aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
| * Check for spaces in the username, block themTed Gould2012-09-191-0/+12
|/
* Add a '.' for a blank domain. Approved by Albert Astals Cid, jenkins.Ted Gould2012-09-101-0/+4
|\
| * Make sure there's a character even if we don't have a domainTed Gould2012-09-071-0/+4
|/
* 0.4.00.4.0Ted Gould2012-09-051-1/+1
|
* Making the open_session kill also unpriv. Approved by Albert Astals Cid, ↵Ted Gould2012-09-041-6/+20
|\ | | | | | | jenkins.
| * Using the new function in the open_session function instead of killing directly.Ted Gould2012-09-041-5/+4
| |
| * Moving the kill code into a functionTed Gould2012-09-041-1/+16
|/
* Resolving concerns of the security team. Fixes: ↵Ted Gould2012-08-312-82/+267
|\ | | | | | | https://bugs.launchpad.net/bugs/1039634. Approved by Albert Astals Cid, jenkins.
| * Clearing the groups, but handling the EPERM issue with not being rootTed Gould2012-08-301-0/+19
| |
| * Attaching bugTed Gould2012-08-300-0/+0
| |
| * Removing setgroups as it doesn't seem to be workingTed Gould2012-08-301-13/+0
| |
| * Clear the session_pid after trying to kill it.Ted Gould2012-08-301-0/+4
| |
| * Making sure to kill as the user so that if there is PID wrap or something ↵Ted Gould2012-08-301-3/+51
| | | | | | | | else we won't kill the wrong thing
| * Make sure to change the working directory for the subprocesses to the guest ↵Ted Gould2012-08-301-0/+9
| | | | | | | | user's home directory
| * Dropping the ignoring of the certTed Gould2012-08-301-1/+0
| |
| * Make sure to lock the password bufferTed Gould2012-08-301-3/+11
| |
| * Clear the groups when dropping privsTed Gould2012-08-301-0/+10
| |
| * Make sure to clear the environmentsTed Gould2012-08-301-0/+9
| |
| * Locking memory if we expect the prompt to be returning a passwordTed Gould2012-08-301-2/+19
| |
| * Checking the return value of the mlockTed Gould2012-08-301-2/+7
| |
| * Use the pipe to signal when the subprocess has gotten to a point where it ↵Ted Gould2012-08-301-1/+20
| | | | | | | | can opperate.
| * Setting up a pipe to communicate with the sub processTed Gould2012-08-301-2/+13
| |
| * Checking the return for mlock and snprintfTed Gould2012-08-301-2/+13
| |
| * Restructure so that clean up is all at the end of the functionTed Gould2012-08-301-21/+50
| |
| * Moving buffer allocation into the functionTed Gould2012-08-301-27/+16
| |
| * Move the socket creation into the fork'd functionTed Gould2012-08-301-40/+40
| |
| * Refactor to pull the long running stuff out of the if statement and into a ↵Ted Gould2012-08-301-29/+40
|/ | | | function
* 0.3.00.3.0Ted Gould2012-08-291-1/+1
|
* Addign clarification comments. Approved by .Ted Gould2012-08-291-1/+11
|\
| * Comments clear up some of the if statementsTed Gould2012-08-291-1/+11
|/
* Change internal API to do less memory allocation.. Approved by Albert Astals ↵Ted Gould2012-08-291-24/+19
|\ | | | | | | Cid, jenkins.
| * Neat little trick that I found in PAM Kerberos where it uses the PAM ↵Ted Gould2012-08-281-24/+19
| | | | | | | | handle's version of the value so that there doesn't have to be memory free'd in the returning function. Cleans some things up and removes a bunch of extra allocation
* | Lock buffer memory and protect to memory overruns.. Approved by Albert ↵Ted Gould2012-08-291-2/+10
|\ \ | | | | | | | | | Astals Cid, jenkins.
| * | Locking the buffer 'cause it would have the password in itTed Gould2012-08-281-1/+9
| | |
| * | Making sure that there's no way that we can write over the end of the buffer ↵Ted Gould2012-08-281-1/+1
| |/ | | | | | | even for very, very, very long home directory names.
* | Saving the domain and password between auth and open session. Approved by ↵Albert Astals2012-08-291-4/+36
|\ \ | | | | | | | | | jenkins, Albert Astals Cid.
| * | Merge lp:~ted/libpam-freerdp/save-valuesAlbert Astals2012-08-291-4/+36
|/| | | |/
| * Now that we have long running memory with a password in it, we need to lock ↵Ted Gould2012-08-281-0/+4
| | | | | | | | it down
| * Caching the password between authenticate and open_sessionTed Gould2012-08-281-0/+14
| |
| * Protecting from a crazy thing that LightDM doesTed Gould2012-08-281-1/+1
| |
| * Remove an unused define (cleanup)Ted Gould2012-08-281-3/+0
| |
| * Saving the values once we get themTed Gould2012-08-281-0/+17
| |
* | Set the permissions on the socket. Approved by Albert Astals Cid, jenkins.Ted Gould2012-08-291-0/+10
|\ \
| * | Set the permissions on the socketTed Gould2012-08-281-0/+10
| |/
* | Adding a setcred function so callers are happy. Approved by Albert Astals ↵Ted Gould2012-08-281-2/+10
|\ \ | |/ |/| | | Cid, jenkins.
| * Adding a setcred function so callers are happyTed Gould2012-08-281-2/+10
| |
* | Handle URLs as the remote host value. Approved by Albert Astals Cid, jenkins.Ted Gould2012-08-282-0/+26
|\ \ | |/ |/|
| * Cleaning up the code to make it easier to readTed Gould2012-08-271-6/+6
| |
| * Using 'strstr' instead our own loop.Ted Gould2012-08-271-6/+5
| |
| * If we've got a colon for a port number split that outTed Gould2012-08-271-0/+9
| |