| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2002-01-06 | Do not allow root to login via an insecure tty even if the auth method | Todd C. Miller | |
| does not use plaintext passwords due to the possibility of connection hijacking. This restores the pre-3.0 behavior and closes PR 2299. | |||
| 2001-08-20 | Powered by @mantoya. | Mike Pechkin | |
| o) fix bogus .Xr usage; millert@ ok. | |||
| 2001-08-12 | Sync usage message to man page | Todd C. Miller | |
| 2001-07-09 | correct type on last arg to execl(); nordin@cse.ogi.edu | Theo de Raadt | |
| 2001-07-06 | missing prototypes; ok millert | Peter Valchev | |
| 2001-06-28 | '/' can also be an instance separator (e.g. kerb5) | Todd C. Miller | |
| 2001-06-28 | No longer used now that we do BSD auth | Todd C. Miller | |
| 2001-06-25 | Add a "login" option to allow differentiation between authentication | Todd C. Miller | |
| that creates a login session vs. a simple identity check. Gets passed as a -v option to the login scripts. To be used by kerberos to know when to create new tickets. | |||
| 2001-06-25 | The need to to statically link this on alpha seemed to be | Artur Grabowski | |
| some kind of transient problem. | |||
| 2001-06-24 | When setting uid, set to 0 if rootlogin flag is set, regardless of | Todd C. Miller | |
| pw_uid. Fixes problem with user.root instances not haveing uid 0 in kerberos. | |||
| 2001-06-19 | If we timeout during login and the user tried to login call badlogin() | Todd C. Miller | |
| before exit. SUggested by <vii@users.sourceforge.net> Add some new login.conf variables: o login-timeout - login prompt timeout o login-tries - max login tries o login-backoff - number of attempts before backing off (and sleeping) | |||
| 2001-06-13 | Link login(1) static for now until a dynamic linking bug is fixed. | Todd C. Miller | |
| 2001-05-29 | Don't want -Wall | Todd C. Miller | |
| 2001-05-29 | BSD auth support. k5login.c and klogin.c are no longer used but will | Todd C. Miller | |
| remain for the time being until Kerberos support is up to snuff. | |||
| 2001-05-25 | Correct and comment out krb5. This is not working at the moment, but we want | Hans Insulander | |
| to use bsd_auth instead. | |||
| 2000-12-02 | Check for symlinks before overwriting kerberos ticket files. | Hans Insulander | |
| While i'm at it, make sure not to use Kerberos at all if there is no local srvtab. Based on patch from Todd Miller. Reported by <jouko@solutions.fi>. | |||
| 2000-11-29 | document -u flag and environment variables | Todd C. Miller | |
| 2000-10-14 | Make empty passwords work again when login is compiled with kerberos support. | Miod Vallat | |
| 2000-09-15 | check return value for setenv(3) for failure, and deal appropriately | Theo de Raadt | |
| 2000-09-04 | Check for account expiration before password expiration; | Todd C. Miller | |
| sigh@kuzirabekon.econ.nagasaki-u.ac.jp | |||
| 2000-09-03 | Boring... Add :L modifier to all tweakable variables tests. | Marc Espie | |
| Closes PR 1246 | |||
| 2000-08-24 | Last change inadvertantly broke non-kerberos logins. It's not clear | Todd C. Miller | |
| that the authok flag is really meaningful but keep it for now. | |||
| 2000-08-24 | Fix non-root kerberos logins broken after rev 1.29. That change was | Todd C. Miller | |
| correct but it uncovered a bug that had thusfar stayed hidden due more to serendipity than anything else. Problem found by danh@openbsd.org | |||
| 2000-08-20 | Add calls to setusercontext() and login_get*(). We basically call | Todd C. Miller | |
| setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class. | |||
| 2000-07-17 | o use strlcpy() where sensible | Todd C. Miller | |
