summaryrefslogtreecommitdiff
path: root/usr.bin/skeyinit/skeyinit.c
AgeCommit message (Collapse)Author
2002-11-16Give a sensible error message when a user who has no entry in /etc/skeyTodd C. Miller
specifies the -s flag. Also improve the error message when S/Key is disabled.
2002-06-23uid_t and gid_t are unsignedTheo de Raadt
2002-06-07The code to append the last 5 digits of the time in Unix format toTodd C. Miller
the default seed was lost in the flat file -> directory structure conversion. Instead of reinstating that, use arc4random() to get some noise and append the last 5 digits to the seed.
2002-06-07Instead of passing seed and defaultseed to normal_mode() andTodd C. Miller
secure_mode() just pass in a single default seed. Only secure_mode() needs to actually change the seed and it can use its own temporary buffer. Fix zeroing of the secrete passphrase. Instead of useing multiple password buffers, crunch the key each time and compare the crunched values.
2002-06-06Zero out memory filled in by readpassphrase(3). Also fix a spelling error;Aaron Campbell
markus@ ok.
2002-05-19 o Fix some fallout from argv handling changes.Todd C. Miller
o Use ANSI function headers o When creating a new user record cope with the fact that there may be an existing zero-length userrecord. o Replace -z with -r in usage()
2002-05-17Replace -z option (zero) with -r option (remove).Todd C. Miller
2002-05-17Call enable_db() from convert_db() so the dir creation as well asTodd C. Miller
mode/user/group setting is done in one place.
2002-05-16Add missing chown(2) call.Todd C. Miller
2002-05-16Change S/Key stuff from using a flat file (/etc/skeykeys) to a directoryTodd C. Miller
where each user gets their own file, which is owned by that user. An old S/Key database may be converted by running "skeyinit -C" as root. Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead.
2002-02-16Part one of userland __P removal. Done with a simple regexp with some minor ↵Todd C. Miller
hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
2001-11-01printf() format string fix.Miod Vallat
2001-06-23skeyzero() now takes 1 argTodd C. Miller
2001-06-20o When converting from a different hash type, if there is room on the lineTodd C. Miller
we don't need to comment out the existing entry since the key almost never takes up as much room as is allocated for it. o Do per-record locking (and timeout) now that libskey does. o Rearrange the code into functions. o Use readpassphrase()
2001-01-26It is pronounced S/KeyTodd C. Miller
2001-01-26Fix stupid bug in last commit that caused the hostname not toTodd C. Miller
be used as part of the seed for first time users.
2000-11-16When building default seed from the hostname, only use alphanumericTodd C. Miller
characters and make things lower case. Also sanity check the existing seed in skeykeys since we can't be sure it is completely sane. Problem noted by wozz@wookie.net
1999-09-10Don't unlock the skeykeys file before the fclose since stdio may still have ↵Todd C. Miller
some data buffered. Closing the file is enough to unlock it.
1999-03-02do not crash if -n has no arg; spotted by weingartTheo de Raadt
1998-08-22Changed warning message from "... keyinit -s" to "... skeyinit -s".dgregor
1998-07-09say "s/key disabled" if skeykeys file does not exist. I thought I committed ↵Todd C. Miller
this ages ago.
1997-07-27- Do coarse locking on /etc/skeykeys so we don't clobberTodd C. Miller
an entry that is being updated.
1997-07-25Protect users from themselves.Todd C. Miller
1997-07-17Add RIPEMD-160 (rmd160) support to OTP (s/key).Todd C. Miller
1996-11-03Use new length/size macros.Todd C. Miller
1996-10-23Allow root to add entry for login that does not exist.Todd C. Miller
1996-10-14Fixed a bug in skeylookup() so no need for extra skey_set_algorithm.Todd C. Miller
1996-10-08reset hash type after zeroing when changing hash type, from dm.Todd C. Miller
1996-10-02When changing hash algorithms comment out the old entry so weTodd C. Miller
don't overflow the old fixed length record.
1996-10-02Fix a bug wrt handling of old md4 entries. Now don't save a type with md4Todd C. Miller
so we don't go over the record size and munge other entries. Don't export symbols we don't need to in put.c.
1996-09-30Fixed up docs and improved skeyinit's passwd prompt.Todd C. Miller
1996-09-30In -s mode, now checks that seed is pure alphanum and converts charsTodd C. Miller
to lowercase. Also fixed prompt in -s mode to be rfc1938 compliant. You may now enter "s/key" as the password and get in via an s/key challenge, the lack of which was pointed out by dm.
1996-09-29RFC 1938 says min passwd len is 10...Todd C. Miller
1996-09-29Works with new libskey and supports SHA.Todd C. Miller
1996-09-29Added support for MD4/MD5 as an argument.Todd C. Miller
1996-09-28strings for username are of size UT_NAMESIZETodd C. Miller
1996-09-28Less easily guessed seed. From logdaemon package.Todd C. Miller
1996-09-27Now can deal with both MD4 and MD5 s/key's.Todd C. Miller
1996-06-26rcsidTheo de Raadt
1995-12-20add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851Theo de Raadt
also add a prototype for skeyzero()
1995-10-18initial import of NetBSD treeTheo de Raadt