#
1.64 |
|
08-May-2023 |
tobias |
Prevent signed integer overflow
A signed integer overflow could occur after INT_MAX bad password attempts. Check for unlimited tries first and then increment the counter. Also consider INT_MAX to be a valid upper limit.
ok millert@
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE
|
#
1.63 |
|
10-Feb-2022 |
robert |
unveil _PATH_LOGIN_CONF_D
|
#
1.62 |
|
24-Oct-2021 |
deraadt |
For open/openat, if the flags parameter does not contain O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.61 |
|
29-Aug-2021 |
robert |
notify the user about a successful password change; ok millert@
|
#
1.60 |
|
28-Aug-2021 |
robert |
use stderr for printing error and informational messages
this makes it easier to parse what passwd(1) is doing if spawned from a GUI
ok millert@
|
#
1.59 |
|
12-Jul-2021 |
beck |
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.58 |
|
24-Oct-2019 |
anton |
add missing unveil of /etc/shells; ok benno@ deraadt@ mestre@ tb@
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.57 |
|
14-Sep-2019 |
semarie |
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too
ok mestre@ millert@
|
#
1.56 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.55 |
|
08-Nov-2018 |
mestre |
unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3) family commands.
Report and fix provided by Mark Patruck <mark ! wrapped ! cx>
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.63 |
|
10-Feb-2022 |
robert |
unveil _PATH_LOGIN_CONF_D
|
#
1.62 |
|
24-Oct-2021 |
deraadt |
For open/openat, if the flags parameter does not contain O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.61 |
|
29-Aug-2021 |
robert |
notify the user about a successful password change; ok millert@
|
#
1.60 |
|
28-Aug-2021 |
robert |
use stderr for printing error and informational messages
this makes it easier to parse what passwd(1) is doing if spawned from a GUI
ok millert@
|
#
1.59 |
|
12-Jul-2021 |
beck |
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.58 |
|
24-Oct-2019 |
anton |
add missing unveil of /etc/shells; ok benno@ deraadt@ mestre@ tb@
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.57 |
|
14-Sep-2019 |
semarie |
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too
ok mestre@ millert@
|
#
1.56 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.55 |
|
08-Nov-2018 |
mestre |
unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3) family commands.
Report and fix provided by Mark Patruck <mark ! wrapped ! cx>
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.62 |
|
24-Oct-2021 |
deraadt |
For open/openat, if the flags parameter does not contain O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.61 |
|
29-Aug-2021 |
robert |
notify the user about a successful password change; ok millert@
|
#
1.60 |
|
28-Aug-2021 |
robert |
use stderr for printing error and informational messages
this makes it easier to parse what passwd(1) is doing if spawned from a GUI
ok millert@
|
#
1.59 |
|
12-Jul-2021 |
beck |
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.58 |
|
24-Oct-2019 |
anton |
add missing unveil of /etc/shells; ok benno@ deraadt@ mestre@ tb@
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.57 |
|
14-Sep-2019 |
semarie |
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too
ok mestre@ millert@
|
#
1.56 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.55 |
|
08-Nov-2018 |
mestre |
unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3) family commands.
Report and fix provided by Mark Patruck <mark ! wrapped ! cx>
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.61 |
|
29-Aug-2021 |
robert |
notify the user about a successful password change; ok millert@
|
#
1.60 |
|
28-Aug-2021 |
robert |
use stderr for printing error and informational messages
this makes it easier to parse what passwd(1) is doing if spawned from a GUI
ok millert@
|
#
1.59 |
|
12-Jul-2021 |
beck |
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.58 |
|
24-Oct-2019 |
anton |
add missing unveil of /etc/shells; ok benno@ deraadt@ mestre@ tb@
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.57 |
|
14-Sep-2019 |
semarie |
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too
ok mestre@ millert@
|
#
1.56 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.55 |
|
08-Nov-2018 |
mestre |
unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3) family commands.
Report and fix provided by Mark Patruck <mark ! wrapped ! cx>
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.60 |
|
28-Aug-2021 |
robert |
use stderr for printing error and informational messages
this makes it easier to parse what passwd(1) is doing if spawned from a GUI
ok millert@
|
#
1.59 |
|
12-Jul-2021 |
beck |
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.58 |
|
24-Oct-2019 |
anton |
add missing unveil of /etc/shells; ok benno@ deraadt@ mestre@ tb@
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.57 |
|
14-Sep-2019 |
semarie |
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too
ok mestre@ millert@
|
#
1.56 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.55 |
|
08-Nov-2018 |
mestre |
unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3) family commands.
Report and fix provided by Mark Patruck <mark ! wrapped ! cx>
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.59 |
|
12-Jul-2021 |
beck |
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.58 |
|
24-Oct-2019 |
anton |
add missing unveil of /etc/shells; ok benno@ deraadt@ mestre@ tb@
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.57 |
|
14-Sep-2019 |
semarie |
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too
ok mestre@ millert@
|
#
1.56 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.55 |
|
08-Nov-2018 |
mestre |
unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3) family commands.
