readdir_r(3) was never necessary and has been deprecated by POSIX.
Document that in the manpage and stop using it internally.

ok deraadt@ millert@ jmc@

Fix the length check when computing a fake challenge for users not
in the S/Key database. If the system hostname is longer than 126
characters this could result in NUL bytes being written past the
end of a stack buffer. There is no impact on systems with a hostname
126 characters or less. Found by Qualys. OK deraadt@

spelling fixes; from paul tagliamonte
any changes not taken noted on tech, but chiefly here i did not take the
cancelation - cancellation changes;

I am retiring my old email address; replace it with my OpenBSD one.

use freezero()

Generate the bogus challenge using arc4random_buf(3) instead of reading
directly from /var/db/host.random and falling back to ctime. Remove the
_SKEY_RAND_FILE_PATH_ since it's no longer needed.

ok millert, mestre

use explicit_bzero. one from Ricardo Mestre plus two more.

'miliseconds' -> 'milliseconds' in comments.

if_atu.c noted by Michal Mazurek.

Convert many atoi() calls to strtonum(), adding range checks and failure
handling along the way.
Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert

Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther

fairly simple unsigned char casts for ctype
ok krw

remove some bogus *p tests from charles longeau
ok deraadt millert

minimal cleanups lint begs for

Add skeychallenge2() which is like skeychallenge() but takes an
already open fd. Will be used to make separate challenge/response
invocations of login_skey keep the record locked. Also properly
escape minus signs in man page. OK henning@ jmc@

convert tgetline() from select(2) -> poll(2)

fix skeygetnext()

Use snprintf() and strlcpy() throughout.

Zero out struct skey early in skeylookup() so callers can reliably check
for keyfile == NULL and not get a garbage value.

Add a missing check for NULL keyfile in skeychallenge() that
caused a user w/o an S/Key to just get "permission denied" from
login_skey instead of a fake challenge.

use strtok_r() instead of strtok(); millert ok

enforce SKEY_MAX_CHALLENGE using snprintf()

Remove skeyzero(), it is no longer needed.

Check for disabled /etc/skey directory (mode 0000). This is needed
because some things (such as login) run as uid 0 and directory modes
won't restrict root.

Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory
where each user gets their own file, which is owned by that user.

An old S/Key database may be converted by running "skeyinit -C" as root.

Programs that need to access the S/Key database no longer need to be
setuid root. They must now be setgid auth instead.

Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.

Check for keyfile == NULL in skey_unlock()

skeyzero() never uses its 2nd arg so remove it. Since the only thing
that calls skeyzero() is skeyinit and I just updated the libskey
major I am not going to bump the major again here...

o Do per-record locking instead of whole file locking
o Use said locking to prevent a partial guess race as required by
RFC 2289. We now lock the record in skeylookup(), skeygetnext(),
and skeyverify().
o A little KNF
o Kill deprecated getskeyprompt() function
o Provide a function to unlock a record, skey_unlock()
o Timeout reading of the passphrase in skey_authenticate() and
skey_passcheck() since we have the record locked (uses select, not alarm).
o Convert old-style md4 entries (that lack an explicit hash) into
new-style ones with the hash specified if there is space on the line.

grammar

Move fake prompt generation from skey_authenticate() to skeychallenge()
and getskeyprompt(). This means that when you get a challenge the
result parameter is always filled in, even if the use is not in the
skeykeys file.

set mp->keyfile = NULL if stat fails

fd leak

fix descriptor leaks and double fclose(); markus and I; ok from millert

don't need sys/file.h now that we include fcntl.h

missing fcntl.h

replace open + fstat with stat

if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge.

Change the random file path, add a sanity check on file size.

Fix my fix to return sane values.

produce credible seeds for non-existent users.

Fix some of my indentation badness.

Remove user existance disclosure through "s/key" challenges.

Allow superuser to disable skey by unlnking /etc/skeykeys.

Don't let strncpy() get a negative length. Noted by Theo.

Don't unlock skeys file before closing it. The lock is released
when the file is closed anyway and explicately unlocking before
the file gets flushed defeats the purpose of locking in the first
place.

Remove debugging info, whoops.

- Do coarse locking on /etc/skeykeys. Fixes a race that could allow
a replay attempt to succeed.
- OpenBSD tags

Fix search and replace error introduced in version 1.16.

Convert upper -> lower case in seed for fake s/key propt.

