Delete obsolete /* ARGSUSED */ lint comments.

ok miod@ millert@

I am retiring my old email address; replace it with my OpenBSD one.

Don't burden keycrunch_{md5,sha1,rmd160}() with identical code to prepare a
buffer based on whether they are called by keycrunch() or f(). Instead let
keycrunch() and f() take care of this themselves.

OK millert@

Fix two bugs introduced after MD4 removal: Change the default algorithm
back to md5 (as documented on the man pages), and do not let
skey_set_algorithm() cause a segfault if an unsupported algorithm is
specified.

earlier version ok tedu@
help/ok millert@, ok naddy@

Remove the (non-default) MD4 hash algorithm from S/Key.
ok millert, man pages ok jmc@

fairly simple unsigned char casts for ctype
ok krw

Check fgets return value, from Charles Longeau.

OK millert@.

minimal cleanups lint begs for

Use SHA1Pad() instead of relying on unspecified behavior.

simple protos

Use snprintf() and strlcpy() throughout.

strlcat bounds

replace strcpy with strlcpy

Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.

Fix `necesary' typos; Alexander Yurchenko

Alas many of these were introduced by yours truly as necessary
just doesn't look right to me for some reason ;-)

avoid stdio in a signal handler; millert ok

Get rid of f_HASH() and fold its functionality into keycrunch_HASH().
This means we now only need to add one new function when adding a
new hash type.

Somehow missed from last S/Key commit (changes are static to skeysubr.c).

SHA1 is a big endian algorithm but RFC2289 mandates that results be
stored in little endian form (like MD4/MD5). So, instead of having
SHA1Final copy the result buffer, we do it ourselves with a loop
stolen from RFC2289, Appendix A. Closes PR1650.

Remove user existance disclosure through "s/key" challenges.

- Do coarse locking on /etc/skeykeys. Fixes a race that could allow
a replay attempt to succeed.
- OpenBSD tags

Fix one instance of bad strncpy() usage and some KNF.

Add RIPEMD-160 (rmd160) support to OTP (s/key).

Remove #if 0'd code

Use new SHA1* functions.

Add a bunch of length/size macros and use them.

Don't need the extra newline since we never turn off echo for s/key

htoi now takes an int, not char.
Only skey_set_algorithm() for the record that matches target user.

Added missing static's.

Fix byte order problem with sha1.

More RFC 1938 compliance--convert seed to lower case internally.

__ARGS -> __P (why does everyone have to do this differently?)

check skey_set_algorithm() ret val + pedantry.

Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).

Nicer echo on/off in its own function.

Deal with both MD4 and MD5 s/key's

branches: 1.1.1;
Initial revision

I am retiring my old email address; replace it with my OpenBSD one.

Don't burden keycrunch_{md5,sha1,rmd160}() with identical code to prepare a
buffer based on whether they are called by keycrunch() or f(). Instead let
keycrunch() and f() take care of this themselves.

OK millert@

Fix two bugs introduced after MD4 removal: Change the default algorithm
back to md5 (as documented on the man pages), and do not let
skey_set_algorithm() cause a segfault if an unsupported algorithm is
specified.

earlier version ok tedu@
help/ok millert@, ok naddy@

Remove the (non-default) MD4 hash algorithm from S/Key.
ok millert, man pages ok jmc@

fairly simple unsigned char casts for ctype
ok krw

Check fgets return value, from Charles Longeau.

OK millert@.

minimal cleanups lint begs for

Use SHA1Pad() instead of relying on unspecified behavior.

simple protos

Use snprintf() and strlcpy() throughout.

strlcat bounds

replace strcpy with strlcpy

Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.

Fix `necesary' typos; Alexander Yurchenko

Alas many of these were introduced by yours truly as necessary
just doesn't look right to me for some reason ;-)

avoid stdio in a signal handler; millert ok

Get rid of f_HASH() and fold its functionality into keycrunch_HASH().
This means we now only need to add one new function when adding a
new hash type.

