Sean Bruno
2f1e5d4767
Queisce two category of clang warnings:
...
1. missing explicit includes for string.h, stdio.h, etc
2. missing explicit declaration for some common functions
I have been unable to contact the upstream maintainer for this patch,
http://www.inner.net/opie appears to be the source of truth but it
unreachable
2013-10-28 18:24:31 +00:00
Dimitry Andric
a9fb907e0b
In contrib/opie/opiekey.c, use the correct length to zero the secret.
...
Found by: clang ToT
Reviewed by: delphij
MFC after: 3 days
2013-02-16 12:45:57 +00:00
Eitan Adler
37a6031461
Clean up hardcoded ar(1) flags in the tree to use the global ARFLAGS in
...
share/mk/sys.mk instead.
This is part of a medium term project to permit deterministic builds of
FreeBSD.
Submitted by: Erik Cederstrand <erik@cederstrand.dk>
Reviewed by: imp, toolchain@
Approved by: cperciva
MFC after: 2 weeks
2012-12-06 01:31:25 +00:00
Xin LI
9776cb63ad
RFC 2289 requires all hashes be stored in little endian format before
...
folding to 64 bits, while SHA1 code is big endian. Therefore, a bswap32
is required before using the value.
Without this change, the implementation does not conform to test vector
found in RFC 2289.
PR: bin/170519
Submitted by: Arthur Mesh <arthurmesh gmail com> (with changes)
MFC after: 1 week
2012-08-10 04:48:58 +00:00
Colin Percival
8fd6c56d29
Change the current working directory to be inside the jail created by
...
the jail(8) command. [10:04]
Fix a one-NUL-byte buffer overflow in libopie. [10:05]
Correctly sanity-check a buffer length in nfs mount. [10:06]
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-10:04.jail
Security: FreeBSD-SA-10:05.opie
Security: FreeBSD-SA-10:06.nfsclient
2010-05-27 03:15:04 +00:00
Ed Schouten
7845988449
Don't include <utmp.h> when using <utmpx.h>.
...
libopie includes both <utmp.h> and <utmpx.h> in this case and uses some
#defines to let the code use struct utmpx and its utility functions.
We'd better not include <utmp.h> here, because maybe it will not be
present in the future.
2010-01-11 16:27:56 +00:00
Gabor Kovesdan
2699f8569c
- Remove non-existing reference
...
- Fix trailing comma
PR: docs/85118
Submitted by: vs
MFC after: 3 days
2009-01-30 15:43:55 +00:00
Colin Percival
d16f6f5027
Add missing code needed for the detection of IPSec packet replays. [1]
...
Correctly identify the user running opiepasswd(1) when the login name
differs from the account name. [2]
Security: FreeBSD-SA-06:11.ipsec [1]
Security: FreeBSD-SA-06:12.opie [2]
2006-03-22 16:00:42 +00:00
Andrey A. Chernov
85ca5e684e
Create /etc/opiekeys with 0600, not 0644
...
PR: 84221
2005-07-29 09:59:24 +00:00
Kris Kennaway
654cbf38df
FreeBSD does not use this code, but ftpd_popen() contains a buffer overflow.
...
We might as well patch it.
Submitted by: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>
PR: bin/23352
MFC After: The average time before an unpatched Windows 2000 server gets owned
2003-07-13 05:59:50 +00:00
Dag-Erling Smørgrav
5da7cece45
When computing a new seed for an existing user, opienewseed() would
...
incorrectly compute the length of the numeric portion of the previous
seed, causing the new seed to be one character shorter than the old
one.
This patch has been submitted to the vendor; I'm committing it right
away since the file is already off the vendor branch.
MFC after: 3 days
2003-01-22 10:55:36 +00:00
Mark Murray
f4083b2413
Resolve conflicts.
2002-03-21 23:42:52 +00:00
Mark Murray
7b0f9607c9
This commit was generated by cvs2svn to compensate for changes in r92906,
...
which included commits to RCS files with non-trunk default branches.
2002-03-21 22:50:02 +00:00
Mark Murray
cfb697297a
Vendor import of OPIE 2.4
2002-03-21 22:50:02 +00:00
Andrey A. Chernov
9df24552a0
Zeroing memset() in opiechallenge() really is not needed because it is the
...
very first thing immediately following opielookup() does being entered, i.e.
look at this:
int opielookup FUNCTION((opie, principal), struct opie *opie AND char
*principal
)
{
int i;
memset(opie, 0, sizeof(struct opie));
...
2002-01-24 22:19:21 +00:00
Joerg Wunsch
32eb5fea1a
Make the -a flag to opiekey(1) actually work as advertised.
...
Reviewed by: ache, audit, security
MFC after: 1 week
2002-01-09 13:36:26 +00:00
Andrey A. Chernov
57766554c6
Repo copied to /usr/src/lib/libopie/
2002-01-03 15:58:11 +00:00
Andrey A. Chernov
eac68b24dc
Add heuristic to detect SSH connection (in the same style as other
...
heuristics already here which not supposed to be secure, just helpers).
Approved by: security@ silence
2001-08-29 13:17:02 +00:00
Mark Murray
432f97766d
Fix overflow problem when giving a username that is too long.
...
Also minor declaration/header fixes while auditing the code.
2001-08-20 12:52:49 +00:00
Andrey A. Chernov
c6fa3dde62
Fix uninitialized "force" variable.