- int -> long fixes
- restore priority correctly after setpriority (assumed start pri was 0)
- rfc-compliant challenge when faking it for those w/o a keyfile entry
on machines with short hostnames or non-alphanum hostnames.

Fix skeygetnext()

_PATH_SKEYKEYS now lives in <paths.h>
Add skeygetnext() for iterating over the key file.

Mode 0600 /etc/skeykeys

Need err.h for warnx proto.

Add a bunch of length/size macros and use them.

Fake an s/key challenge if user doesn't have an entry. Stops info
gathering attack.

htoi now takes an int, not char.
Only skey_set_algorithm() for the record that matches target user.

Fix a bug wrt handling of old md4 entries. Now don't save a type with md4
so we don't go over the record size and munge other entries. Don't export
symbols we don't need to in put.c.

__ARGS -> __P (why does everyone have to do this differently?)

check skey_set_algorithm() ret val + pedantry.

Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).

You can now cut and paste skey prompt in an xterm to get the key.
Also removed broken code.

Deal with both MD4 and MD5 s/key's

add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851
also add a prototype for skeyzero()

branches: 1.1.1;
Initial revision

Fix the length check when computing a fake challenge for users not
in the S/Key database. If the system hostname is longer than 126
characters this could result in NUL bytes being written past the
end of a stack buffer. There is no impact on systems with a hostname
126 characters or less. Found by Qualys. OK deraadt@

spelling fixes; from paul tagliamonte
any changes not taken noted on tech, but chiefly here i did not take the
cancelation - cancellation changes;

I am retiring my old email address; replace it with my OpenBSD one.

use freezero()

Generate the bogus challenge using arc4random_buf(3) instead of reading
directly from /var/db/host.random and falling back to ctime. Remove the
_SKEY_RAND_FILE_PATH_ since it's no longer needed.

ok millert, mestre

use explicit_bzero. one from Ricardo Mestre plus two more.

'miliseconds' -> 'milliseconds' in comments.

if_atu.c noted by Michal Mazurek.

Convert many atoi() calls to strtonum(), adding range checks and failure
handling along the way.
Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert

Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther

fairly simple unsigned char casts for ctype
ok krw

remove some bogus *p tests from charles longeau
ok deraadt millert

minimal cleanups lint begs for

Add skeychallenge2() which is like skeychallenge() but takes an
already open fd. Will be used to make separate challenge/response
invocations of login_skey keep the record locked. Also properly
escape minus signs in man page. OK henning@ jmc@

convert tgetline() from select(2) -> poll(2)

fix skeygetnext()

Use snprintf() and strlcpy() throughout.

Zero out struct skey early in skeylookup() so callers can reliably check
for keyfile == NULL and not get a garbage value.

Add a missing check for NULL keyfile in skeychallenge() that
caused a user w/o an S/Key to just get "permission denied" from
login_skey instead of a fake challenge.

use strtok_r() instead of strtok(); millert ok

enforce SKEY_MAX_CHALLENGE using snprintf()

Remove skeyzero(), it is no longer needed.

Check for disabled /etc/skey directory (mode 0000). This is needed
because some things (such as login) run as uid 0 and directory modes
won't restrict root.

Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory
where each user gets their own file, which is owned by that user.

An old S/Key database may be converted by running "skeyinit -C" as root.

Programs that need to access the S/Key database no longer need to be
setuid root. They must now be setgid auth instead.

Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.

Check for keyfile == NULL in skey_unlock()

skeyzero() never uses its 2nd arg so remove it. Since the only thing
that calls skeyzero() is skeyinit and I just updated the libskey
major I am not going to bump the major again here...

o Do per-record locking instead of whole file locking
o Use said locking to prevent a partial guess race as required by
RFC 2289. We now lock the record in skeylookup(), skeygetnext(),
and skeyverify().
o A little KNF
o Kill deprecated getskeyprompt() function
o Provide a function to unlock a record, skey_unlock()
o Timeout reading of the passphrase in skey_authenticate() and
skey_passcheck() since we have the record locked (uses select, not alarm).
o Convert old-style md4 entries (that lack an explicit hash) into
new-style ones with the hash specified if there is space on the line.

grammar

Move fake prompt generation from skey_authenticate() to skeychallenge()
and getskeyprompt(). This means that when you get a challenge the
result parameter is always filled in, even if the use is not in the
skeykeys file.

set mp->keyfile = NULL if stat fails

fd leak

fix descriptor leaks and double fclose(); markus and I; ok from millert

don't need sys/file.h now that we include fcntl.h

missing fcntl.h

replace open + fstat with stat

if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge.