Report and fix provided by Mark Patruck <mark ! wrapped ! cx>
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.58 |
|
24-Oct-2019 |
anton |
add missing unveil of /etc/shells; ok benno@ deraadt@ mestre@ tb@
|
Revision tags: OPENBSD_6_6_BASE
|
#
1.57 |
|
14-Sep-2019 |
semarie |
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too
ok mestre@ millert@
|
#
1.56 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.55 |
|
08-Nov-2018 |
mestre |
unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3) family commands.
Report and fix provided by Mark Patruck <mark ! wrapped ! cx>
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.57 |
|
14-Sep-2019 |
semarie |
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too
ok mestre@ millert@
|
#
1.56 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.55 |
|
08-Nov-2018 |
mestre |
unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3) family commands.
Report and fix provided by Mark Patruck <mark ! wrapped ! cx>
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.56 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.55 |
|
08-Nov-2018 |
mestre |
unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3) family commands.
Report and fix provided by Mark Patruck <mark ! wrapped ! cx>
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.55 |
|
08-Nov-2018 |
mestre |
unveil(2) obvious _PATH_LOGIN_CONF with read permission to use login_get*(3) family commands.
Report and fix provided by Mark Patruck <mark ! wrapped ! cx>
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.54 |
|
25-Oct-2018 |
mestre |
unveil(2) the following files for passwd(1) with their corresponding permissions:
_PATH_MASTERPASSWD_LOCK - write/create permissions _PATH_MASTERPASSWD - read permission _PATH_BSHELL - execute permission (required since we might need to spawn an external passwordcheck program if defined in /etc/login.conf) _PATH_PWD_MKDB - execute permission
OK millert@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
Revision tags: OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.53 |
|
30-Dec-2016 |
millert |
Use explicit_bzero() to clear the buffer used when the user retypes the new password. From isk AT ingve DOT org
|
#
1.52 |
|
02-Sep-2016 |
tedu |
_PASSWORD_LEN is length that comes out of crypt(), not a meaningful length for user entered passwords. And the +1 is just superstitious nonsense inherited from getpass() guts. Switch to a pleasing fixed size of 1024. ok millert
|
#
1.51 |
|
02-Sep-2016 |
gsoares |
make sure to explicitly clear memory that is used for password input. OK tedu@
|
#
1.50 |
|
31-Aug-2016 |
tedu |
replace obsolete getpass with readpassphrase. ok gsoares
|
#
1.49 |
|
31-Aug-2016 |
tedu |
nicer format strings and use dprintf instead of write
|
#
1.48 |
|
15-Aug-2016 |
guenther |
Trust the login_getcaptime() declaration and don't cast the arguments to their own expected type
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.47 |
|
08-May-2016 |
tim |
Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow database; OK deraadt@ sthen@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.46 |
|
26-Nov-2015 |
deraadt |
Delete YP password related code. As a result, these can also be pledged. Keep an eye out for regressions, because they could be uncomfortable. ok beck semarie
|
#
1.45 |
|
25-Oct-2015 |
ajacoutot |
No need to declare pwd_gensalt; it's unused and gone. ok tedu@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.44 |
|
21-Nov-2014 |
tedu |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
|
#
1.43 |
|
20-Nov-2014 |
tedu |
switch to using crypt_newhash interface. ok deraadt
|
#
1.42 |
|
11-Nov-2014 |
tedu |
use crypt_checkpass instead of crypt/strcmp
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.41 |
|
18-Jan-2013 |
guenther |
Use open(O_CLOEXEC) instead of a separate fcntl(FD_CLOEXEC) call.
Nudged by David Hill
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.40 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.39 |
|
06-Nov-2008 |
djm |
-Wall -Wshadow clean, no binary change
|
Revision tags: OPENBSD_4_4_BASE
|
#
1.38 |
|
27-Apr-2008 |
jsing |
Correct English.
ok jmc@
|
Revision tags: OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.37 |
|
01-May-2005 |
deraadt |
spacing
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.36 |
|
20-Dec-2004 |
moritz |
o some missing free()'s in error paths o use FD_CLOEXEC instead of 1 o fix a crash when the round number of localcipher in the default section in login.conf was ommitted. noted by mpech@
ok mpech@, otto@, millert@, henning@
|
#
1.35 |
|
18-Sep-2004 |
deraadt |
ARGSUSED signal handler
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.34 |
|
24-Jul-2004 |
millert |
Print a newline before the message in kbintr. Otherwise the message ends up on the same line as the prompt.
|
#
1.33 |
|
13-Jul-2004 |
millert |
passwd.conf has been deprecated since login.conf was imported. Today it finally dies. Based on a diff from Gabriel Kihlman.
|
#
1.32 |
|
20-Apr-2004 |
millert |
Adapt to new pw_copy() API, closes PR 3698.
