#
1.30 |
|
08-Mar-2023 |
guenther |
Delete obsolete /* ARGSUSED */ lint comments.
ok miod@ millert@
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.29 |
|
02-Jan-2021 |
millert |
Check auth_mkvalue(3) return value for NULL (malloc failure). For constant strings we don't actually need to use auth_mkvalue(3). Problem reported by Ross L Richardson.
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.28 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.27 |
|
25-Jan-2019 |
millert |
I am retiring my old email address; replace it with my OpenBSD one.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.26 |
|
20-Jul-2017 |
bluhm |
When login_skey was called for a user without skey, it crashed with NULL pointer dereference. It tried to pass a file descriptor that did not exist. This has to be done conditionally. bug found by Raimund Specht with process accounting; OK millert@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.25 |
|
16-Oct-2015 |
millert |
Implement real "flock" request and add it to userland programs that use pledge and file locking. OK deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.24 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.23 |
|
02-Jun-2009 |
jmeltzer |
comment spelling fix: ARSGUSED -> ARGSUSED
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.22 |
|
24-Mar-2008 |
deraadt |
msg_controllen has to be CMSG_SPACE so that the kernel can account for each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This works now that kernel fd passing has been fixed to accept a bit of sloppiness because of this ABI repair. lots of discussion with kettenis
|
#
1.21 |
|
15-Mar-2008 |
deraadt |
Repair the simple cases for msg_controllen where it should just be CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because of alignment; ok kettenis hshoexer
|
#
1.20 |
|
13-Mar-2008 |
deraadt |
Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to an extensive discussion with otto, kettenis, millert, and hshoexer
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.19 |
|
26-Jul-2007 |
millert |
Remove the space after "Password:" in password prompts where echo is turned off. This is consistent with historic UNIX behavior.
|
#
1.18 |
|
25-May-2007 |
krw |
"interupt" -> "interrupt" in various comments. Mostly from Diego Casati.
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.17 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.16 |
|
30-Aug-2004 |
millert |
Use CMSG_SPACE when allocating space for the control message. Fixes fd passing problems on sparc and sparc64. OK henning@
|
#
1.15 |
|
11-Aug-2004 |
millert |
Rename confusing variable for readability's sake. No actual code changes.
|
#
1.14 |
|
08-Aug-2004 |
deraadt |
spacing
|
#
1.13 |
|
05-Aug-2004 |
millert |
Add support for passing an fd to the user's S/Key record back and forth between login_skey and the invoking process. This allows us to keep the record locked between an invocation of login_skey that receives the challenge and another that verifies the response, preventing an interloper from sniffing the challenge and beating the legitimate user to the response.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.12 |
|
10-Mar-2004 |
millert |
More checking for a NULL return value from getpass(). otto@ OK
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.11 |
|
06-Sep-2002 |
deraadt |
ansi; ok millert pvalchev
|
#
1.10 |
|
28-Jun-2002 |
deraadt |
minor indent cleanup
|
#
1.9 |
|
02-Jun-2002 |
deraadt |
minor KNF
|
#
1.8 |
|
29-May-2002 |
deraadt |
a few more strlcat
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.7 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.6 |
|
07-Dec-2001 |
millert |
Catch SIGINT, SIGQUIT and SIGTSTP but ignore during the database update. We have to be careful and drop our lock if we are suspended and then regain the lock on resume. This is necessary because the user must not be allowed to keep a record locked for a long period of time to avoid a DoS. We must be sure to re-lock when we resume because otherwise an attacker could suspend us until a user starts to login and then resume and then race the user for login using the challenge response from the user.
|
#
1.5 |
|
06-Dec-2001 |
millert |
Do not set handler for SIGINT and SIGQUIT to SIG_IGN since it prevents getpass()/readpassphrase() from being able to restore the tty mode on keyboard interrupt. Along with the recent readpassphrase.c commit this means that if you ^C things that use login scripts (like su(1)) with a non-CBREAK shell your tty mode will be restored nicely.
TODO: The various login scripts need to install handlers to avoid leaving turd files or otherwise ending in a bad state. It would also be nice to send BI_REJECT to the back channel.
|
#
1.4 |
|
24-Oct-2001 |
mpech |
getopt(3) returns -1 when out of args, not EOF.