Change the random file path, add a sanity check on file size.

Fix my fix to return sane values.

produce credible seeds for non-existent users.

Fix some of my indentation badness.

Remove user existance disclosure through "s/key" challenges.

Allow superuser to disable skey by unlnking /etc/skeykeys.

Don't let strncpy() get a negative length. Noted by Theo.

Don't unlock skeys file before closing it. The lock is released
when the file is closed anyway and explicately unlocking before
the file gets flushed defeats the purpose of locking in the first
place.

Remove debugging info, whoops.

- Do coarse locking on /etc/skeykeys. Fixes a race that could allow
a replay attempt to succeed.
- OpenBSD tags

Fix search and replace error introduced in version 1.16.

Convert upper -> lower case in seed for fake s/key propt.

- int -> long fixes
- restore priority correctly after setpriority (assumed start pri was 0)
- rfc-compliant challenge when faking it for those w/o a keyfile entry
on machines with short hostnames or non-alphanum hostnames.

Fix skeygetnext()

_PATH_SKEYKEYS now lives in <paths.h>
Add skeygetnext() for iterating over the key file.

Mode 0600 /etc/skeykeys

Need err.h for warnx proto.

Add a bunch of length/size macros and use them.

Fake an s/key challenge if user doesn't have an entry. Stops info
gathering attack.

htoi now takes an int, not char.
Only skey_set_algorithm() for the record that matches target user.

Fix a bug wrt handling of old md4 entries. Now don't save a type with md4
so we don't go over the record size and munge other entries. Don't export
symbols we don't need to in put.c.

__ARGS -> __P (why does everyone have to do this differently?)

check skey_set_algorithm() ret val + pedantry.

Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).

You can now cut and paste skey prompt in an xterm to get the key.
Also removed broken code.

Deal with both MD4 and MD5 s/key's

add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851
also add a prototype for skeyzero()

branches: 1.1.1;
Initial revision

spelling fixes; from paul tagliamonte
any changes not taken noted on tech, but chiefly here i did not take the
cancelation - cancellation changes;

I am retiring my old email address; replace it with my OpenBSD one.

use freezero()

Generate the bogus challenge using arc4random_buf(3) instead of reading
directly from /var/db/host.random and falling back to ctime. Remove the
_SKEY_RAND_FILE_PATH_ since it's no longer needed.

ok millert, mestre

use explicit_bzero. one from Ricardo Mestre plus two more.

'miliseconds' -> 'milliseconds' in comments.

if_atu.c noted by Michal Mazurek.

Convert many atoi() calls to strtonum(), adding range checks and failure
handling along the way.
Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert

Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther

fairly simple unsigned char casts for ctype
ok krw

remove some bogus *p tests from charles longeau
ok deraadt millert

minimal cleanups lint begs for

Add skeychallenge2() which is like skeychallenge() but takes an
already open fd. Will be used to make separate challenge/response
invocations of login_skey keep the record locked. Also properly
escape minus signs in man page. OK henning@ jmc@

convert tgetline() from select(2) -> poll(2)

fix skeygetnext()

Use snprintf() and strlcpy() throughout.

Zero out struct skey early in skeylookup() so callers can reliably check
for keyfile == NULL and not get a garbage value.

Add a missing check for NULL keyfile in skeychallenge() that
caused a user w/o an S/Key to just get "permission denied" from
login_skey instead of a fake challenge.

use strtok_r() instead of strtok(); millert ok

enforce SKEY_MAX_CHALLENGE using snprintf()

Remove skeyzero(), it is no longer needed.

Check for disabled /etc/skey directory (mode 0000). This is needed
because some things (such as login) run as uid 0 and directory modes
won't restrict root.

Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory
where each user gets their own file, which is owned by that user.

An old S/Key database may be converted by running "skeyinit -C" as root.

Programs that need to access the S/Key database no longer need to be
setuid root. They must now be setgid auth instead.

Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.

