Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-08-26 | Pull in <time.h> for clock_gettime() | Philip Guenther | |
ok deraadt@ | |||
2016-06-26 | increase the minimum for auto rounds to 6. that was the previous low bound | Ted Unangst | |
for login.conf, and we don't want to go lower. | |||
2016-03-30 | for some time now mandoc has not required MLINKS to function | Jason McIntyre | |
correctly - logically complete that now by removing MLINKS from base; authors need only to ensure there is an entry in NAME for any function/ util being added. MLINKS will still work, and remain for perl to ease upgrades; ok nicm (curses) bcook (ssl) ok schwarze, who provided a lot of feedback and assistance ok tb natano jung | |||
2015-11-10 | update NAME section to include all documented functions, | Jason McIntyre | |
or otherwise change Dt to reflect the name of an existing function; feedback/ok schwarze | |||
2015-09-13 | Wrap <pwd.h> so that calls go direct and the symbols are all weak. | Philip Guenther | |
Hide bcrypt_autorounds(), prefixing with an underbar for static builds. | |||
2015-09-13 | The number of rounds is just two digits in the salt. We've already | Todd C. Miller | |
verified that they are there via isdigit() so we can convert from ASCII to an int without using atoi(). OK guenther@ deraadt@ | |||
2015-09-13 | Wrap <stdlib.h> so that calls go direct and the symbols not in the | Philip Guenther | |
C standard are all weak. Apply __{BEGIN,END}_HIDDEN_DECLS to gdtoa{,imp}.h, hiding the arch-specific __strtorx, __ULtox_D2A, __strtorQ, __ULtoQ_D2A symbols. | |||
2015-09-12 | Wrap <unistd.h> so that internal calls go direct and they're all weak symbols | Philip Guenther | |
Delete unused 'fd' argument from internal function oldttyname() | |||
2015-09-11 | Wrap blowfish, sha*, md5, and rmd160 so that internal calls go direct | Philip Guenther | |
ok deraadt@ | |||
2015-09-10 | Add support for building arc4random with MSVC. | Brent Cook | |
By default, MSVC's stdlib.h defines min(), so we need to spell out something less common to avoid picking it up. ok deraadt@ beck@ miod@ | |||
2015-07-23 | call it bcrypt in the man page too | Ted Unangst | |
2015-07-23 | permit "bcrypt" as an alias for "blowfish". this is, after all, what | Ted Unangst | |
99% of the world calls it. allow just "bcrypt" without params to mean auto-tune ("bcrypt,a"). default remains 8 rounds (for now) ok deraadt | |||
2015-07-18 | Unbreak, add errno header | Jeremy Evans | |
OK tedu@ | |||
2015-07-18 | set errno in null cases, just in case. | Ted Unangst | |
2015-07-18 | standards compliant error return (null). will make ruby happier, at least. | Ted Unangst | |
ok deraadt jeremy | |||
2015-05-13 | If crypt(3) is called with an unknown setting, return NULL instead | Alexander Bluhm | |
of some undefined value. OK tedu@ | |||
2015-04-06 | bludgeon DES support out of crypt. long live the bcrypt. | Ted Unangst | |
2015-02-24 | we don't let strtonum errors bleed through now. | Ted Unangst | |
2015-02-24 | Set errno to EINVAL, instead of letting ERANGE escape out. | Ted Unangst | |
Printing strerror() in that case will say result too large, even if rounds is actually too small. invalid is less specific, but less incorrect. ok millert | |||
2015-02-11 | use a width specifier for lists, and Sq rather than Dq for single letters | Jason McIntyre | |
to avoid swamping it; | |||
2015-02-11 | the possible algos for pref should be documented here | Ted Unangst | |
2015-01-28 | dial the time back to about 0.1s, closer to the original targets and | Ted Unangst | |
friendlier for users. requested by deraadt | |||
2015-01-16 | Move to the <limits.h> universe. | Theo de Raadt | |
review by millert, binary checking process with doug, concept with guenther | |||
2015-01-15 | remove unused variable | Charles Longeau | |
ok tedu@ | |||
2015-01-15 | back in september I did the large abstraction refactoring to allow these | Theo de Raadt | |
