Age | Commit message (Collapse) | Author | |
---|---|---|---|
2002-11-16 | Give a sensible error message when a user who has no entry in /etc/skey | Todd C. Miller | |
specifies the -s flag. Also improve the error message when S/Key is disabled. | |||
2002-06-23 | uid_t and gid_t are unsigned | Theo de Raadt | |
2002-06-07 | The code to append the last 5 digits of the time in Unix format to | Todd C. Miller | |
the default seed was lost in the flat file -> directory structure conversion. Instead of reinstating that, use arc4random() to get some noise and append the last 5 digits to the seed. | |||
2002-06-07 | Instead of passing seed and defaultseed to normal_mode() and | Todd C. Miller | |
secure_mode() just pass in a single default seed. Only secure_mode() needs to actually change the seed and it can use its own temporary buffer. Fix zeroing of the secrete passphrase. Instead of useing multiple password buffers, crunch the key each time and compare the crunched values. | |||
2002-06-06 | Zero out memory filled in by readpassphrase(3). Also fix a spelling error; | Aaron Campbell | |
markus@ ok. | |||
2002-05-19 | o Fix some fallout from argv handling changes. | Todd C. Miller | |
o Use ANSI function headers o When creating a new user record cope with the fact that there may be an existing zero-length userrecord. o Replace -z with -r in usage() | |||
2002-05-17 | Replace -z option (zero) with -r option (remove). | Todd C. Miller | |
2002-05-17 | Call enable_db() from convert_db() so the dir creation as well as | Todd C. Miller | |
mode/user/group setting is done in one place. | |||
2002-05-16 | Add missing chown(2) call. | Todd C. Miller | |
2002-05-16 | Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory | Todd C. Miller | |
where each user gets their own file, which is owned by that user. An old S/Key database may be converted by running "skeyinit -C" as root. Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead. | |||
2002-02-16 | Part one of userland __P removal. Done with a simple regexp with some minor ↵ | Todd C. Miller | |
hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically. | |||
2001-11-01 | printf() format string fix. | Miod Vallat | |
2001-06-23 | skeyzero() now takes 1 arg | Todd C. Miller | |
2001-06-20 | o When converting from a different hash type, if there is room on the line | Todd C. Miller | |
we don't need to comment out the existing entry since the key almost never takes up as much room as is allocated for it. o Do per-record locking (and timeout) now that libskey does. o Rearrange the code into functions. o Use readpassphrase() | |||
2001-01-26 | It is pronounced S/Key | Todd C. Miller | |
2001-01-26 | Fix stupid bug in last commit that caused the hostname not to | Todd C. Miller | |
be used as part of the seed for first time users. | |||
2000-11-16 | When building default seed from the hostname, only use alphanumeric | Todd C. Miller | |
characters and make things lower case. Also sanity check the existing seed in skeykeys since we can't be sure it is completely sane. Problem noted by wozz@wookie.net | |||
1999-09-10 | Don't unlock the skeykeys file before the fclose since stdio may still have ↵ | Todd C. Miller | |
some data buffered. Closing the file is enough to unlock it. | |||
1999-03-02 | do not crash if -n has no arg; spotted by weingart | Theo de Raadt | |
1998-08-22 | Changed warning message from "... keyinit -s" to "... skeyinit -s". | dgregor | |
1998-07-09 | say "s/key disabled" if skeykeys file does not exist. I thought I committed ↵ | Todd C. Miller | |
this ages ago. | |||
1997-07-27 | - Do coarse locking on /etc/skeykeys so we don't clobber | Todd C. Miller | |
an entry that is being updated. | |||
1997-07-25 | Protect users from themselves. | Todd C. Miller | |
1997-07-17 | Add RIPEMD-160 (rmd160) support to OTP (s/key). | Todd C. Miller | |
1996-11-03 | Use new length/size macros. | Todd C. Miller | |
1996-10-23 | Allow root to add entry for login that does not exist. | Todd C. Miller | |
1996-10-14 | Fixed a bug in skeylookup() so no need for extra skey_set_algorithm. | Todd C. Miller | |
1996-10-08 | reset hash type after zeroing when changing hash type, from dm. | Todd C. Miller | |
1996-10-02 | When changing hash algorithms comment out the old entry so we | Todd C. Miller | |
don't overflow the old fixed length record. | |||
1996-10-02 | Fix a bug wrt handling of old md4 entries. Now don't save a type with md4 | Todd C. Miller | |
so we don't go over the record size and munge other entries. Don't export symbols we don't need to in put.c. | |||
1996-09-30 | Fixed up docs and improved skeyinit's passwd prompt. | Todd C. Miller | |
1996-09-30 | In -s mode, now checks that seed is pure alphanum and converts chars | Todd C. Miller | |
to lowercase. Also fixed prompt in -s mode to be rfc1938 compliant. You may now enter "s/key" as the password and get in via an s/key challenge, the lack of which was pointed out by dm. | |||
1996-09-29 | RFC 1938 says min passwd len is 10... | Todd C. Miller | |
1996-09-29 | Works with new libskey and supports SHA. | Todd C. Miller | |
1996-09-29 | Added support for MD4/MD5 as an argument. | Todd C. Miller | |
1996-09-28 | strings for username are of size UT_NAMESIZE | Todd C. Miller | |
1996-09-28 | Less easily guessed seed. From logdaemon package. | Todd C. Miller | |
1996-09-27 | Now can deal with both MD4 and MD5 s/key's. | Todd C. Miller | |
1996-06-26 | rcsid | Theo de Raadt | |
1995-12-20 | add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851 | Theo de Raadt | |
also add a prototype for skeyzero() | |||
1995-10-18 | initial import of NetBSD tree | Theo de Raadt | |