summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-11-13DANOS import masterHEADdebian/1.3.9-0vyatta12danos/1908masterBrian Russell
2015-06-29Merge pull request #31 from DStape/fix-missing-semicolonsPaweł Krawczyk
Fix missing semicolons
2015-06-29Fix missing semicolonsDavid Stapleton
2015-06-20tac_service is a static array so it's never NULLPaweł Krawczyk
2015-06-20tac_login is a static array so it's never NULLPaweł Krawczyk
2015-06-19check open() result including 0 which is a valid return valuePaweł Krawczyk
2015-06-19remove obsolete comment about PAM_DISALLOW_NULL_AUTHTOKPaweł Krawczyk
2015-06-19close socket if any operation failsPaweł Krawczyk
2015-06-19Merge branch 'master' of github.com:jeroennijhof/pam_tacplusPaweł Krawczyk
2015-06-19initialise the seed variable and update commentsPaweł Krawczyk
2015-06-18Merge pull request #29 from gollub/fix/verbose_socket_errnoPaweł Krawczyk
Make socket creation errno verbose
2015-06-18Make socket creation errno verboseDaniel Gollub
2015-06-17add Coverity scan statusPaweł Krawczyk
2014-12-15Added port support for IPv6, issue #25Jeroen Nijhof
2014-12-15Merge pull request #26 from benschumacher/masterjeroennijhof
Fix TACACS+ timeouts in pam_tacplus
2014-12-08If a timeout is configured by PAM, make sure we set theBen Schumacher
tac_readtimeout_enable to a non-zero value to get TACACS+ timeouts to work as expected.
2014-11-27too many RELROsPawel Krawczyk
2014-11-26give up AX_ macros as they don't work on older autoconf, usePawel Krawczyk p.krawczyk@kainos.com
a more conservative method instead
2014-11-26Merge branch 'master' of github.com:jeroennijhof/pam_tacplusPawel Krawczyk
2014-11-26check for PAM devel librariesPawel Krawczyk
2014-11-26close rfdPawel Krawczyk
2014-11-26rewrite the PRNG logic to use urandom on srand() only and then returnPawel Krawczyk
random() on subsequent calls
2014-11-26add -WallPawel Krawczyk
2014-11-21Merge pull request #21 from gollub/fix/reduce_log_leveljeroennijhof
Reduce loglevel for non-critical author messages
2014-11-20Reduce loglevel for non-critical author messagesDaniel Gollub
Messages like "Args cnt %d", "Adding buf/value pair (%s,%s)" should not flood syslog as warning.
2014-10-14add Jeroen as primary author and list others from GitHub1.3.9Pawel Krawczyk
2014-10-14bump version to 1.3.9, mostly due to file descriptor leak fixPawel Krawczyk
2014-10-14Merge pull request #18 from pwdng/masterPaweł Krawczyk
Close /dev/urandom to fix open file handler leak.
2014-10-14Close /dev/urandom to fix open file handler leak.pwdng
2014-10-10Merge pull request #17 from gollub/feature/client_connect_source_address_v4Paweł Krawczyk
Add source addr parameter for tac_connect_single
2014-10-10Add source addr parameter for tac_connect_singleDaniel Gollub
This allows to specify from which source address/interface the TACACS+ client connection gets initiated. Bump SO-versioning due to API change.
2014-10-08Merge pull request #16 from gollub/fix/debian_build_for_ax_check_compile_flagPaweł Krawczyk
Fix/debian build for ax check compile flag
2014-10-08Whitespace fixDaniel Gollub
2014-10-08Fix Debian build failing on AX_CHECK_COMPILE_FLAGDaniel Gollub
2014-10-02C compiler hardening optionsPawel Krawczyk
Add checks for C compiler hardening options (stack protector etc) and use them if available.
2014-10-02Fix always true conditionPawel Krawczyk
The condition was checking tac_prompt which is a static array, so it will always return some address. Now checking the value of the first element of the array, which can be zero on non-zero.
2014-09-18Merge pull request #14 from gollub/fix_debian_packagingPaweł Krawczyk
Fix Debian packaging due to README markdown rename
2014-09-18Merge pull request #13 from gollub/shared_libtacPaweł Krawczyk
[RFC] Build and install libtac as shared library
2014-09-18Merge pull request #15 from grwlf/masterPaweł Krawczyk
allow authorization without protocol defined
2014-09-18allow authorization without protocol definedSergey Mironov
Protocol is only required for certain subset of services, mainly for ppp. We allow authorization with empty protocol if user wants to use other service names, like 'ssh' From the http://tools.ietf.org/html/draft-grant-tacacs-02 page 30: The protocol attribute is intended for use with PPP. When service equals "ppp" and protocol equals "lcp", the message describes the PPP link layer service. For other values of protocol, this describes a PPP NCP (network layer service). A single PPP session can support multiple NCPs
2014-09-05Fix include directory in pkg-config fileDaniel Gollub
All headers are stored in the libtac sub-directory.
2014-08-28Introduce pkg-config file for libtacDaniel Gollub
2014-08-28debian: Introduce shahred library packaging libtacDaniel Gollub
2014-08-28Fix Debian packaging due to README markdown renameDaniel Gollub
Regression introduced with ea841487
2014-08-27Build and install libtac as shared libraryDaniel Gollub
Additional install public headers for libtac shared library. SO-Versioning is initially set to 0:0:0.
2014-04-22Added macro dir and fix readme issueJeroen Nijhof
2014-04-22Added install instructionjeroennijhof
2014-04-22Markup extentionJeroen Nijhof
2014-04-22Use markup for READMEJeroen Nijhof
2014-04-22Merge pull request #8 from walterdejong/masterjeroennijhof
Thanks guys! But the pam_sm_authenticate() function was indeed looping over the tac_plus servers for authentication. The problem is when a tac_plus server is not working correctly you will be denied during authentication but I agree we need to find a better solution for that issue.
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-10 22:32:54 +0000