other systems to fit into the same mold, so add copyright | |||
2015-01-12 | rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks, | Ted Unangst | |
nor are they the same size. | |||
2015-01-07 | stupid me. need errno.h | Ted Unangst | |
2015-01-07 | set errno = EINVAL for invalid salts and hashes in most functions. | Ted Unangst | |
remember to set EACCES in bcrypt_checkpass for hash differences. the higher level crypt_checkpass function will reset errno to EACCES in all cases, which is probably the right behavior, but this change gives code working with the lower level functions the correct errno if they care. | |||
2015-01-05 | convert clock() to clock_gettime() for improved precision (and accuracy?) | Ted Unangst | |
guenther suggested using thread time, which actually may improve accuracy if somebody puts this in a threaded program. | |||
2014-12-30 | copy bcrypt autotune from encrypt(1) and expose via crypt_newhash | Ted Unangst | |
ok deraadt miod | |||
2014-12-24 | simplify crypt_checkpass. The API promise is that this function doesn't | Ted Unangst | |
use global data. The simplest fix is to only check blowfish passwords, and implicitly lock out DES passwords. crypt_checkpass is currently only used in one place, passwd, to verify the local user's password, so this is probably acceptable. Gives people a little more time to migrate away from DES before introduing checkpass into more places. | |||
2014-12-08 | delete documentation for deleted DES interfaces | Ted Unangst | |
2014-12-08 | remove setkey and encrypt interfaces. they are useless and dangerous. | Ted Unangst | |
ok deraadt naddy | |||
2014-12-02 | macro cleanup; kaspars at bankovskis dot net | Ingo Schwarze | |
2014-11-25 | rand48(3) not drand48(3) to align with the actual man page and Xr | Todd C. Miller | |
entries. | |||
2014-11-25 | no need for md5 xr | Ted Unangst | |
2014-11-25 | revert the bludgeoning of DES. if we need a thread safe crypt, maybe it's | Ted Unangst | |
better to find one instead of continuing to mangle this mess. | |||
2014-11-25 | push some global data down into functions to make this threadlier. | Ted Unangst | |
only doing what's needed for crypt_hashpass. sigh. | |||
2014-11-24 | introduce a hashspace define and check that there's enough space to | Ted Unangst | |
write out a hash. also simplify writing out the hash. | |||
2014-11-24 | check crypt() for null. noticed by Jonas Termansen | Ted Unangst | |
2014-11-21 | space needed between macro args and punctuation; | Jason McIntyre | |
2014-11-21 | add ERRORS, HISTORY, AUTHORS, Copyright year, and some missing macros; | Ingo Schwarze | |
ok tedu@ on a previous version | |||
2014-11-21 | Let crypt_checkpass() set EACCES after bcrypt_checkpass() failure; | Ingo Schwarze | |
ok tedu@ | |||
2014-11-21 | change prototype for crypt_newhash. the login_cap_t is a holdover from its | Ted Unangst | |
pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt | |||
2014-11-20 | split crypt_checkpass off into a new file | Ted Unangst | |
2014-11-18 | add crypt_newhash to NAME and add an MLINK; | Jason McIntyre | |
2014-11-17 | add new function crypt_newhash to simplify creating new hashes. | Ted Unangst | |
does most of the work pwd_gensalt did, but also creates the hash. (unused yet) | |||
2014-07-21 | missing newline | Theo de Raadt | |
2014-07-20 | Move more OS-specific functionality to arc4random.h headers. | bcook | |
Move <sys/mman.h> and raise(SIGKILL) calls to OS-specific headers. On OpenBSD, move thread_private.h as well to arc4random.h. On Windows, use TerminateProcess on getentropy failure. ok deraadt@ | |||
2014-07-20 | From ISO/IEC 9899:1999 and 9899:201x, | Philip Guenther | |
6.11.5 - Storage-class specifiers: The placement of a storage-class specifier other than at the beginning of the declaration specifiers in a declaration is an obsolescent feature. Diff from Jean-Philippe Ouellet (jean-philippe (at) ouellet.biz) |