Check for keyfile == NULL in skey_unlock()

skeyzero() never uses its 2nd arg so remove it. Since the only thing
that calls skeyzero() is skeyinit and I just updated the libskey
major I am not going to bump the major again here...

o Do per-record locking instead of whole file locking
o Use said locking to prevent a partial guess race as required by
RFC 2289. We now lock the record in skeylookup(), skeygetnext(),
and skeyverify().
o A little KNF
o Kill deprecated getskeyprompt() function
o Provide a function to unlock a record, skey_unlock()
o Timeout reading of the passphrase in skey_authenticate() and
skey_passcheck() since we have the record locked (uses select, not alarm).
o Convert old-style md4 entries (that lack an explicit hash) into
new-style ones with the hash specified if there is space on the line.

grammar

Move fake prompt generation from skey_authenticate() to skeychallenge()
and getskeyprompt(). This means that when you get a challenge the
result parameter is always filled in, even if the use is not in the
skeykeys file.

set mp->keyfile = NULL if stat fails

fd leak

fix descriptor leaks and double fclose(); markus and I; ok from millert

don't need sys/file.h now that we include fcntl.h

missing fcntl.h

replace open + fstat with stat

if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge.

Change the random file path, add a sanity check on file size.

Fix my fix to return sane values.

produce credible seeds for non-existent users.

Fix some of my indentation badness.

Remove user existance disclosure through "s/key" challenges.

Allow superuser to disable skey by unlnking /etc/skeykeys.

Don't let strncpy() get a negative length. Noted by Theo.

Don't unlock skeys file before closing it. The lock is released
when the file is closed anyway and explicately unlocking before
the file gets flushed defeats the purpose of locking in the first
place.

Remove debugging info, whoops.

- Do coarse locking on /etc/skeykeys. Fixes a race that could allow
a replay attempt to succeed.
- OpenBSD tags

Fix search and replace error introduced in version 1.16.

Convert upper -> lower case in seed for fake s/key propt.

- int -> long fixes
- restore priority correctly after setpriority (assumed start pri was 0)
- rfc-compliant challenge when faking it for those w/o a keyfile entry
on machines with short hostnames or non-alphanum hostnames.

Fix skeygetnext()

_PATH_SKEYKEYS now lives in <paths.h>
Add skeygetnext() for iterating over the key file.

Mode 0600 /etc/skeykeys

Need err.h for warnx proto.

Add a bunch of length/size macros and use them.

Fake an s/key challenge if user doesn't have an entry. Stops info
gathering attack.

htoi now takes an int, not char.
Only skey_set_algorithm() for the record that matches target user.

Fix a bug wrt handling of old md4 entries. Now don't save a type with md4
so we don't go over the record size and munge other entries. Don't export
symbols we don't need to in put.c.

__ARGS -> __P (why does everyone have to do this differently?)

check skey_set_algorithm() ret val + pedantry.

Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).

You can now cut and paste skey prompt in an xterm to get the key.
Also removed broken code.

Deal with both MD4 and MD5 s/key's

add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851
also add a prototype for skeyzero()

branches: 1.1.1;
Initial revision

I am retiring my old email address; replace it with my OpenBSD one.

use freezero()

Generate the bogus challenge using arc4random_buf(3) instead of reading
directly from /var/db/host.random and falling back to ctime. Remove the
_SKEY_RAND_FILE_PATH_ since it's no longer needed.

ok millert, mestre

use explicit_bzero. one from Ricardo Mestre plus two more.

'miliseconds' -> 'milliseconds' in comments.

if_atu.c noted by Michal Mazurek.

Convert many atoi() calls to strtonum(), adding range checks and failure
handling along the way.
Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert

Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther

fairly simple unsigned char casts for ctype
ok krw

remove some bogus *p tests from charles longeau
ok deraadt millert

minimal cleanups lint begs for

Add skeychallenge2() which is like skeychallenge() but takes an
already open fd. Will be used to make separate challenge/response
invocations of login_skey keep the record locked. Also properly
escape minus signs in man page. OK henning@ jmc@

convert tgetline() from select(2) -> poll(2)

fix skeygetnext()

Use snprintf() and strlcpy() throughout.

Zero out struct skey early in skeylookup() so callers can reliably check
for keyfile == NULL and not get a garbage value.

Add a missing check for NULL keyfile in skeychallenge() that
caused a user w/o an S/Key to just get "permission denied" from
login_skey instead of a fake challenge.

use strtok_r() instead of strtok(); millert ok

enforce SKEY_MAX_CHALLENGE using snprintf()

Remove skeyzero(), it is no longer needed.

