| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | correct some unveil(2) violations due to "login.conf.db" access (the .db version |   semarie | 2019-09-14 | 1 | -2/+3 |
| | | | | | | | | | | | of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)). problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too ok mestre@ millert@ | ||||
| * | The first unveil userland commit! |   deraadt | 2018-08-03 | 1 | -1/+3 |
| | | | | | | | | unveil _PATH_LOGIN_CONF (/etc/login.conf) which is used by login_getclass(3) and family before doing password encode. This is the only filename used by the program during runtime, everything else happens on stdin/stdout. | ||||
| * | This does not need pledge "wpath" | deraadt | 2018-08-03 | 1 | -2/+2 |
| | | |||||
| * | Use freezero instead of explicit_bzero+free |   mestre | 2017-05-24 | 1 | -3/+2 |
| | | | | | OK tb@ | ||||
| * | Use the safe idiom of cleaning sensitive data from memory with explicit_bzero, | mestre | 2017-05-03 | 1 | -1/+2 |
| | | | | | | | | | | instead of relying on other methods, after readpassphrase. Some programs on this diff won't benefit that much since it happens near the terminal path, but someone might copy the unsafe idiom to another program and place it where it may leak sensitive data. Discussed aeons ago with tb@, OK deraadt@ and beck@ | ||||
| * | usage() is static and __dead; add prototype for print_passwd; |   tb | 2016-09-04 | 1 | -4/+5 |
| | | | | | return instead of exit from main | ||||
| * | _PASSWORD_LEN is length that comes out of crypt(), not a meaningful |   tedu | 2016-09-02 | 1 | -2/+2 |
| | | | | | | | | length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert | ||||
| * | convert getpass to readpassphrase. from Dimitris Papastamos | tedu | 2016-09-02 | 1 | -4/+7 |
| | | |||||
| * | encrypt(1) also needs to pledge "wpath" for getpass(). |   doug | 2015-10-10 | 1 | -2/+2 |
| | | | | | | | getpass() opens /dev/tty RW so it can write the prompt. ok deraadt@ | ||||
| * | pledge "stdio rpath tty". rpath for the configuration reading done by | deraadt | 2015-10-10 | 1 | -1/+4 |
| | | | | | | login* subsystem, tty for readpassphase() ok beck | ||||
| * | Wrap a long line. Use explicit_bzero. Fix comment describing extra. | tedu | 2015-02-26 | 1 | -6/+7 |
| | | | | | | | From Andre Smagin Also, should be safe to print errno from newhash() now. ok millert | ||||
| * | increase prefbuf size so that 'encrypt -b 000000000000000000000012' works. | tedu | 2015-02-24 | 1 | -3/+5 |
| | | | | | | | | noticed by Andre Smagin. also check snprintf for overflow so we get better error messages if somebody decides to pad with even more zeroes, and avoid possible truncations. | ||||
| * | remove unused variable |   chl | 2015-01-15 | 1 | -2/+1 |
| | | | | | ok tedu@ | ||||
| * | encrypt can use the scrypt scaling code in libc now via crypt_newhash | tedu | 2015-01-05 | 1 | -54/+14 |
| | | |||||
| * | fix -b a mode, spotted by rpe | deraadt | 2015-01-04 | 1 | -4/+5 |
| | | |||||
| * | impose some limits on the ideal rounds so nothing too crazy happens when | tedu | 2014-12-29 | 1 | -3/+3 |
| | | | | | the clock results are weird | ||||
| * | simplify. bcrypt only support and use newer libc APIs. no makekey emul. | tedu | 2014-12-24 | 1 | -66/+16 |
| | | | | | | | ok deraadt schwarze is a little sad to see the last 1/8 shared man page go, but we have a support program in place, called the attic. | ||||
| * | hoist blowfish up and use bcrypt_newhash directly | tedu | 2014-11-03 | 1 | -6/+9 |
| | | |||||
| * | remove -m from usage(); |   jmc | 2014-09-03 | 1 | -2/+2 |
| | | |||||
| * | kill md5 support, broken since May |   giovanni | 2014-09-03 | 1 | -18/+3 |
| | | | | | ok tedu@ | ||||
| * | simpler prototype repairs | deraadt | 2013-11-12 | 1 | -2/+3 |
| | | |||||
| * | allow auto scaling bcrypt rounds by CPU power. | tedu | 2013-05-23 | 1 | -2/+39 |
| | | | | | ok deraadt jmc sthen | ||||
| * | Don't trim whitespace from stdin. Encrypt it the same as other |   krw | 2007-07-14 | 1 | -27/+8 |
| | | | | | | | input sources. Feedback and fixes from ray@ and fgsch@. ok millert@ (six years ago) ray@ fgsch@ | ||||
| * | use strtonum; ok millert@ |   jdixon | 2007-05-01 | 1 | -2/+6 |
| | | |||||
| * | remove some bogus *p tests from charles longeau | tedu | 2007-03-20 | 1 | -2/+2 |
| | | | | | ok deraadt millert | ||||
| * | tidy up synopsis and usage(); from Igor Sobrado | jmc | 2007-03-06 | 1 | -2/+2 |
| | | |||||
| * | There is no need to trim an empty string any further, just return |   ray | 2006-11-02 | 1 | -1/+4 |
| | | | | | | | it. OK moritz@. | ||||
| * | Handle crypt(3) returning NULL. Found by Gustavo C. Pereira. |   moritz | 2006-05-27 | 1 | -3/+5 |
| | | | | | ok deraadt@ | ||||
| * | oops, to64() is shared. | deraadt | 2006-04-02 | 1 | -2/+2 |
| | | |||||
| * | passwd.conf has been deprecated since login.conf was imported. |   millert | 2004-07-13 | 1 | -5/+3 |
| | | | | | Today it finally dies. Based on a diff from Gabriel Kihlman. | ||||
| * | Check getpass(3) return value. From Jared Yanovich <jjy2+ at pitt dot edu> |   otto | 2003-11-23 | 1 | -2/+3 |
| | | | | | ok henning@ | ||||
| * | protos | deraadt | 2003-07-02 | 1 | -1/+5 |
| | | |||||
| * | Add a "-c class" option to specify that the given login class should | millert | 2003-06-14 | 1 | -6/+12 |
| | | | | | be used to find the cipher to user. | ||||
| * | strlcpy | deraadt | 2003-04-06 | 1 | -4/+4 |
| | | |||||
| * | Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically. | millert | 2002-02-16 | 1 | -3/+3 |
| | | |||||
| * | KNF + some ANSIfication | millert | 2001-07-31 | 1 | -165/+161 |
| | | |||||
| * | Call pwd_gensalt() with the correct args and reference login.conf | millert | 2001-07-31 | 1 | -3/+10 |
| | | | | | in man page; hideishi@magisystem.net | ||||
| * | allow prompt to be specified anywhere on the command line, make it work |   provos | 2000-11-11 | 1 | -4/+4 |
| | | | | | with md5. prohibit makekey mode and prompt. | ||||
| * | seperate -> separate, okay aaron@ | provos | 2000-11-10 | 1 | -2/+2 |
| | | |||||
| * | proto bcrypt_gensalt() | deraadt | 1999-09-03 | 1 | -2/+1 |
| | | |||||
| * | include ctype.h for isspace() and fix some declarations |   art | 1999-08-16 | 1 | -2/+4 |
| | | |||||
| * | Add -p flag, prompt for a string with echo off. |   alex | 1999-05-20 | 1 | -16/+32 |
| | | |||||
| * | Use fprintf/exit in place of errx for usage display. | alex | 1999-05-19 | 1 | -2/+4 |
| | | |||||
| * | add <stdlib.h> for atoi(), free(), etc. |   kstailey | 1997-06-17 | 1 | -1/+2 |
| | | |||||
| * | (foo *)NULL -> NULL | kstailey | 1997-06-17 | 1 | -2/+2 |
| | | |||||
| * | blowfish + passwd.conf support. fixed md5 salt. | provos | 1997-03-30 | 1 | -40/+90 |
| | | |||||
| * | Fix core dump. |   downsj | 1997-03-27 | 1 | -2/+4 |
| | | |||||
| * | Add an old makekey(8) mode. | downsj | 1996-08-26 | 1 | -7/+40 |
| | | |||||
| * | Slightly cleaner. | downsj | 1996-08-08 | 1 | -8/+22 |
| | | |||||
| * | encrypt(1), little utility for encrypting passwords from the command line. | downsj | 1996-08-08 | 1 | -0/+108 |
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |