summaryrefslogtreecommitdiff
path: root/lib/libskey
AgeCommit message (Collapse)Author
2003-04-03Use snprintf() and strlcpy() throughout.Todd C. Miller
2003-03-19document the number of bytes required for btoa8Todd C. Miller
2003-01-23typos;Jason McIntyre
ok millert@
2002-12-03Crank all library major numbers. Needed due to the fact that weTodd C. Miller
now build libraries with propolice enabled. Without this, existing binaries (such as ports/packages) that link with any system library other than libc will fail with an undefined symbol of "___guard" (__guard on ELF). Pointed out by markus@ and discussed with deraadt@
2002-11-16Zero out struct skey early in skeylookup() so callers can reliably checkTodd C. Miller
for keyfile == NULL and not get a garbage value.
2002-11-16Add a missing check for NULL keyfile in skeychallenge() thatTodd C. Miller
caused a user w/o an S/Key to just get "permission denied" from login_skey instead of a fake challenge.
2002-06-22use strtok_r() instead of strtok(); millert okTheo de Raadt
2002-05-29strlcat boundsTheo de Raadt
2002-05-24replace strcpy with strlcpyTheo de Raadt
2002-05-24enforce SKEY_MAX_CHALLENGE using snprintf()Theo de Raadt
2002-05-24doc that skeychallenge() buffer is at least SKEY_MAX_CHALLENGE longTheo de Raadt
2002-05-17Remove skeyzero(), it is no longer needed.Todd C. Miller
2002-05-16Add skey(5)Todd C. Miller
2002-05-16Check for disabled /etc/skey directory (mode 0000). This is neededTodd C. Miller
because some things (such as login) run as uid 0 and directory modes won't restrict root.
2002-05-16Change S/Key stuff from using a flat file (/etc/skeykeys) to a directoryTodd C. Miller
where each user gets their own file, which is owned by that user. An old S/Key database may be converted by running "skeyinit -C" as root. Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead.
2002-04-30Initial cleanup:Mike Pechkin
o) remove extra space in the end of line; o) remove extra blank lines in the end of file; o) remove .Pp before .Ss; o) CAVEAT -> CAVEATS; o) fix usage of .Fa; o) <blank-line> -> .Pp; o) wrap long lines; millert@ ok
2002-02-16Part one of userland __P removal. Done with a simple regexp with some minor ↵Todd C. Miller
hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
2002-01-24Fix `necesary' typos; Alexander YurchenkoTodd C. Miller
Alas many of these were introduced by yours truly as necessary just doesn't look right to me for some reason ;-)
2001-12-07Check for keyfile == NULL in skey_unlock()Todd C. Miller
2001-11-14avoid stdio in a signal handler; millert okTheo de Raadt
2001-06-23sync skeyzero proto with recent changesTodd C. Miller
2001-06-23skeyzero() never uses its 2nd arg so remove it. Since the only thingTodd C. Miller
that calls skeyzero() is skeyinit and I just updated the libskey major I am not going to bump the major again here...
2001-06-23Document our S/Key library.Todd C. Miller
2001-06-23getskeyprompt() is goneTodd C. Miller
2001-06-23Get rid of f_HASH() and fold its functionality into keycrunch_HASH().Todd C. Miller
This means we now only need to add one new function when adding a new hash type. Somehow missed from last S/Key commit (changes are static to skeysubr.c).
2001-06-20major number bumpTodd C. Miller
2001-06-20We don't need an f() for each hash, just overload the per-hashTodd C. Miller
keycrunch() function to do this.
2001-06-20o Do per-record locking instead of whole file lockingTodd C. Miller
o Use said locking to prevent a partial guess race as required by RFC 2289. We now lock the record in skeylookup(), skeygetnext(), and skeyverify(). o A little KNF o Kill deprecated getskeyprompt() function o Provide a function to unlock a record, skey_unlock() o Timeout reading of the passphrase in skey_authenticate() and skey_passcheck() since we have the record locked (uses select, not alarm). o Convert old-style md4 entries (that lack an explicit hash) into new-style ones with the hash specified if there is space on the line.
2001-06-20o Add a length parameter to struct skey and rearrange some other structsTodd C. Miller
o Protect from duplicate inclusion and use __{BEGIN,END}_DECLS o Prototype new skey_unlock() function and remove proto for getskeyprompt() which has been removed.
2001-01-26SHA1 is a big endian algorithm but RFC2289 mandates that results beTodd C. Miller
stored in little endian form (like MD4/MD5). So, instead of having SHA1Final copy the result buffer, we do it ourselves with a loop stolen from RFC2289, Appendix A. Closes PR1650.
2001-01-04grammarTodd T. Fries
2000-11-20Move fake prompt generation from skey_authenticate() to skeychallenge()Todd C. Miller
and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file.
2000-06-23set mp->keyfile = NULL if stat failsMarkus Friedl
2000-03-02$OpenBSD$Todd T. Fries
1999-12-06fd leakTheo de Raadt
1999-11-26fix descriptor leaks and double fclose(); markus and I; ok from millertTheo de Raadt
1999-08-16don't need sys/file.h now that we include fcntl.hTodd C. Miller
1999-08-16missing fcntl.hTodd C. Miller
1999-07-15change /etc/host.random to /var/db/host.randomNiels Provos
1998-07-05replace open + fstat with statTodd C. Miller
1998-07-05if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This ↵Todd C. Miller
is much better than the old fake challenge.
1998-07-03Change the random file path, add a sanity check on file size.Angelos D. Keromytis
1998-07-03Fix my fix to return sane values.Angelos D. Keromytis
1998-07-03produce credible seeds for non-existent users.Todd C. Miller
1998-07-03Fix some of my indentation badness.Angelos D. Keromytis
1998-07-03Remove user existance disclosure through "s/key" challenges.Angelos D. Keromytis
1998-02-24Allow superuser to disable skey by unlnking /etc/skeykeys.Todd C. Miller
1997-09-12Don't let strncpy() get a negative length. Noted by Theo.Todd C. Miller
1997-09-04Don't unlock skeys file before closing it. The lock is releasedTodd C. Miller
when the file is closed anyway and explicately unlocking before the file gets flushed defeats the purpose of locking in the first place.
1997-07-29This case of version number update is a little special and was not well-knownNiklas Hallqvist
before. A new general rule has been formed: When you change a library to *use* a new API of another library (which may there only have given need to a minor number crank), you must crank the *major*. The specific scenario that was seen this time was: I libc 16 started without the SHA interface II libskey 0 did obviously not use it III installation of libc 16 and libskey 0 IV software installed that uses libskey V libc 16 got SHA added, minor number update VI libskey 0 was changed to use it VII libc was cranked to 17 for other reasons VIII installation of libc 17 and newer libskey 0 IX use of the software installed in IV fails! This is due to the fact that the libskey using software searches for the most current libskey 0, which uses the SHA interface, and the most current libc 16 which was the old one installed in III, which does not provide SHA, and thus gets two incompatible libraries linked with it. Crash! One could argue that people should install all library versions that is made available, but that is really not feasible. One have to recognize that people may build their systems at arbitrary points in time and then go on to install software they know work at their lib revision levels. A later build should not break this software, that may only be available in binary versions.