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.3 |
|
25-Jun-2001 |
millert |
Remove instance stuff now that su uses an explicit option to specify the invoking user.
|
#
1.2 |
|
20-Jun-2001 |
millert |
Add an alarm to implement as timeout on the locked record.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.1 |
|
12-Dec-2000 |
millert |
skey login script; authenticates the user via S/Key will be used when BSD authentication is enabled
|
#
1.29 |
|
02-Jan-2021 |
millert |
Check auth_mkvalue(3) return value for NULL (malloc failure). For constant strings we don't actually need to use auth_mkvalue(3). Problem reported by Ross L Richardson.
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.28 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.27 |
|
25-Jan-2019 |
millert |
I am retiring my old email address; replace it with my OpenBSD one.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.26 |
|
20-Jul-2017 |
bluhm |
When login_skey was called for a user without skey, it crashed with NULL pointer dereference. It tried to pass a file descriptor that did not exist. This has to be done conditionally. bug found by Raimund Specht with process accounting; OK millert@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.25 |
|
16-Oct-2015 |
millert |
Implement real "flock" request and add it to userland programs that use pledge and file locking. OK deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.24 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.23 |
|
02-Jun-2009 |
jmeltzer |
comment spelling fix: ARSGUSED -> ARGSUSED
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.22 |
|
24-Mar-2008 |
deraadt |
msg_controllen has to be CMSG_SPACE so that the kernel can account for each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This works now that kernel fd passing has been fixed to accept a bit of sloppiness because of this ABI repair. lots of discussion with kettenis
|
#
1.21 |
|
15-Mar-2008 |
deraadt |
Repair the simple cases for msg_controllen where it should just be CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because of alignment; ok kettenis hshoexer
|
#
1.20 |
|
13-Mar-2008 |
deraadt |
Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to an extensive discussion with otto, kettenis, millert, and hshoexer
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.19 |
|
26-Jul-2007 |
millert |
Remove the space after "Password:" in password prompts where echo is turned off. This is consistent with historic UNIX behavior.
|
#
1.18 |
|
25-May-2007 |
krw |
"interupt" -> "interrupt" in various comments. Mostly from Diego Casati.
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.17 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.16 |
|
30-Aug-2004 |
millert |
Use CMSG_SPACE when allocating space for the control message. Fixes fd passing problems on sparc and sparc64. OK henning@
|
#
1.15 |
|
11-Aug-2004 |
millert |
Rename confusing variable for readability's sake. No actual code changes.
|
#
1.14 |
|
08-Aug-2004 |
deraadt |
spacing
|
#
1.13 |
|
05-Aug-2004 |
millert |
Add support for passing an fd to the user's S/Key record back and forth between login_skey and the invoking process. This allows us to keep the record locked between an invocation of login_skey that receives the challenge and another that verifies the response, preventing an interloper from sniffing the challenge and beating the legitimate user to the response.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.12 |
|
10-Mar-2004 |
millert |
More checking for a NULL return value from getpass(). otto@ OK
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.11 |
|
06-Sep-2002 |
deraadt |
ansi; ok millert pvalchev
|
#
1.10 |
|
28-Jun-2002 |
deraadt |
minor indent cleanup
|
#
1.9 |
|
02-Jun-2002 |
deraadt |
minor KNF
|
#
1.8 |
|
29-May-2002 |
deraadt |
a few more strlcat
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.7 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.6 |
|
07-Dec-2001 |
millert |
Catch SIGINT, SIGQUIT and SIGTSTP but ignore during the database update. We have to be careful and drop our lock if we are suspended and then regain the lock on resume. This is necessary because the user must not be allowed to keep a record locked for a long period of time to avoid a DoS. We must be sure to re-lock when we resume because otherwise an attacker could suspend us until a user starts to login and then resume and then race the user for login using the challenge response from the user.
|
#
1.5 |
|
06-Dec-2001 |
millert |
Do not set handler for SIGINT and SIGQUIT to SIG_IGN since it prevents getpass()/readpassphrase() from being able to restore the tty mode on keyboard interrupt. Along with the recent readpassphrase.c commit this means that if you ^C things that use login scripts (like su(1)) with a non-CBREAK shell your tty mode will be restored nicely.
TODO: The various login scripts need to install handlers to avoid leaving turd files or otherwise ending in a bad state. It would also be nice to send BI_REJECT to the back channel.
|
#
1.4 |
|
24-Oct-2001 |
mpech |
getopt(3) returns -1 when out of args, not EOF.