| o when trying to login as root on a non-secure tty always say "login refused" regardless of whether the password is correct or not | |||
| 2000-03-24 | Correct the HISTORY section to note that this command appeared in Version 5 | Aaron Campbell | |
| of AT&T UNIX, not Version 6. Verified by strings(1)'ing a .dsk file (PDP-11 executable) containing the v5 sources, obtainable at gatekeeper.dec.com in the directory /pub/DEC/sim/software. Idea from NetBSD PR/4790. | |||
| 2000-03-08 | Various cleanups and improvements. | Aaron Campbell | |
| 2000-03-02 | count is unsigned (size_t) so cast to u_long, not long | Todd C. Miller | |
| 2000-03-01 | order kerberos libraries properly | Theo de Raadt | |
| 2000-03-01 | Wall | Theo de Raadt | |
| 1999-12-30 | login already decleared in util.h | Eric Jackson | |
| 1999-11-24 | We won't have the tickets in shared memory, remove dead code | Artur Grabowski | |
| 1999-11-11 | Use snprintf instead of sprintf and sizeof(foo) instead of hardcoded sizes. | Artur Grabowski | |
| 1999-08-17 | More <sys/file.h> vs. <fcntl.h> and open() flags fixes. | Todd C. Miller | |
| 1999-07-21 | use .Ar on later .It Fl lines | Theo de Raadt | |
| 1999-07-09 | - remove all trailing whitespace | Aaron Campbell | |
| * except when it is escaped with a `\' at the end of the line - fix remaining .Nm usage as well - this is from a patch I received from kwesterback@home.com, who has been working on some scripts for fixing formatting errors in mdoc'd man pages Ok, so there could be a cost/benefit debate with this commit, but since I have the patch we might as well commit it... | |||
| 1999-06-05 | - remove trailing white space | Aaron Campbell | |
| - remove arguments from .Os macros - remove arguments from .Nm macros, where appropriate - some more Dq/Sq/Ql insanity - still lots to do in the usr.bin tree... :/ | |||
| 1999-04-20 | 'unsuccessful' has 2 'c's. | Paul Janzen | |
| 1998-09-26 | usr.bin/ man page fixes, f-m. | Aaron Campbell | |
| 1998-07-13 | ftpd: sleep for an indeterminate amount for non-existant logins | Todd C. Miller | |
| to simulate a crypt, like login does. Use SEEK_* not L_* and kill some 0L's used in lseek while we're there. | |||
| 1998-07-10 | do not syslog() with "\n"; skipped smtpd/named/ipmon; 12 minutes of dabbling | Theo de Raadt | |
| 1998-07-05 | No need to call pwcheck() (and hence crypt()) if the user does not | Todd C. Miller | |
| exist. The only reason I did that in the first place was to get a fake s/key challenge. Now if the use does not exist we just get the challenge if password was 's/key' else sleep for a bit to make it look like we are doing a crypt(). | |||
| 1998-06-21 | Remove the advertising clause in my old license, it impedes free use | Todd C. Miller | |
| of the code as a large number of similar clauses makes it impossible to write an ad for a product using the code... | |||
| 1998-03-26 | cleanup after art | Theo de Raadt | |
| 1998-03-26 | -Wall for suid-root. | Artur Grabowski | |
| 1998-03-26 | fix cleaning up of bad environment variables (LD_* and IFS), | Artur Grabowski | |
| -Wall cleanup and add ability to fetch AFS-tokens for those who happen to have AFS. | |||
| 1997-11-04 | Do pwcheck() even if the user does not exist. This means that if | Todd C. Miller | |
| there is an alternate authentication scheme it will get run even when the username does not exist, preventing an info gathering attack. Short story: for user "imbogus" and pass "s/key" you will get a faked up s/key prompt. | |||
| 1997-09-21 | $OpenBSD$ | Theo de Raadt | |
| 1997-09-14 | .Xr foo #, botches | Theo de Raadt | |
| 1997-06-29 | new location of des.h | Niels Provos | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |