Age | Commit message (Collapse) | Author | |
---|---|---|---|
1997-11-04 | Do pwcheck() even if the user does not exist. This means that if | Todd C. Miller | |
there is an alternate authentication scheme it will get run even when the username does not exist, preventing an info gathering attack. Short story: for user "imbogus" and pass "s/key" you will get a faked up s/key prompt. | |||
1997-09-21 | $OpenBSD$ | Theo de Raadt | |
1997-09-14 | .Xr foo #, botches | Theo de Raadt | |
1997-06-29 | new location of des.h | Niels Provos | |
1997-06-20 | do not screw up setenv() | Theo de Raadt | |
1997-06-02 | if hostname==domainname and has only one dot, trim less severely for -h ↵ | Theo de Raadt | |
option; based on code from wisner@gryphon.com | |||
1997-04-19 | Changed ``defined(KERBEROS)'' to ``(${KERBEROS} == "yes")'' | Todd C. Miller | |
Same change doen for SKEY, YP, and KERBEROS5. This allows people to override those setting in /etc/mk.conf. | |||
1997-04-19 | strncpy paranoia, how much do you trust getpwent? | Theo de Raadt | |
1997-03-26 | no libcrypt, fix DPADD | Theo de Raadt | |
1997-02-16 | /sbin/nologin implies hushlogin. | Jason Downs | |
1997-02-04 | make it compile if KERBEROS{,5} not defined | flipk | |
1997-01-27 | security | dm | |
1997-01-15 | getopt(3) returns -1 when out of args, not EOF, whee! | Todd C. Miller | |
1996-12-22 | Deal with _POSIX_SAVED_IDS when relinquishing privileges | Thorsten Lockert | |
1996-12-04 | Implement -u (remote user) option for login (only root may use it). | Todd C. Miller | |
We now store remote user in failedlogin struct too. Also add REMOTEHOST and REMOTEUSER environmental vars. | |||
1996-11-09 | Adds support for logging and reporting on failed login attempts | Todd C. Miller | |
via sparse file /var/log/failedlogin. | |||
1996-11-09 | Ensure that username is initialized to NULL. | Todd C. Miller | |
1996-11-09 | Log failures if user closes network session while in username/password | Todd C. Miller | |
prompt phase. Previously the SIGHUP was not catched and so failures were not logged. Noticed by bitblt. | |||
1996-11-05 | dialup stuff is garbage | Theo de Raadt | |
1996-10-31 | Strip out $LD_* and $IFS if given -p. Code taken from telnetd. | Todd C. Miller | |
1996-10-23 | skey_authenticate() now fakes up a challenge if user does not | Todd C. Miller | |
have an entry in the keys file. Don't want to give info to information gathering attack. | |||
1996-09-18 | block info gathering attack; netbsd pr#2768; daw@panix.com | Theo de Raadt | |
1996-08-28 | fbtab man page | Theo de Raadt | |
1996-07-31 | login_fbtab() in libutil | Theo de Raadt | |
1996-07-31 | fbtab support from wietse | Theo de Raadt | |
1996-07-20 | use euid/egid to get into homedir; from dean@fsa.ca | Theo de Raadt | |
1996-06-26 | rcsid | Theo de Raadt | |
1996-05-30 | = -> == | Theo de Raadt | |
1996-05-22 | libutil | Theo de Raadt | |
1996-02-15 | libcrypt no longer a link dependancy. | etheisen | |
1995-12-16 | Make it possible to build without SKEY support | Thorsten Lockert | |
Add support for building with kerberosIV | |||
1995-11-15 | do not credit UCB if we are not prepared to credit everyone | Theo de Raadt | |
1995-10-18 | initial import of NetBSD tree | Theo de Raadt | |