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.3 |
|
25-Jun-2001 |
millert |
Remove instance stuff now that su uses an explicit option to specify the invoking user.
|
#
1.2 |
|
20-Jun-2001 |
millert |
Add an alarm to implement as timeout on the locked record.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.1 |
|
12-Dec-2000 |
millert |
skey login script; authenticates the user via S/Key will be used when BSD authentication is enabled
|
#
1.28 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.27 |
|
25-Jan-2019 |
millert |
I am retiring my old email address; replace it with my OpenBSD one.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.26 |
|
20-Jul-2017 |
bluhm |
When login_skey was called for a user without skey, it crashed with NULL pointer dereference. It tried to pass a file descriptor that did not exist. This has to be done conditionally. bug found by Raimund Specht with process accounting; OK millert@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.25 |
|
16-Oct-2015 |
millert |
Implement real "flock" request and add it to userland programs that use pledge and file locking. OK deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.24 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.23 |
|
02-Jun-2009 |
jmeltzer |
comment spelling fix: ARSGUSED -> ARGSUSED
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.22 |
|
24-Mar-2008 |
deraadt |
msg_controllen has to be CMSG_SPACE so that the kernel can account for each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This works now that kernel fd passing has been fixed to accept a bit of sloppiness because of this ABI repair. lots of discussion with kettenis
|
#
1.21 |
|
15-Mar-2008 |
deraadt |
Repair the simple cases for msg_controllen where it should just be CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because of alignment; ok kettenis hshoexer
|
#
1.20 |
|
13-Mar-2008 |
deraadt |
Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to an extensive discussion with otto, kettenis, millert, and hshoexer
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.19 |
|
26-Jul-2007 |
millert |
Remove the space after "Password:" in password prompts where echo is turned off. This is consistent with historic UNIX behavior.
|
#
1.18 |
|
25-May-2007 |
krw |
"interupt" -> "interrupt" in various comments. Mostly from Diego Casati.
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.17 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.16 |
|
30-Aug-2004 |
millert |
Use CMSG_SPACE when allocating space for the control message. Fixes fd passing problems on sparc and sparc64. OK henning@
|
#
1.15 |
|
11-Aug-2004 |
millert |
Rename confusing variable for readability's sake. No actual code changes.
|
#
1.14 |
|
08-Aug-2004 |
deraadt |
spacing
|
#
1.13 |
|
05-Aug-2004 |
millert |
Add support for passing an fd to the user's S/Key record back and forth between login_skey and the invoking process. This allows us to keep the record locked between an invocation of login_skey that receives the challenge and another that verifies the response, preventing an interloper from sniffing the challenge and beating the legitimate user to the response.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.12 |
|
10-Mar-2004 |
millert |
More checking for a NULL return value from getpass(). otto@ OK
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.11 |
|
06-Sep-2002 |
deraadt |
ansi; ok millert pvalchev
|
#
1.10 |
|
28-Jun-2002 |
deraadt |
minor indent cleanup
|
#
1.9 |
|
02-Jun-2002 |
deraadt |
minor KNF
|
#
1.8 |
|
29-May-2002 |
deraadt |
a few more strlcat
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.7 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.6 |
|
07-Dec-2001 |
millert |
Catch SIGINT, SIGQUIT and SIGTSTP but ignore during the database update. We have to be careful and drop our lock if we are suspended and then regain the lock on resume. This is necessary because the user must not be allowed to keep a record locked for a long period of time to avoid a DoS. We must be sure to re-lock when we resume because otherwise an attacker could suspend us until a user starts to login and then resume and then race the user for login using the challenge response from the user.
|
#
1.5 |
|
06-Dec-2001 |
millert |
Do not set handler for SIGINT and SIGQUIT to SIG_IGN since it prevents getpass()/readpassphrase() from being able to restore the tty mode on keyboard interrupt. Along with the recent readpassphrase.c commit this means that if you ^C things that use login scripts (like su(1)) with a non-CBREAK shell your tty mode will be restored nicely.
TODO: The various login scripts need to install handlers to avoid leaving turd files or otherwise ending in a bad state. It would also be nice to send BI_REJECT to the back channel.
|
#
1.4 |
|
24-Oct-2001 |
mpech |
getopt(3) returns -1 when out of args, not EOF.
