summaryrefslogtreecommitdiffstats
path: root/lib/libskey (follow)
Commit message (Collapse)AuthorAgeFilesLines
* convert to new .Dd format;jmc2007-05-312-4/+4
|
* Check fgets return value, from Charles Longeau.ray2007-05-171-3/+5
| | | | OK millert@.
* remove some bogus *p tests from charles longeautedu2007-03-201-2/+2
| | | | ok deraadt millert
* minimal cleanups lint begs forderaadt2006-04-102-30/+29
|
* use WANTLINT= (on all architectures)deraadt2005-11-241-1/+2
|
* remove MLINK for skeyzero.3: the function was removed in -r1.5;jmc2005-10-121-2/+2
|
* Add skeychallenge2() which is like skeychallenge() but takes anmillert2004-08-055-43/+67
| | | | | | already open fd. Will be used to make separate challenge/response invocations of login_skey keep the record locked. Also properly escape minus signs in man page. OK henning@ jmc@
* Use SHA1Pad() instead of relying on unspecified behavior.millert2004-07-281-2/+2
|
* errno changes, lib major version bumps, and general flag daymarc2004-07-131-1/+1
| | | | | | | To build you must: cd /usr/src && make obj && make includes cd lib/libc && make depend && make && NOMAN=1 sudo make install cd /usr/src && make build
* convert tgetline() from select(2) -> poll(2)millert2003-09-211-23/+12
|
* simple protosderaadt2003-06-261-2/+2
|
* Sync with share/misc/license.template and add missing DARPA creditmillert2003-06-172-16/+20
| | | | where applicable.
* Use an ISC-tyle license for all my code; it is simpler and more permissive.millert2003-06-032-44/+22
|
* - section reorderjmc2003-06-021-6/+6
| | | | - kill whitespace at EOL
* - typos;jmc2003-05-241-28/+28
| | | | | - new sentence, new line; - whitespace at EOL
* fix skeygetnext()millert2003-04-281-8/+23
|
* Use snprintf() and strlcpy() throughout.millert2003-04-033-133/+65
|
* document the number of bytes required for btoa8millert2003-03-191-2/+3
|
* typos;jmc2003-01-231-2/+2
| | | | ok millert@
* Crank all library major numbers. Needed due to the fact that wemillert2002-12-031-1/+1
| | | | | | | | now build libraries with propolice enabled. Without this, existing binaries (such as ports/packages) that link with any system library other than libc will fail with an undefined symbol of "___guard" (__guard on ELF). Pointed out by markus@ and discussed with deraadt@
* Zero out struct skey early in skeylookup() so callers can reliably checkmillert2002-11-161-3/+3
| | | | for keyfile == NULL and not get a garbage value.
* Add a missing check for NULL keyfile in skeychallenge() thatmillert2002-11-161-3/+5
| | | | | caused a user w/o an S/Key to just get "permission denied" from login_skey instead of a fake challenge.
* use strtok_r() instead of strtok(); millert okderaadt2002-06-222-15/+16
|
* strlcat boundsderaadt2002-05-291-5/+5
|
* replace strcpy with strlcpyderaadt2002-05-241-5/+5
|
* enforce SKEY_MAX_CHALLENGE using snprintf()deraadt2002-05-241-12/+9
|
* doc that skeychallenge() buffer is at least SKEY_MAX_CHALLENGE longderaadt2002-05-241-2/+3
|
* Remove skeyzero(), it is no longer needed.millert2002-05-172-45/+3
|
* Add skey(5)millert2002-05-162-2/+97
|
* Check for disabled /etc/skey directory (mode 0000). This is neededmillert2002-05-161-3/+11
| | | | | because some things (such as login) run as uid 0 and directory modes won't restrict root.
* Change S/Key stuff from using a flat file (/etc/skeykeys) to a directorymillert2002-05-164-359/+237
| | | | | | | | | where each user gets their own file, which is owned by that user. An old S/Key database may be converted by running "skeyinit -C" as root. Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead.
* Initial cleanup:mpech2002-04-301-3/+3
| | | | | | | | | | | | o) remove extra space in the end of line; o) remove extra blank lines in the end of file; o) remove .Pp before .Ss; o) CAVEAT -> CAVEATS; o) fix usage of .Fa; o) <blank-line> -> .Pp; o) wrap long lines; millert@ ok
* Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.millert2002-02-164-45/+45
|
* Fix `necesary' typos; Alexander Yurchenkomillert2002-01-241-2/+2
| | | | | Alas many of these were introduced by yours truly as necessary just doesn't look right to me for some reason ;-)
* Check for keyfile == NULL in skey_unlock()millert2001-12-071-2/+2
|
* avoid stdio in a signal handler; millert okderaadt2001-11-141-4/+4
|
* sync skeyzero proto with recent changesmillert2001-06-231-2/+2
|
* skeyzero() never uses its 2nd arg so remove it. Since the only thingmillert2001-06-232-9/+9
| | | | | that calls skeyzero() is skeyinit and I just updated the libskey major I am not going to bump the major again here...
* Document our S/Key library.millert2001-06-232-2/+403
|
* getskeyprompt() is gonemillert2001-06-231-2/+1
|
* Get rid of f_HASH() and fold its functionality into keycrunch_HASH().millert2001-06-231-151/+104
| | | | | | | This means we now only need to add one new function when adding a new hash type. Somehow missed from last S/Key commit (changes are static to skeysubr.c).
* major number bumpmillert2001-06-201-1/+1
|
* We don't need an f() for each hash, just overload the per-hashmillert2001-06-201-2104/+326
| | | | keycrunch() function to do this.
* o Do per-record locking instead of whole file lockingmillert2001-06-201-102/+258
| | | | | | | | | | | | | o Use said locking to prevent a partial guess race as required by RFC 2289. We now lock the record in skeylookup(), skeygetnext(), and skeyverify(). o A little KNF o Kill deprecated getskeyprompt() function o Provide a function to unlock a record, skey_unlock() o Timeout reading of the passphrase in skey_authenticate() and skey_passcheck() since we have the record locked (uses select, not alarm). o Convert old-style md4 entries (that lack an explicit hash) into new-style ones with the hash specified if there is space on the line.
* o Add a length parameter to struct skey and rearrange some other structsmillert2001-06-201-46/+44
| | | | | | o Protect from duplicate inclusion and use __{BEGIN,END}_DECLS o Prototype new skey_unlock() function and remove proto for getskeyprompt() which has been removed.
* SHA1 is a big endian algorithm but RFC2289 mandates that results bemillert2001-01-261-15/+35
| | | | | | stored in little endian form (like MD4/MD5). So, instead of having SHA1Final copy the result buffer, we do it ourselves with a loop stolen from RFC2289, Appendix A. Closes PR1650.
* grammartodd2001-01-041-2/+2
|
* Move fake prompt generation from skey_authenticate() to skeychallenge()millert2000-11-201-129/+142
| | | | | | and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file.
* set mp->keyfile = NULL if stat failsmarkus2000-06-231-1/+2
|
* $OpenBSD$todd2000-03-021-1/+1
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.