#
1.65 |
|
23-Mar-2024 |
guenther |
readdir_r(3) was never necessary and has been deprecated by POSIX. Document that in the manpage and stop using it internally.
ok deraadt@ millert@ jmc@
|
Revision tags: OPENBSD_7_3_BASE OPENBSD_7_4_BASE OPENBSD_7_5_BASE
|
#
1.64 |
|
15-Mar-2023 |
millert |
Fix the length check when computing a fake challenge for users not in the S/Key database. If the system hostname is longer than 126 characters this could result in NUL bytes being written past the end of a stack buffer. There is no impact on systems with a hostname 126 characters or less. Found by Qualys. OK deraadt@
|
#
1.63 |
|
27-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any changes not taken noted on tech, but chiefly here i did not take the cancelation - cancellation changes;
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.62 |
|
25-Jan-2019 |
millert |
I am retiring my old email address; replace it with my OpenBSD one.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.61 |
|
17-Apr-2017 |
deraadt |
use freezero()
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.60 |
|
20-Mar-2017 |
tb |
Generate the bogus challenge using arc4random_buf(3) instead of reading directly from /var/db/host.random and falling back to ctime. Remove the _SKEY_RAND_FILE_PATH_ since it's no longer needed.
ok millert, mestre
|
#
1.59 |
|
20-Mar-2017 |
tedu |
use explicit_bzero. one from Ricardo Mestre plus two more.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.58 |
|
17-Mar-2016 |
krw |
'miliseconds' -> 'milliseconds' in comments.
if_atu.c noted by Michal Mazurek.
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.57 |
|
18-Apr-2015 |
deraadt |
Convert many atoi() calls to strtonum(), adding range checks and failure handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.56 |
|
16-Jan-2015 |
deraadt |
Move to the <limits.h> universe. review by millert, binary checking process with doug, concept with guenther
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.55 |
|
29-Nov-2013 |
deraadt |
fairly simple unsigned char casts for ctype ok krw
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.54 |
|
20-Mar-2007 |
tedu |
remove some bogus *p tests from charles longeau ok deraadt millert
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
10-Apr-2006 |
deraadt |
minimal cleanups lint begs for
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.52 |
|
05-Aug-2004 |
millert |
Add skeychallenge2() which is like skeychallenge() but takes an already open fd. Will be used to make separate challenge/response invocations of login_skey keep the record locked. Also properly escape minus signs in man page. OK henning@ jmc@
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.51 |
|
21-Sep-2003 |
millert |
convert tgetline() from select(2) -> poll(2)
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.50 |
|
28-Apr-2003 |
millert |
fix skeygetnext()
|
#
1.49 |
|
03-Apr-2003 |
millert |
Use snprintf() and strlcpy() throughout.
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.48 |
|
16-Nov-2002 |
millert |
Zero out struct skey early in skeylookup() so callers can reliably check for keyfile == NULL and not get a garbage value.
|
#
1.47 |
|
16-Nov-2002 |
millert |
Add a missing check for NULL keyfile in skeychallenge() that caused a user w/o an S/Key to just get "permission denied" from login_skey instead of a fake challenge.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.46 |
|
22-Jun-2002 |
deraadt |
use strtok_r() instead of strtok(); millert ok
|
#
1.45 |
|
24-May-2002 |
deraadt |
enforce SKEY_MAX_CHALLENGE using snprintf()
|
#
1.44 |
|
17-May-2002 |
millert |
Remove skeyzero(), it is no longer needed.
|
#
1.43 |
|
16-May-2002 |
millert |
Check for disabled /etc/skey directory (mode 0000). This is needed because some things (such as login) run as uid 0 and directory modes won't restrict root.
|
#
1.42 |
|
16-May-2002 |
millert |
Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory where each user gets their own file, which is owned by that user.
An old S/Key database may be converted by running "skeyinit -C" as root.
Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead.
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.41 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.40 |
|
07-Dec-2001 |
millert |
Check for keyfile == NULL in skey_unlock()
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.39 |
|
23-Jun-2001 |
millert |
skeyzero() never uses its 2nd arg so remove it. Since the only thing that calls skeyzero() is skeyinit and I just updated the libskey major I am not going to bump the major again here...
|
#
1.38 |
|
20-Jun-2001 |
millert |
o Do per-record locking instead of whole file locking o Use said locking to prevent a partial guess race as required by RFC 2289. We now lock the record in skeylookup(), skeygetnext(), and skeyverify(). o A little KNF o Kill deprecated getskeyprompt() function o Provide a function to unlock a record, skey_unlock() o Timeout reading of the passphrase in skey_authenticate() and skey_passcheck() since we have the record locked (uses select, not alarm). o Convert old-style md4 entries (that lack an explicit hash) into new-style ones with the hash specified if there is space on the line.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.37 |
|
04-Jan-2001 |
todd |
grammar
|
#
1.36 |
|
20-Nov-2000 |
millert |
Move fake prompt generation from skey_authenticate() to skeychallenge() and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file.
