| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | convert tgetline() from select(2) -> poll(2) |   millert | 2003-09-21 | 1 | -23/+12 |
| | | |||||
| * | simple protos |   deraadt | 2003-06-26 | 1 | -2/+2 |
| | | |||||
| * | Sync with share/misc/license.template and add missing DARPA credit | millert | 2003-06-17 | 2 | -16/+20 |
| | | | | | where applicable. | ||||
| * | Use an ISC-tyle license for all my code; it is simpler and more permissive. | millert | 2003-06-03 | 2 | -44/+22 |
| | | |||||
| * | - section reorder |   jmc | 2003-06-02 | 1 | -6/+6 |
| | | | | | - kill whitespace at EOL | ||||
| * | - typos; | jmc | 2003-05-24 | 1 | -28/+28 |
| | | | | | | - new sentence, new line; - whitespace at EOL | ||||
| * | fix skeygetnext() | millert | 2003-04-28 | 1 | -8/+23 |
| | | |||||
| * | Use snprintf() and strlcpy() throughout. | millert | 2003-04-03 | 3 | -133/+65 |
| | | |||||
| * | document the number of bytes required for btoa8 | millert | 2003-03-19 | 1 | -2/+3 |
| | | |||||
| * | typos; | jmc | 2003-01-23 | 1 | -2/+2 |
| | | | | | ok millert@ | ||||
| * | Crank all library major numbers. Needed due to the fact that we | millert | 2002-12-03 | 1 | -1/+1 |
| | | | | | | | | | now build libraries with propolice enabled. Without this, existing binaries (such as ports/packages) that link with any system library other than libc will fail with an undefined symbol of "___guard" (__guard on ELF). Pointed out by markus@ and discussed with deraadt@ | ||||
| * | Zero out struct skey early in skeylookup() so callers can reliably check | millert | 2002-11-16 | 1 | -3/+3 |
| | | | | | for keyfile == NULL and not get a garbage value. | ||||
| * | Add a missing check for NULL keyfile in skeychallenge() that | millert | 2002-11-16 | 1 | -3/+5 |
| | | | | | | caused a user w/o an S/Key to just get "permission denied" from login_skey instead of a fake challenge. | ||||
| * | use strtok_r() instead of strtok(); millert ok | deraadt | 2002-06-22 | 2 | -15/+16 |
| | | |||||
| * | strlcat bounds | deraadt | 2002-05-29 | 1 | -5/+5 |
| | | |||||
| * | replace strcpy with strlcpy | deraadt | 2002-05-24 | 1 | -5/+5 |
| | | |||||
| * | enforce SKEY_MAX_CHALLENGE using snprintf() | deraadt | 2002-05-24 | 1 | -12/+9 |
| | | |||||
| * | doc that skeychallenge() buffer is at least SKEY_MAX_CHALLENGE long | deraadt | 2002-05-24 | 1 | -2/+3 |
| | | |||||
| * | Remove skeyzero(), it is no longer needed. | millert | 2002-05-17 | 2 | -45/+3 |
| | | |||||
| * | Add skey(5) | millert | 2002-05-16 | 2 | -2/+97 |
| | | |||||
| * | Check for disabled /etc/skey directory (mode 0000). This is needed | millert | 2002-05-16 | 1 | -3/+11 |
| | | | | | | because some things (such as login) run as uid 0 and directory modes won't restrict root. | ||||
| * | Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory | millert | 2002-05-16 | 4 | -359/+237 |
| | | | | | | | | | | where each user gets their own file, which is owned by that user. An old S/Key database may be converted by running "skeyinit -C" as root. Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead. | ||||
| * | Initial cleanup: |   mpech | 2002-04-30 | 1 | -3/+3 |
| | | | | | | | | | | | | | o) remove extra space in the end of line; o) remove extra blank lines in the end of file; o) remove .Pp before .Ss; o) CAVEAT -> CAVEATS; o) fix usage of .Fa; o) <blank-line> -> .Pp; o) wrap long lines; millert@ ok | ||||
| * | Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically. | millert | 2002-02-16 | 4 | -45/+45 |
| | | |||||
| * | Fix `necesary' typos; Alexander Yurchenko | millert | 2002-01-24 | 1 | -2/+2 |
| | | | | | | Alas many of these were introduced by yours truly as necessary just doesn't look right to me for some reason ;-) | ||||
| * | Check for keyfile == NULL in skey_unlock() | millert | 2001-12-07 | 1 | -2/+2 |
| | | |||||
| * | avoid stdio in a signal handler; millert ok | deraadt | 2001-11-14 | 1 | -4/+4 |
| | | |||||
| * | sync skeyzero proto with recent changes | millert | 2001-06-23 | 1 | -2/+2 |
| | | |||||
| * | skeyzero() never uses its 2nd arg so remove it. Since the only thing | millert | 2001-06-23 | 2 | -9/+9 |
| | | | | | | that calls skeyzero() is skeyinit and I just updated the libskey major I am not going to bump the major again here... | ||||
| * | Document our S/Key library. | millert | 2001-06-23 | 2 | -2/+403 |
| | | |||||
| * | getskeyprompt() is gone | millert | 2001-06-23 | 1 | -2/+1 |
| | | |||||
| * | Get rid of f_HASH() and fold its functionality into keycrunch_HASH(). | millert | 2001-06-23 | 1 | -151/+104 |
| | | | | | | | | This means we now only need to add one new function when adding a new hash type. Somehow missed from last S/Key commit (changes are static to skeysubr.c). | ||||
| * | major number bump | millert | 2001-06-20 | 1 | -1/+1 |
| | | |||||
| * | We don't need an f() for each hash, just overload the per-hash | millert | 2001-06-20 | 1 | -2104/+326 |
| | | | | | keycrunch() function to do this. | ||||
| * | o Do per-record locking instead of whole file locking | millert | 2001-06-20 | 1 | -102/+258 |
| | | | | | | | | | | | | | | o Use said locking to prevent a partial guess race as required by RFC 2289. We now lock the record in skeylookup(), skeygetnext(), and skeyverify(). o A little KNF o Kill deprecated getskeyprompt() function o Provide a function to unlock a record, skey_unlock() o Timeout reading of the passphrase in skey_authenticate() and skey_passcheck() since we have the record locked (uses select, not alarm). o Convert old-style md4 entries (that lack an explicit hash) into new-style ones with the hash specified if there is space on the line. | ||||
| * | o Add a length parameter to struct skey and rearrange some other structs | millert | 2001-06-20 | 1 | -46/+44 |
| | | | | | | | o Protect from duplicate inclusion and use __{BEGIN,END}_DECLS o Prototype new skey_unlock() function and remove proto for getskeyprompt() which has been removed. | ||||
| * | SHA1 is a big endian algorithm but RFC2289 mandates that results be | millert | 2001-01-26 | 1 | -15/+35 |
| | | | | | | | stored in little endian form (like MD4/MD5). So, instead of having SHA1Final copy the result buffer, we do it ourselves with a loop stolen from RFC2289, Appendix A. Closes PR1650. | ||||
| * | grammar |   todd | 2001-01-04 | 1 | -2/+2 |
| | | |||||
| * | Move fake prompt generation from skey_authenticate() to skeychallenge() | millert | 2000-11-20 | 1 | -129/+142 |
| | | | | | | | and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file. | ||||
| * | set mp->keyfile = NULL if stat fails |   markus | 2000-06-23 | 1 | -1/+2 |
| | | |||||
| * | $OpenBSD$ | todd | 2000-03-02 | 1 | -1/+1 |
| | | |||||
| * | fd leak | deraadt | 1999-12-06 | 1 | -1/+4 |
| | | |||||
| * | fix descriptor leaks and double fclose(); markus and I; ok from millert | deraadt | 1999-11-26 | 1 | -5/+23 |
| | | |||||
| * | don't need sys/file.h now that we include fcntl.h | millert | 1999-08-16 | 1 | -2/+1 |
| | | |||||
| * | missing fcntl.h | millert | 1999-08-16 | 1 | -1/+2 |
| | | |||||
| * | change /etc/host.random to /var/db/host.random |   provos | 1999-07-15 | 1 | -2/+2 |
| | | |||||
| * | replace open + fstat with stat | millert | 1998-07-05 | 1 | -5/+2 |
| | | |||||
| * | if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge. | millert | 1998-07-05 | 1 | -84/+94 |
| | | |||||
| * | Change the random file path, add a sanity check on file size. |   angelos | 1998-07-03 | 2 | -3/+4 |
| | | |||||
| * | Fix my fix to return sane values. | angelos | 1998-07-03 | 1 | -9/+10 |
| | | |||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |