Commit Graph

74 Commits

Author SHA1 Message Date
ru
114ea39c76 Fixed the misplaced $FreeBSD$. 2005-02-09 18:07:17 +00:00
ru
ed72feddcb Sort sections. 2005-01-20 09:17:07 +00:00
ru
f4c44b761b NOCRYPT -> NO_CRYPT 2004-12-21 10:16:04 +00:00
ru
5db2b9d5b3 For variables that are only checked with defined(), don't provide
any fake value.
2004-10-24 15:33:08 +00:00
ru
01548ace15 Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
gordon
5901302929 Stage 3 of dynamic root support. Make all the libraries needed to run
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
2003-08-17 08:28:46 +00:00
charnier
bc7ec1835e The .Fn function 2003-06-08 10:20:32 +00:00
markm
67a8d1ff99 Tidy the code up a fraction. Re-release with a 2-clause BSD license
with the kind permission of the author/copyright holder.

Thanks to:	phk
2003-06-02 21:43:14 +00:00
markm
ec27a74807 Add a new hash type. This "NT-hash" is compatible with the password
hashing scheme used in Microsoft's NT machines. IT IS NOT SECURE!
DON'T USE IT! This is for the use of competent sysadmins only!

Submitted by:	Michael Bretterklieber
2003-06-02 19:29:27 +00:00
des
e5d2d778eb Retire the useless NOSECURE knob.
Approved by:	re (scottl)
2003-05-19 15:52:01 +00:00
schweikh
fec6546e12 english(4) police. 2002-12-27 12:15:40 +00:00
trhodes
05004b3a23 crypt(3) incorrectly documents md5 salt, fixed.
PR:	36782
No objections from:	ru
MFC after:	3 days
2002-04-09 22:32:59 +00:00
phk
33d488c8a4 Fix grammer in comment.
Submitted by:	Engin Gunduz <engin@ripe.net>
2002-03-25 15:55:36 +00:00
phk
0078076cdd Modernize my email-address. 2002-03-25 13:48:53 +00:00
markm
6c270bfa4b Darn. There is (now was) a signed/unsigned issue that resulted in a
very long loop.

Reported by:	nnd@mail.nsk.ru (Nickolay Dudorov)
2002-03-07 10:41:11 +00:00
markm
ff64831dcf No functional change, but big code cleanup. WARNS, lint(1) and style(9). 2002-03-06 17:18:09 +00:00
ru
ce33199ef5 s/crypt_format/crypt_default/ to match reality.
PR:		docs/32787
Spotted by:	Pete Carah <pete@altadena.net>
2001-12-13 08:05:32 +00:00
ru
623da62a5a mdoc(7) police: Use the new .In macro for #include statements. 2001-10-01 16:09:29 +00:00
dillon
41abc6d4e4 Implement __FBSDID() 2001-09-16 21:35:07 +00:00
markm
fa04b8c3cb Remove out-of-date "cannot be exported from USA" notice. 2001-08-15 20:25:16 +00:00
ru
95ce4d2cdc Removed duplicate VCS ID tags, as per style(9). 2001-08-13 14:06:34 +00:00
dd
a145482cf6 Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
ru
d929062987 mdoc(7) police: removed punctuation after the last SEE ALSO xref. 2001-07-10 18:00:19 +00:00
ru
317b7d8e37 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 13:41:46 +00:00
dd
eaa6ee03b8 mdoc(7) police: remove extraneous .Pp before and/or after .Sh. 2001-07-09 09:54:33 +00:00
dd
04d1b1c8dd Remove duplicate words. 2001-06-24 01:34:38 +00:00
ru
25ef23ac1c MAN[1-9] -> MAN. 2001-03-27 17:27:19 +00:00
peter
29c6996854 Help standalone builds by getting libutil.h from src/lib/libutil 2001-03-21 22:54:59 +00:00
ru
a7e5b57972 mdoc(7) police: ``It'' macro does not take argument in -enum lists.
(In -mdocNG, this only causes warning.  In current implementation,
it is fatal.)

Pointy hat to:	markm (for not checking stderr)
2001-03-16 12:06:26 +00:00
markm
10da321446 Add OpenBSD-style blowfish password hashing. This makes one less
gratuitous difference between us and our sister project.

This was given to me _ages_ ago. May apologies to Paul for the length
of time its taken me to commit.

