summaryrefslogtreecommitdiff
path: root/usr.bin/login
AgeCommit message (Collapse)Author
1997-11-04Do pwcheck() even if the user does not exist. This means that ifTodd C. Miller
there is an alternate authentication scheme it will get run even when the username does not exist, preventing an info gathering attack. Short story: for user "imbogus" and pass "s/key" you will get a faked up s/key prompt.
1997-09-21$OpenBSD$Theo de Raadt
1997-09-14.Xr foo #, botchesTheo de Raadt
1997-06-29new location of des.hNiels Provos
1997-06-20do not screw up setenv()Theo de Raadt
1997-06-02if hostname==domainname and has only one dot, trim less severely for -h ↵Theo de Raadt
option; based on code from wisner@gryphon.com
1997-04-19Changed ``defined(KERBEROS)'' to ``(${KERBEROS} == "yes")''Todd C. Miller
Same change doen for SKEY, YP, and KERBEROS5. This allows people to override those setting in /etc/mk.conf.
1997-04-19strncpy paranoia, how much do you trust getpwent?Theo de Raadt
1997-03-26no libcrypt, fix DPADDTheo de Raadt
1997-02-16/sbin/nologin implies hushlogin.Jason Downs
1997-02-04make it compile if KERBEROS{,5} not definedflipk
1997-01-27securitydm
1997-01-15getopt(3) returns -1 when out of args, not EOF, whee!Todd C. Miller
1996-12-22Deal with _POSIX_SAVED_IDS when relinquishing privilegesThorsten Lockert
1996-12-04Implement -u (remote user) option for login (only root may use it).Todd C. Miller
We now store remote user in failedlogin struct too. Also add REMOTEHOST and REMOTEUSER environmental vars.
1996-11-09Adds support for logging and reporting on failed login attemptsTodd C. Miller
via sparse file /var/log/failedlogin.
1996-11-09Ensure that username is initialized to NULL.Todd C. Miller
1996-11-09Log failures if user closes network session while in username/passwordTodd C. Miller
prompt phase. Previously the SIGHUP was not catched and so failures were not logged. Noticed by bitblt.
1996-11-05dialup stuff is garbageTheo de Raadt
1996-10-31Strip out $LD_* and $IFS if given -p. Code taken from telnetd.Todd C. Miller
1996-10-23skey_authenticate() now fakes up a challenge if user does notTodd C. Miller
have an entry in the keys file. Don't want to give info to information gathering attack.
1996-09-18block info gathering attack; netbsd pr#2768; daw@panix.comTheo de Raadt
1996-08-28fbtab man pageTheo de Raadt
1996-07-31login_fbtab() in libutilTheo de Raadt
1996-07-31fbtab support from wietseTheo de Raadt
1996-07-20use euid/egid to get into homedir; from dean@fsa.caTheo de Raadt
1996-06-26rcsidTheo de Raadt
1996-05-30= -> ==Theo de Raadt
1996-05-22libutilTheo de Raadt
1996-02-15libcrypt no longer a link dependancy.etheisen
1995-12-16Make it possible to build without SKEY supportThorsten Lockert
Add support for building with kerberosIV
1995-11-15do not credit UCB if we are not prepared to credit everyoneTheo de Raadt
1995-10-18initial import of NetBSD treeTheo de Raadt