| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-09-14 | correct some unveil(2) violations due to "login.conf.db" access (the .db version | Sebastien Marie | |
| of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)). problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too ok mestre@ millert@ | |||
| 2018-08-03 | The first unveil userland commit! | Theo de Raadt | |
| unveil _PATH_LOGIN_CONF (/etc/login.conf) which is used by login_getclass(3) and family before doing password encode. This is the only filename used by the program during runtime, everything else happens on stdin/stdout. | |||
| 2018-08-03 | This does not need pledge "wpath" | Theo de Raadt | |
| 2017-07-09 | remove redundant variable declarations in Makefiles, since those are | Marc Espie | |
| the default. okay millert@ | |||
| 2017-05-24 | Use freezero instead of explicit_bzero+free | Ricardo Mestre | |
| OK tb@ | |||
| 2017-05-03 | Use the safe idiom of cleaning sensitive data from memory with explicit_bzero, | Ricardo Mestre | |
| instead of relying on other methods, after readpassphrase. Some programs on this diff won't benefit that much since it happens near the terminal path, but someone might copy the unsafe idiom to another program and place it where it may leak sensitive data. Discussed aeons ago with tb@, OK deraadt@ and beck@ | |||
| 2016-09-04 | usage() is static and __dead; add prototype for print_passwd; | Theo Buehler | |
| return instead of exit from main | |||
| 2016-09-02 | _PASSWORD_LEN is length that comes out of crypt(), not a meaningful | Ted Unangst | |
| length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert | |||
| 2016-09-02 | convert getpass to readpassphrase. from Dimitris Papastamos | Ted Unangst | |
| 2015-10-12 | These no longer need to be static. The ramdisk's no longer reach-around | Theo de Raadt | |
| and use the one in the base install, but have their own copy. ok millert sthen miod daniel | |||
| 2015-10-10 | encrypt(1) also needs to pledge "wpath" for getpass(). | Doug Hogan | |
| getpass() opens /dev/tty RW so it can write the prompt. ok deraadt@ | |||
| 2015-10-10 | pledge "stdio rpath tty". rpath for the configuration reading done by | Theo de Raadt | |
| login* subsystem, tty for readpassphase() ok beck | |||
| 2015-02-26 | Wrap a long line. Use explicit_bzero. Fix comment describing extra. | Ted Unangst | |
| From Andre Smagin Also, should be safe to print errno from newhash() now. ok millert | |||
| 2015-02-24 | increase prefbuf size so that 'encrypt -b 000000000000000000000012' works. | Ted Unangst | |
| noticed by Andre Smagin. also check snprintf for overflow so we get better error messages if somebody decides to pad with even more zeroes, and avoid possible truncations. | |||
| 2015-01-15 | remove unused variable | Charles Longeau | |
| ok tedu@ | |||
| 2015-01-05 | encrypt can use the scrypt scaling code in libc now via crypt_newhash | Ted Unangst | |
| 2015-01-04 | fix -b a mode, spotted by rpe | Theo de Raadt | |
| 2014-12-29 | impose some limits on the ideal rounds so nothing too crazy happens when | Ted Unangst | |
| the clock results are weird | |||
| 2014-12-24 | simplify. bcrypt only support and use newer libc APIs. no makekey emul. | Ted Unangst | |
| ok deraadt schwarze is a little sad to see the last 1/8 shared man page go, but we have a support program in place, called the attic. | |||
| 2014-11-03 | hoist blowfish up and use bcrypt_newhash directly | Ted Unangst | |
| 2014-09-03 | remove -m from usage(); | Jason McIntyre | |
| 2014-09-03 | kill md5 support, broken since May | Giovanni Bechis | |
| ok tedu@ | |||
| 2013-11-12 | simpler prototype repairs | Theo de Raadt | |
| 2013-05-23 | allow auto scaling bcrypt rounds by CPU power. | Ted Unangst | |
| ok deraadt jmc sthen | |||
| 2007-07-14 | Don't trim whitespace from stdin. Encrypt it the same as other | Kenneth R Westerback | |
| input sources. Feedback and fixes from ray@ and fgsch@. ok millert@ (six years ago) ray@ fgsch@ | |||
| 2007-05-31 | convert to new .Dd format; | Jason McIntyre | |
| 2007-05-01 | use strtonum; ok millert@ | Jason Dixon | |
| 2007-03-20 | remove some bogus *p tests from charles longeau | Ted Unangst | |
| ok deraadt millert | |||
| 2007-03-06 | oops, put -k in the right place; from Igor Sobrado | Jason McIntyre | |
| 2007-03-06 | make "makekey" clearer; | Jason McIntyre | |
| 2007-03-06 | tidy up synopsis and usage(); from Igor Sobrado | Jason McIntyre | |
| 2006-11-02 | There is no need to trim an empty string any further, just return | Ray Lai | |
| it. OK moritz@. | |||
| 2006-05-27 | Handle crypt(3) returning NULL. Found by Gustavo C. Pereira. | Moritz Jodeit | |
| ok deraadt@ | |||
| 2006-04-02 | oops, to64() is shared. | Theo de Raadt | |
| 2004-07-13 | passwd.conf has been deprecated since login.conf was imported. | Todd C. Miller | |
| Today it finally dies. Based on a diff from Gabriel Kihlman. | |||
| 2003-11-23 | Check getpass(3) return value. From Jared Yanovich <jjy2+ at pitt dot edu> | Otto Moerbeek | |
| ok henning@ | |||
| 2003-07-02 | protos | Theo de Raadt | |
| 2003-06-14 | Add a "-c class" option to specify that the given login class should | Todd C. Miller | |
| be used to find the cipher to user. | |||
| 2003-04-06 | strlcpy | Theo de Raadt | |
| 2002-06-27 | Document why this must be static. | Artur Grabowski | |
| 2002-05-11 | Add missing libraries to bsd.prog.mk (mostly kerberosV) | Marc Espie | |
| Use them in DPADD throughout the tree. Fix a few mispells (LIBMATH -> LIBM...) Wipe obsolete lib (LIBRESOLV) Sort added missing libraries, move obsolete stuff apart. Synch documentation in bsd.README ok deraadt@ | |||
| 2002-02-16 | Part one of userland __P removal. Done with a simple regexp with some minor ↵ | Todd C. Miller | |
| hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically. | |||
| 2001-07-31 | KNF + some ANSIfication | Todd C. Miller | |
| 2001-07-31 | Call pwd_gensalt() with the correct args and reference login.conf | Todd C. Miller | |
| in man page; hideishi@magisystem.net | |||
| 2000-11-11 | allow prompt to be specified anywhere on the command line, make it work | Niels Provos | |
| with md5. prohibit makekey mode and prompt. | |||
| 2000-11-10 | seperate -> separate, okay aaron@ | Niels Provos | |
| 2000-11-09 | Change all option list specifications to ".Bl -tag -width Ds". Most man | Aaron Campbell | |
| pages just needed their -width parameter tweaked to "Ds", which provides a nice width of 6 constant characters. For consistency more than anything. | |||
| 2000-03-23 | Fix some formatting problems I missed before. | Aaron Campbell | |
| 2000-03-05 | Various improvements, including a few HISTORY sections added from FreeBSD. | Aaron Campbell | |
| 2000-03-05 | Finish standardizing options list introduction. | Aaron Campbell | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |