| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-07-23 | check for max number of arguments passed in reply | Paweł Krawczyk | |
| 2016-07-23 | Fix warnings | Paweł Krawczyk | |
| Fix various declaration inconsistencies that were throwing compiler warnings | |||
| 2016-05-27 | fix variable names | Paweł Krawczyk | |
| 2016-05-27 | max packet size | Paweł Krawczyk | |
| 2016-03-25 | Password change support for TACACS+ | Ben Schumacher | |
| Allow pam_tacplus to do challenge/response authentication for TAC backends that force password change during authentication flow. Also add support for password change via 'passwd' by implementing pam_sm_chauthtok. Amongst other things, this requires explicitly managing the sequence number for compatability with some versions of Cisco ACS. | |||
| 2015-08-06 | tac_connect_single: individual timeout | Daniel Gollub | |
| Allow to configure an individual timeout per TACACS+ server. Bumped SO-version due to API change. | |||
| 2014-10-10 | Add source addr parameter for tac_connect_single | Daniel Gollub | |
| This allows to specify from which source address/interface the TACACS+ client connection gets initiated. Bump SO-versioning due to API change. | |||
| 2013-03-29 | xstrcpy() belongs in libtac | Walter de Jong | |
| 2013-03-29 | removed double xcalloc() function; do not leak memory for these small ↵ | Walter de Jong | |
| buffers; added safe xstrcpy() | |||
| 2013-03-28 | fixes various memory leaks, really | Walter de Jong | |
| 2013-03-28 | server is a struct { address, key } | Walter de Jong | |
| 2013-03-28 | just them prototypes | Walter de Jong | |
| 2013-03-28 | more stuff belongs in headers | Walter de Jong | |
| 2012-09-16 | Rearrange header file include for libtac | Jeroen Nijhof | |
| 2012-09-08 | Bumped version to 1.3.8 and renamed rem_addr to r_addr | Jeroen Nijhof | |
| 2012-03-18 | Changed e-mail and improved accounting | Jeroen Nijhof | |
| 2011-08-20 | Added _pam_get_rhost() and _pam_get_user() | Jeroen | |
| 2011-08-19 | Major contribution by Darren Besler | Jeroen | |
| 2011-04-25 | Removed encrypt option just check if there is a secret (key). | Jeroen | |
| Removed first_hit option because you can get the same behaviour by using only one server. Added multiple secret support, you can now specify different secrets (keys) for different servers. connect.c: improved connection error handling by using getpeername() to check if connection is still valid. This was needed since we are using non-blocking sockets. Properly handle multiple servers when authenticating, patch from Gregg Nemas, thanks! | |||
| 2010-12-22 | Initial commit | Jeroen Nijhof | |
 |
index : pam_tacplus.git | |
| (mirror of https://github.com/vyos/pam_tacplus.git) |
| summaryrefslogtreecommitdiff |