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.31 |
|
10-Mar-2004 |
millert |
Check getpass() return value for NULL. Closes Pr 3706. With help and OK from otto@.
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
20-Jun-2003 |
deraadt |
a cleaning recommended by lint
|
#
1.29 |
|
03-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
#
1.28 |
|
28-Apr-2003 |
deraadt |
stdlib.h
|
#
1.27 |
|
30-Mar-2003 |
millert |
Simpler and consistent error messages when the user enters an empty password or hits ^C. OK deraadt@ and mpech@
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.26 |
|
28-Jun-2002 |
deraadt |
various cleanups; ok millert
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler in ypgetnewpasswd() too. Restore old signal handler at the end of ypgetnewpasswd() and getnewpasswd().
|
#
1.23 |
|
07-Dec-2001 |
millert |
Catch SIGINT and SIGQUIT via the kbintr() signal handler. Now that getpass() is interuptible we need to catch these so that the "Password unchanged." message is printed.
|
#
1.22 |
|
19-Nov-2001 |
mpech |
kill more registers
millert@ ok
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.21 |
|
27-Aug-2001 |
millert |
Instead of prompting the user whether or not they wish to continue to wait for the lock on password file just tell the user to interrupt with ^C. This simplifies the locking loop a bit.
Update man page to this effect.
|
#
1.20 |
|
26-Aug-2001 |
millert |
Change the second arg to pw_mkdb() from a boolean flag to a set of bit flags ORed together. Currently the only flags defined are _PASSWORD_SECUREONLY and _PASSWORD_OMITV7 but this is enough to cause pw_mkdb() to run pwd_mkdb with the options we want.
With this change we no longer generate the old V7 passwd file when only the extra fields in master.passwd (or the encrypted password) have changed. There are other programs that could probably use the _PASSWORD_OMITV7 flag; they will be converted at a future date.
|
#
1.19 |
|
18-Aug-2001 |
millert |
If we modify pw_change we cannot pass pw_mkdb() the secureonly flag.
We don't need to rebuild the v7 version of the file in this case but we have no way to communicate that to pw_mkdb since we pass in a boolean instead of a set of bit flags.
|
#
1.18 |
|
16-Aug-2001 |
millert |
extra arg to pw_mkdb
|
#
1.17 |
|
16-Aug-2001 |
millert |
At Theo's request only print 'Please wait' if don't get the lock on the first try.
|
#
1.16 |
|
07-Jul-2001 |
millert |
quiet some -Wall warnings for login_{l,}chpass
|
#
1.15 |
|
04-Jul-2001 |
millert |
Move locking of the passwd file *after* we have gotten a new password from the user. Set real/effective/saved uids to 0 and block all signals so the lock cannot be kept longer than necessary. If we cannot lock, try again every 1/4 second for 2 seconds and then ask the user what they wish to do (keep trying, quit).
|
#
1.14 |
|
18-Jun-2001 |
millert |
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.13 |
|
12-Dec-2000 |
millert |
Minor interface changes to allow code reuse in login_chpass(8) and login_lchpass(8)
|
#
1.12 |
|
26-Nov-2000 |
millert |
Update for pw_mkdb(3) interface change. All but vipw and userdel can specify a username (and thus avoid rebuilding the while database).
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.11 |
|
01-Aug-2000 |
provos |
integrate password quality checking, disallow all digit passwords motivated by Solar Designer. External password checking program can be spawned now, number of password trials configurable. work by me and Bob Beck.
|
Revision tags: OPENBSD_2_4_BASE OPENBSD_2_5_BASE OPENBSD_2_6_BASE OPENBSD_2_7_BASE
|
#
1.10 |
|
13-Jul-1998 |
deraadt |
excessive paranoia
|
Revision tags: OPENBSD_2_3_BASE
|
#
1.9 |
|
24-Feb-1998 |
deraadt |
catch special password "s/key" and refuse it
|
Revision tags: OPENBSD_2_1_BASE OPENBSD_2_2_BASE
|
#
1.8 |
|
07-Apr-1997 |
millert |
Better error message when lookup of getlogin() != uid
|
#
1.7 |
|
27-Mar-1997 |
weingart |
Slight cleanup, more needed
|
#
1.6 |
|
16-Feb-1997 |
provos |
cleaned up, moved pw_getconf to libutil, removed _'s in option names
|
#
1.5 |
|
14-Feb-1997 |
provos |
include blowfish cipher - free config of which cipher to use
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
30-Sep-1996 |
millert |
If can't open temp file (and it doesn't already exist) give real error message.
|
#
1.3 |
|
26-Jun-1996 |
deraadt |
rcsid
|
#
1.2 |
|
22-May-1996 |
deraadt |
libutil
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|