christos
5521b51a7a
fix error messages
2015-06-17 00:15:26 +00:00
riastradh
1239c2bb08
Publish explicit_memset and consttime_memequal in userland libc.
...
Remove the double-underscore from the userland versions, and do the
weak alias dance instead, now that these are public parts of libc.
As discussed on tech-userlevel:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
(option 3)
2013-08-28 17:47:07 +00:00
dholland
39ab77f3dd
Silence -Wpointer-sign on crypt-sha1.c.
...
This requires casts, which is not entirely desirable; however, this way
at least no *more* pointer sign issues can creep in.
Output object files are unchanged on amd64.
2013-08-10 18:42:29 +00:00
riastradh
82db4b9858
Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
...
consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots,
so please let me know.
2013-06-24 04:21:19 +00:00
drochner
8588929dc5
Add "consttime_bcmp" and "explicit_bzero" functions for both kernel
...
abd userland, as proposed on tech-security, with explicit_bzero using
a volatile function pointer as suggested by Alan Barrett.
Both do what the name says. For userland, both are prefixed by "__"
to keep them out of the user namespace.
Change some memset/memcmp uses to the new functions where it makes
sense -- these are just some examples, more to come.
2012-08-30 12:16:48 +00:00
joerg
65d085af96
crypt-sha1.c flags apply to all compilers in the tree, drop conditional.
2012-08-10 04:30:47 +00:00
njoly
28247a8661
Use major.minor for NetBSD versions.
2012-03-23 18:08:34 +00:00
matt
fa835e8c8b
These directories default to WARNS?=5
2012-03-21 05:37:42 +00:00
matt
f9113d007b
Use C89 functions definitions.
...
Remove use of __P
2012-03-21 05:33:26 +00:00
wiz
e5899dd0ea
Fix punctuation markup.
2012-03-01 21:31:10 +00:00
wiz
b3da5e68a9
Remove trailing whitespace.
2012-01-02 18:06:37 +00:00
christos
952b88962c
a typo and missing markup
2012-01-01 23:42:03 +00:00
christos
35a585027b
Improve returns description from Solar Designer.
2012-01-01 23:18:51 +00:00
wiz
4c98bf7fdf
Remove trailing whitespace. Avoid xr to itself.
2011-12-28 22:41:34 +00:00
christos
fd093070ff
reflect current reality about return values.
2011-12-28 22:15:23 +00:00
christos
e7926f1e9e
make __crypt static
2011-12-28 03:13:09 +00:00
christos
3b47f52ce7
clamp length to 72 (73) characters.
2011-12-28 03:12:38 +00:00
christos
dbd463652a
wrap crypt() to a function that returns *0 and *1 on error.
2011-12-27 23:34:13 +00:00
christos
0d2c1e1b4f
- go back to returning NULL, we are going to wrap crypt instead.
...
- limit length of key to 253 to prevent truncation.
2011-12-27 23:33:41 +00:00
christos
671f563b75
we want to check against "*0" not "*\0"
2011-12-27 22:01:26 +00:00
christos
91160c96e4
Instead of returning ":" on error, return "*0" or "*1" which will always result
...
in logged password entries, even if the calling program decides to blindly
use them. Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3
2011-12-27 19:36:10 +00:00
christos
b0ca4d4eba
perform the check for all salts > 2.
2011-12-27 01:20:45 +00:00
christos
aeeea54d2f
Provide a safer salting method that does not turn invalid salts to '.'.
...
Be more sensitive to bad salts and counts. From:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/glibc/crypt_freesec.c
From Solar Designer
2011-12-26 22:58:45 +00:00
christos
c9260d16b9
Return ":1" on error instead of ":", so that sloppy password creation programs
...
don't end up confusing libc or the other way around. From Solar Designer
2011-12-26 21:51:53 +00:00
christos
ad9882f615
avoid accessing array over its bound, from Solar Designer
2011-12-26 16:03:42 +00:00
drochner
7babedb72c
remove the option to build this against openssl - this hasn't been used
...
in the NetBSD build
since the libc version of MD5Final zeroes out the context, replace
the bzero introduced in the previous commit by comments telling that
2011-11-29 17:27:10 +00:00
drochner
487c0196f3
zero out hash context after use, to avoid traces in RAM
...
(hint from "Solar Designer")
2011-11-29 13:18:52 +00:00
mrg
75e42fa7da
remove most of the remaining HAVE_GCC tests that are always true in
...
the modern world.
2011-06-20 07:43:56 +00:00
drochner
ccdea5df98
-fix maximum length of salt (missing prefix, rounding error)
...
-clip number of rounds at 31 -- this is log2 of the real number,
and anything larger would break exponentation
-catch possible atoi() error where log2(rounds) is parsed in the
salt prefix
-zero crypto state on exit
from Open/FreeBSD
2011-05-16 10:45:56 +00:00
drochner
9c09925b41
fix ipad/opad buffer length (was one too much), just for sanity
2011-05-16 10:39:12 +00:00
drochner
e7c5804ca9
rearrange variable usage to kill __UNCONST
...
reviewed by sjg
2011-05-09 19:15:28 +00:00
perry
591534100f
ANSI function prototypes
2009-05-01 00:28:17 +00:00
perry
b34e9d9fea
de-__P
2009-05-01 00:20:08 +00:00
lukem
a06595c27b
fix -Wsign-compare issues
2009-01-18 12:14:16 +00:00
christos
46edb91e9f
bump shared libraries.
2009-01-11 03:07:47 +00:00
gmcgarry
3c9a95916d
Wrap compiler-specific flags with HAVE_GCC and HAVE_PCC as necessary. Add a few flags for PCC.
2008-08-29 00:02:21 +00:00
gmcgarry
686556951e
Add test for HAVE_PCC with HAVE_GCC which turn off compiler warning flags.
2008-07-12 12:29:42 +00:00
hubertf
55ac93d329
Remove more duplicate #includes, and a few spurious whitespaces at EOL
...
From Slava Semushin <slava.semushin@gmail.com>
2007-01-17 23:24:22 +00:00
freza
782d524f80
Constify prtab() argument, fixes MKDEBUGLIB build.
2006-11-25 17:55:48 +00:00
drochner
65b9988ba4
gently add some "const", and avoid some casts
...
compiles with WARNS=4 now (on i386 and alpha)
2006-10-27 19:39:11 +00:00
drochner
d16ceb033e
As discussed back in June, move the implementation of hmac_sha1 here
...
because this is not a public function and crypt-sha1.c is the only
place where it is used (It must have been that way formerly, because
there was a stale prototype in crypt.h all the time.)
Being here, do some RCSID and prototype cleanup, and add as much "const"
as needed to compile these files with WARNS=3.
2006-10-27 18:22:56 +00:00
mlelstv
999ac788ac
don't segfault on NULL pointer if number of rounds is
...
not specified in passwd.conf.
2006-10-24 22:49:19 +00:00
mrg
aadd7d4847
sprinkle some -fno-strict-aliasing and -Wno-pointer-sign with GCC4.
2006-05-11 23:16:28 +00:00
christos
a0d45c2607
Need stdio.h if debug.
2006-04-08 23:24:44 +00:00
perry
4e11af46bc
Remove leading __ from __(const|inline|signed|volatile) -- it is obsolete.
2005-12-24 21:11:15 +00:00
hubertf
105b456cb7
Mention pwhash(1) in a few places,
...
suggested in PR 31125 by Stefan Schumacher.
2005-09-05 03:37:14 +00:00
drochner
27a681b048
salt is in the second argument
2005-08-16 10:10:16 +00:00
christos
d1ac9947b2
fix compile issue.
2005-01-12 05:27:48 +00:00
christos
d205f30a4b
fix compile issue and de-lint
2005-01-12 05:27:35 +00:00
christos
3131ddcccc
- change the gensalt functions to take an optional string instead of
...
the number of rounds.
- make pw_gensalt() more generic, so that it does not depend in libutil.
2005-01-12 03:32:52 +00:00