| 302408 |
08-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, as nothing has been merged
here.
Additional commits post-branch will follow.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation |
| 269806 |
11-Aug-2014 |
ache |
Fix too long (seed length >12 chars) challenge handling.
1) " ext" length should be included into OPIE_CHALLENGE_MAX (as all places
of opie code expects that).
2) Overflow check in challenge.c is off by 1 even with corrected
OPIE_CHALLENGE_MAX
3) When fallback to randomchallenge() happens and rval is 0 (i.e.
challenge is too long), its value should be set to error state too.
To demonstrate the bug, run opiepasswd with valid seed:
opiepasswd -s 1234567890123456
and notice that it falls back to randomchallenge() (i.e. no
1234567890123456 in the prompt).
PR: 191511
Submitted by: mitsururike@gmail.com (partially)
MFC after: 1 week
|
| 257264 |
28-Oct-2013 |
sbruno |
Queisce two category of clang warnings:
1. missing explicit includes for string.h, stdio.h, etc
2. missing explicit declaration for some common functions
I have been unable to contact the upstream maintainer for this patch,
http://www.inner.net/opie appears to be the source of truth but it
unreachable
|
| 243933 |
06-Dec-2012 |
eadler |
Clean up hardcoded ar(1) flags in the tree to use the global ARFLAGS in
share/mk/sys.mk instead.
This is part of a medium term project to permit deterministic builds of
FreeBSD.
Submitted by: Erik Cederstrand <erik@cederstrand.dk>
Reviewed by: imp, toolchain@
Approved by: cperciva
MFC after: 2 weeks
|
| 239169 |
10-Aug-2012 |
delphij |
RFC 2289 requires all hashes be stored in little endian format before
folding to 64 bits, while SHA1 code is big endian. Therefore, a bswap32
is required before using the value.
Without this change, the implementation does not conform to test vector
found in RFC 2289.
PR: bin/170519
Submitted by: Arthur Mesh <arthurmesh gmail com> (with changes)
MFC after: 1 week
|
| 208586 |
27-May-2010 |
cperciva |
Change the current working directory to be inside the jail created by
the jail(8) command. [10:04]
Fix a one-NUL-byte buffer overflow in libopie. [10:05]
Correctly sanity-check a buffer length in nfs mount. [10:06]
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-10:04.jail
Security: FreeBSD-SA-10:05.opie
Security: FreeBSD-SA-10:06.nfsclient
|
| 202086 |
11-Jan-2010 |
ed |
Don't include <utmp.h> when using <utmpx.h>.
libopie includes both <utmp.h> and <utmpx.h> in this case and uses some
#defines to let the code use struct utmpx and its utility functions.
We'd better not include <utmp.h> here, because maybe it will not be
present in the future.
|
| 148506 |
29-Jul-2005 |
ache |
Create /etc/opiekeys with 0600, not 0644
PR: 84221
|
| 109680 |
22-Jan-2003 |
des |
When computing a new seed for an existing user, opienewseed() would
incorrectly compute the length of the numeric portion of the previous
seed, causing the new seed to be one character shorter than the old
one.
This patch has been submitted to the vendor; I'm committing it right
away since the file is already off the vendor branch.
MFC after: 3 days
|
| 92914 |
21-Mar-2002 |
markm |
Resolve conflicts.
|
| 92907 |
21-Mar-2002 |
markm |
This commit was generated by cvs2svn to compensate for changes in r92906,
which included commits to RCS files with non-trunk default branches.
|
| 89766 |
24-Jan-2002 |
ache |
Zeroing memset() in opiechallenge() really is not needed because it is the
very first thing immediately following opielookup() does being entered, i.e.
look at this:
int opielookup FUNCTION((opie, principal), struct opie *opie AND char
*principal
)
{
int i;
memset(opie, 0, sizeof(struct opie));
...
|
| 82495 |
29-Aug-2001 |
ache |
Add heuristic to detect SSH connection (in the same style as other
heuristics already here which not supposed to be secure, just helpers).
Approved by: security@ silence
|
| 79711 |
14-Jul-2001 |
markm |
Fix SHA1 hashing.
|
| 59300 |
17-Apr-2000 |
kris |
Allow applications to disable the installation of the atexit() handler
which cleans up OPIE lockfiles. This is required for pam_opie.
Submitted by: Jim Bloom <bloom@acm.org>
|
| 59121 |
10-Apr-2000 |
kris |
Resolve conflicts
|
| 59119 |
10-Apr-2000 |
kris |
This commit was generated by cvs2svn to compensate for changes in r59118,
which included commits to RCS files with non-trunk default branches.
|
| 37304 |
30-Jun-1998 |
bde |
Fixed printf format errors.
|
| 29967 |
29-Sep-1997 |
ache |
Merge
|
| 29965 |
29-Sep-1997 |
ache |
This commit was generated by cvs2svn to compensate for changes in r29964,
which included commits to RCS files with non-trunk default branches.
|
| 27925 |
05-Aug-1997 |
ache |
Detect null secret as error, it is temp. fix until next release
Submitted by: Craig Metz <cmetz@inner.net>
|
| 22371 |
07-Feb-1997 |
pst |
Disconnect OPIE from internal MD4/5 routines
|
| 22348 |
06-Feb-1997 |
pst |
This commit was generated by cvs2svn to compensate for changes in r22347,
which included commits to RCS files with non-trunk default branches.
|