| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added support for both TLS and plaintext connections. Server can accept
both types of connection simultaneously or in different combinations
(i.e encrypted client and plaintext PAM). Added options for specifying
dedicated TLS ports on server. Added --plain options for client and PAM
to force plaintext connections, default is to use encrypted connections.
Configuring encrypted client and PAM connections and plaintext server
connections allows for use of a reverse proxy setup with something like
nginx. This will avoid having to expose the MFA server directly in setups
that traverse the internet.
|
|
|
|
|
|
| |
Implemented TLS encrypted connections. Added command line argument and
configuration file option to accept invalid (self-signed) certificates.
Fixed a couple of unrelated issues.
|
|
|
|
|
|
| |
Properly implemented pam_sm_setcred and handle any flags that may be
passed. Split running of python script and getting status into a
separate function.
|
| |
|
| |
|
|
|
|
|
| |
Handle issues with getting data from PAM more robustly. Change
pam_sm_setcred to return PAM_SUCCESS for now.
|
|
|
|
|
|
|
| |
Set a standardized configuration file location and read options from
there. Allow for specifiying alternate location on command line.
Options can still be specified on the command line, and any command line
options take priority over those given in the configuration file.
|
|
|
|
|
|
| |
Added TOTP as an MFA option. Also made a couple of of minor changes.
Changed all database connections to use with statement. Read some
options from a config file.
|
|
|