Commit Graph

79 Commits

Author SHA1 Message Date
peter
3da8bcb7dc patch glitch 1999-12-17 20:19:28 +00:00
peter
1c7b33fb91 Remove -lmd. Use dlopen() and dlsym() instead for calls to the MD5* and
SHA* routines so that callers of libcrypt are not exposed to the internal
implementation.
1999-12-17 20:04:01 +00:00
markm
2e05680dbf Never return NULL, always return a hash.
Submitted by:	dt
1999-09-22 06:53:08 +00:00
dt
ef28ba9c14 Someone changed major numbers of the libraries from 2 to 3 for 0 (zero) reasons.
Revert the major number back to 2.

libcrypt only export one function, before the recent changes and now:
char *crypt(const char *key, const char *salt);
The prototype didn't changed. Internal representation of `char' and `char *'
didn't changed. Therefore, there is no reason to change the version number.
1999-09-21 17:52:05 +00:00
peter
ea4af6448d Somebody deleted the SONAME override causing the symlink to be expanded
at link time and the target name compiled into the binaries.  ie:
everything used libscrypt or libdescrypt explicitly.
1999-09-21 14:44:27 +00:00
markm
9bc938e5c5 Big code cleanup. (Inspired by Brandon Gillespie). Also move as
much as possible away from secure/ to make extending easier.
1999-09-20 12:45:49 +00:00
peter
c81dbb3c98 $Header$ -> $FreeBSD$ 1999-08-28 05:11:36 +00:00
peter
76f0c923fe $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
bde
058bbe3c62 Simplified using new SYMLINKS macro, mainly to test this macro. The
ifdefs are too ugly for this to be much of a simplification.  The
existence tests are even uglier now.  Note that the previous commit
was not submitted by me.  It missed the point and just added a second
layer of unused removals.

Fixed hard-coded "libcrypt"s.  The LCRYPTBASE macro mainly makes
things hard to read, but use it while we have it.
1999-03-23 03:41:09 +00:00
markm
b8535c2b1b Fix symlinking. Without the -f "force" option, the wrong version
can be found.
Submitted by:   Bruce
1999-01-24 07:51:33 +00:00
markm
a0f20ba4fc The new crypt code broke "make world". Back it out. 1999-01-23 08:27:46 +00:00
brandon
ee1271708e Moved from the old secure/lib/libcrypt area, because of the rewrite to how
the Makefile handles des support by just including the single .c file.

Reviewed by:	Mark Murray
1999-01-21 13:51:04 +00:00
brandon
0cb1c5b095 Rewrite of crypt library to be more modular, and addition of the
Secure Hashing Algorithm - 1 (SHA-1), along with the further
refinement of what $x$salt$hash means.  With this new crypt the
following are all acceptable:

    $1$
    $MD5$
    $SHA1$

Note: $2$ is used by OpenBSD's Blowfish, which I considered adding
as $BF$, but there is no actual need for it with SHA-1.  However,
somebody wishing to add OpenBSD password support could easilly add
it in now.

There is also a malloc_crypt() available in the library now, which
behaves exactly the same as crypt(), but it uses a malloced buffer
instead of a static buffer.  However, this is not standard so will
likely not be used much (at all).

Also, for those interested I did a brief speed test Pentium 166/MMX,
which shows the DES crypt to do approximately 2640 crypts a CPU second,
MD5 to do about 62 crypts a CPU second and SHA1 to do about 18 crypts
a CPU second.

Reviewed by:	Mark Murray
1999-01-21 13:50:09 +00:00
bde
3e4c6e97f3 Fixed the elf case of the creation of the libcrypt.so -> libscrypt->so
link.  Shared libraries are in ${SHLIBDIR}, not necessarily in ${LIBDIR}.
1998-09-02 15:09:15 +00:00
jb
2b6505f997 BINFORMAT -> OBJFORMAT ready for E-day. 1998-08-30 02:52:04 +00:00
jb
e6edac6dac BINFORMAT -> OBJFORMAT ready for E-day. 1998-08-30 01:57:55 +00:00
peter
51a620d9c6 Turn on the rcsid storage so that it's easier to tell the difference
between libscrypt.a and libdescrypt.a
1998-05-28 12:52:03 +00:00
peter
83e3c439a7 When compiling under elf, use correct library naming conventions. Also
add the required extra symlink.  Set the -soname to libcrypt.so so that
the symlink is used at runtime rather than resolved at compile time.
1997-09-05 12:12:35 +00:00
peter
6b08958c64 Revert $FreeBSD$ to $Id$ 1997-02-22 15:12:41 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
phk
99256fa202 A couple of minor nits.
Submitted by:	Craig Leres <leres@ee.lbl.gov>
Submitted by:	Theo Deraadt <deraadt@theos.com>
1996-10-14 08:34:02 +00:00
jkh
c4d4a99d31 General -Wall warning cleanup, part I.
Submitted-By: Kent Vander Velden <graphix@iastate.edu>
1996-07-12 18:57:58 +00:00
rgrimes
f05428e4cd Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
bde
c2f445d041 Install shared libraries in ${DESTDIR}${SHLIBDIR} instead of in
$(DESTDIR)/$(LIBDIR) (I need SHLIBDIR.  The / was a bug and the
$(...) style was inconsistent.)

Install ordinary libraries in ${DESTDIR}${LIBDIR} instead of in
$(DESTDIR)/$(LIBDIR).

Change remaining $(...) to ${...}.
1994-11-14 06:44:45 +00:00
phk
db0e19820c *** ATTENTION *** YOU MIGHT BE ABOUT TO BE HOSED *** ATTENTION ***
This effectively changes the non-DES password algoritm.

If you have the "securedist" installed you will have no problems with this.
(Though you might want to consider using this password-encryption instead
of the DES-based if your system is likely to be hacked)

If you are running a -current system without the "securedist" installed:
YOU WILL NEED TO CHANGE ALL PASSWORDS !!    There is no backwards mode.

Suggested procedure is:
	Update your sources
	cd /usr/src/lib/libcrypt
	make clean
	make all
	make install
	passwd root
		<set roots new password>
	change password for any other users on the system.

This algorithm is expected to be much better than the traditional DES-
based algorithm.  It uses the MD5 algorithm at what it is best at, as
opposed to the DES algorithm at something it isn't good at at all.  The
algorithm is designed such that it should very hard to shortcut the
calculations needed to build a dictionary, and to make partial knowledge
(Hmm, his password starts with a 'P'...) useless.  Of course if somebody
breaks the MD5 algorithm this looses too.

The salt is 48 bits (8 char @ base64).
The encrypted password is 128 bits.

And I am positively delighted to say that it takes 34 msec to crypt() a
password on a Pentium/60Mhz, so building a dictionary is not really an
option for hackers at the moment.
1994-11-07 21:07:09 +00:00
csgr
ab2cba9887 Fix afterinstall rule for generating links to the real libcrypt
Submitted by:	geoff
1994-08-20 18:13:59 +00:00
csgr
ccd0e11260 Fix afterinstall rule for NOSHARED case
Submitted by:	Geoff Rehmet
1994-08-12 21:12:37 +00:00
csgr
d1a6399b68 The password scrambler now becomes libscrypt, and libcrypt is
a symlink to it. (The real libcrypt will be installed as libdescrypt.)
Submitted by:	Geoff.
1994-08-09 18:49:04 +00:00
csgr
d16f38c8f0 Nates password scrambler, from FreebSD 1.1.5, but with everything except
crypt() ripped out
Reviewed by:	Geoff Rehmet
Submitted by:	Nate Williams
1994-08-09 17:07:27 +00:00