summaryrefslogtreecommitdiff
path: root/usr.bin/passwd
AgeCommit message (Expand)Author
2021-04-14_PASSWORD_LEN is no longer the limit for an unencrypted password.Todd C. Miller
2019-10-24add missing unveil of /etc/shells; ok benno@ deraadt@ mestre@ tb@anton
2019-09-14correct some unveil(2) violations due to "login.conf.db" access (the .db versionSebastien Marie
2019-06-28When system calls indicate an error they return -1, not some arbitraryTheo de Raadt
2019-04-23add some missing "pp." to .%P macros;Ingo Schwarze
2018-11-08unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3)Ricardo Mestre
2018-10-25unveil(2) the following files for passwd(1) with their correspondingRicardo Mestre
2017-08-21Use waitpid()/EINTR idiom for the specific pid, rather than generic wait(),Theo de Raadt
2016-12-30Use explicit_bzero() to clear the buffer used when the user retypesTodd C. Miller
2016-09-02_PASSWORD_LEN is length that comes out of crypt(), not a meaningfulTed Unangst
2016-09-02make sure to explicitly clear memory that is used for password input.Gleydson Soares
2016-08-31replace obsolete getpass with readpassphrase.Ted Unangst
2016-08-31nicer format strings and use dprintf instead of writeTed Unangst
2016-08-19update man pages now that login.conf uses auto roundsDaniel Jakots
2016-08-15Trust the login_getcaptime() declaration and don't cast the arguments toPhilip Guenther
2016-05-08Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadowTim van der Molen
2015-12-09Remove NULL-checks before free(). ok tb@mmcc
2015-11-26Delete YP password related code. As a result, these can also beTheo de Raadt
2015-10-25No need to declare pwd_gensalt; it's unused and gone.Antoine Jacoutot
2015-10-24the last user of gensalt has been removed. remove the file.Ted Unangst
2015-09-14Supply DEF_WEAK() macro to suppress warnings during compilation viaPhilip Guenther
2015-08-20Do not cast result of malloc/calloc/realloc* if stdlib.h is in scopeTheo de Raadt
2015-07-27use file system path (.Pa) semantic markup macros where appropriate.Igor Sobrado
2015-07-15Describe the behavior when no user is specified. OK jca@ deraadt@Todd C. Miller
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
2014-11-21change prototype for crypt_newhash. the login_cap_t is a holdover from itsTed Unangst
2014-11-20switch to using crypt_newhash interface. ok deraadtTed Unangst
2014-11-11use crypt_checkpass instead of crypt/strcmpTed Unangst
2014-11-02update documentation regarding localcipher onlyTed Unangst
2014-11-01remove support for creating any password style that's not blowfish.Ted Unangst
2014-09-17Increase number of blowfish rounds to 8 by default when not specified inKent R. Spillner
2014-05-19no more -K;Jason McIntyre
2014-05-19kerberos leftoversTed Unangst
2014-04-24no more kinit(1);Jason McIntyre
2014-04-22Remove KERBEROS5 from the Makefiles (except ssh for now, where it isReyk Floeter
2014-04-15Remove workarounds for ld reaching MAXDSIZ on vax, now that MAXDSIZ isMiod Vallat
2014-02-16fix bibliographical references; from Jan Stary <hans at stare dot cz>Ingo Schwarze
2013-08-06Switch vax to gcc 3.3.6.Miod Vallat
2013-06-23Stop using deprecated functions from Kerberos.Antoine Jacoutot
2013-06-19don't link to hx509, pthread and ntlm related librariesRobert Nagy
2013-06-18Shuffle library link order to appease the static arch deities.Miod Vallat
2013-06-17link to the new kerberos librariesRobert Nagy
2013-04-20Xr encrypt(1) to give people a hint if they just want a password stringTed Unangst
2013-03-02When using an external password quality check program, do not run theAntoine Jacoutot
2013-01-18Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.Philip Guenther
2012-06-20Correct English just like jsing@ did it in passwd/local_passwd.c rev. 1.38Ingo Schwarze
2012-06-19sync the descriptions of /etc/passwd;Jason McIntyre
2010-10-15Switch the remaining users of libdes in src to libcrypto,Jonathan Gray
2010-07-11bcrypt_gensalt is already declared in pwd.hDavid Hill
2009-10-28rcsid[] and sccsid[] and copyright[] are essentially unmaintained (andTheo de Raadt