summaryrefslogtreecommitdiff
path: root/lib/libskey
AgeCommit message (Collapse)Author
2000-11-20Move fake prompt generation from skey_authenticate() to skeychallenge()Todd C. Miller
and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file.
2000-06-23set mp->keyfile = NULL if stat failsMarkus Friedl
2000-03-02$OpenBSD$Todd T. Fries
1999-12-06fd leakTheo de Raadt
1999-11-26fix descriptor leaks and double fclose(); markus and I; ok from millertTheo de Raadt
1999-08-16don't need sys/file.h now that we include fcntl.hTodd C. Miller
1999-08-16missing fcntl.hTodd C. Miller
1999-07-15change /etc/host.random to /var/db/host.randomNiels Provos
1998-07-05replace open + fstat with statTodd C. Miller
1998-07-05if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This ↵Todd C. Miller
is much better than the old fake challenge.
1998-07-03Change the random file path, add a sanity check on file size.Angelos D. Keromytis
1998-07-03Fix my fix to return sane values.Angelos D. Keromytis
1998-07-03produce credible seeds for non-existent users.Todd C. Miller
1998-07-03Fix some of my indentation badness.Angelos D. Keromytis
1998-07-03Remove user existance disclosure through "s/key" challenges.Angelos D. Keromytis
1998-02-24Allow superuser to disable skey by unlnking /etc/skeykeys.Todd C. Miller
1997-09-12Don't let strncpy() get a negative length. Noted by Theo.Todd C. Miller
1997-09-04Don't unlock skeys file before closing it. The lock is releasedTodd C. Miller
when the file is closed anyway and explicately unlocking before the file gets flushed defeats the purpose of locking in the first place.
1997-07-29This case of version number update is a little special and was not well-knownNiklas Hallqvist
before. A new general rule has been formed: When you change a library to *use* a new API of another library (which may there only have given need to a minor number crank), you must crank the *major*. The specific scenario that was seen this time was: I libc 16 started without the SHA interface II libskey 0 did obviously not use it III installation of libc 16 and libskey 0 IV software installed that uses libskey V libc 16 got SHA added, minor number update VI libskey 0 was changed to use it VII libc was cranked to 17 for other reasons VIII installation of libc 17 and newer libskey 0 IX use of the software installed in IV fails! This is due to the fact that the libskey using software searches for the most current libskey 0, which uses the SHA interface, and the most current libc 16 which was the old one installed in III, which does not provide SHA, and thus gets two incompatible libraries linked with it. Crash! One could argue that people should install all library versions that is made available, but that is really not feasible. One have to recognize that people may build their systems at arbitrary points in time and then go on to install software they know work at their lib revision levels. A later build should not break this software, that may only be available in binary versions.
1997-07-27Remove debugging info, whoops.Todd C. Miller
1997-07-27bump minorTodd C. Miller
1997-07-27- Do coarse locking on /etc/skeykeys. Fixes a race that could allowTodd C. Miller
a replay attempt to succeed. - OpenBSD tags
1997-07-27Fix search and replace error introduced in version 1.16.Todd C. Miller
1997-07-26Convert upper -> lower case in seed for fake s/key propt.Todd C. Miller
1997-07-26 - int -> long fixesTodd C. Miller
- restore priority correctly after setpriority (assumed start pri was 0) - rfc-compliant challenge when faking it for those w/o a keyfile entry on machines with short hostnames or non-alphanum hostnames.
1997-07-24Fix one instance of bad strncpy() usage and some KNF.Todd C. Miller
1997-07-23Fix skeygetnext()Todd C. Miller
1997-07-23_PATH_SKEYKEYS now lives in <paths.h>Todd C. Miller
Add skeygetnext() for iterating over the key file.
1997-07-23Mode 0600 /etc/skeykeysTodd C. Miller
1997-07-23Increase max hashname length for rmd160.Todd C. Miller
1997-07-17Add RIPEMD-160 (rmd160) support to OTP (s/key).Todd C. Miller
1997-07-11Remove #if 0'd codeTodd C. Miller
1997-07-10Use new SHA1* functions.Todd C. Miller
1997-07-10Need err.h for warnx proto.Todd C. Miller
1997-04-27COPY -> INSTALL_COPY and STRIP -> INSTALL_STRIPTodd C. Miller
This fixes namespace problems where STRIP is sometimes used as the name of the strip(1) to use and other times used as the flag to send install(1) when stripping (or not). COPY doesn't have this problem (yet) but was poorly named.
1996-12-08install -> ${INSTALL}, -c -> ${COPY}Jason Downs
1996-11-03Add a bunch of length/size macros and use them.Todd C. Miller
1996-10-22Fake an s/key challenge if user doesn't have an entry. Stops infoTodd C. Miller
gathering attack.
1996-10-22Don't need the extra newline since we never turn off echo for s/keyTodd C. Miller
1996-10-14htoi now takes an int, not char.Todd C. Miller
Only skey_set_algorithm() for the record that matches target user.
1996-10-02Fix a bug wrt handling of old md4 entries. Now don't save a type with md4Todd C. Miller
so we don't go over the record size and munge other entries. Don't export symbols we don't need to in put.c.
1996-09-30Added missing static's.Todd C. Miller
1996-09-30Fix byte order problem with sha1.Todd C. Miller
1996-09-30More RFC 1938 compliance--convert seed to lower case internally.Todd C. Miller
1996-09-30__ARGS -> __P (why does everyone have to do this differently?)Todd C. Miller
1996-09-29check skey_set_algorithm() ret val + pedantry.Todd C. Miller
1996-09-29Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).Todd C. Miller
1996-09-29You can now cut and paste skey prompt in an xterm to get the key.Todd C. Miller
Also removed broken code.
1996-09-27Nicer echo on/off in its own function.Todd C. Miller
1996-09-27Now use libc version.Todd C. Miller