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.35 |
|
23-Jun-2000 |
markus |
set mp->keyfile = NULL if stat fails
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.34 |
|
06-Dec-1999 |
deraadt |
fd leak
|
#
1.33 |
|
26-Nov-1999 |
deraadt |
fix descriptor leaks and double fclose(); markus and I; ok from millert
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.32 |
|
16-Aug-1999 |
millert |
don't need sys/file.h now that we include fcntl.h
|
#
1.31 |
|
16-Aug-1999 |
millert |
missing fcntl.h
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.30 |
|
05-Jul-1998 |
millert |
replace open + fstat with stat
|
#
1.29 |
|
05-Jul-1998 |
millert |
if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge.
|
#
1.28 |
|
03-Jul-1998 |
angelos |
Change the random file path, add a sanity check on file size.
|
#
1.27 |
|
03-Jul-1998 |
angelos |
Fix my fix to return sane values.
|
#
1.26 |
|
03-Jul-1998 |
millert |
produce credible seeds for non-existent users.
|
#
1.25 |
|
03-Jul-1998 |
angelos |
Fix some of my indentation badness.
|
#
1.24 |
|
03-Jul-1998 |
angelos |
Remove user existance disclosure through "s/key" challenges.
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
24-Feb-1998 |
millert |
Allow superuser to disable skey by unlnking /etc/skeykeys.
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
12-Sep-1997 |
millert |
Don't let strncpy() get a negative length. Noted by Theo.
|
#
1.21 |
|
04-Sep-1997 |
millert |
Don't unlock skeys file before closing it. The lock is released when the file is closed anyway and explicately unlocking before the file gets flushed defeats the purpose of locking in the first place.
|
#
1.20 |
|
27-Jul-1997 |
millert |
Remove debugging info, whoops.
|
#
1.19 |
|
27-Jul-1997 |
millert |
- Do coarse locking on /etc/skeykeys. Fixes a race that could allow a replay attempt to succeed. - OpenBSD tags
|
#
1.18 |
|
27-Jul-1997 |
millert |
Fix search and replace error introduced in version 1.16.
|
#
1.17 |
|
26-Jul-1997 |
millert |
Convert upper -> lower case in seed for fake s/key propt.
|
#
1.16 |
|
26-Jul-1997 |
millert |
- int -> long fixes - restore priority correctly after setpriority (assumed start pri was 0) - rfc-compliant challenge when faking it for those w/o a keyfile entry on machines with short hostnames or non-alphanum hostnames.
|
#
1.15 |
|
23-Jul-1997 |
millert |
Fix skeygetnext()
|
#
1.14 |
|
23-Jul-1997 |
millert |
_PATH_SKEYKEYS now lives in <paths.h> Add skeygetnext() for iterating over the key file.
|
#
1.13 |
|
23-Jul-1997 |
millert |
Mode 0600 /etc/skeykeys
|
#
1.12 |
|
10-Jul-1997 |
millert |
Need err.h for warnx proto.
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.11 |
|
03-Nov-1996 |
millert |
Add a bunch of length/size macros and use them.
|
#
1.10 |
|
22-Oct-1996 |
millert |
Fake an s/key challenge if user doesn't have an entry. Stops info gathering attack.
|
#
1.9 |
|
14-Oct-1996 |
millert |
htoi now takes an int, not char. Only skey_set_algorithm() for the record that matches target user.
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.8 |
|
02-Oct-1996 |
millert |
Fix a bug wrt handling of old md4 entries. Now don't save a type with md4 so we don't go over the record size and munge other entries. Don't export symbols we don't need to in put.c.
|
#
1.7 |
|
30-Sep-1996 |
millert |
__ARGS -> __P (why does everyone have to do this differently?)
|
#
1.6 |
|
29-Sep-1996 |
millert |
check skey_set_algorithm() ret val + pedantry.
|
#
1.5 |
|
29-Sep-1996 |
millert |
Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).
|
#
1.4 |
|
29-Sep-1996 |
millert |
You can now cut and paste skey prompt in an xterm to get the key. Also removed broken code.
|
#
1.3 |
|
27-Sep-1996 |
millert |
Deal with both MD4 and MD5 s/key's
|
#
1.2 |
|
20-Dec-1995 |
deraadt |
add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851 also add a prototype for skeyzero()
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.64 |
|
15-Mar-2023 |
millert |
Fix the length check when computing a fake challenge for users not in the S/Key database. If the system hostname is longer than 126 characters this could result in NUL bytes being written past the end of a stack buffer. There is no impact on systems with a hostname 126 characters or less. Found by Qualys. OK deraadt@
|
#
1.63 |
|
27-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any changes not taken noted on tech, but chiefly here i did not take the cancelation - cancellation changes;
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.62 |
|
25-Jan-2019 |
millert |
I am retiring my old email address; replace it with my OpenBSD one.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.61 |
|
17-Apr-2017 |
deraadt |
use freezero()
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.60 |
|
20-Mar-2017 |
tb |
Generate the bogus challenge using arc4random_buf(3) instead of reading directly from /var/db/host.random and falling back to ctime. Remove the _SKEY_RAND_FILE_PATH_ since it's no longer needed.
ok millert, mestre
|
#
1.59 |
|
20-Mar-2017 |
tedu |
use explicit_bzero. one from Ricardo Mestre plus two more.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.58 |
|
17-Mar-2016 |
krw |
'miliseconds' -> 'milliseconds' in comments.
if_atu.c noted by Michal Mazurek.