Check for disabled /etc/skey directory (mode 0000). This is needed
because some things (such as login) run as uid 0 and directory modes
won't restrict root.

Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory
where each user gets their own file, which is owned by that user.

An old S/Key database may be converted by running "skeyinit -C" as root.

Programs that need to access the S/Key database no longer need to be
setuid root. They must now be setgid auth instead.

Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.

Check for keyfile == NULL in skey_unlock()

skeyzero() never uses its 2nd arg so remove it. Since the only thing
that calls skeyzero() is skeyinit and I just updated the libskey
major I am not going to bump the major again here...

o Do per-record locking instead of whole file locking
o Use said locking to prevent a partial guess race as required by
RFC 2289. We now lock the record in skeylookup(), skeygetnext(),
and skeyverify().
o A little KNF
o Kill deprecated getskeyprompt() function
o Provide a function to unlock a record, skey_unlock()
o Timeout reading of the passphrase in skey_authenticate() and
skey_passcheck() since we have the record locked (uses select, not alarm).
o Convert old-style md4 entries (that lack an explicit hash) into
new-style ones with the hash specified if there is space on the line.

grammar

Move fake prompt generation from skey_authenticate() to skeychallenge()
and getskeyprompt(). This means that when you get a challenge the
result parameter is always filled in, even if the use is not in the
skeykeys file.

set mp->keyfile = NULL if stat fails

fd leak

fix descriptor leaks and double fclose(); markus and I; ok from millert

don't need sys/file.h now that we include fcntl.h

missing fcntl.h

replace open + fstat with stat

if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge.

Change the random file path, add a sanity check on file size.

Fix my fix to return sane values.

produce credible seeds for non-existent users.

Fix some of my indentation badness.

Remove user existance disclosure through "s/key" challenges.

Allow superuser to disable skey by unlnking /etc/skeykeys.

Don't let strncpy() get a negative length. Noted by Theo.

Don't unlock skeys file before closing it. The lock is released
when the file is closed anyway and explicately unlocking before
the file gets flushed defeats the purpose of locking in the first
place.

Remove debugging info, whoops.

- Do coarse locking on /etc/skeykeys. Fixes a race that could allow
a replay attempt to succeed.
- OpenBSD tags

Fix search and replace error introduced in version 1.16.

Convert upper -> lower case in seed for fake s/key propt.

- int -> long fixes
- restore priority correctly after setpriority (assumed start pri was 0)
- rfc-compliant challenge when faking it for those w/o a keyfile entry
on machines with short hostnames or non-alphanum hostnames.

Fix skeygetnext()

_PATH_SKEYKEYS now lives in <paths.h>
Add skeygetnext() for iterating over the key file.

Mode 0600 /etc/skeykeys

Need err.h for warnx proto.

Add a bunch of length/size macros and use them.

Fake an s/key challenge if user doesn't have an entry. Stops info
gathering attack.

htoi now takes an int, not char.
Only skey_set_algorithm() for the record that matches target user.

Fix a bug wrt handling of old md4 entries. Now don't save a type with md4
so we don't go over the record size and munge other entries. Don't export
symbols we don't need to in put.c.

__ARGS -> __P (why does everyone have to do this differently?)

check skey_set_algorithm() ret val + pedantry.

Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).

You can now cut and paste skey prompt in an xterm to get the key.
Also removed broken code.

Deal with both MD4 and MD5 s/key's

add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851
also add a prototype for skeyzero()

branches: 1.1.1;
Initial revision

use freezero()

Generate the bogus challenge using arc4random_buf(3) instead of reading
directly from /var/db/host.random and falling back to ctime. Remove the
_SKEY_RAND_FILE_PATH_ since it's no longer needed.

ok millert, mestre

use explicit_bzero. one from Ricardo Mestre plus two more.

'miliseconds' -> 'milliseconds' in comments.

if_atu.c noted by Michal Mazurek.

Convert many atoi() calls to strtonum(), adding range checks and failure
handling along the way.
Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert

Move to the <limits.h> universe.
review by millert, binary checking process with doug, concept with guenther

fairly simple unsigned char casts for ctype
ok krw

remove some bogus *p tests from charles longeau
ok deraadt millert

minimal cleanups lint begs for

Add skeychallenge2() which is like skeychallenge() but takes an
already open fd. Will be used to make separate challenge/response
invocations of login_skey keep the record locked. Also properly
escape minus signs in man page. OK henning@ jmc@

convert tgetline() from select(2) -> poll(2)

fix skeygetnext()

Use snprintf() and strlcpy() throughout.

