aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* 1.0.01.0.0Ted Gould2012-09-201-1/+1
|
* Adding a testing framework. Approved by Albert Astals Cid, jenkins.Ted Gould2012-09-2016-9/+664
|\
| * Add a set cred call like LightDM does itTed Gould2012-09-191-0/+2
| |
| * Adding an authenticateTed Gould2012-09-191-0/+2
| |
| * Make sure we have the full path to execute the auth checkTed Gould2012-09-191-1/+1
| |
| * Make the auth use the auth check utilityTed Gould2012-09-192-1/+2
| |
| * Adding a small auth check utilityTed Gould2012-09-192-2/+70
| |
| * Set everything up so that the auth check binary can be different in the testsTed Gould2012-09-196-6/+25
| |
| * Make sure to close so we don't leave processes aroundTed Gould2012-09-191-0/+2
| |
| * Adding in coverage make rulesTed Gould2012-09-192-0/+49
| |
| * Make sure to distribute the header filesTed Gould2012-09-191-2/+2
| |
| * Clean up Makefile and add proper filesTed Gould2012-09-191-26/+16
| |
| * Adding in coverage build flagsTed Gould2012-09-191-3/+8
| |
| * Adding in Google test and Coverage build stuffTed Gould2012-09-193-0/+175
| |
| * Steal a bunch of test infrastructure from libpam-icaclientTed Gould2012-09-198-1/+343
| |
* | Block usernames with spaces. Approved by Albert Astals Cid, jenkins.Ted Gould2012-09-201-0/+12
|\ \ | |/ |/|
| * Check for spaces in the username, block themTed Gould2012-09-191-0/+12
|/
* Add a '.' for a blank domain. Approved by Albert Astals Cid, jenkins.Ted Gould2012-09-101-0/+4
|\
| * Make sure there's a character even if we don't have a domainTed Gould2012-09-071-0/+4
|/
* 0.4.00.4.0Ted Gould2012-09-051-1/+1
|
* Making the open_session kill also unpriv. Approved by Albert Astals Cid, ↵Ted Gould2012-09-041-6/+20
|\ | | | | | | jenkins.
| * Using the new function in the open_session function instead of killing directly.Ted Gould2012-09-041-5/+4
| |
| * Moving the kill code into a functionTed Gould2012-09-041-1/+16
|/
* Resolving concerns of the security team. Fixes: ↵Ted Gould2012-08-312-82/+267
|\ | | | | | | https://bugs.launchpad.net/bugs/1039634. Approved by Albert Astals Cid, jenkins.
| * Clearing the groups, but handling the EPERM issue with not being rootTed Gould2012-08-301-0/+19
| |
| * Attaching bugTed Gould2012-08-300-0/+0
| |
| * Removing setgroups as it doesn't seem to be workingTed Gould2012-08-301-13/+0
| |
| * Clear the session_pid after trying to kill it.Ted Gould2012-08-301-0/+4
| |
| * Making sure to kill as the user so that if there is PID wrap or something ↵Ted Gould2012-08-301-3/+51
| | | | | | | | else we won't kill the wrong thing
| * Make sure to change the working directory for the subprocesses to the guest ↵Ted Gould2012-08-301-0/+9
| | | | | | | | user's home directory
| * Dropping the ignoring of the certTed Gould2012-08-301-1/+0
| |
| * Make sure to lock the password bufferTed Gould2012-08-301-3/+11
| |
| * Clear the groups when dropping privsTed Gould2012-08-301-0/+10
| |
| * Make sure to clear the environmentsTed Gould2012-08-301-0/+9
| |
| * Locking memory if we expect the prompt to be returning a passwordTed Gould2012-08-301-2/+19
| |
| * Checking the return value of the mlockTed Gould2012-08-301-2/+7
| |
| * Use the pipe to signal when the subprocess has gotten to a point where it ↵Ted Gould2012-08-301-1/+20
| | | | | | | | can opperate.
| * Setting up a pipe to communicate with the sub processTed Gould2012-08-301-2/+13
| |
| * Checking the return for mlock and snprintfTed Gould2012-08-301-2/+13
| |
| * Restructure so that clean up is all at the end of the functionTed Gould2012-08-301-21/+50
| |
| * Moving buffer allocation into the functionTed Gould2012-08-301-27/+16
| |
| * Move the socket creation into the fork'd functionTed Gould2012-08-301-40/+40
| |
| * Refactor to pull the long running stuff out of the if statement and into a ↵Ted Gould2012-08-301-29/+40
|/ | | | function
* 0.3.00.3.0Ted Gould2012-08-291-1/+1
|
* Addign clarification comments. Approved by .Ted Gould2012-08-291-1/+11
|\
| * Comments clear up some of the if statementsTed Gould2012-08-291-1/+11
|/
* Change internal API to do less memory allocation.. Approved by Albert Astals ↵Ted Gould2012-08-291-24/+19
|\ | | | | | | Cid, jenkins.
| * Neat little trick that I found in PAM Kerberos where it uses the PAM ↵Ted Gould2012-08-281-24/+19
| | | | | | | | handle's version of the value so that there doesn't have to be memory free'd in the returning function. Cleans some things up and removes a bunch of extra allocation
* | Lock buffer memory and protect to memory overruns.. Approved by Albert ↵Ted Gould2012-08-291-2/+10
|\ \ | | | | | | | | | Astals Cid, jenkins.
| * | Locking the buffer 'cause it would have the password in itTed Gould2012-08-281-1/+9
| | |