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.57 |
|
18-Apr-2015 |
deraadt |
Convert many atoi() calls to strtonum(), adding range checks and failure handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.56 |
|
16-Jan-2015 |
deraadt |
Move to the <limits.h> universe. review by millert, binary checking process with doug, concept with guenther
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.55 |
|
29-Nov-2013 |
deraadt |
fairly simple unsigned char casts for ctype ok krw
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.54 |
|
20-Mar-2007 |
tedu |
remove some bogus *p tests from charles longeau ok deraadt millert
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
10-Apr-2006 |
deraadt |
minimal cleanups lint begs for
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.52 |
|
05-Aug-2004 |
millert |
Add skeychallenge2() which is like skeychallenge() but takes an already open fd. Will be used to make separate challenge/response invocations of login_skey keep the record locked. Also properly escape minus signs in man page. OK henning@ jmc@
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.51 |
|
21-Sep-2003 |
millert |
convert tgetline() from select(2) -> poll(2)
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.50 |
|
28-Apr-2003 |
millert |
fix skeygetnext()
|
#
1.49 |
|
03-Apr-2003 |
millert |
Use snprintf() and strlcpy() throughout.
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.48 |
|
16-Nov-2002 |
millert |
Zero out struct skey early in skeylookup() so callers can reliably check for keyfile == NULL and not get a garbage value.
|
#
1.47 |
|
16-Nov-2002 |
millert |
Add a missing check for NULL keyfile in skeychallenge() that caused a user w/o an S/Key to just get "permission denied" from login_skey instead of a fake challenge.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.46 |
|
22-Jun-2002 |
deraadt |
use strtok_r() instead of strtok(); millert ok
|
#
1.45 |
|
24-May-2002 |
deraadt |
enforce SKEY_MAX_CHALLENGE using snprintf()
|
#
1.44 |
|
17-May-2002 |
millert |
Remove skeyzero(), it is no longer needed.
|
#
1.43 |
|
16-May-2002 |
millert |
Check for disabled /etc/skey directory (mode 0000). This is needed because some things (such as login) run as uid 0 and directory modes won't restrict root.
|
#
1.42 |
|
16-May-2002 |
millert |
Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory where each user gets their own file, which is owned by that user.
An old S/Key database may be converted by running "skeyinit -C" as root.
Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead.
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.41 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.40 |
|
07-Dec-2001 |
millert |
Check for keyfile == NULL in skey_unlock()
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.39 |
|
23-Jun-2001 |
millert |
skeyzero() never uses its 2nd arg so remove it. Since the only thing that calls skeyzero() is skeyinit and I just updated the libskey major I am not going to bump the major again here...
|
#
1.38 |
|
20-Jun-2001 |
millert |
o Do per-record locking instead of whole file locking o Use said locking to prevent a partial guess race as required by RFC 2289. We now lock the record in skeylookup(), skeygetnext(), and skeyverify(). o A little KNF o Kill deprecated getskeyprompt() function o Provide a function to unlock a record, skey_unlock() o Timeout reading of the passphrase in skey_authenticate() and skey_passcheck() since we have the record locked (uses select, not alarm). o Convert old-style md4 entries (that lack an explicit hash) into new-style ones with the hash specified if there is space on the line.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.37 |
|
04-Jan-2001 |
todd |
grammar
|
#
1.36 |
|
20-Nov-2000 |
millert |
Move fake prompt generation from skey_authenticate() to skeychallenge() and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file.
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.35 |
|
23-Jun-2000 |
markus |
set mp->keyfile = NULL if stat fails
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.34 |
|
06-Dec-1999 |
deraadt |
fd leak
|
#
1.33 |
|
26-Nov-1999 |
deraadt |
fix descriptor leaks and double fclose(); markus and I; ok from millert
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.32 |
|
16-Aug-1999 |
millert |
don't need sys/file.h now that we include fcntl.h
|
#
1.31 |
|
16-Aug-1999 |
millert |
missing fcntl.h
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.30 |
|
05-Jul-1998 |
millert |
replace open + fstat with stat
|
#
1.29 |
|
05-Jul-1998 |
millert |
if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge.
|
#
1.28 |
|
03-Jul-1998 |
angelos |
Change the random file path, add a sanity check on file size.
|
#
1.27 |
|
03-Jul-1998 |
angelos |
Fix my fix to return sane values.
|
#
1.26 |
|
03-Jul-1998 |
millert |
produce credible seeds for non-existent users.
|
#
1.25 |
|
03-Jul-1998 |
angelos |
Fix some of my indentation badness.
|
#
1.24 |
|
03-Jul-1998 |
angelos |
Remove user existance disclosure through "s/key" challenges.
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
24-Feb-1998 |
millert |
Allow superuser to disable skey by unlnking /etc/skeykeys.
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
12-Sep-1997 |
millert |
Don't let strncpy() get a negative length. Noted by Theo.
|
#
1.21 |
|
04-Sep-1997 |
millert |
Don't unlock skeys file before closing it. The lock is released when the file is closed anyway and explicately unlocking before the file gets flushed defeats the purpose of locking in the first place.
|
#
1.20 |
|
27-Jul-1997 |
millert |
Remove debugging info, whoops.
|
#
1.19 |
|
27-Jul-1997 |
millert |
- Do coarse locking on /etc/skeykeys. Fixes a race that could allow a replay attempt to succeed. - OpenBSD tags
|
#
1.18 |
|
27-Jul-1997 |
millert |
Fix search and replace error introduced in version 1.16.
|
#
1.17 |
|
26-Jul-1997 |
millert |
Convert upper -> lower case in seed for fake s/key propt.
|
#
1.16 |
|
26-Jul-1997 |
millert |
- int -> long fixes - restore priority correctly after setpriority (assumed start pri was 0) - rfc-compliant challenge when faking it for those w/o a keyfile entry on machines with short hostnames or non-alphanum hostnames.
|
#
1.15 |
|
23-Jul-1997 |
millert |
Fix skeygetnext()
|
#
1.14 |
|
23-Jul-1997 |
millert |
_PATH_SKEYKEYS now lives in <paths.h> Add skeygetnext() for iterating over the key file.
|
#
1.13 |
|
23-Jul-1997 |
millert |
Mode 0600 /etc/skeykeys
|
#
1.12 |
|
10-Jul-1997 |
millert |
Need err.h for warnx proto.
