Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
221,079 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

33 Commits

Author SHA1 Message Date
christos e7926f1e9e make __crypt static 2011-12-28 03:13:09 +00:00
christos dbd463652a wrap crypt() to a function that returns *0 and *1 on error. 2011-12-27 23:34:13 +00:00
christos b0ca4d4eba perform the check for all salts > 2. 2011-12-27 01:20:45 +00:00
christos aeeea54d2f Provide a safer salting method that does not turn invalid salts to '.'. 
Be more sensitive to bad salts and counts. From:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/glibc/crypt_freesec.c
From Solar Designer
 2011-12-26 22:58:45 +00:00
christos ad9882f615 avoid accessing array over its bound, from Solar Designer 2011-12-26 16:03:42 +00:00
perry 591534100f ANSI function prototypes 2009-05-01 00:28:17 +00:00
perry b34e9d9fea de-__P 2009-05-01 00:20:08 +00:00
hubertf 55ac93d329 Remove more duplicate #includes, and a few spurious whitespaces at EOL 
From Slava Semushin <slava.semushin@gmail.com>
 2007-01-17 23:24:22 +00:00
freza 782d524f80 Constify prtab() argument, fixes MKDEBUGLIB build. 2006-11-25 17:55:48 +00:00
drochner 65b9988ba4 gently add some "const", and avoid some casts 
compiles with WARNS=4 now (on i386 and alpha)
 2006-10-27 19:39:11 +00:00
christos a0d45c2607 Need stdio.h if debug. 2006-04-08 23:24:44 +00:00
sjg 3a0c68edfd Add support for SHA1 hashed passwords. 
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

 * The format of the encrypted password is:
 * $<tag>$<iterations>$<salt>$<digest>
 *
 * where:
 *      <tag>           is "sha1"
 *      <iterations>    is an unsigned int identifying how many rounds
 *                      have been applied to <digest>.  The number
 *                      should vary slightly for each password to make
 *                      it harder to generate a dictionary of
 *                      pre-computed hashes.  See crypt_sha1_iterations.
 *      <salt>          up to 64 bytes of random data, 8 bytes is
 *                      currently considered more than enough.
 *      <digest>        the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.
 2004-07-02 00:05:23 +00:00
agc eb7c1594f1 Move UCB-licensed code from 4-clause to 3-clause licence. 
Patches provided by Joel Baker in PR 22280, verified by myself.
 2003-08-07 16:42:00 +00:00
jdolecek d7d75e0646 make the read-only arrays const 2003-08-06 08:44:22 +00:00
itojun c89c003ed2 support bcrypt password. can be chosen by "blowfish" keyword in passwd.conf. 
from openbsd
 2002-05-24 04:02:47 +00:00
wiz ddb7e7aa53 Four casts for lint. 2001-03-01 14:37:35 +00:00
christos a46d295d72 fix nested extern declaration. 2001-01-05 23:11:13 +00:00
ad ac9fc8f4e6 Handle non-DES encrypted passwords; currently only MD5. 2000-07-06 11:13:49 +00:00
thorpej 9323d93234 Enable decryption in crypt(), from cryptosrc-intl, and lift the updated 
manual page (which describes decryption) from cryptosrc-us.
 2000-06-16 16:27:32 +00:00
soren 89c5a767f8 Fix doubled 'the's. 2000-03-13 22:55:05 +00:00
matt 59695352ce vax -> __vax__ 1998-10-20 02:02:30 +00:00
kleink 56545aba03 Need <stdlib.h> for setkey() prototype. 1998-06-01 20:25:24 +00:00
mikel 95eeab3bb2 don't kill 'register' in comments! 1998-02-04 06:39:33 +00:00
perry 0b7831a37b remove obsolete register declarations 1998-02-03 19:12:13 +00:00
cgd 226f67d0d4 specify array sizes in init_perm prototype. One of the array specifications 
was "C_block [][]", which isn't valid (or sensible!) C (only the last
dimension may be omitted).  However, all of the dimensions are known
so they might as well be specified.
 1997-11-04 03:31:45 +00:00
mikel cd0a22a42b don't let prototypes disappear if LARGEDATA is defined 1997-10-10 08:22:30 +00:00
lukem 06795b86a7 rcsid police, deprecate some use of register 1997-10-09 10:28:43 +00:00
mikel 31a2bdc622 add explicit return types and braces for gcc -Wall, some minor KNF 
existing differences between exportable and domestic versions were
  preserved.
 1997-07-02 04:55:41 +00:00
cgd 4902ac3dcf use the (broken) crypt.c from the 4.4BSD-Lite Foreign distribution, that 
can encrypt passwords but _cannot_ decrypt anything.  "real" (i.e. two-way,
unbroken) crypt() now lives in /usr/src/domestic.
 1995-02-19 12:18:56 +00:00
cgd 688980eb06 type sanity 1994-12-20 16:00:32 +00:00
cgd adf7c9df14 cast for quiet. 1994-10-19 03:01:18 +00:00
mycroft e9d867ef50 Add RCS identifiers. 1993-08-01 17:54:45 +00:00
cgd e0b9a84a0f made libcrypt, so exportable vs. non-exportable packages can be 
handled easliy.
 1993-04-26 12:45:00 +00:00