS_X_Challenge-Response.txt => 1147 MacOS_X_Challenge-Response.adoc}: Rename 1148 MacOS_X_Challenge-Response.txt to MacOS_X_Challenge-Response.adoc 1149 11502014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1151 1152 * doc/{MacOSXChallengeResponse.txt => 1153 MacOS_X_Challenge-Response.txt}: Rename MacOSXChallengeResponse.txt 1154 to MacOS_X_Challenge-Response.txt 1155 11562014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1157 1158 * doc/{Local_Authentication_Using_Challenge-Response.txt => 1159 Local_Authentication_Using_Challenge-Response.adoc}: Rename 1160 Local_Authentication_Using_Challenge-Response.txt to 1161 Local_Authentication_Using_Challenge-Response.adoc 1162 11632014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1164 1165 * doc/{LocalAuthenticationUsingChallengeResponse.txt => 1166 Local_Authentication_Using_Challenge-Response.txt}: Rename 1167 LocalAuthenticationUsingChallengeResponse.txt to 1168 Local_Authentication_Using_Challenge-Response.txt 1169 11702014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1171 1172 * README: Update README 1173 11742014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1175 1176 * README: Update README 1177 11782014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1179 1180 * README: Update README 1181 11822014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1183 1184 * README: Update README 1185 11862014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1187 1188 * README: Update README 1189 11902014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1191 1192 * README: Update README 1193 11942014-10-29 Henrik Str�th <minisu@users.noreply.github.com> 1195 1196 * README: Update README 1197 11982014-10-29 Henrik Str�th <henrik@yubico.com> 1199 1200 * README.adoc: symlinked README 1201 12022014-10-24 Henrik Str�th <minisu@users.noreply.github.com> 1203 1204 * doc/YubiKeyAndOpenVPNviaPAM.txt: Update 1205 YubiKeyAndOpenVPNviaPAM.txt 1206 12072014-10-24 Henrik Str�th <minisu@users.noreply.github.com> 1208 1209 * doc/UbuntuFreeRadiusYubiKey.txt: Fixed Asciidoc errors 1210 12112014-08-27 Klas Lindfors <klas@yubico.com> 1212 1213 * tests/util_test.c: add test for check_user_token() 1214 12152014-08-27 Klas Lindfors <klas@yubico.com> 1216 1217 * tests/test.c: make argv const to get rid of warning 1218 12192014-08-27 Klas Lindfors <klas@yubico.com> 1220 1221 * pam_yubico.c, util.c, util.h: move check_user_token() to util for testability.. 1222 12232014-08-27 Klas Lindfors <klas@yubico.com> 1224 1225 * tests/util_test.c: use constants 1226 12272014-08-27 Klas Lindfors <klas@yubico.com> 1228 1229 * tests/util_test.c: close the tmpfile when done.. 1230 12312014-08-27 Klas Lindfors <klas@yubico.com> 1232 1233 * tests/util_test.c: remove some warnings from the new test. 1234 12352014-08-27 Klas Lindfors <klas@yubico.com> 1236 1237 * Makefile.am, pam_yubico.c: re-add libyubikey, needed. 1238 12392014-08-27 Klas Lindfors <klas@yubico.com> 1240 1241 * tests/util_test.c: add stdlib.h 1242 12432014-08-27 Klas Lindfors <klas@yubico.com> 1244 1245 * tests/util_test.c: some tests of loading chalresp state 1246 12472014-08-27 Klas Lindfors <klas@yubico.com> 1248 1249 * tests/util_test.c: test other case in get_user_cfgfile_path() 1250 12512014-08-27 Klas Lindfors <klas@yubico.com> 1252 1253 * Makefile.am, tests/util_test.c: basic test for 1254 get_user_cfgfile_path() 1255 12562014-08-27 Klas Lindfors <klas@yubico.com> 1257 1258 * .gitignore, tests/Makefile.am, tests/util_test.c: add beginnings 1259 of a second test 1260 12612014-08-27 Klas Lindfors <klas@yubico.com> 1262 1263 * pam_yubico.c, util.c, util.h: move includes around in an attempt 1264 to include less 1265 12662014-08-27 Klas Lindfors <klas@yubico.com> 1267 1268 * .gitignore, Makefile.am, pam_yubico.c: break out util.c into it's 1269 own temporary library to make testing easier 1270 12712014-08-27 Klas Lindfors <klas@yubico.com> 1272 1273 * Makefile.am, configure.ac, tests/Makefile.am, test.c => 1274 tests/test.c: move tests to subdir 1275 12762014-08-26 Klas Lindfors <klas@yubico.com> 1277 1278 * NEWS, configure.ac: bump versions after release 1279 12802014-08-26 Klas Lindfors <klas@yubico.com> 1281 1282 * NEWS: NEWS for 2.17 1283 12842014-08-26 Klas Lindfors <klas@yubico.com> 1285 1286 * Makefile.am: add MANSOURCES to EXTRA_DIST on it's own line to not conflict with make release 1287 12882014-07-29 Klas Lindfors <klas@yubico.com> 1289 1290 * pam_yubico.c: correctly mark strings in cfg struct as const 1291 12922014-07-29 Klas Lindfors <klas@yubico.com> 1293 1294 * pam_yubico.c: fixup so urllist data is kept within it's own memory 1295 before strtok fixes #41 1296 12972014-06-16 Klas Lindfors <klas@yubico.com> 1298 1299 * pam_yubico.8.txt: add forgotten :: on mode line 1300 13012014-06-11 Klas Lindfors <klas@yubico.com> 1302 1303 * .travis.yml: let travis install fewer packages asciidoc comes with a bunch of recommends, find out what is needed 1304 for a2x manpages and install that 1305 13062014-06-11 Klas Lindfors <klas@yubico.com> 1307 1308 * .travis.yml, README: asciidoc is needed to build from git 1309 13102014-06-11 Klas Lindfors <klas@yubico.com> 1311 1312 * .gitignore, Makefile.am, configure.ac, pam_yubico.8, 1313 pam_yubico.8.txt, ykpamcfg.1, ykpamcfg.1.txt: convert manpages to 1314 asciidoc 1315 13162014-06-10 Klas Lindfors <klas@yubico.com> 1317 1318 * ykpamcfg.1: add a space after roff comment 1319 13202014-06-10 Klas Lindfors <klas@yubico.com> 1321 1322 * .travis.yml: also build with everything enabled 1323 13242014-06-10 Klas Lindfors <klas@yubico.com> 1325 1326 * BLURB: add travis to blurb 1327 13282014-06-10 Klas Lindfors <klas@yubico.com> 1329 1330 * .travis.yml: add -y to add-apt-repository for travis 1331 13322014-06-10 Klas Lindfors <klas@yubico.com> 1333 1334 * .travis.yml: add travis configuration 1335 13362014-06-10 Klas Lindfors <klas@yubico.com> 1337 1338 * NEWS, configure.ac: bump version after release 1339 13402014-06-10 Klas Lindfors <klas@yubico.com> 1341 1342 * NEWS: version 2.16 1343 13442014-06-10 Klas Lindfors <klas@yubico.com> 1345 1346 * .gitignore: ignore test artifacts 1347 13482014-06-10 Klas Lindfors <klas@yubico.com> 1349 1350 * NEWS: add NEWS for 2.16 1351 13522014-06-02 Klas Lindfors <klas@yubico.com> 1353 1354 * : Merge pull request #38 from alexjfisher/master Fix segfault whilst freeing urls 1355 13562014-04-30 Klas Lindfors <klas@yubico.com> 1357 1358 * README: add urllist to README 1359 13602014-04-30 Simon Josefsson <simon@josefsson.org> 1361 1362 * NEWS, configure.ac: Bump NEWS. 1363 13642014-04-30 Simon Josefsson <simon@josefsson.org> 1365 1366 * AUTHORS: Update. 1367 13682014-04-30 Simon Josefsson <simon@josefsson.org> 1369 1370 * COPYING, drop_privs.c, drop_privs.h, pam_yubico.c, test.c, 1371 util.c, util.h, ykpamcfg.c: Update copyright years. 1372 13732014-04-30 Simon Josefsson <simon@josefsson.org> 1374 1375 * BLURB, doc/YubiKeyAndFreeRADIUSviaPAM.txt, 1376 doc/YubiKeyAndFreeRADIUSwithsinglefactorauthenticationviaPAM.txt, 1377 doc/YubiKeyAndOpenVPNviaPAM.txt, doc/YubikeyAndSSHViaPAM.txt, 1378 pam_yubico.8, ykpamcfg.1: Fix URLs. 1379 13802014-04-30 Simon Josefsson <simon@josefsson.org> 1381 1382 * doc/MacOSXChallengeResponse.txt: Redo markup. 1383 13842014-04-30 Simon Josefsson <simon@josefsson.org> 1385 1386 * Makefile.am: Allow use of subkeys. 1387 13882014-04-30 Simon Josefsson <simon@josefsson.org> 1389 1390 * NEWS: Version 2.15. 