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.11 |
|
03-Nov-1996 |
millert |
Add a bunch of length/size macros and use them.
|
#
1.10 |
|
22-Oct-1996 |
millert |
Fake an s/key challenge if user doesn't have an entry. Stops info gathering attack.
|
#
1.9 |
|
14-Oct-1996 |
millert |
htoi now takes an int, not char. Only skey_set_algorithm() for the record that matches target user.
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.8 |
|
02-Oct-1996 |
millert |
Fix a bug wrt handling of old md4 entries. Now don't save a type with md4 so we don't go over the record size and munge other entries. Don't export symbols we don't need to in put.c.
|
#
1.7 |
|
30-Sep-1996 |
millert |
__ARGS -> __P (why does everyone have to do this differently?)
|
#
1.6 |
|
29-Sep-1996 |
millert |
check skey_set_algorithm() ret val + pedantry.
|
#
1.5 |
|
29-Sep-1996 |
millert |
Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).
|
#
1.4 |
|
29-Sep-1996 |
millert |
You can now cut and paste skey prompt in an xterm to get the key. Also removed broken code.
|
#
1.3 |
|
27-Sep-1996 |
millert |
Deal with both MD4 and MD5 s/key's
|
#
1.2 |
|
20-Dec-1995 |
deraadt |
add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851 also add a prototype for skeyzero()
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.63 |
|
27-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any changes not taken noted on tech, but chiefly here i did not take the cancelation - cancellation changes;
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.62 |
|
25-Jan-2019 |
millert |
I am retiring my old email address; replace it with my OpenBSD one.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.61 |
|
17-Apr-2017 |
deraadt |
use freezero()
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.60 |
|
20-Mar-2017 |
tb |
Generate the bogus challenge using arc4random_buf(3) instead of reading directly from /var/db/host.random and falling back to ctime. Remove the _SKEY_RAND_FILE_PATH_ since it's no longer needed.
ok millert, mestre
|
#
1.59 |
|
20-Mar-2017 |
tedu |
use explicit_bzero. one from Ricardo Mestre plus two more.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.58 |
|
17-Mar-2016 |
krw |
'miliseconds' -> 'milliseconds' in comments.
if_atu.c noted by Michal Mazurek.
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.57 |
|
18-Apr-2015 |
deraadt |
Convert many atoi() calls to strtonum(), adding range checks and failure handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.56 |
|
16-Jan-2015 |
deraadt |
Move to the <limits.h> universe. review by millert, binary checking process with doug, concept with guenther
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.55 |
|
29-Nov-2013 |
deraadt |
fairly simple unsigned char casts for ctype ok krw
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.54 |
|
20-Mar-2007 |
tedu |
remove some bogus *p tests from charles longeau ok deraadt millert
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
10-Apr-2006 |
deraadt |
minimal cleanups lint begs for
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.52 |
|
05-Aug-2004 |
millert |
Add skeychallenge2() which is like skeychallenge() but takes an already open fd. Will be used to make separate challenge/response invocations of login_skey keep the record locked. Also properly escape minus signs in man page. OK henning@ jmc@
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.51 |
|
21-Sep-2003 |
millert |
convert tgetline() from select(2) -> poll(2)
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.50 |
|
28-Apr-2003 |
millert |
fix skeygetnext()
|
#
1.49 |
|
03-Apr-2003 |
millert |
Use snprintf() and strlcpy() throughout.
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.48 |
|
16-Nov-2002 |
millert |
Zero out struct skey early in skeylookup() so callers can reliably check for keyfile == NULL and not get a garbage value.
|
#
1.47 |
|
16-Nov-2002 |
millert |
Add a missing check for NULL keyfile in skeychallenge() that caused a user w/o an S/Key to just get "permission denied" from login_skey instead of a fake challenge.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.46 |
|
22-Jun-2002 |
deraadt |
use strtok_r() instead of strtok(); millert ok
|
#
1.45 |
|
24-May-2002 |
deraadt |
enforce SKEY_MAX_CHALLENGE using snprintf()
|
#
1.44 |
|
17-May-2002 |
millert |
Remove skeyzero(), it is no longer needed.
|
#
1.43 |
|
16-May-2002 |
millert |
Check for disabled /etc/skey directory (mode 0000). This is needed because some things (such as login) run as uid 0 and directory modes won't restrict root.
|
#
1.42 |
|
16-May-2002 |
millert |
Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory where each user gets their own file, which is owned by that user.
An old S/Key database may be converted by running "skeyinit -C" as root.
Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead.
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.41 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.40 |
|
07-Dec-2001 |
millert |
Check for keyfile == NULL in skey_unlock()
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.39 |
|
23-Jun-2001 |
millert |
skeyzero() never uses its 2nd arg so remove it. Since the only thing that calls skeyzero() is skeyinit and I just updated the libskey major I am not going to bump the major again here...
|
#
1.38 |
|
20-Jun-2001 |
millert |
o Do per-record locking instead of whole file locking o Use said locking to prevent a partial guess race as required by RFC 2289. We now lock the record in skeylookup(), skeygetnext(), and skeyverify(). o A little KNF o Kill deprecated getskeyprompt() function o Provide a function to unlock a record, skey_unlock() o Timeout reading of the passphrase in skey_authenticate() and skey_passcheck() since we have the record locked (uses select, not alarm). o Convert old-style md4 entries (that lack an explicit hash) into new-style ones with the hash specified if there is space on the line.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.37 |
|
04-Jan-2001 |
todd |
grammar
|
#
1.36 |
|
20-Nov-2000 |
millert |
Move fake prompt generation from skey_authenticate() to skeychallenge() and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file.
