Age | Commit message (Collapse) | Author | |
---|---|---|---|
2003-06-26 | simple protos | Theo de Raadt | |
2003-06-17 | Sync with share/misc/license.template and add missing DARPA credit | Todd C. Miller | |
where applicable. | |||
2003-06-03 | Use an ISC-tyle license for all my code; it is simpler and more permissive. | Todd C. Miller | |
2003-06-02 | - section reorder | Jason McIntyre | |
- kill whitespace at EOL | |||
2003-05-24 | - typos; | Jason McIntyre | |
- new sentence, new line; - whitespace at EOL | |||
2003-04-28 | fix skeygetnext() | Todd C. Miller | |
2003-04-03 | Use snprintf() and strlcpy() throughout. | Todd C. Miller | |
2003-03-19 | document the number of bytes required for btoa8 | Todd C. Miller | |
2003-01-23 | typos; | Jason McIntyre | |
ok millert@ | |||
2002-12-03 | Crank all library major numbers. Needed due to the fact that we | Todd C. Miller | |
now build libraries with propolice enabled. Without this, existing binaries (such as ports/packages) that link with any system library other than libc will fail with an undefined symbol of "___guard" (__guard on ELF). Pointed out by markus@ and discussed with deraadt@ | |||
2002-11-16 | Zero out struct skey early in skeylookup() so callers can reliably check | Todd C. Miller | |
for keyfile == NULL and not get a garbage value. | |||
2002-11-16 | Add a missing check for NULL keyfile in skeychallenge() that | Todd C. Miller | |
caused a user w/o an S/Key to just get "permission denied" from login_skey instead of a fake challenge. | |||
2002-06-22 | use strtok_r() instead of strtok(); millert ok | Theo de Raadt | |
2002-05-29 | strlcat bounds | Theo de Raadt | |
2002-05-24 | replace strcpy with strlcpy | Theo de Raadt | |
2002-05-24 | enforce SKEY_MAX_CHALLENGE using snprintf() | Theo de Raadt | |
2002-05-24 | doc that skeychallenge() buffer is at least SKEY_MAX_CHALLENGE long | Theo de Raadt | |
2002-05-17 | Remove skeyzero(), it is no longer needed. | Todd C. Miller | |
2002-05-16 | Add skey(5) | Todd C. Miller | |
2002-05-16 | Check for disabled /etc/skey directory (mode 0000). This is needed | Todd C. Miller | |
because some things (such as login) run as uid 0 and directory modes won't restrict root. | |||
2002-05-16 | Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory | Todd C. Miller | |
where each user gets their own file, which is owned by that user. An old S/Key database may be converted by running "skeyinit -C" as root. Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead. | |||
2002-04-30 | Initial cleanup: | Mike Pechkin | |
o) remove extra space in the end of line; o) remove extra blank lines in the end of file; o) remove .Pp before .Ss; o) CAVEAT -> CAVEATS; o) fix usage of .Fa; o) <blank-line> -> .Pp; o) wrap long lines; millert@ ok | |||
2002-02-16 | Part one of userland __P removal. Done with a simple regexp with some minor ↵ | Todd C. Miller | |
hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically. | |||
2002-01-24 | Fix `necesary' typos; Alexander Yurchenko | Todd C. Miller | |
Alas many of these were introduced by yours truly as necessary just doesn't look right to me for some reason ;-) | |||
2001-12-07 | Check for keyfile == NULL in skey_unlock() | Todd C. Miller | |
2001-11-14 | avoid stdio in a signal handler; millert ok | Theo de Raadt | |
2001-06-23 | sync skeyzero proto with recent changes | Todd C. Miller | |
2001-06-23 | skeyzero() never uses its 2nd arg so remove it. Since the only thing | Todd C. Miller | |
that calls skeyzero() is skeyinit and I just updated the libskey major I am not going to bump the major again here... | |||
2001-06-23 | Document our S/Key library. | Todd C. Miller | |
2001-06-23 | getskeyprompt() is gone | Todd C. Miller | |
2001-06-23 | Get rid of f_HASH() and fold its functionality into keycrunch_HASH(). | Todd C. Miller | |
This means we now only need to add one new function when adding a new hash type. Somehow missed from last S/Key commit (changes are static to skeysubr.c). | |||
2001-06-20 | major number bump | Todd C. Miller | |
2001-06-20 | We don't need an f() for each hash, just overload the per-hash | Todd C. Miller | |
keycrunch() function to do this. | |||
2001-06-20 | o Do per-record locking instead of whole file locking | Todd C. Miller | |
o Use said locking to prevent a partial guess race as required by RFC 2289. We now lock the record in skeylookup(), skeygetnext(), and skeyverify(). o A little KNF o Kill deprecated getskeyprompt() function o Provide a function to unlock a record, skey_unlock() o Timeout reading of the passphrase in skey_authenticate() and skey_passcheck() since we have the record locked (uses select, not alarm). o Convert old-style md4 entries (that lack an explicit hash) into new-style ones with the hash specified if there is space on the line. | |||
2001-06-20 | o Add a length parameter to struct skey and rearrange some other structs | Todd C. Miller | |
o Protect from duplicate inclusion and use __{BEGIN,END}_DECLS o Prototype new skey_unlock() function and remove proto for getskeyprompt() which has been removed. | |||
2001-01-26 | SHA1 is a big endian algorithm but RFC2289 mandates that results be | Todd C. Miller | |
stored in little endian form (like MD4/MD5). So, instead of having SHA1Final copy the result buffer, we do it ourselves with a loop stolen from RFC2289, Appendix A. Closes PR1650. | |||
2001-01-04 | grammar | Todd T. Fries | |
2000-11-20 | Move fake prompt generation from skey_authenticate() to skeychallenge() | Todd C. Miller | |
and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file. | |||
2000-06-23 | set mp->keyfile = NULL if stat fails | Markus Friedl | |
2000-03-02 | $OpenBSD$ | Todd T. Fries | |
1999-12-06 | fd leak | Theo de Raadt | |
1999-11-26 | fix descriptor leaks and double fclose(); markus and I; ok from millert | Theo de Raadt | |
1999-08-16 | don't need sys/file.h now that we include fcntl.h | Todd C. Miller | |
1999-08-16 | missing fcntl.h | Todd C. Miller | |
1999-07-15 | change /etc/host.random to /var/db/host.random | Niels Provos | |
1998-07-05 | replace open + fstat with stat | Todd C. Miller | |
1998-07-05 | if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This ↵ | Todd C. Miller | |
is much better than the old fake challenge. | |||
1998-07-03 | Change the random file path, add a sanity check on file size. | Angelos D. Keromytis | |
1998-07-03 | Fix my fix to return sane values. | Angelos D. Keromytis | |
1998-07-03 | produce credible seeds for non-existent users. | Todd C. Miller | |