...
PR: 23203
Submitted by: fenner
Approved by: markm
2001-08-13 19:43:14 +00:00
Mark Murray
c7ff6083f9
Fix SHA1 hashing.
2001-07-14 08:30:54 +00:00
Mark Murray
bce9718b36
Usse a better method to get a user's credentials, as uid's may be
...
legally duplicated.
Requested by: ache
2001-07-14 08:29:19 +00:00
Ruslan Ermilov
63914212f0
Eliminate troff(1) warnings that were hiding some useful text.
2001-07-12 14:29:59 +00:00
Andrey A. Chernov
cd01c79119
Make the similar changes as in our keyinfo, i.e. allow user to get his own
...
sequence and allow root to get everybody's one. Before this change user
can't get his own sequence, root required.
2001-06-23 04:48:59 +00:00
Kris Kennaway
18690202e2
Import patch to fix non-constant format string abuses. This patch was
...
approved by the vendor and will be present in future releases.
2001-03-05 02:54:13 +00:00
Kris Kennaway
fc03710c55
This commit was generated by cvs2svn to compensate for changes in r73569,
...
which included commits to RCS files with non-trunk default branches.
2001-03-05 02:54:13 +00:00
Kris Kennaway
88868b1649
Correct security hole in setproctitle(). We don't compile this code, but
...
having the security hole there makes my skin itch.
2000-07-10 07:30:28 +00:00
Kris Kennaway
6102159f98
Add some extra functions adapted from OpenBSD, in preparation for
...
OpenSSH OPIE support.
2000-05-15 04:20:54 +00:00
Kris Kennaway
bf1d0435ca
Allow applications to disable the installation of the atexit() handler
...
which cleans up OPIE lockfiles. This is required for pam_opie.
Submitted by: Jim Bloom <bloom@acm.org>
2000-04-17 00:01:23 +00:00
Kris Kennaway
0d845f9706
Resolve conflicts
2000-04-10 11:18:54 +00:00
Kris Kennaway
dd9cf0235c
Upgrade to OPIE 2.32, from http://www.inner.net/pub/opie/
2000-04-10 11:09:42 +00:00
Kris Kennaway
46c66b6f15
This commit was generated by cvs2svn to compensate for changes in r59118,
...
which included commits to RCS files with non-trunk default branches.
2000-04-10 11:09:42 +00:00
Chris Costello
fe93771ac9
- Use proper markup for a section header.
...
- Replace nonexistent OPIE_PROMPT_MAX with OPIE_CHALLENGE_MAX
PR: 16209
Submitted by: Tetsuro Furuya <tfuruya@ppp142197.asahi-net.or.jp>
2000-01-19 21:54:19 +00:00
Warner Losh
a4c0f3bc90
sprintf -> snprintf
1998-09-09 17:08:46 +00:00
Bruce Evans
9f15c7ece5
Fixed printf format errors.
1998-06-30 18:06:23 +00:00
Steve Price
3630d9abff
'They They' -> 'They'
...
PR: 6912
Submitted by: Stefan Eggers <seggers@semyam.dinoco.de>
1998-06-14 16:06:00 +00:00
Alexander Langer
c62b41d9d5
YTK fix.
1997-12-22 23:00:35 +00:00
Steve Price
f8a9ca2b82
Make this manpage reveal its true identity. A diff of these
...
changes has also been sent to opie-bugs@inner.net .
PR: 5129
Submitted by: jkh
1997-11-27 18:10:42 +00:00
Andrey A. Chernov
b1769be32c
Move locks from /etc/opielocks to /var/run/opielocks to keep
...
/etc non-writeable as possible
1997-10-01 13:02:20 +00:00
Andrey A. Chernov
32fb311063
Add setutent.c
1997-09-29 11:31:22 +00:00
Andrey A. Chernov
6305a1fdec
This commit was generated by cvs2svn to compensate for changes in r29975,
...
which included commits to RCS files with non-trunk default branches.
1997-09-29 11:31:22 +00:00
Andrey A. Chernov
14925a4bcd
Oops, __END_DECLS was in wrong place
1997-09-29 10:58:53 +00:00
Andrey A. Chernov
bde4652505
Not used in this version
1997-09-29 10:42:45 +00:00
Andrey A. Chernov
4aed43db5a
Moved to libopie
1997-09-29 10:38:24 +00:00
Andrey A. Chernov
e9fcc517e1
Merge
1997-09-29 10:33:14 +00:00
Andrey A. Chernov
8fd53644f9
Upgrade to 2.31
1997-09-29 08:53:38 +00:00
Andrey A. Chernov
27544d1f2f
This commit was generated by cvs2svn to compensate for changes in r29964,
...
which included commits to RCS files with non-trunk default branches.
1997-09-29 08:53:38 +00:00
Paul Traina
5901e3495b
Remove bits of libmissing we don't care about.
1997-09-03 08:24:28 +00:00
Paul Traina
0e904270de
Update synopsis. A partial fix has also been submitted to opie@bugs@inner.net
...
Submitted by: bde
1997-08-26 20:55:43 +00:00
Andrey A. Chernov
6d0f9ab962
Detect null secret as error, it is temp. fix until next release
...
Submitted by: Craig Metz <cmetz@inner.net>
1997-08-05 23:15:28 +00:00