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.35 |
|
23-Jun-2000 |
markus |
set mp->keyfile = NULL if stat fails
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.34 |
|
06-Dec-1999 |
deraadt |
fd leak
|
#
1.33 |
|
26-Nov-1999 |
deraadt |
fix descriptor leaks and double fclose(); markus and I; ok from millert
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.32 |
|
16-Aug-1999 |
millert |
don't need sys/file.h now that we include fcntl.h
|
#
1.31 |
|
16-Aug-1999 |
millert |
missing fcntl.h
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.30 |
|
05-Jul-1998 |
millert |
replace open + fstat with stat
|
#
1.29 |
|
05-Jul-1998 |
millert |
if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge.
|
#
1.28 |
|
03-Jul-1998 |
angelos |
Change the random file path, add a sanity check on file size.
|
#
1.27 |
|
03-Jul-1998 |
angelos |
Fix my fix to return sane values.
|
#
1.26 |
|
03-Jul-1998 |
millert |
produce credible seeds for non-existent users.
|
#
1.25 |
|
03-Jul-1998 |
angelos |
Fix some of my indentation badness.
|
#
1.24 |
|
03-Jul-1998 |
angelos |
Remove user existance disclosure through "s/key" challenges.
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
24-Feb-1998 |
millert |
Allow superuser to disable skey by unlnking /etc/skeykeys.
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
12-Sep-1997 |
millert |
Don't let strncpy() get a negative length. Noted by Theo.
|
#
1.21 |
|
04-Sep-1997 |
millert |
Don't unlock skeys file before closing it. The lock is released when the file is closed anyway and explicately unlocking before the file gets flushed defeats the purpose of locking in the first place.
|
#
1.20 |
|
27-Jul-1997 |
millert |
Remove debugging info, whoops.
|
#
1.19 |
|
27-Jul-1997 |
millert |
- Do coarse locking on /etc/skeykeys. Fixes a race that could allow a replay attempt to succeed. - OpenBSD tags
|
#
1.18 |
|
27-Jul-1997 |
millert |
Fix search and replace error introduced in version 1.16.
|
#
1.17 |
|
26-Jul-1997 |
millert |
Convert upper -> lower case in seed for fake s/key propt.
|
#
1.16 |
|
26-Jul-1997 |
millert |
- int -> long fixes - restore priority correctly after setpriority (assumed start pri was 0) - rfc-compliant challenge when faking it for those w/o a keyfile entry on machines with short hostnames or non-alphanum hostnames.
|
#
1.15 |
|
23-Jul-1997 |
millert |
Fix skeygetnext()
|
#
1.14 |
|
23-Jul-1997 |
millert |
_PATH_SKEYKEYS now lives in <paths.h> Add skeygetnext() for iterating over the key file.
|
#
1.13 |
|
23-Jul-1997 |
millert |
Mode 0600 /etc/skeykeys
|
#
1.12 |
|
10-Jul-1997 |
millert |
Need err.h for warnx proto.
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.11 |
|
03-Nov-1996 |
millert |
Add a bunch of length/size macros and use them.
|
#
1.10 |
|
22-Oct-1996 |
millert |
Fake an s/key challenge if user doesn't have an entry. Stops info gathering attack.
|
#
1.9 |
|
14-Oct-1996 |
millert |
htoi now takes an int, not char. Only skey_set_algorithm() for the record that matches target user.
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.8 |
|
02-Oct-1996 |
millert |
Fix a bug wrt handling of old md4 entries. Now don't save a type with md4 so we don't go over the record size and munge other entries. Don't export symbols we don't need to in put.c.
|
#
1.7 |
|
30-Sep-1996 |
millert |
__ARGS -> __P (why does everyone have to do this differently?)
|
#
1.6 |
|
29-Sep-1996 |
millert |
check skey_set_algorithm() ret val + pedantry.
|
#
1.5 |
|
29-Sep-1996 |
millert |
Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).
|
#
1.4 |
|
29-Sep-1996 |
millert |
You can now cut and paste skey prompt in an xterm to get the key. Also removed broken code.
|
#
1.3 |
|
27-Sep-1996 |
millert |
Deal with both MD4 and MD5 s/key's
|
#
1.2 |
|
20-Dec-1995 |
deraadt |
add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851 also add a prototype for skeyzero()
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.62 |
|
25-Jan-2019 |
millert |
I am retiring my old email address; replace it with my OpenBSD one.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.61 |
|
17-Apr-2017 |
deraadt |
use freezero()
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.60 |
|
20-Mar-2017 |
tb |
Generate the bogus challenge using arc4random_buf(3) instead of reading directly from /var/db/host.random and falling back to ctime. Remove the _SKEY_RAND_FILE_PATH_ since it's no longer needed.
ok millert, mestre
|
#
1.59 |
|
20-Mar-2017 |
tedu |
use explicit_bzero. one from Ricardo Mestre plus two more.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.58 |
|
17-Mar-2016 |
krw |
'miliseconds' -> 'milliseconds' in comments.
if_atu.c noted by Michal Mazurek.
