| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Various cryptography improvements
|
|
Also, correct the -DTACDEBUG_AT_RUNTIME scenario so that TACDEBUG()
binds correct when used in an if-body with an else following it, e.g.:
if (test)
TACDEBUG(LOG_DEBUG, "test is true");
else
return;
would previously have ended up as expanding to:
if (test)
if (tac_debug_enable) logmsg(LOG_DEBUG, "test is true");
else
return;
with the indent redone to reflect the nesting correctly. This now
expands (correctly) to:
if (test)
do { if (tac_debug_enable) logmsg(LOG_DEBUG, "test is true"); } while (0);
else
return;
|
|
Why make copies of the payload length to pass as parameters when
it's already present in the header?
|
|
And fix subsequent warnings caused by:
- shadowed variables (i.e. variables existing in nested scopes);
- signed vs. unsigned comparisons
- string pointers and buffers being unsigned which don't need to be;
- unnecessary casts;
- unused variables (or only used when debugging is enabled);
|
|
|
|
Fix various declaration inconsistencies that were throwing compiler
warnings
|
|
|
|
|
|
|
|
|
|
|
|
Allow pam_tacplus to do challenge/response authentication for TAC
backends that force password change during authentication flow. Also add
support for password change via 'passwd' by implementing
pam_sm_chauthtok. Amongst other things, this requires explicitly
managing the sequence number for compatability with some versions of
Cisco ACS.
|
|
|
|
|
|
|
|
|
|
|