Obtained from:	Niels Provos <provos@physnet.uni-hamburg.de>/OpenBSD
Submitted by:	Paul Herman <pherman@frenchfries.net>
2001-03-11 16:05:43 +00:00
ru
8ba4187688 Prepare for mdoc(7)NG. 2000-12-29 14:08:20 +00:00
peter
81027b8ec1 Reflect rev 1.18 in crypt.c. Note that this section is somewhat
mangled and could do with some word-smithing.
2000-12-28 11:56:45 +00:00
peter
2e70e5e9f0 Hindsight is wonderful, but I got cold feet over the crypt(3) default
so I am backing it out for now.  The problem is that some random program
calling crypt() could be passing a DES salt and the crypt(3) library
would encrypt it in md5 mode and there would be a password mismatch as a
result.  I wrote a validater function for the DES code to verify that
a salt is valid for DES, but I realized there were too many strange things
to go wrong.  passwd(1), pw(8) etc still generate md5 passwords by default
for /etc/master.passwd, so this is almost academic.  It is a big deal for
things that have their own crypt(3)-ed password strings (.htaccess,
etc etc).  Those are the things I do not want to break.

My DES salt recognizer basically checked if the salt was either 2 or
13 characters long, or began with '_' (_PASSWORD_EFMT1).  I think it
would have worked but I have seen way too much crypt() mishandling
in the past.
2000-12-28 11:23:01 +00:00
peter
117ae0dab3 Merge into a single US-exportable libcrypt, which only provides
one-way hash functions for authentication purposes.  There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before.  If this is
  not called, it tries to heuristically figure out the hash format, and
  if all else fails, it uses the optional auth.conf entry to chose the
  overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
  having the source it in some countries, so preserve the "secure/*"
  division.  You can still build a des-free libcrypt library if you want
  to badly enough.  This should not be a problem in the US or exporting
  from the US as freebsd.org had notified BXA some time ago.  That makes
  this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5.  This
  is to try and minimize POLA across buildworld where folk may suddenly
  be activating des-crypt()-hash support.  Since the des hash may not
  always be present, it seemed sensible to make the stronger md5 algorithm
  the default.
All things being equal, no functionality is lost.

Reviewed-by: jkh

(flame-proof suit on)
2000-12-28 10:32:02 +00:00
ru
1a6c69e84a log 2000-11-22 09:23:54 +00:00
green
d0ebb9124f Still have to support libscrypt for now :( Add #defines to take DES
out for it.
2000-08-24 17:51:16 +00:00
green
b2f8a98e12 How did you sneak in... 2000-08-22 02:17:54 +00:00
green
67c40ef892 Add working and easy crypt(3)-switching. Yes, we need a whole new API
for crypt(3) by now.  In any case:

Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).

The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)

Reviewed by:	peter
2000-08-22 02:15:54 +00:00
kris
b95f8c2f86 Oops, remove vestigial reference to SHS passwords. 2000-04-22 20:43:21 +00:00
phantom
a19291893f Introduce .Lb macro to libcrypt manpage.
Make it more mdoc(7) compliant:
. use .Tn for DES, MD5 andSHS.
. Replace double quotes with .Dq macro
. use An/Aq scheme for listing authors
2000-04-22 15:56:59 +00:00
markm
7673d098ec A bunch of factual corrections. 2000-01-18 18:23:28 +00:00
bde
f3d41d655e Fixed missing include in synopsis. 2000-01-13 10:21:25 +00:00
kris
b07ed057b5 Zap SHA1 password support. This will be re-implemented at a later date. 2000-01-07 06:33:54 +00:00
bde
0e9e667b58 Fixed a formatting error in the prototype for crypt(). 1999-12-23 16:53:18 +00:00
peter
81c8f9fa6d Make a dlopen failure consistant with dlsym(). "Shouldn't happen." 1999-12-17 20:21:45 +00:00
peter
3da8bcb7dc patch glitch 1999-12-17 20:19:28 +00:00
peter
1c7b33fb91 Remove -lmd. Use dlopen() and dlsym() instead for calls to the MD5* and
SHA* routines so that callers of libcrypt are not exposed to the internal
implementation.
1999-12-17 20:04:01 +00:00
markm
2e05680dbf Never return NULL, always return a hash.
Submitted by:	dt
1999-09-22 06:53:08 +00:00
dt
ef28ba9c14 Someone changed major numbers of the libraries from 2 to 3 for 0 (zero) reasons.
Revert the major number back to 2.

libcrypt only export one function, before the recent changes and now:
char *crypt(const char *key, const char *salt);
The prototype didn't changed. Internal representation of `char' and `char *'
didn't changed. Therefore, there is no reason to change the version number.
1999-09-21 17:52:05 +00:00
peter
ea4af6448d Somebody deleted the SONAME override causing the symlink to be expanded
at link time and the target name compiled into the binaries.  ie:
everything used libscrypt or libdescrypt explicitly.
1999-09-21 14:44:27 +00:00