Age | Commit message (Collapse) | Author | |
---|---|---|---|
1998-09-26 | usr.bin/ man page fixes, f-m. | Aaron Campbell | |
1998-07-13 | ftpd: sleep for an indeterminate amount for non-existant logins | Todd C. Miller | |
to simulate a crypt, like login does. Use SEEK_* not L_* and kill some 0L's used in lseek while we're there. | |||
1998-07-10 | do not syslog() with "\n"; skipped smtpd/named/ipmon; 12 minutes of dabbling | Theo de Raadt | |
1998-07-05 | No need to call pwcheck() (and hence crypt()) if the user does not | Todd C. Miller | |
exist. The only reason I did that in the first place was to get a fake s/key challenge. Now if the use does not exist we just get the challenge if password was 's/key' else sleep for a bit to make it look like we are doing a crypt(). | |||
1998-06-21 | Remove the advertising clause in my old license, it impedes free use | Todd C. Miller | |
of the code as a large number of similar clauses makes it impossible to write an ad for a product using the code... | |||
1998-03-26 | cleanup after art | Theo de Raadt | |
1998-03-26 | -Wall for suid-root. | Artur Grabowski | |
1998-03-26 | fix cleaning up of bad environment variables (LD_* and IFS), | Artur Grabowski | |
-Wall cleanup and add ability to fetch AFS-tokens for those who happen to have AFS. | |||
1997-11-04 | Do pwcheck() even if the user does not exist. This means that if | Todd C. Miller | |
there is an alternate authentication scheme it will get run even when the username does not exist, preventing an info gathering attack. Short story: for user "imbogus" and pass "s/key" you will get a faked up s/key prompt. | |||
1997-09-21 | $OpenBSD$ | Theo de Raadt | |
1997-09-14 | .Xr foo #, botches | Theo de Raadt | |
1997-06-29 | new location of des.h | Niels Provos | |
1997-06-20 | do not screw up setenv() | Theo de Raadt | |
1997-06-02 | if hostname==domainname and has only one dot, trim less severely for -h ↵ | Theo de Raadt | |
option; based on code from wisner@gryphon.com | |||
1997-04-19 | Changed ``defined(KERBEROS)'' to ``(${KERBEROS} == "yes")'' | Todd C. Miller | |
Same change doen for SKEY, YP, and KERBEROS5. This allows people to override those setting in /etc/mk.conf. | |||
1997-04-19 | strncpy paranoia, how much do you trust getpwent? | Theo de Raadt | |
1997-03-26 | no libcrypt, fix DPADD | Theo de Raadt | |
1997-02-16 | /sbin/nologin implies hushlogin. | Jason Downs | |
1997-02-04 | make it compile if KERBEROS{,5} not defined | flipk | |
1997-01-27 | security | dm | |
1997-01-15 | getopt(3) returns -1 when out of args, not EOF, whee! | Todd C. Miller | |
1996-12-22 | Deal with _POSIX_SAVED_IDS when relinquishing privileges | Thorsten Lockert | |
1996-12-04 | Implement -u (remote user) option for login (only root may use it). | Todd C. Miller | |
We now store remote user in failedlogin struct too. Also add REMOTEHOST and REMOTEUSER environmental vars. | |||
1996-11-09 | Adds support for logging and reporting on failed login attempts | Todd C. Miller | |
via sparse file /var/log/failedlogin. | |||
1996-11-09 | Ensure that username is initialized to NULL. | Todd C. Miller | |
1996-11-09 | Log failures if user closes network session while in username/password | Todd C. Miller | |
prompt phase. Previously the SIGHUP was not catched and so failures were not logged. Noticed by bitblt. | |||
1996-11-05 | dialup stuff is garbage | Theo de Raadt | |
1996-10-31 | Strip out $LD_* and $IFS if given -p. Code taken from telnetd. | Todd C. Miller | |
1996-10-23 | skey_authenticate() now fakes up a challenge if user does not | Todd C. Miller | |
have an entry in the keys file. Don't want to give info to information gathering attack. | |||
1996-09-18 | block info gathering attack; netbsd pr#2768; daw@panix.com | Theo de Raadt | |
1996-08-28 | fbtab man page | Theo de Raadt | |
1996-07-31 | login_fbtab() in libutil | Theo de Raadt | |
1996-07-31 | fbtab support from wietse | Theo de Raadt | |
1996-07-20 | use euid/egid to get into homedir; from dean@fsa.ca | Theo de Raadt | |
1996-06-26 | rcsid | Theo de Raadt | |
1996-05-30 | = -> == | Theo de Raadt | |
1996-05-22 | libutil | Theo de Raadt | |
1996-02-15 | libcrypt no longer a link dependancy. | etheisen | |
1995-12-16 | Make it possible to build without SKEY support | Thorsten Lockert | |
Add support for building with kerberosIV | |||
1995-11-15 | do not credit UCB if we are not prepared to credit everyone | Theo de Raadt | |
1995-10-18 | initial import of NetBSD tree | Theo de Raadt | |