1391 13922014-04-30 Simon Josefsson <simon@josefsson.org> 1393 1394 * Makefile.am: Fix doc/ EXTRA_DIST rule. 1395 13962014-04-30 Simon Josefsson <simon@josefsson.org> 1397 1398 * doc/LocalAuthenticationUsingChallengeResponse.txt, 1399 doc/MacOSXChallengeResponse.txt, doc/TwoFactorPAMConfiguration.txt, 1400 doc/UbuntuFreeRadiusYubiKey.txt, 1401 doc/YubiKeyAndFreeRADIUSviaPAM.txt, 1402 doc/YubiKeyAndFreeRADIUSwithsinglefactorauthenticationviaPAM.txt, 1403 doc/YubiKeyAndOpenVPNviaPAM.txt, 1404 doc/Yubikey-and-SELinux-on-Fedora-18-and-up.txt, 1405 doc/YubikeyAndRadiusViaPAM.txt, doc/YubikeyAndSSHViaPAM.txt: Add 1406 docs from the wiki. 1407 14082014-04-30 Simon Josefsson <simon@josefsson.org> 1409 1410 * doc: Removed submodule doc 1411 14122014-04-30 Simon Josefsson <simon@josefsson.org> 1413 1414 * .gitmodules: Drop submodule. 1415 14162014-04-30 Simon Josefsson <simon@josefsson.org> 1417 1418 * README, configure.ac: Bump yubico-c-client version required. Fix 1419 URLs. 1420 14212014-04-30 Simon Josefsson <simon@josefsson.org> 1422 1423 * NEWS: Add. 1424 14252014-03-26 Klas Lindfors <klas@yubico.com> 1426 1427 * pam_yubico.8: man for urllist feature 1428 14292014-03-26 Klas Lindfors <klas@yubico.com> 1430 1431 * pam_yubico.c: fixup strtok of url templates 1432 14332014-03-26 Klas Lindfors <klas@yubico.com> 1434 1435 * pam_yubico.c: fixup urllist feature (hopefully) 1436 14372014-03-26 Klas Lindfors <klas@yubico.com> 1438 1439 * pam_yubico.c: spelling 1440 14412014-03-12 Klas Lindfors <klas@yubico.com> 1442 1443 * pam_yubico.c: add urllist feature allowing up to 10 urls to be specified in config 1444 14452013-12-17 Klas Lindfors <klas@yubico.com> 1446 1447 * : Merge pull request #34 from c0sco/master Add information on FreeBSD ports. 1448 14492013-11-26 Klas Lindfors <klas@yubico.com> 1450 1451 * BLURB: add BLURB 1452 14532013-11-26 Klas Lindfors <klas@yubico.com> 1454 1455 * : Merge pull request #33 from cicku/patch-1 Update README 1456 14572013-11-21 Klas Lindfors <klas@yubico.com> 1458 1459 * util.c: free() filename before throwing the pointer away avoids a memory-leak pointed out by @crosser 1460 14612013-11-18 Klas Lindfors <klas@yubico.com> 1462 1463 * pam_yubico.8: more text about authfile 1464 14652013-11-18 Klas Lindfors <klas@yubico.com> 1466 1467 * pam_yubico.8: break between authfile and id 1468 14692013-10-08 Simon Josefsson <simon@josefsson.org> 1470 1471 * pam_yubico.8, ykpamcfg.1: More https. 1472 14732013-10-08 Simon Josefsson <simon@josefsson.org> 1474 1475 * README: Use more https. 1476 14772013-10-06 Simon Josefsson <simon@josefsson.org> 1478 1479 * README: Use SSH git URL. 1480 14812013-10-06 Simon Josefsson <simon@josefsson.org> 1482 1483 * README: Fix ModHex calculator URL and section. Suggested by Linus Nordberg <linus@nordberg.se>. 1484 14852013-10-02 Klas Lindfors <klas@yubico.com> 1486 1487 * pam_yubico.8: client is default mode 1488 14892013-10-02 Klas Lindfors <klas@yubico.com> 1490 1491 * : Merge pull request #30 from eworm-de/man install man page pam_yubico.8 1492 14932013-10-02 Klas Lindfors <klas@yubico.com> 1494 1495 * pam_yubico.8, ykpamcfg.1: add man page for pam_yubico 1496 14972013-09-27 Klas Lindfors <klas@yubico.com> 1498 1499 * NEWS, configure.ac: bump versions 1500 15012013-09-27 Klas Lindfors <klas@yubico.com> 1502 1503 * NEWS: release 2.14 1504 15052013-09-27 Simon Josefsson <simon@josefsson.org> 1506 1507 * : Merge pull request #14 from BinetReseau/master No match between user and token detailed pam values 1508 15092013-09-23 Klas Lindfors <klas@yubico.com> 1510 1511 * configure.ac: require version 1.8.0 of libykpers since we use yk_challenge_response() introduced in that version. 1512 15132013-09-20 Klas Lindfors <klas@yubico.com> 1514 1515 * doc: update doc submodule 1516 15172013-09-20 Klas Lindfors <klas@yubico.com> 1518 1519 * drop_privs.c, drop_privs.h, pam_yubico.c: reimplement drop_privs 1520 to implement the pam_modutils interface Original patch from maxime.deroucy@gmail.com. 1521 http://code.google.com/p/yubico-pam/issues/detail?id=49 fixes #19 1522 15232013-09-19 Klas Lindfors <klas@yubico.com> 1524 1525 * : Merge pull request #27 from eworm-de/stack use correct size to hex decode salt 1526 15272013-09-19 Klas Lindfors <klas@yubico.com> 1528 1529 * Makefile.am: fixup release target for move to github 1530 15312013-09-19 Klas Lindfors <klas@yubico.com> 1532 1533 * README: minor formatting fixes 1534 15352013-09-19 Klas Lindfors <klas@yubico.com> 1536 1537 * README, ykpamcfg.1: everything moved to github 1538 15392013-09-19 Klas Lindfors <klas@yubico.com> 1540 1541 * COPYING, configure.ac, drop_privs.c, pam_yubico.c, util.c, 1542 util.h, ykpamcfg.1, ykpamcfg.c: update copyright years 1543 15442013-09-19 Klas Lindfors <klas@yubico.com> 1545 1546 * drop_privs.c: allocate space for the grplist in the privs 1547 structure as we want to save the privs structure longer than the scope of 1548 def_privs we need to allocate the space for grplist. 1549 15502013-09-19 Klas Lindfors <klas@yubico.com> 1551 1552 * drop_privs.c: correct debug message 1553 15542013-09-18 Klas Lindfors <klas@yubico.com> 1555 1556 * util.c: move around to avoid warning 1557 15582013-09-18 Klas Lindfors <klas@yubico.com> 1559 1560 * util.c: always set iterations and rewind before second fscanf() 1561 15622013-09-18 Klas Lindfors <klas@yubico.com> 1563 1564 * README, configure.ac: update urls to other projects 1565 15662013-09-18 Klas Lindfors <klas@yubico.com> 1567 1568 * util.c: use malloc() instead of alloca() and free after use 1569 15702013-04-20 Eugene Crosser <crosser@average.org> 1571 1572 * drop_privs.c, pam_yubico.c, util.c: Stop leaks of memory and of 1573 privileges Fix several memory leaks and mishandling of the privilege status 1574 where a function returned failure indication, and previously 1575 allocated memory was not freed (and the referece was lost), or 1576 previously droped privileges where not restored. 1577 15782013-09-18 Klas Lindfors <klas@yubico.com> 1579 1580 * ykpamcfg.1, ykpamcfg.c: add -i switch for setting iterations with 1581 ykpamcfg 1582 15832013-09-18 Klas Lindfors <klas@yubico.com> 1584 1585 * .gitignore: ignore signed releases 1586 15872013-09-18 Klas Lindfors <klas@yubico.com> 1588 1589 * drop_privs.c: fix warnings 1590 15912013-09-18 Klas Lindfors <klas@yubico.com> 1592 1593 * pam_yubico.c: fixup warnings 1594 15952013-09-18 Klas Lindfors <klas@yubico.com> 1596 1597 * ykpamcfg.c: fix warnings 1598 15992013-09-18 Klas Lindfors <klas@yubico.com> 1600 1601 * pam_yubico.c, util.c, util.h: use pbkdf2 to process the exepected 1602 response this bumps the version on the state file to 2 old files can still be 1603 read but new files will use the new format 1604 16052013-09-18 Klas Lindfors <klas@yubico.com> 1606 1607 * pam_yubico.c, util.c, util.h, ykpamcfg.c: refactor to use chalresp 1608 function from ykpers so challenge_response() now calls yk_challenge_response() to do the 1609 yubikey internal stuff. 1610 16112013-09-18 Klas Lindfors <klas@yubico.com> 1612 1613 * Makefile.am, configure.ac, m4/manywarnings.m4, m4/warnings.m4: add 1614 the same warnings package as yubico-c 1615 16162013-09-18 Simon Josefsson <simon@josefsson.org> 1617 1618 * NEWS: Add. 1619 16202013-09-18 Simon Josefsson <simon@josefsson.org> 1621 1622 * Makefile.am, NEWS: Don't install internal header files. 1623 16242013-05-13 Christian Hesse <mail@eworm.de> 1625 1626 * pam_yubico.c: print information only if debug is specified The pam module is very informative. I do not want it to print any 1627 information unless debug is specified. An attacker should not get 1628 any information. 1629 16302013-03-01 Klas Lindfors <klas@yubico.com> 1631 1632 * NEWS, configure.ac: bump version after release 1633 16342013-03-01 Klas Lindfors <klas@yubico.com> 1635 1636 * Makefile.am: add more docs 1637 16382013-03-01 Klas Lindfors <klas@yubico.com> 1639 1640 * doc: update doc 1641 16422013-03-01 Klas Lindfors <klas@yubico.com> 1643 1644 * NEWS: release 2.13 1645 16462013-02-14 Dain Nilsson <dainzor@gmail.com> 1647 1648 * : Merge pull request #15 from wwest4/master util.c version check fix 1649 16502013-01-26 Pierre-Alain Dupont <pad@melix.net> 1651 1652 * pam_yubico.c: A more precise handling of user-token match errors Signed-off-by: Pierre-Alain Dupont <pad@melix.net> 1653 16542013-01-18 Klas Lindfors <klas@yubico.com> 1655 1656 * configure.ac: bump automake version to 1.11 1657 16582013-01-18 Clemens Lang <neverpanic@gmail.com> 1659 1660 * configure.ac: configure.ac: call AM_PROG_AR if available 1661 16622013-01-17 Klas Lindfors <klas@yubico.com> 1663 1664 * ykpamcfg.1: add path option to man page 1665 16662012-11-14 Tommaso Galassi De Orchi <tom@yubico.com> 1667 1668 * ykpamcfg.c: New feature, create directory in the user home. 1669 16702012-11-14 Tommaso Galassi De Orchi <tom@yubico.com> 1671 1672 * ykpamcfg.c: Added option to specify a path for ykpamcfg. 1673 16742012-11-13 Klas Lindfors <klas@yubico.com> 1675 1676 * README: update ppa location 1677 16782012-11-07 Klas Lindfors <klas@yubico.com> 1679 1680 * README, configure.ac: add AM_PROG_AR workaround for automake 1.12. 1681 16822012-11-05 Klas Lindfors <klas@yubico.com> 1683 1684 * : commit 37e6a6a80f08cbd4793fee4ff82f58410ab2326e Author: Simon 1685 Josefsson <simon@josefsson.org> Date: Wed Oct 31 17:01:18 2012 1686 +0100 1687 16882012-10-30 alexandru totolici <alex@hackd.net> 1689 1690 * README: Distinguish 'characters' from 'digits' in README The Yubikey token ID is 12 characters long, not 12 digits long. This 1691 can make it slightly confusing when first setting a key up, and in 1692 any case it's incorrect language. 1693 16942012-10-10 Karl Goetz <kgoetz@squiz.net> 1695 1696 * README: Mention google code hosts downloads too Per request on Issue 45 I've reworded this bit so it mentions google 1697 code hosting the package downloads. I've had to reflow the text 1698 slightly because it pushed it over 72 chars. 1699 17002012-10-04 Karl Goetz <kgoetz@squiz.net> 1701 1702 * README, ykpamcfg.1: Finish both files with a blank line Helps to keep all text readable on broken terminals/screens. 1703 17042012-10-04 Karl Goetz <kgoetz@squiz.net> 1705 1706 * README: Correct wording for PPA Its 'Personal' not 'Private' 1707 https://help.launchpad.net/Packaging/PPA 1708 17092012-10-04 Karl Goetz <kgoetz@squiz.net> 1710 1711 * README: Refer to Github as well as G.Code. This attempts to help explain where to look for various things (eg 1712 bugs, code, doco). 1713 17142012-10-03 Klas Lindfors <klas@yubico.com> 1715 1716 * README: break line so we keep document width consistent 1717 17182012-10-03 Karl Goetz <kgoetz@squiz.net> 1719 1720 * README: Attempt to clarify format of mapping files I didn't realise from the original version that it was a series of 1721 different token IDs - i thought it was different parts of the OTP. 1722 Hopefully this change clarifys whats really going on here. Part of the patch/doco for Issue 44. 1723 http://code.google.com/p/yubico-pam/issues/detail?id=44 1724 17252012-10-03 Karl Goetz <kgoetz@squiz.net> 1726 1727 * README: Explain how to generate an OTP. This wasn't obvious to me and so I suspect others may be confused 1728 too. This commit provides the documentation to close Issue 44, but 1729 is NOT identical to the patch provided on that report. http://code.google.com/p/yubico-pam/issues/detail?id=44 1730 17312012-10-03 Karl Goetz <kgoetz@squiz.net> 1732 1733 * README: Explain what an OTP is 1734 17352012-10-03 Karl Goetz <kgoetz@squiz.net> 1736 1737 * README: adding a new line for consistancy with spacing on other 1738 headings 1739 17402012-10-03 Karl Goetz <kgoetz@squiz.net> 1741 1742 * README: Add information about SELinux to README Because SELinux in enforcing mode will cause yubikey authentication 1743 to fail I'm including some references to discussion around this 1744 problem. The RH bugzilla link also includes a policy snippet which 1745 can be used for this." This commit should resolve Issue #43. 1746 http://code.google.com/p/yubico-pam/issues/detail?id=43 1747 17482012-08-06 Vincent Brillault <git@lerya.net> 1749 1750 * pam_yubico.c: Verify the otp_length given by the configuration 1751 Avoid out of bound writing at ligne -920,1 +927,1: strncpy (otp_id, 1752 password + skip_bytes, cfg->token_id_length); 1753 17542012-06-15 Klas Lindfors <klas@yubico.com> 1755 1756 * NEWS, configure.ac: bump versions post-release 1757 17582012-06-15 Klas Lindfors <klas@yubico.com> 1759 1760 * README: copy changes about dependencies from wiki. 1761 17622012-06-15 Klas Lindfors <klas@yubico.com> 1763 1764 * NEWS: NEWS for 2.12 1765 17662012-06-15 Klas Lindfors <klas@yubico.com> 1767 1768 * README, configure.ac: remove -Wno-extra-portability, it breaks on 1769 automake before 1.11.2 1770 17712012-06-14 Klas Lindfors <klas@yubico.com> 1772 1773 * pam_yubico.c: use errstr to communicate with the user 1774 17752012-06-14 Klas Lindfors <klas@yubico.com> 1776 1777 * NEWS, configure.ac: bump versions as 2.11 is released 1778 17792012-06-08 Klas Lindfors <klas@yubico.com> 1780 1781 * pam_yubico.c: check for same response in pam module, output debug 1782 for the user 1783 17842012-06-08 Klas Lindfors <klas@yubico.com> 1785 1786 * ykpamcfg.c: add check that two challenges get different responses 1787 17882012-06-08 Klas Lindfors <klas@yubico.com> 1789 1790 * pam_yubico.c: replace fopen with open+fdopen to set more 1791 restrictive bits 1792 17932012-06-05 Clemens Lang <neverpanic@gmail.com> 1794 1795 * configure.ac: Silence warning: missing AM_PROG_AR on non-POSIX Automake 1.12 complains: "linking libraries using a non-POSIX 1796 archiver requires 'AM_PROG_AR' in 'configure.ac'". This patch 1797 silences this warning, allowing automake 1.12 to process 1798 configure.ac with -Werror 1799 18002012-03-27 James Dingwall <james@dingwall.me.uk> 1801 1802 * configure.ac: Modify the PAM headers test in configure.ac to 1803 #include <sys/types.h>. This is required to compile conftest.c for 1804 pam_modutil.h on Gentoo with sys-libs/pam-1.1.5 sys-libs/glibc-2.13-r4 sys-devel/gcc-4.5.3-r2 1805 18062012-03-05 Fredrik Thulin <fredrik@yubico.com> 1807 1808 * README: Correct libyubikey requirement 1809 18102012-03-05 Fredrik Thulin <fredrik@yubico.com> 1811 1812 * configure.ac: libyubikey is really only required --with-cr 1813 18142012-02-13 Fredrik Thulin <fredrik@yubico.com> 1815 1816 * pam_yubico.c, util.c, util.h: load_chalresp_state: Debug message 1817 was always shown. 1818 18192012-02-10 Fredrik Thulin <fredrik@yubico.com> 1820 1821 * NEWS: Prepare version 2.11 1822 18232012-02-10 Fredrik Thulin <fredrik@yubico.com> 1824 1825 * pam_yubico.c: do_challenge_response: Clear errno when done. 1826 18272012-02-10 Fredrik Thulin <fredrik@yubico.com> 1828 1829 * ykpamcfg.1: Fix project name. 1830 18312012-02-10 Fredrik Thulin <fredrik@yubico.com> 1832 1833 * util.c: Avoid warnings for fscanf() by passing pointer to first 1834 element of array. 1835 18362012-02-10 Fredrik Thulin <fredrik@yubico.com> 1837 1838 * drop_privs.c: include stdlib, for malloc() 1839 18402012-02-10 Fredrik Thulin <fredrik@yubico.com> 1841 1842 * pam_yubico.c: DBG format fix 1843 18442012-02-08 Fredrik Thulin <fredrik@yubico.com> 1845 1846 * pam_yubico.c, ykpamcfg.c: Fix clang indicated printf format 1847 warnings. 1848 18492012-02-06 Fredrik Thulin <fredrik@yubico.com> 1850 1851 * pam_yubico.c: Fix debug-logging of chalresp_path. Oddity reported 1852 by clang. 1853 18542012-02-06 Fredrik Thulin <fredrik@yubico.com> 1855 1856 * pam_yubico.c: snprintf returns an int, not a size_t. reported by 1857 clang. 1858 18592012-02-02 Fredrik Thulin <fredrik@yubico.com> 1860 1861 * NEWS: Describe recent changes. 1862 18632012-02-02 Fredrik Thulin <fredrik@yubico.com> 1864 1865 * README: Remove redundant explanation of 'capath'. 1866 18672012-02-02 Fredrik Thulin <fredrik@yubico.com> 1868 1869 * : commit bf8ececae38a27c09c695ecc934119d3dd2fe1a7 Author: Remi 1870 Mollon <remi.mollon@cern.ch> Date: Wed Feb 1 09:29:27 2012 +0100 1871 18722012-02-01 Remi Mollon <remi.mollon@cern.ch> 1873 1874 * pam_yubico.c: renaming yubi_prefix to yubi_Attr_prefix and 1875 changing debug 1876 18772012-01-28 Clemens Lang <neverpanic@gmail.com> 1878 1879 * util.h: Make yubico-pam compile without -DDEBUG_PAM 1880 18812012-01-28 Clemens Lang <neverpanic@gmail.com> 1882 1883 * pam_yubico.c, util.c: Add missing headers fcntl.h in pam_yubico.c is needed on OS X with clang for the build 1884 to succeed, while unistd.h in util.c is required so clang doesn't 1885 complain about implicit declarations of ftruncate and fsync. 1886 18872012-01-28 Clemens Lang <neverpanic@gmail.com> 1888 1889 * util.c: Fix memset() with wrong size as reported by clang 1890 18912012-01-27 Fredrik Thulin <fredrik@yubico.com> 1892 1893 * pam_yubico.c: Avoid double fclose() in some error cases. Problem reported (and patched) by Lingzhu Xiang 1894 <xianglingzhu@gmail.com> in 1895 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657524 1896 18972012-01-24 Remi Mollon <remi.mollon@cern.ch> 1898 1899 * pam_yubico.c: add comment 1900 19012012-01-23 Simon Josefsson <simon@josefsson.org> 1902 1903 * doc: Update doc/. 1904 19052012-01-23 Simon Josefsson <simon@josefsson.org> 1906 1907 * configure.ac: Fix automake warning. 1908 19092012-01-23 Simon Josefsson <simon@josefsson.org> 1910 1911 * COPYING, Makefile.am, NEWS, README, configure.ac, drop_privs.c, 1912 drop_privs.h, pam_yubico.c, test.c, util.c, util.h, ykpamcfg.1, 1913 ykpamcfg.c: Bump version. Use silent rules. Bump copyright years. 1914 19152012-01-18 Remi Mollon <remi.mollon@cern.ch> 1916 1917 * pam_yubico.c: adding yubi_prefix parameter, when looking for 1918 token_id in ldap 1919 19202011-12-14 Fredrik Thulin <fredrik@yubico.com> 1921 1922 * : commit 6c23f476458961c202758375d0ce2d11888dda32 Author: Fredrik 1923 Thulin <fredrik@yubico.com> Date: Wed Dec 14 13:11:12 2011 +0100 1924 19252011-12-14 Fredrik Thulin <fredrik@yubico.com> 1926 1927 * Makefile.am: check-doc-dist: restore submodule doc branch master 1928 19292011-12-14 Fredrik Thulin <fredrik@yubico.com> 1930 1931 * NEWS: New date for 2.10 release (today). 1932 19332011-12-13 Simon Josefsson <simon@josefsson.org> 1934 1935 * README, configure.ac: Shift blame. 1936 19372011-12-13 Fredrik Thulin <fredrik@yubico.com> 1938 1939 * pam_yubico.c: authorize_user_token: Don't drop privs for 1940 system-wide file. 1941 19422011-12-13 Fredrik Thulin <fredrik@yubico.com> 1943 1944 * drop_privs.c: Bug fix dropping privileges using 1945 pam_modutil_drop_priv. 1946 19472011-12-13 Fredrik Thulin <fredrik@yubico.com> 1948 1949 * NEWS: prepare 2.10 1950 19512011-12-13 Fredrik Thulin <fredrik@yubico.com> 1952 1953 * configure.ac, test.c: update copyright for files changed 2011 1954 19552011-12-12 Fredrik Thulin <fredrik@yubico.com> 1956 1957 * README: Document arguments token_id_length and mode. 1958 19592011-12-12 Fredrik Thulin <fredrik@yubico.com> 1960 1961 * AUTHORS: Compile list of authors from ChangeLog. 1962 19632011-12-12 Fredrik Thulin <fredrik@yubico.com> 1964 1965 * COPYING: update 1966 19672011-12-06 Fredrik Thulin <fredrik@yubico.com> 1968 1969 * configure.ac: Prepare version 2.10. 1970 19712011-12-06 Fredrik Thulin <fredrik@yubico.com> 1972 1973 * test.c: Pedantically removing warnings. 1974 19752011-12-06 Fredrik Thulin <fredrik@yubico.com> 1976 1977 * test.c: Fix implicit declaration warning. 1978 19792011-12-06 Fredrik Thulin <fredrik@yubico.com> 1980 1981 * util.c: challenge_response: reject bad slot 1982 19832011-12-06 Fredrik Thulin <fredrik@yubico.com> 1984 1985 * util.c, util.h, ykpamcfg.c: Further pointer signedness fixes. 1986 19872011-12-06 Fredrik Thulin <fredrik@yubico.com> 1988 1989 * pam_yubico.c: do_challenge_response: Remove 2 unused variables. 1990 19912011-12-06 Fredrik Thulin <fredrik@yubico.com> 1992 1993 * ykpamcfg.1: Hyphen-fix. 1994 19952011-12-06 Fredrik Thulin <fredrik@yubico.com> 1996 1997 * pam_yubico.c, util.c: Fix implicit yubikey_* declarations. 1998 19992011-12-06 Fredrik Thulin <fredrik@yubico.com> 2000 2001 * util.c: Avoid asprintf. To improve portability, we do malloc() + snprintf() instead. 2002 20032011-12-06 Fredrik Thulin <fredrik@yubico.com> 2004 2005 * pam_yubico.c, util.c, ykpamcfg.c: Fix pointer signedness warnings. 2006 20072011-12-06 Fredrik Thulin <fredrik@yubico.com> 2008 2009 * util.c: generate_random: Remove unused variable 'i'. 2010 20112011-12-01 Fredrik Thulin <fredrik@yubico.com> 2012 2013 * ykpamcfg.1: fix lintian errors 2014 20152011-11-23 Fredrik Thulin <fredrik@yubico.com> 2016 2017 * NEWS: Update with new things in 2.10. 2018 20192011-11-23 Fredrik Thulin <fredrik@yubico.com> 2020 2021 * pam_yubico.c: Drop privileges before writing new C-R file. 2022 20232011-11-23 Fredrik Thulin <fredrik@yubico.com> 2024 2025 * pam_yubico.c: Verify that challenge-response file is a normal 2026 file. 2027 20282011-11-23 Fredrik Thulin <fredrik@yubico.com> 2029 2030 * pam_yubico.c: improve debug messages 2031 20322011-11-23 Fredrik Thulin <fredrik@yubico.com> 2033 2034 * Makefile.am, configure.ac, drop_privs.c, drop_privs.h, 2035 pam_yubico.c: Use pam_modutil_drop_priv if it is available. Utility functions for what was done in drop_priv.c appeared in PAM 2036 1.1.3. Use them when available. 2037 20382011-11-23 Fredrik Thulin <fredrik@yubico.com> 2039 2040 * pam_yubico.c: Restore challenge-response functionality. HAVE_LIBYKPERS_1 did not seem to ever get defined, so use HAVE_CR 2041 instead. 2042 20432011-11-23 Ricky Zhou <ricky@fedoraproject.org> 2044 2045 * drop_privs.c, drop_privs.h, pam_yubico.c: Drop privileges before 2046 opening user files. This change also ensures that user tokens are regular files. We may 2047 want to add a similar check for user challenge files. 2048 20492011-11-22 Fredrik Thulin <fredrik@yubico.com> 2050 2051 * pam_yubico.c: Remove unused variable and extra undef. 2052 20532011-11-22 Fredrik Thulin <fredrik@yubico.com> 2054 2055 * pam_yubico.c: pam_sm_authenticate: check strdup return value 2056 20572011-11-22 Fredrik Thulin <fredrik@yubico.com> 2058 2059 * pam_yubico.c: authorize_user_token_ldap: check malloc return value 2060 20612011-11-22 Fredrik Thulin <fredrik@yubico.com> 2062 2063 * ykpamcfg.c: parse_args: getopt() return value is int. 2064 20652011-11-17 Fredrik Thulin <fredrik@yubico.com> 2066 2067 * NEWS: Fix release date of 2.9. 2068 20692011-11-17 Fredrik Thulin <fredrik@yubico.com> 2070 2071 * Makefile.am: Link pam_yubico.la directly with -lpam. 2072 20732011-11-08 Fredrik Thulin <fredrik@yubico.com> 2074 2075 * README, doc: updates 2076 20772011-11-08 Fredrik Thulin <fredrik@yubico.com> 2078 2079 * NEWS, configure.ac: Prepare for version 2.9. 2080 20812011-11-08 dr8 <github@dominicrutherford.co.uk> 2082 2083 * pam_yubico.c: Bug fix: pam_yubico doesn't check server signature Squashed commit of the following: commit 9e7746bc53957f2a1e68784c0c26d082049180a7 Author: dr8 2084 <github@dominicrutherford.co.uk> Date: Mon Oct 31 14:27:47 2011 2085 +0000 Bug fix: pam_yubico doesn't check server signature commit 2f3d5e721cbfc905582da6208495c1da6dd2f79c Author: dr8 2086 <github@dominicrutherford.co.uk> Date: Sat Oct 29 16:59:08 2011 2087 +0100 Bug fix: pam_yubico does not validate server signature commit 58a1e6820a88f6aa365ef006e9cca4c62af7c7cf Author: dr8 2088 <github@dominicrutherford.co.uk> Date: Fri Oct 28 22:09:49 2011 2089 +0100 only validate server signature when key is specified commit d705f429bc972f85a50f0b2f96703cbdc28b744f Author: dr8 2090 <github@dominicrutherford.co.uk> Date: Tue Oct 25 22:45:22 2011 2091 +0100 fix failure to validate server signature 2092 20932011-08-26 Fredrik Thulin <fredrik@yubico.com> 2094 2095 * NEWS, configure.ac: Prepare for version 2.8. 2096 20972011-08-26 Nanakos Chrysostomos <nanakos@wired-net.gr> 2098 2099 * pam_yubico.c: Fix big security hole: Authentication succeeded when 2100 no password was given, unless use_first_pass was being used. This 2101 is fatal if pam_yubico is considered 'sufficient' in the PAM 2102 configuration. Signed-off-by: Nanakos Chrysostomos <nanakos@wired-net.gr> 2103 21042011-06-07 Simon Josefsson <simon@josefsson.org> 2105 2106 * NEWS: Fix date. 2107 21082011-06-07 Simon Josefsson <simon@josefsson.org> 2109 2110 * Makefile.am: Fix release target. 2111 21122011-06-07 Simon Josefsson <simon@josefsson.org> 2113 2114 * .gitignore: Ignore more. 2115 21162011-06-07 Simon Josefsson <simon@josefsson.org> 2117 2118 * doc: Update doc/. 2119 21202011-06-07 Simon Josefsson <simon@josefsson.org> 2121 2122 * NEWS: Version 2.7. 2123 21242011-06-07 Simon Josefsson <simon@josefsson.org> 2125 2126 * .gitignore, Makefile.am, NEWS, configure.ac, pam_yubico.c, 2127 util.c, util.h: Make dependency on libykpers optional. Use --without-cr to force it. Reported by Jussi Sallinen 2128 <jussi@jus.si>. 2129 21302011-04-15 Fredrik Thulin <fredrik@yubico.com> 2131 2132 * pam_yubico.c: parse_cfg: Use memset to clear cfg struct. The code will be easier to maintain if one does not have to remember 2133 explicitly initializing all new members of the config struct. 2134 21352011-04-15 Fredrik Thulin <fredrik@yubico.com> 2136 2137 * pam_yubico.c: Fix some D's that should've been DBG. 2138 21392011-04-15 Fredrik Thulin <fredrik@yubico.com> 2140 2141 * pam_yubico.c: Make DBG macro unified. Refactor authorize_user_token and authorize_user_token_ldap to take 2142 a cfg argument instead of a number of elements from cfg. 2143 21442011-04-15 Romain Riviere <lecoyote@lecoyote.org> 2145 2146 * pam_yubico.c: Debug: adding a dbg flag and macro so as to disable 2147 unwanted debug messages 2148 21492011-04-13 Fredrik Thulin <fredrik@yubico.com> 2150 2151 * README: Add mentioning of recursive dependency on libyubikey. 2152 21532011-04-13 Fredrik Thulin <fredrik@yubico.com> 2154 2155 * Makefile.am: Tag releases consistent with previous ones (no 'v'). 2156 21572011-04-13 Fredrik Thulin <fredrik@yubico.com> 2158 2159 * README: sync 2160 21612011-04-11 Fredrik Thulin <fredrik@yubico.com> 2162 2163 * README: sync 2164 21652011-03-23 Fredrik Thulin <fredrik@yubico.com> 2166 2167 * Makefile.am, configure.ac: Explicitly link with libyubikey. 2168 21692011-04-11 Fredrik Thulin <fredrik@yubico.com> 2170 2171 * NEWS: Version 2.6. 2172 21732011-04-11 Fredrik Thulin <fredrik@yubico.com> 2174 2175 * util.c, ykpamcfg.c: whitespace 2176 21772011-03-18 Tollef Fog Heen <tfheen@err.no> 2178 2179 * pam_yubico.c: Tell the user if something goes wrong after 2180 authenticating If we successfully authenticate, but something then goes wrong, such 2181 as failure to generate a new challenge, failure to update the 2182 challenge and so on, tell the user. 2183 21842011-03-18 Tollef Fog Heen <tfheen@err.no> 2185 2186 * : Merge remote branch 'fredrikt/master' Conflicts: util.c 2187 21882011-03-17 Fredrik Thulin <fredrik@yubico.com> 2189 2190 * Makefile.am, ykpamcfg.1, ykpamcfg.c: Add ykpamcfg - C/R setup 2191 command line utility. 2192 21932011-03-17 Fredrik Thulin <fredrik@yubico.com> 2194 2195 * pam_yubico.c, util.c, util.h: Make get_user_challenge_file() also 2196 include YubiKey serial number, and move it to util.c. 2197 21982011-03-17 Fredrik Thulin <fredrik@yubico.com> 2199 2200 * util.c: Version-tag challenge-response state file contents. Helps in case we ever want to change the file format. 2201 22022011-03-17 Fredrik Thulin <fredrik@yubico.com> 2203 2204 * pam_yubico.c, util.c, util.h: Further cleanups to challenge 2205 response code, and move more code to util.c. 2206 22072011-03-17 Fredrik Thulin <fredrik@yubico.com> 2208 2209 * pam_yubico.c: Revert "Wait with declaring PAM_SUCCESS on 2210 challenge-response until new" Tollef has argued that the login should not fail if, for example, 2211 the disk is full. I'd rather fail on the cautious side and make sure 2212 we don't end up always sending the same challenge to the YubiKey, 2213 but I'll leave it up to Tollef to decide for now. This reverts commit 14e917ffae52e05121a69a192d03f98090e8ae41. Conflicts: pam_yubico.c 2214 22152011-03-17 Fredrik Thulin <fredrik@yubico.com> 2216 2217 * pam_yubico.c, util.c, util.h: Move more challenge-response code to 2218 util.c. 2219 22202011-03-17 Fredrik Thulin <fredrik@yubico.com> 2221 2222 * Makefile.am, pam_yubico.c, util.c, util.h: Move soon-to-be 2223 commonly used code to util.c 2224 22252011-03-16 Tollef Fog Heen <tfheen@err.no> 2226 2227 * pam_yubico.c: Use a temporary file to ensure we always have a 2228 challenge If we use ftruncate we might end up in the situation that we do not 2229 have a challenge on disk, leading to the user being unable to log 2230 in. By using a temporary file, fsync and rename we avoid this 2231 problem. 2232 22332011-03-17 Fredrik Thulin <fredrik@yubico.com> 2234 2235 * Makefile.am, ykpamcfg.1, ykpamcfg.c: Add ykpamcfg - C/R setup 2236 command line utility. 2237 22382011-03-17 Fredrik Thulin <fredrik@yubico.com> 2239 2240 * pam_yubico.c, util.c, util.h: Make get_user_challenge_file() also 2241 include YubiKey serial number, and move it to util.c. 2242 22432011-03-17 Fredrik Thulin <fredrik@yubico.com> 2244 2245 * util.c: Version-tag challenge-response state file contents. Helps in case we ever want to change the file format. 2246 22472011-03-17 Fredrik Thulin <fredrik@yubico.com> 2248 2249 * pam_yubico.c, util.c, util.h: Further cleanups to challenge 2250 response code, and move more code to util.c. 2251 22522011-03-17 Fredrik Thulin <fredrik@yubico.com> 2253 2254 * pam_yubico.c: Revert "Wait with declaring PAM_SUCCESS on 2255 challenge-response until new" Tollef has argued that the login should not fail if, for example, 2256 the disk is full. I'd rather fail on the cautious side and make sure 2257 we don't end up always sending the same challenge to the YubiKey, 2258 but I'll leave it up to Tollef to decide for now. This reverts commit 14e917ffae52e05121a69a192d03f98090e8ae41. Conflicts: pam_yubico.c 2259 22602011-03-17 Fredrik Thulin <fredrik@yubico.com> 2261 2262 * pam_yubico.c, util.c, util.h: Move more challenge-response code to 2263 util.c. 2264 22652011-03-17 Fredrik Thulin <fredrik@yubico.com> 2266 2267 * Makefile.am, pam_yubico.c, util.c, util.h: Move soon-to-be 2268 commonly used code to util.c 2269 22702011-03-14 Fredrik Thulin <fredrik@yubico.com> 2271 2272 * pam_yubico.c: Remove hard coded values for challenge/responses. Also do some input validation on what we read from the C/R file. 2273 22742011-03-14 Fredrik Thulin <fredrik@yubico.com> 2275 2276 * pam_yubico.c: generate_challenge() only generated half as many 2277 bytes as it should. Changed generate_challenge() to generating bytes instead of a hex 2278 encoded string, to not have to decode what we just encoded - instead 2279 just generate plain bytes of randomness and then encode them once. 2280 22812011-03-16 Tollef Fog Heen <tfheen@err.no> 2282 2283 * pam_yubico.c: Use a temporary file to ensure we always have a 2284 challenge If we use ftruncate we might end up in the situation that we do not 2285 have a challenge on disk, leading to the user being unable to log 2286 in. By using a temporary file, fsync and rename we avoid this 2287 problem. 2288 22892011-03-14 Fredrik Thulin <fredrik@yubico.com> 2290 2291 * pam_yubico.c: fsync() wants file descriptor Also, truncate file before writing if the challenge length has 2292 changed (became shorter) or garbage has otherwise been appended. 2293 22942011-03-14 Fredrik Thulin <fredrik@yubico.com> 2295 2296 * pam_yubico.c: Don't generate new challenge on bad response. 2297 22982011-03-14 Fredrik Thulin <fredrik@yubico.com> 2299 2300 * pam_yubico.c: Support challenge-response files outside user's home 2301 directory. Having the challege-response data inside the home directory won't 2302 work very well if the YubiKey is to unlock an ecryptfs encrypted 2303 home directory. 2304 23052011-03-16 Tollef Fog Heen <tfheen@err.no> 2306 2307 * : Merge remote branch 'origin/master' 2308 23092011-03-14 Fredrik Thulin <fredrik@yubico.com> 2310 2311 * pam_yubico.c: generate_challenge() only generated half as many 2312 bytes as it should. Changed generate_challenge() to generating bytes instead of a hex 2313 encoded string, to not have to decode what we just encoded - instead 2314 just generate plain bytes of randomness and then encode them once. 2315 23162011-03-14 Fredrik Thulin <fredrik@yubico.com> 2317 2318 * pam_yubico.c: Wait with declaring PAM_SUCCESS on 2319 challenge-response until new challenge-response has been stored 2320 properly on disk. 2321 23222011-03-14 Fredrik Thulin <fredrik@yubico.com> 2323 2324 * pam_yubico.c: fsync() wants file descriptor Also, truncate file before writing if the challenge length has 2325 changed (became shorter) or garbage has otherwise been appended. 2326 23272011-03-14 Fredrik Thulin <fredrik@yubico.com> 2328 2329 * pam_yubico.c: Don't generate new challenge on bad response. 2330 23312011-03-14 Fredrik Thulin <fredrik@yubico.com> 2332 2333 * pam_yubico.c: Support challenge-response files outside user's home 2334 directory. Having the challege-response data inside the home directory won't 2335 work very well if the YubiKey is to unlock an ecryptfs encrypted 2336 home directory. 2337 23382011-03-14 Fredrik Thulin <fredrik@yubico.com> 2339 2340 * : Merge remote branch 'remim/master' 2341 23422011-03-12 Tollef Fog Heen <tfheen@err.no> 2343 2344 * pam_yubico.c: Undef USERFILE when we don't need it any more 2345 23462011-03-12 Tollef Fog Heen <tfheen@err.no> 2347 2348 * Makefile.am, configure.ac: Look for libykpers-1, which we will 2349 need for challenge-response 2350 23512011-03-12 Tollef Fog Heen <tfheen@err.no> 2352 2353 * pam_yubico.c: Get rid of unimplemented PAM functions 2354 23552011-03-10 Fredrik Thulin <fredrik@yubico.com> 2356 2357 * : commit 27346d9be9739954dadf24c460c74b8ea4043488 Author: Fredrik 2358 Thulin <fredrik@yubico.com> Date: Thu Mar 10 10:48:20 2011 +0100 2359 23602011-03-04 Fredrik Thulin <fredrik@yubico.com> 2361 2362 * pam_yubico.c: Ignore errors from pam_get_data(). 2363 23642011-03-03 Fredrik Thulin <fredrik@yubico.com> 2365 2366 * pam_yubico.c: Correct debug log message for too short OTPs. 2367 23682011-03-03 Fredrik Thulin <fredrik@yubico.com> 2369 2370 * : commit 952668811dd212d7444d4903feacaa40d30f4ea8 Merge: 60d9e60 2371 702ac98 Author: Fredrik Thulin <fredrik@yubico.com> Date: Thu Mar 2372 3 15:06:22 2011 +0100 2373 23742011-03-03 Fredrik Thulin <fredrik@yubico.com> 2375 2376 * pam_yubico.c: Bugfix getting option token_id_length. 2377 23782011-03-03 Fredrik Thulin <fredrik@yubico.com> 2379 2380 * pam_yubico.c: Avoid logging passwords when debug is enabled. Problem reported in 2381 http://code.google.com/p/yubico-pam/issues/detail?id=28 2382 23832011-03-03 Fredrik Thulin <fredrik@yubico.com> 2384 2385 * : commit abb0b7e4e4d9ed0e09778815328126c6813b0d78 Author: Fredrik 2386 Thulin <fredrik@yubico.com> Date: Thu Mar 3 14:14:54 2011 +0100 2387 23882011-03-03 Fredrik Thulin <fredrik@yubico.com> 2389 2390 * pam_yubico.c: authorize_user_token_ldap: Don't leak memory on 2391 failures. 2392 23932011-03-03 Fredrik Thulin <fredrik@yubico.com> 2394 2395 * pam_yubico.c: authorize_user_token_ldap: sr was under-allocated by 2396 one byte. Also change strcat's to sprintf to make code easier to maintain. 2397 23982011-03-03 Fredrik Thulin <fredrik@yubico.com> 2399 2400 * pam_yubico.c: Don't segfault on unset LDAP parameters. When ldapserver / ldap_uri was specified, but not for example 2401 user_attr, authorize_user_token_ldap() used to cause a segmentation 2402 fault. 2403 24042011-03-03 Fredrik Thulin <fredrik@yubico.com> 2405 2406 * pam_yubico.c: Use LDAPv3 instead of LDAPv2. LDAPv2 was declared historical in 2003, and is now not supported by 2407 for example Mac OS X Server's Open Directory. Patch by 2408 maxsanna81@gmail.com. 2409 24102011-03-03 Fredrik Thulin <fredrik@yubico.com> 2411 2412 * pam_yubico.c: Avoid LDAP warnings about deprecated functions. Patch by judas.iscariote. 2413 24142011-03-03 Fredrik Thulin <fredrik@yubico.com> 2415 2416 * pam_yubico.c: authorize_user_token_ldap: Use correct LDAP free 2417 function. Patch by judas.iscariote. 2418 24192011-02-28 Fredrik Thulin <fredrik@yubico.com> 2420 2421 * pam_yubico.c: Make length of public ID part of tokens 2422 configurable. Now that we support setting URL, not all public ID's can be expected 2423 to be six bytes (the length used in the YubiCloud validation 2424 service). Unfortunately we can't support OTPs of different lengths at once, 2425 because there is code supporting users entering their (other) 2426 password followed by the OTP from the YubiKey. Patch by fraser.scott@gmail.com in 2427 http://code.google.com/p/yubico-pam/issues/detail?id=19 2428 24292011-03-02 Fredrik Thulin <fredrik@yubico.com> 2430 2431 * configure.ac: Check for ykclient-2.4+, since we use new ca_path 2432 function. 2433 24342011-02-28 Fredrik Thulin <fredrik@yubico.com> 2435 2436 * pam_yubico.c: Add debug output of url and capath. 2437 24382011-02-22 Fredrik Thulin <fredrik@yubico.com> 2439 2440 * : commit e3440786bfa3c3475721b5933b8ab6c8074d1e64 Author: Fredrik 2441 Thulin <fredrik@yubico.com> Date: Wed Feb 16 22:22:23 2011 +0100 2442 24432011-02-16 Fredrik Thulin <fredrik@yubico.com> 2444 2445 * doc: sync 2446 24472011-02-16 Fredrik Thulin <fredrik@yubico.com> 2448 2449 * Makefile.am: Change to make releases from Github. 2450 24512011-02-16 Fredrik Thulin <fredrik@yubico.com> 2452 2453 * README: Convert to asciidoc (used by Github wiki). 2454 24552011-02-16 Fredrik Thulin <fredrik@yubico.com> 2456 2457 * .gitmodules: Add submodule doc. 2458 24592011-02-11 Remi Mollon <remi.mollon@cern.ch> 2460 2461 * pam_yubico.c: Add capath parameter to PAM module 2462 24632011-02-11 Remi Mollon <remi.mollon@cern.ch> 2464 2465 * pam_yubico.c: Add capath parameter to PAM module 2466 24672010-09-10 Simon Josefsson <simon@yubico.com> 2468 2469 * NEWS, configure.ac: Bump versions. 2470 24712010-09-10 Simon Josefsson <simon@yubico.com> 2472 2473 * Makefile.am: Fix. 2474 24752010-09-10 Simon Josefsson <simon@yubico.com> 2476 2477 * NEWS: Add. 2478 24792010-09-10 Simon Josefsson <simon@yubico.com> 2480 2481 * Makefile.am: Include wiki pages in distribution. 2482 24832010-09-10 Simon Josefsson <simon@yubico.com> 2484 2485 * Makefile.am: Fix release target. 2486 24872010-09-09 Simon Josefsson <simon@yubico.com> 2488 2489 * NEWS, configure.ac: Bump versions. 2490 24912010-09-09 Simon Josefsson <simon@yubico.com> 2492 2493 * NEWS: Version 2.4. 2494 24952010-09-09 Simon Josefsson <simon@yubico.com> 2496 2497 * NEWS: Add. 2498 24992010-09-09 Simon Josefsson <simon@yubico.com> 2500 2501 * NEWS, pam_yubico.c: Fix segmentation fault on 64-bit systems. Reported by multiple people in Issue #11 2502 <http://code.google.com/p/yubico-pam/issues/detail?id=11>. 2503 25042010-09-09 Simon Josefsson <simon@yubico.com> 2505 2506 * README: Improve verbose_otp documentation. 2507 25082010-09-09 Simon Josefsson <simon@yubico.com> 2509 2510 * pam_yubico.c: Handle ^D at su prompt. 2511 25122010-07-13 Simon Josefsson <simon@yubico.com> 2513 2514 * NEWS, pam_yubico.c: Make deprecated "ldapserver" work again. 2515 Reported by giovannibajo in Issue #27: 2516 <http://code.google.com/p/yubico-pam/issues/detail?id=27>. 2517 25182010-05-20 Erinn Looney-Triggs <erinn.looneytriggs@gmail.com> 2519 2520 * README: Update README to clarify a few points, put in wiki markup 2521 and add section on how to locate the token ID. 2522 25232010-04-14 Simon Josefsson <simon@yubico.com> 2524 2525 * README: Document "verbose_otp". From qistoph in 2526 http://code.google.com/p/yubico-pam/issues/detail?id=22 2527 25282010-04-14 Simon Josefsson <simon@yubico.com> 2529 2530 * Makefile.am, NEWS: Build with -DPAM_DEBUG so that debug file 2531 writing works. Reported by qistoph in Issue #20: 2532 <http://code.google.com/p/yubico-pam/issues/detail?id=20>. 2533 25342010-04-14 Simon Josefsson <simon@yubico.com> 2535 2536 * NEWS, pam_yubico.c: New keyword "verbose_otp" to allow displaying 2537 OTP characters. Contributed by qistoph reported in Issue #22: 2538 <http://code.google.com/p/yubico-pam/issues/detail?id=22>. 2539 25402010-04-14 Simon Josefsson <simon@yubico.com> 2541 2542 * Makefile.am: Save a local copy of released archives. 2543 25442010-04-14 Simon Josefsson <simon@yubico.com> 2545 2546 * NEWS, configure.ac: Bump versions. 2547 25482010-04-14 Simon Josefsson <simon@yubico.com> 2549 2550 * Makefile.am: Fix googlecode_upload username. 2551 25522010-04-14 Simon Josefsson <simon@yubico.com> 2553 2554 * NEWS: Version 2.3. 2555 25562010-04-14 Simon Josefsson <simon@yubico.com> 2557 2558 * NEWS: Add. 2559 25602010-04-14 Simon Josefsson <simon@yubico.com> 2561 2562 * NEWS, pam_yubico.c: Add deprecated support for old ldapserver 2563 keyword. 2564 25652010-04-14 Simon Josefsson <simon@yubico.com> 2566 2567 * README: Re-add documentation for "ldapserver". 2568 25692010-04-14 Simon Josefsson <simon@yubico.com> 2570 2571 * README: More fixes from Erinn Looney-Triggs 2572 <erinn.looneytriggs@gmail.com>. 2573 25742010-04-13 Simon Josefsson <simon@yubico.com> 2575 2576 * README: More fixes from Erinn Looney-Triggs 2577 <erinn.looneytriggs@gmail.com>. 2578 25792010-04-13 Simon Josefsson <simon@yubico.com> 2580 2581 * pam_yubico.c: Doc fix. 2582 25832010-04-13 Simon Josefsson <simon@yubico.com> 2584 2585 * README: Describe authfile parameter. From Erinn Looney-Triggs <erinn.looneytriggs@gmail.com>. 2586 25872009-08-11 zubrick433 <zubrick433@unknown.example.org> 2588 2589 * README, pam_yubico.c: Corrections in ldap part:Â Removed deprecated ldap functions. New functions need a ldap uri 2590 instead of a hostname. changed configuration parameter ldapserver to 2591 ldap_uri to reflect change and avoid errors in configuration. Search string are now of variable size depending on configuration 2592 parameters length, instead of an arbitrary fixed length. Modified README for the new ldap_uri configuration parameter 2593 25942009-06-22 Simon Josefsson <simon@josefsson.org> 2595 2596 * Makefile.am: Fix release target. 2597 25982009-05-11 Simon Josefsson <simon@josefsson.org> 2599 2600 * NEWS, configure.ac: Bump versions. 2601 26022009-05-11 Simon Josefsson <simon@josefsson.org> 2603 2604 * NEWS: Version 2.2. 2605 26062009-05-11 Simon Josefsson <simon@josefsson.org> 2607 2608 * NEWS: Add. 2609 26102009-05-11 Simon Josefsson <simon@josefsson.org> 2611 2612 * README, configure.ac, pam_yubico.c: Add new key parameter to set 2613 verification key. 2614 26152009-05-11 Simon Josefsson <simon@josefsson.org> 2616 2617 * pam_yubico.c: Don't output debug information unconditionally. 2618 26192009-03-31 Simon Josefsson <simon@josefsson.org> 2620 2621 * NEWS, configure.ac: Bump versions. 2622 26232009-03-31 Simon Josefsson <simon@josefsson.org> 2624 2625 * NEWS: Version 2.1. 2626 26272009-03-31 Simon Josefsson <simon@josefsson.org> 2628 2629 * NEWS: Add. 2630 26312009-03-31 Simon Josefsson <simon@josefsson.org> 2632 2633 * Makefile.am: Fix release target. 2634 26352009-03-31 Simon Josefsson <simon@josefsson.org> 2636 2637 * README: Fix. 2638 26392009-03-30 Simon Josefsson <simon@josefsson.org> 2640 2641 * pam_yubico.c: Avoid warning. 2642 26432009-03-25 Simon Josefsson <simon@josefsson.org> 2644 2645 * NEWS, configure.ac: Bump versions. 2646 26472009-03-25 Simon Josefsson <simon@josefsson.org> 2648 2649 * NEWS: Version 2.0. 2650 26512009-03-25 Simon Josefsson <simon@josefsson.org> 2652 2653 * Makefile.am, NEWS, README, configure.ac, pam_yubico.c: Use and 2654 require libykclient v2.0+. 2655 26562009-03-24 Simon Josefsson <simon@josefsson.org> 2657 2658 * README: Fix. 2659 26602009-03-24 Simon Josefsson <simon@josefsson.org> 2661 2662 * README: Fix. 2663 26642009-03-24 Simon Josefsson <simon@josefsson.org> 2665 2666 * build-aux/config.rpath, m4/lib-ld.m4, m4/lib-link.m4, 2667 m4/lib-prefix.m4: Update gnulib files. 2668 26692009-03-24 Simon Josefsson <simon@josefsson.org> 2670 2671 * NEWS, configure.ac: Bump versions. 2672 26732009-03-24 Simon Josefsson <simon@josefsson.org> 2674 2675 * Makefile.am: Reorder. 2676 26772009-03-24 Simon Josefsson <simon@josefsson.org> 2678 2679 * NEWS: Version 1.14. 2680 26812009-03-24 Simon Josefsson <simon@josefsson.org> 2682 2683 * NEWS: Add. 2684 26852009-03-24 Simon Josefsson <simon@josefsson.org> 2686 2687 * pam_yubico.c: Improve matching logic. 2688 26892009-03-24 Simon Josefsson <simon@josefsson.org> 2690 2691 * NEWS, configure.ac: Bump versions. 2692 26932009-03-24 Simon Josefsson <simon@josefsson.org> 2694 2695 * Makefile.am: Fix release target. 2696 26972009-03-24 Simon Josefsson <simon@josefsson.org> 2698 2699 * NEWS: Version 1.13. 2700 27012009-03-24 Simon Josefsson <simon@josefsson.org> 2702 2703 * pam_yubico.c: Fix crash on memory errors. 2704 27052009-03-24 Simon Josefsson <simon@josefsson.org> 2706 2707 * NEWS: Add. 2708 27092009-03-24 Simon Josefsson <simon@josefsson.org> 2710 2711 * pam_yubico.c: Fix parsing of password+otp into id/otp/passwd. Fix 2712 return codes. Fix setcred. 2713 27142009-03-24 Simon Josefsson <simon@josefsson.org> 2715 2716 * pam_yubico.c: Fix ykc handling. 2717 27182009-03-24 Simon Josefsson <simon@josefsson.org> 2719 2720 * pam_yubico.c: Reduce failure points with live unverified OTP. 2721 27222009-03-24 Simon Josefsson <simon@josefsson.org> 2723 2724 * pam_yubico.c: Split off configuration parsing. 2725 27262009-03-24 Simon Josefsson <simon@josefsson.org> 2727 2728 * NEWS, pam_yubico.c: Don't pass integers via 2729 pam_set_data/pam_get_data. 2730 27312009-03-24 Simon Josefsson <simon@josefsson.org> 2732 2733 * NEWS, configure.ac: Bump versions. 2734 27352009-03-24 Simon Josefsson <simon@josefsson.org> 2736 2737 * Makefile.am: Fix dist target. 2738 27392009-03-24 Simon Josefsson <simon@josefsson.org> 2740 2741 * NEWS: Version 1.12. 2742 27432009-03-24 Simon Josefsson <simon@josefsson.org> 2744 2745 * Makefile.am: Fix release target. 2746 27472009-03-24 Simon Josefsson <simon@josefsson.org> 2748 2749 * NEWS: Add. 2750 27512009-03-24 Simon Josefsson <simon@josefsson.org> 2752 2753 * NEWS, README, pam_yubico.c: Support use_first_pass and 2754 try_first_pass. 2755 27562009-03-24 Simon Josefsson <simon@josefsson.org> 2757 2758 * NEWS, configure.ac: Bump version. 2759 27602009-02-11 Simon Josefsson <simon@josefsson.org> 2761 2762 * NEWS: Version 1.11. 2763 27642009-02-11 Simon Josefsson <simon@josefsson.org> 2765 2766 * configure.ac: Check for better symbol in -lldap. 2767 27682009-02-11 Simon Josefsson <simon@josefsson.org> 2769 2770 * pam_yubico.c: Fix typo. 2771 27722009-02-11 Simon Josefsson <simon@josefsson.org> 2773 2774 * NEWS: Add. 2775 27762009-02-11 Simon Josefsson <simon@josefsson.org> 2777 2778 * pam_yubico.c: Indent code. Add FIXME note. Handle NULL values in 2779 debug strings. 2780 27812009-02-11 zubrick433 <zubrick433@unknown.example.org> 2782 2783 * Makefile.am, README, configure.ac, pam_yubico.c: Added ldap 2784 support 2785 27862009-01-13 Simon Josefsson <simon@josefsson.org> 2787 2788 * NEWS: Version 1.10. 2789 27902009-01-13 Simon Josefsson <simon@josefsson.org> 2791 2792 * README: Doc fix. 2793 27942009-01-13 Simon Josefsson <simon@josefsson.org> 2795 2796 * test.c: Indent. 2797 27982009-01-13 Simon Josefsson <simon@josefsson.org> 2799 2800 * COPYING, Makefile.am, NEWS, README, configure.ac, pam_yubico.c, 2801 test.c: Change license to 2-clause BSD. 2802 28032009-01-13 Simon Josefsson <simon@josefsson.org> 2804 2805 * NEWS: Version 1.9. 2806 28072009-01-13 Simon Josefsson <simon@josefsson.org> 2808 2809 * pam_yubico.c: Support debugging even on non-Linux. 2810 28112009-01-13 Simon Josefsson <simon@josefsson.org> 2812 2813 * pam_yubico.c: Avoid use of asprintf, to fix Solaris. Suggested by 2814 Martin Englund <Martin.Englund@Sun.COM>. 2815 28162009-01-13 Simon Josefsson <simon@josefsson.org> 2817 2818 * configure.in => configure.ac: Rename. 2819 28202009-01-13 Simon Josefsson <simon@josefsson.org> 2821 2822 * NEWS: Add. 2823 28242009-01-13 Simon Josefsson <simon@josefsson.org> 2825 2826 * configure.in: Disable static libraries, not supported and breaks 2827 building on Solaris. 2828 28292009-01-13 Simon Josefsson <simon@josefsson.org> 2830 2831 * test.c: Don't include pam_misc.h, doesn't exist on Solaris. 2832 28332009-01-13 Simon Josefsson <simon@josefsson.org> 2834 2835 * configure.in: Improve PAM header test. 2836 28372009-01-13 Simon Josefsson <simon@josefsson.org> 2838 2839 * NEWS, configure.in: Bump versions. 2840 28412008-09-15 Simon Josefsson <simon@josefsson.org> 2842 2843 * Makefile.am: Fix release target. 2844 28452008-09-15 Simon Josefsson <simon@josefsson.org> 2846 2847 * Makefile.am: generate changelog 2848 28492008-09-15 Simon Josefsson <simon@josefsson.org> 2850 2851 * NEWS: Version 1.8. 2852 28532008-09-15 Simon Josefsson <simon@josefsson.org> 2854 2855 * NEWS, README, pam_yubico.c: Add new parameter 'url' to specify the 2856 server template URL. 2857 28582008-09-01 Simon Josefsson <simon@josefsson.org> 2859 2860 * NEWS, configure.in: Bump versions. 2861 28622008-09-01 Simon Josefsson <simon@josefsson.org> 2863 2864 * NEWS: Version 1.7. 2865 28662008-09-01 Simon Josefsson <simon@josefsson.org> 2867 2868 * NEWS: Add. 2869 28702008-09-01 Simon Josefsson <simon@josefsson.org> 2871 2872 * configure.in: Bump version. 2873 28742008-09-01 Simon Josefsson <simon@josefsson.org> 2875 2876 * Makefile.am: Drop manual. 2877 28782008-09-01 Simon Josefsson <simon@josefsson.org> 2879 2880 * pam_yubico.c: Indent. 2881 28822008-09-01 Simon Josefsson <simon@josefsson.org> 2883 2884 * pam_yubico.c: Merge in Samir's work. Support two-factor mode. 2885 Support user configurations. 2886 28872008-06-25 Simon Josefsson <simon@josefsson.org> 2888 2889 * README: Drop url parameter. 2890 28912008-06-25 Simon Josefsson <simon@josefsson.org> 2892 2893 * README: Update. 2894 28952008-06-25 Simon Josefsson <simon@josefsson.org> 2896 2897 * Makefile.am: Drop curl. 2898 28992008-06-25 Simon Josefsson <simon@josefsson.org> 2900 2901 * NEWS: Add. 2902 29032008-06-25 Simon Josefsson <simon@josefsson.org> 2904 2905 * configure.in, m4/libcurl.m4, pam_yubico.c: Use libyubikey-client 2906 instead of curl directly. 2907 29082008-06-25 Simon Josefsson <simon@josefsson.org> 2909 2910 * Makefile.am: Link to libyubikey-client too. 2911 29122008-06-25 Simon Josefsson <simon@josefsson.org> 2913 2914 * NEWS: Reformat. 2915 29162008-06-25 Simon Josefsson <simon@josefsson.org> 2917 2918 * Makefile.am, build-aux/config.rpath, configure.in, m4/lib-ld.m4, 2919 m4/lib-link.m4, m4/lib-prefix.m4, libcurl.m4 => m4/libcurl.m4: 2920 Create m4/ and build-aux/ and use them. 2921 29222008-05-03 Simon Josefsson <simon@josefsson.org> 2923 2924 * README: Convert to google code wiki markup. 2925 29262008-05-02 Simon Josefsson <simon@josefsson.org> 2927 2928 * README: Better to move pam_yubico.so, in case of separate /usr 2929 partition. 2930 29312008-05-02 Simon Josefsson <simon@josefsson.org> 2932 2933 * README: Libtool is needed too. 2934 29352008-01-11 Simon Josefsson <simon@josefsson.org> 2936 2937 * pam_yubico.c: Remove obsolete comments. 2938 29392008-01-11 Simon Josefsson <simon@josefsson.org> 2940 2941 * NEWS: Add. 2942 29432008-01-11 Simon Josefsson <simon@josefsson.org> 2944 2945 * NEWS, configure.in: Bump version. 2946 29472008-01-11 Simon Josefsson <simon@josefsson.org> 2948 2949 * Makefile.am: Add release target. 2950 29512008-01-11 Simon Josefsson <simon@josefsson.org> 2952 2953 * README: Add info. 2954 29552008-01-11 Simon Josefsson <simon@josefsson.org> 2956 2957 * COPYING, Makefile.am, NEWS, README, configure.in, libcurl.m4, 2958 pam_yubico.c, test.c: Import from private CVS repository. 2959 29602008-01-11 no author <no.author@unknown.example.org> 2961 2962 * Initial directory structure. 2963 2964