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.57 |
|
18-Apr-2015 |
deraadt |
Convert many atoi() calls to strtonum(), adding range checks and failure handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.56 |
|
16-Jan-2015 |
deraadt |
Move to the <limits.h> universe. review by millert, binary checking process with doug, concept with guenther
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.55 |
|
29-Nov-2013 |
deraadt |
fairly simple unsigned char casts for ctype ok krw
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.54 |
|
20-Mar-2007 |
tedu |
remove some bogus *p tests from charles longeau ok deraadt millert
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
10-Apr-2006 |
deraadt |
minimal cleanups lint begs for
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.52 |
|
05-Aug-2004 |
millert |
Add skeychallenge2() which is like skeychallenge() but takes an already open fd. Will be used to make separate challenge/response invocations of login_skey keep the record locked. Also properly escape minus signs in man page. OK henning@ jmc@
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.51 |
|
21-Sep-2003 |
millert |
convert tgetline() from select(2) -> poll(2)
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.50 |
|
28-Apr-2003 |
millert |
fix skeygetnext()
|
#
1.49 |
|
03-Apr-2003 |
millert |
Use snprintf() and strlcpy() throughout.
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.48 |
|
16-Nov-2002 |
millert |
Zero out struct skey early in skeylookup() so callers can reliably check for keyfile == NULL and not get a garbage value.
|
#
1.47 |
|
16-Nov-2002 |
millert |
Add a missing check for NULL keyfile in skeychallenge() that caused a user w/o an S/Key to just get "permission denied" from login_skey instead of a fake challenge.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.46 |
|
22-Jun-2002 |
deraadt |
use strtok_r() instead of strtok(); millert ok
|
#
1.45 |
|
24-May-2002 |
deraadt |
enforce SKEY_MAX_CHALLENGE using snprintf()
|
#
1.44 |
|
17-May-2002 |
millert |
Remove skeyzero(), it is no longer needed.
|
#
1.43 |
|
16-May-2002 |
millert |
Check for disabled /etc/skey directory (mode 0000). This is needed because some things (such as login) run as uid 0 and directory modes won't restrict root.
|
#
1.42 |
|
16-May-2002 |
millert |
Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory where each user gets their own file, which is owned by that user.
An old S/Key database may be converted by running "skeyinit -C" as root.
Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead.
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.41 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.40 |
|
07-Dec-2001 |
millert |
Check for keyfile == NULL in skey_unlock()
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.39 |
|
23-Jun-2001 |
millert |
skeyzero() never uses its 2nd arg so remove it. Since the only thing that calls skeyzero() is skeyinit and I just updated the libskey major I am not going to bump the major again here...
|
#
1.38 |
|
20-Jun-2001 |
millert |
o Do per-record locking instead of whole file locking o Use said locking to prevent a partial guess race as required by RFC 2289. We now lock the record in skeylookup(), skeygetnext(), and skeyverify(). o A little KNF o Kill deprecated getskeyprompt() function o Provide a function to unlock a record, skey_unlock() o Timeout reading of the passphrase in skey_authenticate() and skey_passcheck() since we have the record locked (uses select, not alarm). o Convert old-style md4 entries (that lack an explicit hash) into new-style ones with the hash specified if there is space on the line.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.37 |
|
04-Jan-2001 |
todd |
grammar
|
#
1.36 |
|
20-Nov-2000 |
millert |
Move fake prompt generation from skey_authenticate() to skeychallenge() and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file.
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.35 |
|
23-Jun-2000 |
markus |
set mp->keyfile = NULL if stat fails
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.34 |
|
06-Dec-1999 |
deraadt |
fd leak
|
#
1.33 |
|
26-Nov-1999 |
deraadt |
fix descriptor leaks and double fclose(); markus and I; ok from millert
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.32 |
|
16-Aug-1999 |
millert |
don't need sys/file.h now that we include fcntl.h
|
#
1.31 |
|
16-Aug-1999 |
millert |
missing fcntl.h
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.30 |
|
05-Jul-1998 |
millert |
replace open + fstat with stat
|
#
1.29 |
|
05-Jul-1998 |
millert |
if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge.
|
#
1.28 |
|
03-Jul-1998 |
angelos |
Change the random file path, add a sanity check on file size.
|
#
1.27 |
|
03-Jul-1998 |
angelos |
Fix my fix to return sane values.
|
#
1.26 |
|
03-Jul-1998 |
millert |
produce credible seeds for non-existent users.
|
#
1.25 |
|
03-Jul-1998 |
angelos |
Fix some of my indentation badness.
|
#
1.24 |
|
03-Jul-1998 |
angelos |
Remove user existance disclosure through "s/key" challenges.
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
24-Feb-1998 |
millert |
Allow superuser to disable skey by unlnking /etc/skeykeys.
