Age | Commit message (Collapse) | Author | |
---|---|---|---|
2000-11-20 | Move fake prompt generation from skey_authenticate() to skeychallenge() | Todd C. Miller | |
and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file. | |||
2000-06-23 | set mp->keyfile = NULL if stat fails | Markus Friedl | |
2000-03-02 | $OpenBSD$ | Todd T. Fries | |
1999-12-06 | fd leak | Theo de Raadt | |
1999-11-26 | fix descriptor leaks and double fclose(); markus and I; ok from millert | Theo de Raadt | |
1999-08-16 | don't need sys/file.h now that we include fcntl.h | Todd C. Miller | |
1999-08-16 | missing fcntl.h | Todd C. Miller | |
1999-07-15 | change /etc/host.random to /var/db/host.random | Niels Provos | |
1998-07-05 | replace open + fstat with stat | Todd C. Miller | |
1998-07-05 | if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This ↵ | Todd C. Miller | |
is much better than the old fake challenge. | |||
1998-07-03 | Change the random file path, add a sanity check on file size. | Angelos D. Keromytis | |
1998-07-03 | Fix my fix to return sane values. | Angelos D. Keromytis | |
1998-07-03 | produce credible seeds for non-existent users. | Todd C. Miller | |
1998-07-03 | Fix some of my indentation badness. | Angelos D. Keromytis | |
1998-07-03 | Remove user existance disclosure through "s/key" challenges. | Angelos D. Keromytis | |
1998-02-24 | Allow superuser to disable skey by unlnking /etc/skeykeys. | Todd C. Miller | |
1997-09-12 | Don't let strncpy() get a negative length. Noted by Theo. | Todd C. Miller | |
1997-09-04 | Don't unlock skeys file before closing it. The lock is released | Todd C. Miller | |
when the file is closed anyway and explicately unlocking before the file gets flushed defeats the purpose of locking in the first place. | |||
1997-07-29 | This case of version number update is a little special and was not well-known | Niklas Hallqvist | |
before. A new general rule has been formed: When you change a library to *use* a new API of another library (which may there only have given need to a minor number crank), you must crank the *major*. The specific scenario that was seen this time was: I libc 16 started without the SHA interface II libskey 0 did obviously not use it III installation of libc 16 and libskey 0 IV software installed that uses libskey V libc 16 got SHA added, minor number update VI libskey 0 was changed to use it VII libc was cranked to 17 for other reasons VIII installation of libc 17 and newer libskey 0 IX use of the software installed in IV fails! This is due to the fact that the libskey using software searches for the most current libskey 0, which uses the SHA interface, and the most current libc 16 which was the old one installed in III, which does not provide SHA, and thus gets two incompatible libraries linked with it. Crash! One could argue that people should install all library versions that is made available, but that is really not feasible. One have to recognize that people may build their systems at arbitrary points in time and then go on to install software they know work at their lib revision levels. A later build should not break this software, that may only be available in binary versions. | |||
1997-07-27 | Remove debugging info, whoops. | Todd C. Miller | |
1997-07-27 | bump minor | Todd C. Miller | |
1997-07-27 | - Do coarse locking on /etc/skeykeys. Fixes a race that could allow | Todd C. Miller | |
a replay attempt to succeed. - OpenBSD tags | |||
1997-07-27 | Fix search and replace error introduced in version 1.16. | Todd C. Miller | |
1997-07-26 | Convert upper -> lower case in seed for fake s/key propt. | Todd C. Miller | |
1997-07-26 | - int -> long fixes | Todd C. Miller | |
- restore priority correctly after setpriority (assumed start pri was 0) - rfc-compliant challenge when faking it for those w/o a keyfile entry on machines with short hostnames or non-alphanum hostnames. | |||
1997-07-24 | Fix one instance of bad strncpy() usage and some KNF. | Todd C. Miller | |
1997-07-23 | Fix skeygetnext() | Todd C. Miller | |
1997-07-23 | _PATH_SKEYKEYS now lives in <paths.h> | Todd C. Miller | |
Add skeygetnext() for iterating over the key file. | |||
1997-07-23 | Mode 0600 /etc/skeykeys | Todd C. Miller | |
1997-07-23 | Increase max hashname length for rmd160. | Todd C. Miller | |
1997-07-17 | Add RIPEMD-160 (rmd160) support to OTP (s/key). | Todd C. Miller | |
1997-07-11 | Remove #if 0'd code | Todd C. Miller | |
1997-07-10 | Use new SHA1* functions. | Todd C. Miller | |
1997-07-10 | Need err.h for warnx proto. | Todd C. Miller | |
1997-04-27 | COPY -> INSTALL_COPY and STRIP -> INSTALL_STRIP | Todd C. Miller | |
This fixes namespace problems where STRIP is sometimes used as the name of the strip(1) to use and other times used as the flag to send install(1) when stripping (or not). COPY doesn't have this problem (yet) but was poorly named. | |||
1996-12-08 | install -> ${INSTALL}, -c -> ${COPY} | Jason Downs | |
1996-11-03 | Add a bunch of length/size macros and use them. | Todd C. Miller | |
1996-10-22 | Fake an s/key challenge if user doesn't have an entry. Stops info | Todd C. Miller | |
gathering attack. | |||
1996-10-22 | Don't need the extra newline since we never turn off echo for s/key | Todd C. Miller | |
1996-10-14 | htoi now takes an int, not char. | Todd C. Miller | |
Only skey_set_algorithm() for the record that matches target user. | |||
1996-10-02 | Fix a bug wrt handling of old md4 entries. Now don't save a type with md4 | Todd C. Miller | |
so we don't go over the record size and munge other entries. Don't export symbols we don't need to in put.c. | |||
1996-09-30 | Added missing static's. | Todd C. Miller | |
1996-09-30 | Fix byte order problem with sha1. | Todd C. Miller | |
1996-09-30 | More RFC 1938 compliance--convert seed to lower case internally. | Todd C. Miller | |
1996-09-30 | __ARGS -> __P (why does everyone have to do this differently?) | Todd C. Miller | |
1996-09-29 | check skey_set_algorithm() ret val + pedantry. | Todd C. Miller | |
1996-09-29 | Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm). | Todd C. Miller | |
1996-09-29 | You can now cut and paste skey prompt in an xterm to get the key. | Todd C. Miller | |
Also removed broken code. | |||
1996-09-27 | Nicer echo on/off in its own function. | Todd C. Miller | |
1996-09-27 | Now use libc version. | Todd C. Miller | |