Commit Graph

36 Commits

Author SHA1 Message Date
des
249696a5bb Stop using auth_getval() now that it always returns NULL. Instead,
hardcode the default to what it would be if we didn't hardcode it,
i.e. DES if supported and MD5 otherwise.

MFC after:	3 weeks
2012-06-12 17:14:19 +00:00
joel
b9a2e94d1d mdoc: minor Bl improvements. 2012-06-02 08:47:26 +00:00
eadler
a2b5cc87fc Make the item numbers match the crypt magic number
PR:		docs/166497
Submitted by:	Mike Kelly <pioto@pioto.org>
Approved by:	cperciva
MFC after:	1 week
2012-04-11 14:12:28 +00:00
joel
39c40cce12 Remove superfluous paragraph macro. 2012-03-25 12:13:24 +00:00
markm
a92a1dcda0 Document SHA256/512 modes.
MFC after:	1 month
2011-04-09 14:09:46 +00:00
ceri
1b7b9ce89e cipher(3) is gone.
MFC after:	3 days
2007-04-04 14:04:55 +00:00
ru
114ea39c76 Fixed the misplaced $FreeBSD$. 2005-02-09 18:07:17 +00:00
ru
ed72feddcb Sort sections. 2005-01-20 09:17:07 +00:00
ru
01548ace15 Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
charnier
bc7ec1835e The .Fn function 2003-06-08 10:20:32 +00:00
markm
ec27a74807 Add a new hash type. This "NT-hash" is compatible with the password
hashing scheme used in Microsoft's NT machines. IT IS NOT SECURE!
DON'T USE IT! This is for the use of competent sysadmins only!

Submitted by:	Michael Bretterklieber
2003-06-02 19:29:27 +00:00
schweikh
fec6546e12 english(4) police. 2002-12-27 12:15:40 +00:00
trhodes
05004b3a23 crypt(3) incorrectly documents md5 salt, fixed.
PR:	36782
No objections from:	ru
MFC after:	3 days
2002-04-09 22:32:59 +00:00
ru
ce33199ef5 s/crypt_format/crypt_default/ to match reality.
PR:		docs/32787
Spotted by:	Pete Carah <pete@altadena.net>
2001-12-13 08:05:32 +00:00
ru
623da62a5a mdoc(7) police: Use the new .In macro for #include statements. 2001-10-01 16:09:29 +00:00
markm
fa04b8c3cb Remove out-of-date "cannot be exported from USA" notice. 2001-08-15 20:25:16 +00:00
dd
a145482cf6 Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
ru
d929062987 mdoc(7) police: removed punctuation after the last SEE ALSO xref. 2001-07-10 18:00:19 +00:00
ru
317b7d8e37 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 13:41:46 +00:00
dd
eaa6ee03b8 mdoc(7) police: remove extraneous .Pp before and/or after .Sh. 2001-07-09 09:54:33 +00:00
dd
04d1b1c8dd Remove duplicate words. 2001-06-24 01:34:38 +00:00
ru
a7e5b57972 mdoc(7) police: ``It'' macro does not take argument in -enum lists.
(In -mdocNG, this only causes warning.  In current implementation,
it is fatal.)

Pointy hat to:	markm (for not checking stderr)
2001-03-16 12:06:26 +00:00
markm
10da321446 Add OpenBSD-style blowfish password hashing. This makes one less
gratuitous difference between us and our sister project.

This was given to me _ages_ ago. May apologies to Paul for the length
of time its taken me to commit.

Obtained from:	Niels Provos <provos@physnet.uni-hamburg.de>/OpenBSD
Submitted by:	Paul Herman <pherman@frenchfries.net>
2001-03-11 16:05:43 +00:00
ru
8ba4187688 Prepare for mdoc(7)NG. 2000-12-29 14:08:20 +00:00
peter
81027b8ec1 Reflect rev 1.18 in crypt.c. Note that this section is somewhat
mangled and could do with some word-smithing.
2000-12-28 11:56:45 +00:00
peter
117ae0dab3 Merge into a single US-exportable libcrypt, which only provides
one-way hash functions for authentication purposes.  There is no more
"set the libcrypt->libXXXcrypt" nightmare.
- Undo the libmd.so hack, use -D to hide the md5c.c internals.
- Remove the symlink hacks in release/Makefile
- the algorthm is set by set_crypt_format() as before.  If this is
  not called, it tries to heuristically figure out the hash format, and
  if all else fails, it uses the optional auth.conf entry to chose the
  overall default hash.
- Since source has non-hidden crypto in it there may be some issues with
  having the source it in some countries, so preserve the "secure/*"
  division.  You can still build a des-free libcrypt library if you want
  to badly enough.  This should not be a problem in the US or exporting
  from the US as freebsd.org had notified BXA some time ago.  That makes
  this stuff re-exportable by anyone.
- For consistancy, the default in absence of any other clues is md5.  This
  is to try and minimize POLA across buildworld where folk may suddenly
  be activating des-crypt()-hash support.  Since the des hash may not
  always be present, it seemed sensible to make the stronger md5 algorithm
  the default.
All things being equal, no functionality is lost.

Reviewed-by: jkh

(flame-proof suit on)
2000-12-28 10:32:02 +00:00
ru
1a6c69e84a log 2000-11-22 09:23:54 +00:00
green
67c40ef892 Add working and easy crypt(3)-switching. Yes, we need a whole new API
for crypt(3) by now.  In any case:

Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).

The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)

Reviewed by:	peter
2000-08-22 02:15:54 +00:00
kris
b95f8c2f86 Oops, remove vestigial reference to SHS passwords. 2000-04-22 20:43:21 +00:00
phantom
a19291893f Introduce .Lb macro to libcrypt manpage.
Make it more mdoc(7) compliant:
. use .Tn for DES, MD5 andSHS.
. Replace double quotes with .Dq macro
. use An/Aq scheme for listing authors
2000-04-22 15:56:59 +00:00
markm
7673d098ec A bunch of factual corrections. 2000-01-18 18:23:28 +00:00
bde
f3d41d655e Fixed missing include in synopsis. 2000-01-13 10:21:25 +00:00
bde
0e9e667b58 Fixed a formatting error in the prototype for crypt(). 1999-12-23 16:53:18 +00:00
markm
9bc938e5c5 Big code cleanup. (Inspired by Brandon Gillespie). Also move as
much as possible away from secure/ to make extending easier.
1999-09-20 12:45:49 +00:00
markm
a0f20ba4fc The new crypt code broke "make world". Back it out. 1999-01-23 08:27:46 +00:00
brandon
0cb1c5b095 Rewrite of crypt library to be more modular, and addition of the
Secure Hashing Algorithm - 1 (SHA-1), along with the further
refinement of what $x$salt$hash means.  With this new crypt the
following are all acceptable:

    $1$
    $MD5$
    $SHA1$

Note: $2$ is used by OpenBSD's Blowfish, which I considered adding
as $BF$, but there is no actual need for it with SHA-1.  However,
somebody wishing to add OpenBSD password support could easilly add
it in now.

There is also a malloc_crypt() available in the library now, which
behaves exactly the same as crypt(), but it uses a malloced buffer
instead of a static buffer.  However, this is not standard so will
likely not be used much (at all).

Also, for those interested I did a brief speed test Pentium 166/MMX,
which shows the DES crypt to do approximately 2640 crypts a CPU second,
MD5 to do about 62 crypts a CPU second and SHA1 to do about 18 crypts
a CPU second.

Reviewed by:	Mark Murray
1999-01-21 13:50:09 +00:00