summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2001-06-23sync skeyzero proto with recent changesTodd C. Miller
2001-06-23skeyzero() never uses its 2nd arg so remove it. Since the only thingTodd C. Miller
that calls skeyzero() is skeyinit and I just updated the libskey major I am not going to bump the major again here...
2001-06-23Document our S/Key library.Todd C. Miller
2001-06-23getskeyprompt() is goneTodd C. Miller
2001-06-23Get rid of f_HASH() and fold its functionality into keycrunch_HASH().Todd C. Miller
This means we now only need to add one new function when adding a new hash type. Somehow missed from last S/Key commit (changes are static to skeysubr.c).
2001-06-23document ll, depreciate qNiels Provos
2001-06-23more .%A handling; bk@rt.fmTheo de Raadt
2001-06-23ok, tmac is now fixedTheo de Raadt
2001-06-23join .%A entries; most by bk@rt.fmTheo de Raadt
2001-06-22openssl-engine-0.9.6a mergeBob Beck
2001-06-22import openssl-0.9.7-beta1Bob Beck
2001-06-21Use symbolic names for MMU flavours, and correctly handle 68060Miod Vallat
in _kvm_kvatop().
2001-06-20major number bumpTodd C. Miller
2001-06-20We don't need an f() for each hash, just overload the per-hashTodd C. Miller
keycrunch() function to do this.
2001-06-20o Do per-record locking instead of whole file lockingTodd C. Miller
o Use said locking to prevent a partial guess race as required by RFC 2289. We now lock the record in skeylookup(), skeygetnext(), and skeyverify(). o A little KNF o Kill deprecated getskeyprompt() function o Provide a function to unlock a record, skey_unlock() o Timeout reading of the passphrase in skey_authenticate() and skey_passcheck() since we have the record locked (uses select, not alarm). o Convert old-style md4 entries (that lack an explicit hash) into new-style ones with the hash specified if there is space on the line.
2001-06-20o Add a length parameter to struct skey and rearrange some other structsTodd C. Miller
o Protect from duplicate inclusion and use __{BEGIN,END}_DECLS o Prototype new skey_unlock() function and remove proto for getskeyprompt() which has been removed.
2001-06-18Clarify that if strlcat() does not find a NUL within siz byte itTodd C. Miller
will not NUL terminate either.
2001-06-18o move passwd.conf variables into login.confTodd C. Miller
o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
2001-06-18Add new cgetusedb() function to toggle reading of .db files in getcap(3).Todd C. Miller
Needed for cap_mkdb to really DRT when given several input files or an output file with a different name from the input file. cvs: ----------------------------------------------------------------------
2001-06-18compile libc with -Werror since any warnings gcc produces without extra ↵Todd C. Miller
-Wfoo directives is something we care about
2001-06-18Fix a char vs. u_char problem I introduced in the last commit.Todd C. Miller
2001-06-18PalmOS fixesJim Rees
2001-06-16Disable the STATUS character when reading passwords -- people seem toTodd C. Miller
expect to be able to use ^T in a password.
2001-06-16sysarch() takes a void *Theo de Raadt
2001-06-16typoTheo de Raadt
2001-06-14Fix a buf oflow in EXAMPLES code; millert@ okAaron Campbell
2001-06-13SYSLEAF, not LEAF. shared libc_r builds now on alpha.Artur Grabowski
2001-06-13prettyArtur Grabowski
2001-06-13"#endif _THREAD_SAFE" is not legalArtur Grabowski
2001-06-12on openbsd, NI_MAXHOST value is different from RFC2553. PR 1870Jun-ichiro itojun Hagino
2001-06-12import latest from CITI:Jim Rees
only load drivers once This actually "shouldn't" affect OpenBSD because it's only for DL_READERS
2001-06-11support EDNS0 (RFC2671) buffer size notification on DNS queries.Jun-ichiro itojun Hagino
"options edns0" in /etc/resolv.conf will enable the behavior. no behavior change if you don't have the line. see resolv.conf(5) for more details. EDNS0 is useful for avoiding TCP DNS queries/replies on larger DNS responses. also, draft-ietf-dnsext-message-size-* plans to mandate EDNS0 support for DNS clients that support IPv6 transport.
2001-06-10proto; S@mSmith.netTheo de Raadt
2001-06-09remove confusing comparison with srand (it does not return the old seed)assar
use .Sh AUTHORS and .An for author
2001-06-08Move copyright notice to top of fileJim Rees
2001-06-07import latest from CITI with Palm supportJim Rees
2001-06-07enable libsectokTheo de Raadt
2001-06-07fix compiler warningsJim Rees
2001-06-07I hate cvsJim Rees
2001-06-07libsectok for secure tokens (smartcard, iButton, etc)Jim Rees
2001-06-07Rogue debug printf.Angelos D. Keromytis
2001-06-05Fix pasto; kleink@netbsd.orgPaul Janzen
2001-06-05License clarification from David Mazieres, ok deraadt@Peter Valchev
2001-06-05repair copyright notices for NRL & cmetz; cmetzTheo de Raadt
2001-06-04oh, just include machine/asm.hMichael Shalayeff
2001-06-04entrieness cleanupMichael Shalayeff
2001-06-04add the file here too, to avoid confusionTheo de Raadt
2001-06-03Don't bail out early for users w/o passwd file entries since we mayTodd C. Miller
want to cons up a fake prompt for challenge/response auth methods. markus@ OK'd.
2001-06-03new license from Wietse; permits modification. This code is derived fromTheo de Raadt
logdaemon, so this applies: ftp://ftp.porcupine.org/pub/security/logdaemon_license
2001-06-03KERN_NPROCS documentationAngelos D. Keromytis