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
12-Sep-1997 |
millert |
Don't let strncpy() get a negative length. Noted by Theo.
|
#
1.21 |
|
04-Sep-1997 |
millert |
Don't unlock skeys file before closing it. The lock is released when the file is closed anyway and explicately unlocking before the file gets flushed defeats the purpose of locking in the first place.
|
#
1.20 |
|
27-Jul-1997 |
millert |
Remove debugging info, whoops.
|
#
1.19 |
|
27-Jul-1997 |
millert |
- Do coarse locking on /etc/skeykeys. Fixes a race that could allow a replay attempt to succeed. - OpenBSD tags
|
#
1.18 |
|
27-Jul-1997 |
millert |
Fix search and replace error introduced in version 1.16.
|
#
1.17 |
|
26-Jul-1997 |
millert |
Convert upper -> lower case in seed for fake s/key propt.
|
#
1.16 |
|
26-Jul-1997 |
millert |
- int -> long fixes - restore priority correctly after setpriority (assumed start pri was 0) - rfc-compliant challenge when faking it for those w/o a keyfile entry on machines with short hostnames or non-alphanum hostnames.
|
#
1.15 |
|
23-Jul-1997 |
millert |
Fix skeygetnext()
|
#
1.14 |
|
23-Jul-1997 |
millert |
_PATH_SKEYKEYS now lives in <paths.h> Add skeygetnext() for iterating over the key file.
|
#
1.13 |
|
23-Jul-1997 |
millert |
Mode 0600 /etc/skeykeys
|
#
1.12 |
|
10-Jul-1997 |
millert |
Need err.h for warnx proto.
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.11 |
|
03-Nov-1996 |
millert |
Add a bunch of length/size macros and use them.
|
#
1.10 |
|
22-Oct-1996 |
millert |
Fake an s/key challenge if user doesn't have an entry. Stops info gathering attack.
|
#
1.9 |
|
14-Oct-1996 |
millert |
htoi now takes an int, not char. Only skey_set_algorithm() for the record that matches target user.
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.8 |
|
02-Oct-1996 |
millert |
Fix a bug wrt handling of old md4 entries. Now don't save a type with md4 so we don't go over the record size and munge other entries. Don't export symbols we don't need to in put.c.
|
#
1.7 |
|
30-Sep-1996 |
millert |
__ARGS -> __P (why does everyone have to do this differently?)
|
#
1.6 |
|
29-Sep-1996 |
millert |
check skey_set_algorithm() ret val + pedantry.
|
#
1.5 |
|
29-Sep-1996 |
millert |
Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).
|
#
1.4 |
|
29-Sep-1996 |
millert |
You can now cut and paste skey prompt in an xterm to get the key. Also removed broken code.
|
#
1.3 |
|
27-Sep-1996 |
millert |
Deal with both MD4 and MD5 s/key's
|
#
1.2 |
|
20-Dec-1995 |
deraadt |
add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851 also add a prototype for skeyzero()
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.61 |
|
17-Apr-2017 |
deraadt |
use freezero()
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.60 |
|
20-Mar-2017 |
tb |
Generate the bogus challenge using arc4random_buf(3) instead of reading directly from /var/db/host.random and falling back to ctime. Remove the _SKEY_RAND_FILE_PATH_ since it's no longer needed.
ok millert, mestre
|
#
1.59 |
|
20-Mar-2017 |
tedu |
use explicit_bzero. one from Ricardo Mestre plus two more.
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.58 |
|
17-Mar-2016 |
krw |
'miliseconds' -> 'milliseconds' in comments.
if_atu.c noted by Michal Mazurek.
|
Revision tags: OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.57 |
|
18-Apr-2015 |
deraadt |
Convert many atoi() calls to strtonum(), adding range checks and failure handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.56 |
|
16-Jan-2015 |
deraadt |
Move to the <limits.h> universe. review by millert, binary checking process with doug, concept with guenther
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.55 |
|
29-Nov-2013 |
deraadt |
fairly simple unsigned char casts for ctype ok krw
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE
|
#
1.54 |
|
20-Mar-2007 |
tedu |
remove some bogus *p tests from charles longeau ok deraadt millert
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
10-Apr-2006 |
deraadt |
minimal cleanups lint begs for
|
Revision tags: OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE
|
#
1.52 |
|
05-Aug-2004 |
millert |
Add skeychallenge2() which is like skeychallenge() but takes an already open fd. Will be used to make separate challenge/response invocations of login_skey keep the record locked. Also properly escape minus signs in man page. OK henning@ jmc@
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.51 |
|
21-Sep-2003 |
millert |
convert tgetline() from select(2) -> poll(2)
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.50 |
|
28-Apr-2003 |
millert |
fix skeygetnext()
|
#
1.49 |
|
03-Apr-2003 |
millert |
Use snprintf() and strlcpy() throughout.
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.48 |
|
16-Nov-2002 |
millert |
Zero out struct skey early in skeylookup() so callers can reliably check for keyfile == NULL and not get a garbage value.
|
#
1.47 |
|
16-Nov-2002 |
millert |
Add a missing check for NULL keyfile in skeychallenge() that caused a user w/o an S/Key to just get "permission denied" from login_skey instead of a fake challenge.
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.46 |
|
22-Jun-2002 |
deraadt |
use strtok_r() instead of strtok(); millert ok
|
#
1.45 |
|
24-May-2002 |
deraadt |
enforce SKEY_MAX_CHALLENGE using snprintf()
|
#
1.44 |
|
17-May-2002 |
millert |
Remove skeyzero(), it is no longer needed.
|
#
1.43 |
|
16-May-2002 |
millert |
Check for disabled /etc/skey directory (mode 0000). This is needed because some things (such as login) run as uid 0 and directory modes won't restrict root.
|
#
1.42 |
|
16-May-2002 |
millert |
Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory where each user gets their own file, which is owned by that user.
An old S/Key database may be converted by running "skeyinit -C" as root.
Programs that need to access the S/Key database no longer need to be setuid root. They must now be setgid auth instead.