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.3 |
|
25-Jun-2001 |
millert |
Remove instance stuff now that su uses an explicit option to specify the invoking user.
|
#
1.2 |
|
20-Jun-2001 |
millert |
Add an alarm to implement as timeout on the locked record.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.1 |
|
12-Dec-2000 |
millert |
skey login script; authenticates the user via S/Key will be used when BSD authentication is enabled
|
#
1.27 |
|
25-Jan-2019 |
millert |
I am retiring my old email address; replace it with my OpenBSD one.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.26 |
|
20-Jul-2017 |
bluhm |
When login_skey was called for a user without skey, it crashed with NULL pointer dereference. It tried to pass a file descriptor that did not exist. This has to be done conditionally. bug found by Raimund Specht with process accounting; OK millert@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.25 |
|
16-Oct-2015 |
millert |
Implement real "flock" request and add it to userland programs that use pledge and file locking. OK deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.24 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.23 |
|
02-Jun-2009 |
jmeltzer |
comment spelling fix: ARSGUSED -> ARGSUSED
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.22 |
|
24-Mar-2008 |
deraadt |
msg_controllen has to be CMSG_SPACE so that the kernel can account for each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This works now that kernel fd passing has been fixed to accept a bit of sloppiness because of this ABI repair. lots of discussion with kettenis
|
#
1.21 |
|
15-Mar-2008 |
deraadt |
Repair the simple cases for msg_controllen where it should just be CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because of alignment; ok kettenis hshoexer
|
#
1.20 |
|
13-Mar-2008 |
deraadt |
Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to an extensive discussion with otto, kettenis, millert, and hshoexer
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.19 |
|
26-Jul-2007 |
millert |
Remove the space after "Password:" in password prompts where echo is turned off. This is consistent with historic UNIX behavior.
|
#
1.18 |
|
25-May-2007 |
krw |
"interupt" -> "interrupt" in various comments. Mostly from Diego Casati.
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.17 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.16 |
|
30-Aug-2004 |
millert |
Use CMSG_SPACE when allocating space for the control message. Fixes fd passing problems on sparc and sparc64. OK henning@
|
#
1.15 |
|
11-Aug-2004 |
millert |
Rename confusing variable for readability's sake. No actual code changes.
|
#
1.14 |
|
08-Aug-2004 |
deraadt |
spacing
|
#
1.13 |
|
05-Aug-2004 |
millert |
Add support for passing an fd to the user's S/Key record back and forth between login_skey and the invoking process. This allows us to keep the record locked between an invocation of login_skey that receives the challenge and another that verifies the response, preventing an interloper from sniffing the challenge and beating the legitimate user to the response.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.12 |
|
10-Mar-2004 |
millert |
More checking for a NULL return value from getpass(). otto@ OK
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.11 |
|
06-Sep-2002 |
deraadt |
ansi; ok millert pvalchev
|
#
1.10 |
|
28-Jun-2002 |
deraadt |
minor indent cleanup
|
#
1.9 |
|
02-Jun-2002 |
deraadt |
minor KNF
|
#
1.8 |
|
29-May-2002 |
deraadt |
a few more strlcat
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.7 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.6 |
|
07-Dec-2001 |
millert |
Catch SIGINT, SIGQUIT and SIGTSTP but ignore during the database update. We have to be careful and drop our lock if we are suspended and then regain the lock on resume. This is necessary because the user must not be allowed to keep a record locked for a long period of time to avoid a DoS. We must be sure to re-lock when we resume because otherwise an attacker could suspend us until a user starts to login and then resume and then race the user for login using the challenge response from the user.
|
#
1.5 |
|
06-Dec-2001 |
millert |
Do not set handler for SIGINT and SIGQUIT to SIG_IGN since it prevents getpass()/readpassphrase() from being able to restore the tty mode on keyboard interrupt. Along with the recent readpassphrase.c commit this means that if you ^C things that use login scripts (like su(1)) with a non-CBREAK shell your tty mode will be restored nicely.
TODO: The various login scripts need to install handlers to avoid leaving turd files or otherwise ending in a bad state. It would also be nice to send BI_REJECT to the back channel.
|
#
1.4 |
|
24-Oct-2001 |
mpech |
getopt(3) returns -1 when out of args, not EOF.
