NetBSD

Author	SHA1	Message	Date
mrg	aadd7d4847	sprinkle some -fno-strict-aliasing and -Wno-pointer-sign with GCC4.	2006-05-11 23:16:28 +00:00
mrg	c2d7663a8e	__b64_pton() wants unsigned char *.	2006-05-11 00:42:08 +00:00
mrg	41093909e9	HMAC() wants unsigned int pointer for the final argument; make it so.	2006-05-11 00:40:54 +00:00
christos	fbdfb6fbf0	Coverity CID 2753: Free the correct variable.	2006-03-22 16:35:44 +00:00
christos	bd5a805fc3	fix compile problem.	2006-03-22 15:45:16 +00:00
christos	7ef824757b	Coverity CID 1593: Plug memory leak	2006-03-22 02:21:20 +00:00
christos	25207a2398	Coverity CID 1203: Check return code of b64_ntop().	2006-03-20 00:53:39 +00:00
elad	6ec9e1c359	Proper bounds check, found by Coverity, CID 1468.	2006-03-17 13:58:27 +00:00
simonb	3204463045	We link against libl and liby, so depend on them too.	2006-02-25 11:57:52 +00:00
christos	cc9c2b575d	- constify. - don't dup extern declarations on each file because they end up being inconsistent (yyerror).	2005-06-27 03:07:45 +00:00
lukem	2d447a3b0c	Avoid dereferencing/free()ing invalid pointers if the random device cannot be opened. Detected with gcc -Wuninitialized. (The bug was fixed in rev 1.4 by rumble but reintroduced in rev 1.5 by tv !)	2005-06-02 01:31:30 +00:00
elric	1cdd98012f	setprogname(3) needs to come before calls to err(3).	2005-03-30 20:59:34 +00:00
elric	6230b2ec40	Lock all memory.	2005-03-30 19:56:05 +00:00
elric	646d61aa58	one more malloc -> emalloc.	2005-03-30 17:17:51 +00:00
christos	f8ce51d45f	Centralize error checking for malloc,calloc,strdup.	2005-03-30 17:10:18 +00:00
elric	2dcfc0c616	Turn off core dumps.	2005-03-30 15:45:56 +00:00
christos	192c2eccf6	Add -lcrypt where -lcrypto is specified.	2005-03-09 03:11:22 +00:00
elric	0664f91dd8	s/milliseconds/microseconds/ in comments and a variable because it is misleading to say one when we've been meaning the other.	2005-01-04 04:55:18 +00:00
elric	1b0f3868f6	Fix comment. We're using microseconds not milliseconds.	2005-01-04 04:52:50 +00:00
elric	d28b037b6f	Fix bits vs. bytes problem in call to calibration routine.	2005-01-04 04:50:26 +00:00
salo	61948d78ec	Correct the omission in 're-enter' verification method addition in EXAMPLES.	2004-10-15 15:25:14 +00:00
wiz	a5c8081d79	Bump date for previous, and re-add some flags that were removed in the previous commit without a mention in the commit message, and which are still in the usage.	2004-08-13 15:24:03 +00:00
tv	21840e450a	Add "urandomkey" key generation method as described in PR kern/22766; useful for configuring a throwaway key for cgd-on-swap at boot time.	2004-08-13 15:03:57 +00:00
rumble	6b72b5c789	In getkey(), check the return values of the various keygen functions and abort if necessary. Also, check for errors in its callers and handle them gracefully. OK'd by elric.	2004-08-10 02:29:34 +00:00
rumble	3db339be14	Avoid dereferencing/free()ing invalid pointers if the random device cannot be opened. OK'd by elric.	2004-08-10 02:27:26 +00:00
elric	04b4d00046	Add options to SYNOPSIS. Addresses PR misc/26065.	2004-07-04 17:19:57 +00:00
wiz	edf16149c3	Drop trailing whitespace; new sentence, new line.	2004-03-17 01:40:34 +00:00
dan	064ca2e3d1	Fix a longstanding algorithmic flaw in PKCS#5 key generation. The existing pkcs5_pbdkf2 keygen method is retained functionally as-is, for compatibility with existing params files. The corrected algorithm, which is now the default for new params file generation, is called pkcs5_pbkdf2/sha1. NB. The backwards compatibility for the miscreant keygen method will be removed at the same time as support for the previous parameters file syntax. Sometime between now and then, users should update their params files using -G, which will create a new params file including an xor value so that the resulting generated key is the same; they should also Problem discovery and 2-char algorithm fix by Charles Blundell, messy compat goop by me, long complicated names by Roland Dowdeswell. Update manpage accordingly and bump date.	2004-03-17 01:29:13 +00:00
cb	88823a8138	back out revision 1.3. this should not have been committed yet, since it breaks backward compatibility. noticed by recht@	2003-09-25 01:43:12 +00:00
wiz	72b77eb9e9	Add article.	2003-09-23 21:25:20 +00:00
cb	7543b55c56	add a new verification method that prompts for the pkcs#5 pbkdf2 passphrase again and checks the generated key against the original.	2003-09-23 17:24:45 +00:00
itojun	a9282a99c0	die if asprintf fails to malloc	2003-07-13 07:58:19 +00:00
wiz	8a0999a756	Remove superfluous "".	2003-06-27 23:02:16 +00:00
itojun	fe09a0efcb	use strlcpy	2003-05-17 23:03:28 +00:00
thorpej	817eb1cb2e	We need -I., too.	2003-04-17 22:12:50 +00:00
fvdl	38f661d48d	-I. -> -I${.CURDIR}	2003-04-17 10:55:43 +00:00
wiz	843df8bc67	Bump date for last-but-one; remove superfluous .Pp.	2003-04-16 10:09:47 +00:00
elric	3c7e4881c4	Fix typo. params files are not stored in /dev/cgd/	2003-04-15 06:43:36 +00:00
elric	8105111443	If reading an old style parameters file then default a missing keygen_iteration to 128. This will not default the iteration count on a new style parameter file as it is an error in the new style to fail to specify the iteration count. Addresses PR: bin/21056	2003-04-10 05:45:29 +00:00
fvdl	42614ed3f3	Add support for UFS2. UFS2 is an enhanced FFS, adding support for 64 bit block pointers, extended attribute storage, and a few other things. This commit does not yet include the code to manipulate the extended storage (for e.g. ACLs), this will be done later. Originally written by Kirk McKusick and Network Associates Laboratories for FreeBSD.	2003-04-02 10:39:19 +00:00
elric	7687f10a7a	Quick bugfix: o need to do keygen_filldefaults() in generate_convert no matter what, not only if there are no existing keygen methods in the new parameters.	2003-03-24 03:12:22 +00:00
elric	8c6033d202	substantial rototill of the code. o added new features: o -G: generate a new paramsfile that produces the same key as the old paramsfile, o ffs verify_method, o multiple keygen methods that are xor'ed together (for n-factor authentication), and o calibrating the iteration count of PKCS#5 PBKDF2 to the current machine's speed. o changed paramsfile format to allow for the new features. o replaced open-coded parser with yacc grammar. o lots of supporting changes. o updated documentation to reflect new features and new paramsfile format.	2003-03-24 02:02:49 +00:00
wiz	990562bfef	.Nm does not need a dummy argument ("") before punctuation or for correct formatting of the SYNOPSIS any longer.	2003-02-25 10:34:36 +00:00
atatat	dd0a8acd21	The next release will be 2.0, not 1.7.	2003-01-19 21:25:36 +00:00
elric	60e3448f30	Make iteration count for PKCS#5 settable in the parameters files.	2002-12-04 05:02:29 +00:00
lukem	d348d3d723	tweaks for fparseln(3) move from libutil to libc: - remove #include <util.h> if nothing else needed it - remove LDFLAGS+=-lutil if nothing else needed it	2002-11-30 03:10:53 +00:00
elric	ae48183d48	bugfix: was still pulling random bits from /dev/random when generating a paramsfile of type randomkey which does not need them. Pointed out by dan@netbsd.org.	2002-10-28 05:46:01 +00:00
elric	b66bf7b197	At the suggestion of wiz@, we remove the lines that mention that the lack of the feature added earlier today was a bug.	2002-10-13 01:30:29 +00:00
elric	87a5815bdf	Add documentation for verification methods. Specify defaults for IV method, keygen method and verification method.	2002-10-12 21:10:31 +00:00
elric	1242e52a64	Add the concept of a verification method which allows cgdconfig(8) to reprompt for the passphrase if the key does not meet certain criteria. The currently implemented methods are ``none'' and ``disklabel''. The first behaves in the original fashion, the second will scan for a disklabel on the cgd after configuration and if it does not find a disklabel then it will reprompt for the password and reconfigure the disk.	2002-10-12 21:02:18 +00:00

1 2

57 Commits