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.41 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.40 |
|
07-Dec-2001 |
millert |
Check for keyfile == NULL in skey_unlock()
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.39 |
|
23-Jun-2001 |
millert |
skeyzero() never uses its 2nd arg so remove it. Since the only thing that calls skeyzero() is skeyinit and I just updated the libskey major I am not going to bump the major again here...
|
#
1.38 |
|
20-Jun-2001 |
millert |
o Do per-record locking instead of whole file locking o Use said locking to prevent a partial guess race as required by RFC 2289. We now lock the record in skeylookup(), skeygetnext(), and skeyverify(). o A little KNF o Kill deprecated getskeyprompt() function o Provide a function to unlock a record, skey_unlock() o Timeout reading of the passphrase in skey_authenticate() and skey_passcheck() since we have the record locked (uses select, not alarm). o Convert old-style md4 entries (that lack an explicit hash) into new-style ones with the hash specified if there is space on the line.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.37 |
|
04-Jan-2001 |
todd |
grammar
|
#
1.36 |
|
20-Nov-2000 |
millert |
Move fake prompt generation from skey_authenticate() to skeychallenge() and getskeyprompt(). This means that when you get a challenge the result parameter is always filled in, even if the use is not in the skeykeys file.
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.35 |
|
23-Jun-2000 |
markus |
set mp->keyfile = NULL if stat fails
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.34 |
|
06-Dec-1999 |
deraadt |
fd leak
|
#
1.33 |
|
26-Nov-1999 |
deraadt |
fix descriptor leaks and double fclose(); markus and I; ok from millert
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.32 |
|
16-Aug-1999 |
millert |
don't need sys/file.h now that we include fcntl.h
|
#
1.31 |
|
16-Aug-1999 |
millert |
missing fcntl.h
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE
|
#
1.30 |
|
05-Jul-1998 |
millert |
replace open + fstat with stat
|
#
1.29 |
|
05-Jul-1998 |
millert |
if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge.
|
#
1.28 |
|
03-Jul-1998 |
angelos |
Change the random file path, add a sanity check on file size.
|
#
1.27 |
|
03-Jul-1998 |
angelos |
Fix my fix to return sane values.
|
#
1.26 |
|
03-Jul-1998 |
millert |
produce credible seeds for non-existent users.
|
#
1.25 |
|
03-Jul-1998 |
angelos |
Fix some of my indentation badness.
|
#
1.24 |
|
03-Jul-1998 |
angelos |
Remove user existance disclosure through "s/key" challenges.
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.23 |
|
24-Feb-1998 |
millert |
Allow superuser to disable skey by unlnking /etc/skeykeys.
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.22 |
|
12-Sep-1997 |
millert |
Don't let strncpy() get a negative length. Noted by Theo.
|
#
1.21 |
|
04-Sep-1997 |
millert |
Don't unlock skeys file before closing it. The lock is released when the file is closed anyway and explicately unlocking before the file gets flushed defeats the purpose of locking in the first place.
|
#
1.20 |
|
27-Jul-1997 |
millert |
Remove debugging info, whoops.
|
#
1.19 |
|
27-Jul-1997 |
millert |
- Do coarse locking on /etc/skeykeys. Fixes a race that could allow a replay attempt to succeed. - OpenBSD tags
|
#
1.18 |
|
27-Jul-1997 |
millert |
Fix search and replace error introduced in version 1.16.
|
#
1.17 |
|
26-Jul-1997 |
millert |
Convert upper -> lower case in seed for fake s/key propt.
|
#
1.16 |
|
26-Jul-1997 |
millert |
- int -> long fixes - restore priority correctly after setpriority (assumed start pri was 0) - rfc-compliant challenge when faking it for those w/o a keyfile entry on machines with short hostnames or non-alphanum hostnames.
|
#
1.15 |
|
23-Jul-1997 |
millert |
Fix skeygetnext()
|
#
1.14 |
|
23-Jul-1997 |
millert |
_PATH_SKEYKEYS now lives in <paths.h> Add skeygetnext() for iterating over the key file.
|
#
1.13 |
|
23-Jul-1997 |
millert |
Mode 0600 /etc/skeykeys
|
#
1.12 |
|
10-Jul-1997 |
millert |
Need err.h for warnx proto.
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.11 |
|
03-Nov-1996 |
millert |
Add a bunch of length/size macros and use them.
|
#
1.10 |
|
22-Oct-1996 |
millert |
Fake an s/key challenge if user doesn't have an entry. Stops info gathering attack.
|
#
1.9 |
|
14-Oct-1996 |
millert |
htoi now takes an int, not char. Only skey_set_algorithm() for the record that matches target user.
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.8 |
|
02-Oct-1996 |
millert |
Fix a bug wrt handling of old md4 entries. Now don't save a type with md4 so we don't go over the record size and munge other entries. Don't export symbols we don't need to in put.c.
|
#
1.7 |
|
30-Sep-1996 |
millert |
__ARGS -> __P (why does everyone have to do this differently?)
|
#
1.6 |
|
29-Sep-1996 |
millert |
check skey_set_algorithm() ret val + pedantry.
|
#
1.5 |
|
29-Sep-1996 |
millert |
Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).
|
#
1.4 |
|
29-Sep-1996 |
millert |
You can now cut and paste skey prompt in an xterm to get the key. Also removed broken code.
|
#
1.3 |
|
27-Sep-1996 |
millert |
Deal with both MD4 and MD5 s/key's
|
#
1.2 |
|
20-Dec-1995 |
deraadt |
add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851 also add a prototype for skeyzero()
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|