Zero out struct skey early in skeylookup() so callers can reliably check
for keyfile == NULL and not get a garbage value.

Add a missing check for NULL keyfile in skeychallenge() that
caused a user w/o an S/Key to just get "permission denied" from
login_skey instead of a fake challenge.

use strtok_r() instead of strtok(); millert ok

enforce SKEY_MAX_CHALLENGE using snprintf()

Remove skeyzero(), it is no longer needed.

Check for disabled /etc/skey directory (mode 0000). This is needed
because some things (such as login) run as uid 0 and directory modes
won't restrict root.

Change S/Key stuff from using a flat file (/etc/skeykeys) to a directory
where each user gets their own file, which is owned by that user.

An old S/Key database may be converted by running "skeyinit -C" as root.

Programs that need to access the S/Key database no longer need to be
setuid root. They must now be setgid auth instead.

Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.

Check for keyfile == NULL in skey_unlock()

skeyzero() never uses its 2nd arg so remove it. Since the only thing
that calls skeyzero() is skeyinit and I just updated the libskey
major I am not going to bump the major again here...

o Do per-record locking instead of whole file locking
o Use said locking to prevent a partial guess race as required by
RFC 2289. We now lock the record in skeylookup(), skeygetnext(),
and skeyverify().
o A little KNF
o Kill deprecated getskeyprompt() function
o Provide a function to unlock a record, skey_unlock()
o Timeout reading of the passphrase in skey_authenticate() and
skey_passcheck() since we have the record locked (uses select, not alarm).
o Convert old-style md4 entries (that lack an explicit hash) into
new-style ones with the hash specified if there is space on the line.

grammar

Move fake prompt generation from skey_authenticate() to skeychallenge()
and getskeyprompt(). This means that when you get a challenge the
result parameter is always filled in, even if the use is not in the
skeykeys file.

set mp->keyfile = NULL if stat fails

fd leak

fix descriptor leaks and double fclose(); markus and I; ok from millert

don't need sys/file.h now that we include fcntl.h

missing fcntl.h

replace open + fstat with stat

if there is no /etc/host.random, hash on the ctime of /dev/mem or /. This is much better than the old fake challenge.

Change the random file path, add a sanity check on file size.

Fix my fix to return sane values.

produce credible seeds for non-existent users.

Fix some of my indentation badness.

Remove user existance disclosure through "s/key" challenges.

Allow superuser to disable skey by unlnking /etc/skeykeys.

Don't let strncpy() get a negative length. Noted by Theo.

Don't unlock skeys file before closing it. The lock is released
when the file is closed anyway and explicately unlocking before
the file gets flushed defeats the purpose of locking in the first
place.

Remove debugging info, whoops.

- Do coarse locking on /etc/skeykeys. Fixes a race that could allow
a replay attempt to succeed.
- OpenBSD tags

Fix search and replace error introduced in version 1.16.

Convert upper -> lower case in seed for fake s/key propt.

- int -> long fixes
- restore priority correctly after setpriority (assumed start pri was 0)
- rfc-compliant challenge when faking it for those w/o a keyfile entry
on machines with short hostnames or non-alphanum hostnames.

Fix skeygetnext()

_PATH_SKEYKEYS now lives in <paths.h>
Add skeygetnext() for iterating over the key file.

Mode 0600 /etc/skeykeys

Need err.h for warnx proto.

Add a bunch of length/size macros and use them.

Fake an s/key challenge if user doesn't have an entry. Stops info
gathering attack.

htoi now takes an int, not char.
Only skey_set_algorithm() for the record that matches target user.

Fix a bug wrt handling of old md4 entries. Now don't save a type with md4
so we don't go over the record size and munge other entries. Don't export
symbols we don't need to in put.c.

__ARGS -> __P (why does everyone have to do this differently?)

check skey_set_algorithm() ret val + pedantry.

Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).

You can now cut and paste skey prompt in an xterm to get the key.
Also removed broken code.

Deal with both MD4 and MD5 s/key's

add ability to zero out entry; from millert@cs.colorado.edu; netbsd pr#1851
also add a prototype for skeyzero()

branches: 1.1.1;
Initial revision