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.3 |
|
25-Jun-2001 |
millert |
Remove instance stuff now that su uses an explicit option to specify the invoking user.
|
#
1.2 |
|
20-Jun-2001 |
millert |
Add an alarm to implement as timeout on the locked record.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.1 |
|
12-Dec-2000 |
millert |
skey login script; authenticates the user via S/Key will be used when BSD authentication is enabled
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.26 |
|
20-Jul-2017 |
bluhm |
When login_skey was called for a user without skey, it crashed with NULL pointer dereference. It tried to pass a file descriptor that did not exist. This has to be done conditionally. bug found by Raimund Specht with process accounting; OK millert@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.25 |
|
16-Oct-2015 |
millert |
Implement real "flock" request and add it to userland programs that use pledge and file locking. OK deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.24 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.23 |
|
02-Jun-2009 |
jmeltzer |
comment spelling fix: ARSGUSED -> ARGSUSED
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.22 |
|
24-Mar-2008 |
deraadt |
msg_controllen has to be CMSG_SPACE so that the kernel can account for each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This works now that kernel fd passing has been fixed to accept a bit of sloppiness because of this ABI repair. lots of discussion with kettenis
|
#
1.21 |
|
15-Mar-2008 |
deraadt |
Repair the simple cases for msg_controllen where it should just be CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because of alignment; ok kettenis hshoexer
|
#
1.20 |
|
13-Mar-2008 |
deraadt |
Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to an extensive discussion with otto, kettenis, millert, and hshoexer
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.19 |
|
26-Jul-2007 |
millert |
Remove the space after "Password:" in password prompts where echo is turned off. This is consistent with historic UNIX behavior.
|
#
1.18 |
|
25-May-2007 |
krw |
"interupt" -> "interrupt" in various comments. Mostly from Diego Casati.
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.17 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.16 |
|
30-Aug-2004 |
millert |
Use CMSG_SPACE when allocating space for the control message. Fixes fd passing problems on sparc and sparc64. OK henning@
|
#
1.15 |
|
11-Aug-2004 |
millert |
Rename confusing variable for readability's sake. No actual code changes.
|
#
1.14 |
|
08-Aug-2004 |
deraadt |
spacing
|
#
1.13 |
|
05-Aug-2004 |
millert |
Add support for passing an fd to the user's S/Key record back and forth between login_skey and the invoking process. This allows us to keep the record locked between an invocation of login_skey that receives the challenge and another that verifies the response, preventing an interloper from sniffing the challenge and beating the legitimate user to the response.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.12 |
|
10-Mar-2004 |
millert |
More checking for a NULL return value from getpass(). otto@ OK
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE OPENBSD_3_4_BASE
|
#
1.11 |
|
06-Sep-2002 |
deraadt |
ansi; ok millert pvalchev
|
#
1.10 |
|
28-Jun-2002 |
deraadt |
minor indent cleanup
|
#
1.9 |
|
02-Jun-2002 |
deraadt |
minor KNF
|
#
1.8 |
|
29-May-2002 |
deraadt |
a few more strlcat
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.7 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.6 |
|
07-Dec-2001 |
millert |
Catch SIGINT, SIGQUIT and SIGTSTP but ignore during the database update. We have to be careful and drop our lock if we are suspended and then regain the lock on resume. This is necessary because the user must not be allowed to keep a record locked for a long period of time to avoid a DoS. We must be sure to re-lock when we resume because otherwise an attacker could suspend us until a user starts to login and then resume and then race the user for login using the challenge response from the user.
|
#
1.5 |
|
06-Dec-2001 |
millert |
Do not set handler for SIGINT and SIGQUIT to SIG_IGN since it prevents getpass()/readpassphrase() from being able to restore the tty mode on keyboard interrupt. Along with the recent readpassphrase.c commit this means that if you ^C things that use login scripts (like su(1)) with a non-CBREAK shell your tty mode will be restored nicely.
TODO: The various login scripts need to install handlers to avoid leaving turd files or otherwise ending in a bad state. It would also be nice to send BI_REJECT to the back channel.
|
#
1.4 |
|
24-Oct-2001 |
mpech |
getopt(3) returns -1 when out of args, not EOF.
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.3 |
|
25-Jun-2001 |
millert |
Remove instance stuff now that su uses an explicit option to specify the invoking user.
|
#
1.2 |
|
20-Jun-2001 |
millert |
Add an alarm to implement as timeout on the locked record.
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.1 |
|
12-Dec-2000 |
millert |
skey login script; authenticates the user via S/Key will be used when BSD authentication is enabled
|