typo: "pwdtries" -> "passwordtries"; ok millert@

Improve error handling

Close pipe file descriptors if fork fails.
Also do not parse exit status of child if waitpid fails.

with input by and ok millert@

use stderr for printing error and informational messages

this makes it easier to parse what passwd(1) is doing if
spawned from a GUI

ok millert@

Use waitpid()/EINTR idiom for the specific pid, rather than generic wait(),
in case the parent process was started with a dangling child. This style
ensures any potential parent:child interlock isn't disrupted due to the
"wrong" child being waited on first. Then the other other childs can safely
zombie.
ok millert jca brynet

Remove NULL-checks before free(). ok tb@

Delete YP password related code. As a result, these can also be
pledged. Keep an eye out for regressions, because they could be
uncomfortable.
ok beck semarie

When using an external password quality check program, do not run the
patterns checks which may contradict the rules set by the external
helper.

ok millert@

-Wall -Wshadow clean, no binary change

run password strength checking regexes as user; ok deraadt@

make :passwordtries=0:\ in login.conf work.
from Ross Richardson. closes PR 4133.

ok henning@ millert@

Simplify some things now that we only have login.conf to worry about
and fix two bugs introduced in the last commit (a duplicate free
and reversed logic for the default cipher types).

passwd.conf has been deprecated since login.conf was imported.
Today it finally dies. Based on a diff from Gabriel Kihlman.

use pid_t for fork return. started by Joris Vink

various cleanups; ok millert

support ":" prefix as group name, as username can contain ".".
(still support "." as welll). passwd.conf support will go away in a
couple of months anyways... ok by millert

o move passwd.conf variables into login.conf
o no longer install passwd.conf (but it is used if it exists and the
needed info is not in login.conf)
o added passwordtime and minpasswordlen login.conf variables

Include err.h and util.h

Include strings.h for strlen() prototype
Include errno.h, not sys/errno.h since this is userland

integrate password quality checking, disallow all digit passwords motivated
by Solar Designer. External password checking program can be spawned now,
number of password trials configurable. work by me and Bob Beck.

Improve error handling

Close pipe file descriptors if fork fails.
Also do not parse exit status of child if waitpid fails.

with input by and ok millert@

use stderr for printing error and informational messages

this makes it easier to parse what passwd(1) is doing if
spawned from a GUI

ok millert@

Use waitpid()/EINTR idiom for the specific pid, rather than generic wait(),
in case the parent process was started with a dangling child. This style
ensures any potential parent:child interlock isn't disrupted due to the
"wrong" child being waited on first. Then the other other childs can safely
zombie.
ok millert jca brynet

Remove NULL-checks before free(). ok tb@

Delete YP password related code. As a result, these can also be
pledged. Keep an eye out for regressions, because they could be
uncomfortable.
ok beck semarie

When using an external password quality check program, do not run the
patterns checks which may contradict the rules set by the external
helper.

ok millert@

-Wall -Wshadow clean, no binary change

run password strength checking regexes as user; ok deraadt@

make :passwordtries=0:\ in login.conf work.
from Ross Richardson. closes PR 4133.

ok henning@ millert@

Simplify some things now that we only have login.conf to worry about
and fix two bugs introduced in the last commit (a duplicate free
and reversed logic for the default cipher types).

passwd.conf has been deprecated since login.conf was imported.
Today it finally dies. Based on a diff from Gabriel Kihlman.

use pid_t for fork return. started by Joris Vink

various cleanups; ok millert

support ":" prefix as group name, as username can contain ".".
(still support "." as welll). passwd.conf support will go away in a
couple of months anyways... ok by millert

o move passwd.conf variables into login.conf
o no longer install passwd.conf (but it is used if it exists and the
needed info is not in login.conf)
o added passwordtime and minpasswordlen login.conf variables

Include err.h and util.h

Include strings.h for strlen() prototype
Include errno.h, not sys/errno.h since this is userland

integrate password quality checking, disallow all digit passwords motivated
by Solar Designer. External password checking program can be spawned now,
number of password trials configurable. work by me and Bob Beck.

use stderr for printing error and informational messages

this makes it easier to parse what passwd(1) is doing if
spawned from a GUI

ok millert@

Use waitpid()/EINTR idiom for the specific pid, rather than generic wait(),
in case the parent process was started with a dangling child. This style
ensures any potential parent:child interlock isn't disrupted due to the
"wrong" child being waited on first. Then the other other childs can safely
zombie.
ok millert jca brynet

Remove NULL-checks before free(). ok tb@

Delete YP password related code. As a result, these can also be
pledged. Keep an eye out for regressions, because they could be
uncomfortable.
ok beck semarie

When using an external password quality check program, do not run the
patterns checks which may contradict the rules set by the external
helper.

ok millert@

-Wall -Wshadow clean, no binary change

run password strength checking regexes as user; ok deraadt@

make :passwordtries=0:\ in login.conf work.
from Ross Richardson. closes PR 4133.

ok henning@ millert@

Simplify some things now that we only have login.conf to worry about
and fix two bugs introduced in the last commit (a duplicate free
and reversed logic for the default cipher types).

passwd.conf has been deprecated since login.conf was imported.
Today it finally dies. Based on a diff from Gabriel Kihlman.

use pid_t for fork return. started by Joris Vink

various cleanups; ok millert

support ":" prefix as group name, as username can contain ".".
(still support "." as welll). passwd.conf support will go away in a
couple of months anyways... ok by millert

o move passwd.conf variables into login.conf
o no longer install passwd.conf (but it is used if it exists and the
needed info is not in login.conf)
o added passwordtime and minpasswordlen login.conf variables

Include err.h and util.h

Include strings.h for strlen() prototype
Include errno.h, not sys/errno.h since this is userland

integrate password quality checking, disallow all digit passwords motivated
by Solar Designer. External password checking program can be spawned now,
number of password trials configurable. work by me and Bob Beck.

Use waitpid()/EINTR idiom for the specific pid, rather than generic wait(),
in case the parent process was started with a dangling child. This style
ensures any potential parent:child interlock isn't disrupted due to the
"wrong" child being waited on first. Then the other other childs can safely
zombie.
ok millert jca brynet

Remove NULL-checks before free(). ok tb@

Delete YP password related code. As a result, these can also be
pledged. Keep an eye out for regressions, because they could be
uncomfortable.
ok beck semarie

When using an external password quality check program, do not run the
patterns checks which may contradict the rules set by the external
helper.

ok millert@

-Wall -Wshadow clean, no binary change

run password strength checking regexes as user; ok deraadt@

make :passwordtries=0:\ in login.conf work.
from Ross Richardson. closes PR 4133.

ok henning@ millert@

Simplify some things now that we only have login.conf to worry about
and fix two bugs introduced in the last commit (a duplicate free
and reversed logic for the default cipher types).

passwd.conf has been deprecated since login.conf was imported.
Today it finally dies. Based on a diff from Gabriel Kihlman.

use pid_t for fork return. started by Joris Vink

various cleanups; ok millert

support ":" prefix as group name, as username can contain ".".
(still support "." as welll). passwd.conf support will go away in a
couple of months anyways... ok by millert

o move passwd.conf variables into login.conf
o no longer install passwd.conf (but it is used if it exists and the
needed info is not in login.conf)
o added passwordtime and minpasswordlen login.conf variables

Include err.h and util.h

Include strings.h for strlen() prototype
Include errno.h, not sys/errno.h since this is userland

integrate password quality checking, disallow all digit passwords motivated
by Solar Designer. External password checking program can be spawned now,
number of password trials configurable. work by me and Bob Beck.