Somehow missed from last S/Key commit (changes are static to skeysubr.c).

SHA1 is a big endian algorithm but RFC2289 mandates that results be
stored in little endian form (like MD4/MD5). So, instead of having
SHA1Final copy the result buffer, we do it ourselves with a loop
stolen from RFC2289, Appendix A. Closes PR1650.

Remove user existance disclosure through "s/key" challenges.

- Do coarse locking on /etc/skeykeys. Fixes a race that could allow
a replay attempt to succeed.
- OpenBSD tags

Fix one instance of bad strncpy() usage and some KNF.

Add RIPEMD-160 (rmd160) support to OTP (s/key).

Remove #if 0'd code

Use new SHA1* functions.

Add a bunch of length/size macros and use them.

Don't need the extra newline since we never turn off echo for s/key

htoi now takes an int, not char.
Only skey_set_algorithm() for the record that matches target user.

Added missing static's.

Fix byte order problem with sha1.

More RFC 1938 compliance--convert seed to lower case internally.

__ARGS -> __P (why does everyone have to do this differently?)

check skey_set_algorithm() ret val + pedantry.

Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).

Nicer echo on/off in its own function.

Deal with both MD4 and MD5 s/key's

branches: 1.1.1;
Initial revision

Don't burden keycrunch_{md5,sha1,rmd160}() with identical code to prepare a
buffer based on whether they are called by keycrunch() or f(). Instead let
keycrunch() and f() take care of this themselves.

OK millert@

Fix two bugs introduced after MD4 removal: Change the default algorithm
back to md5 (as documented on the man pages), and do not let
skey_set_algorithm() cause a segfault if an unsupported algorithm is
specified.

earlier version ok tedu@
help/ok millert@, ok naddy@

Remove the (non-default) MD4 hash algorithm from S/Key.
ok millert, man pages ok jmc@

fairly simple unsigned char casts for ctype
ok krw

Check fgets return value, from Charles Longeau.

OK millert@.

minimal cleanups lint begs for

Use SHA1Pad() instead of relying on unspecified behavior.

simple protos

Use snprintf() and strlcpy() throughout.

strlcat bounds

replace strcpy with strlcpy

Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.

Fix `necesary' typos; Alexander Yurchenko

Alas many of these were introduced by yours truly as necessary
just doesn't look right to me for some reason ;-)

avoid stdio in a signal handler; millert ok

Get rid of f_HASH() and fold its functionality into keycrunch_HASH().
This means we now only need to add one new function when adding a
new hash type.

Somehow missed from last S/Key commit (changes are static to skeysubr.c).

SHA1 is a big endian algorithm but RFC2289 mandates that results be
stored in little endian form (like MD4/MD5). So, instead of having
SHA1Final copy the result buffer, we do it ourselves with a loop
stolen from RFC2289, Appendix A. Closes PR1650.

Remove user existance disclosure through "s/key" challenges.

- Do coarse locking on /etc/skeykeys. Fixes a race that could allow
a replay attempt to succeed.
- OpenBSD tags

Fix one instance of bad strncpy() usage and some KNF.

Add RIPEMD-160 (rmd160) support to OTP (s/key).

Remove #if 0'd code

Use new SHA1* functions.

Add a bunch of length/size macros and use them.

Don't need the extra newline since we never turn off echo for s/key

htoi now takes an int, not char.
Only skey_set_algorithm() for the record that matches target user.

Added missing static's.

Fix byte order problem with sha1.

More RFC 1938 compliance--convert seed to lower case internally.

__ARGS -> __P (why does everyone have to do this differently?)

check skey_set_algorithm() ret val + pedantry.

Towards RFC 1938 compliance. Also, now supports SHA (secure hash algorithm).

Nicer echo on/off in its own function.

Deal with both MD4 and MD5 s/key's

branches: 1.1.1;
Initial revision