302408 |
08-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
269806 |
11-Aug-2014 |
ache |
Fix too long (seed length >12 chars) challenge handling. 1) " ext" length should be included into OPIE_CHALLENGE_MAX (as all places of opie code expects that). 2) Overflow check in challenge.c is off by 1 even with corrected OPIE_CHALLENGE_MAX 3) When fallback to randomchallenge() happens and rval is 0 (i.e. challenge is too long), its value should be set to error state too.
To demonstrate the bug, run opiepasswd with valid seed: opiepasswd -s 1234567890123456 and notice that it falls back to randomchallenge() (i.e. no 1234567890123456 in the prompt).
PR: 191511 Submitted by: mitsururike@gmail.com (partially) MFC after: 1 week
|
257264 |
28-Oct-2013 |
sbruno |
Queisce two category of clang warnings:
1. missing explicit includes for string.h, stdio.h, etc 2. missing explicit declaration for some common functions
I have been unable to contact the upstream maintainer for this patch, http://www.inner.net/opie appears to be the source of truth but it unreachable
|
243933 |
06-Dec-2012 |
eadler |
Clean up hardcoded ar(1) flags in the tree to use the global ARFLAGS in share/mk/sys.mk instead.
This is part of a medium term project to permit deterministic builds of FreeBSD.
Submitted by: Erik Cederstrand <erik@cederstrand.dk> Reviewed by: imp, toolchain@ Approved by: cperciva MFC after: 2 weeks
|
239169 |
10-Aug-2012 |
delphij |
RFC 2289 requires all hashes be stored in little endian format before folding to 64 bits, while SHA1 code is big endian. Therefore, a bswap32 is required before using the value.
Without this change, the implementation does not conform to test vector found in RFC 2289.
PR: bin/170519 Submitted by: Arthur Mesh <arthurmesh gmail com> (with changes) MFC after: 1 week
|
208586 |
27-May-2010 |
cperciva |
Change the current working directory to be inside the jail created by the jail(8) command. [10:04]
Fix a one-NUL-byte buffer overflow in libopie. [10:05]
Correctly sanity-check a buffer length in nfs mount. [10:06]
Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-10:04.jail Security: FreeBSD-SA-10:05.opie Security: FreeBSD-SA-10:06.nfsclient
|
202086 |
11-Jan-2010 |
ed |
Don't include <utmp.h> when using <utmpx.h>.
libopie includes both <utmp.h> and <utmpx.h> in this case and uses some #defines to let the code use struct utmpx and its utility functions. We'd better not include <utmp.h> here, because maybe it will not be present in the future.
|
148506 |
29-Jul-2005 |
ache |
Create /etc/opiekeys with 0600, not 0644
PR: 84221
|
109680 |
22-Jan-2003 |
des |
When computing a new seed for an existing user, opienewseed() would incorrectly compute the length of the numeric portion of the previous seed, causing the new seed to be one character shorter than the old one.
This patch has been submitted to the vendor; I'm committing it right away since the file is already off the vendor branch.
MFC after: 3 days
|
92914 |
21-Mar-2002 |
markm |
Resolve conflicts.
|
92907 |
21-Mar-2002 |
markm |
This commit was generated by cvs2svn to compensate for changes in r92906, which included commits to RCS files with non-trunk default branches.
|
89766 |
24-Jan-2002 |
ache |
Zeroing memset() in opiechallenge() really is not needed because it is the very first thing immediately following opielookup() does being entered, i.e. look at this:
int opielookup FUNCTION((opie, principal), struct opie *opie AND char *principal ) { int i;
memset(opie, 0, sizeof(struct opie)); ...
|
82495 |
29-Aug-2001 |
ache |
Add heuristic to detect SSH connection (in the same style as other heuristics already here which not supposed to be secure, just helpers).
Approved by: security@ silence
|
79711 |
14-Jul-2001 |
markm |
Fix SHA1 hashing.
|
59300 |
17-Apr-2000 |
kris |
Allow applications to disable the installation of the atexit() handler which cleans up OPIE lockfiles. This is required for pam_opie.
Submitted by: Jim Bloom <bloom@acm.org>
|
59121 |
10-Apr-2000 |
kris |
Resolve conflicts
|
59119 |
10-Apr-2000 |
kris |
This commit was generated by cvs2svn to compensate for changes in r59118, which included commits to RCS files with non-trunk default branches.
|
37304 |
30-Jun-1998 |
bde |
Fixed printf format errors.
|
29967 |
29-Sep-1997 |
ache |
Merge
|
29965 |
29-Sep-1997 |
ache |
This commit was generated by cvs2svn to compensate for changes in r29964, which included commits to RCS files with non-trunk default branches.
|
27925 |
05-Aug-1997 |
ache |
Detect null secret as error, it is temp. fix until next release Submitted by: Craig Metz <cmetz@inner.net>
|
22371 |
07-Feb-1997 |
pst |
Disconnect OPIE from internal MD4/5 routines
|
22348 |
06-Feb-1997 |
pst |
This commit was generated by cvs2svn to compensate for changes in r22347, which included commits to RCS files with non-trunk default branches.
|