![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / libexec / login_passwd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.11, Sat Dec 21 18:56:27 2019 UTC (4 years, 5 months ago) by millert
Branch: MAIN
CVS Tags: HEAD
Changes since 1.10: +1 -1 lines
FILE REMOVED
Replace modular version with origin BSDi version with our updates. In 2001 login_passwd was made modular so we could use the same source for passwd and kerberos auth. Now that we no longer have kerberos integrated we can simplify login_passwd. OK deraadt@
Revision 1.10 / (download) - annotate - [select for diffs], Wed Jun 13 15:02:09 2018 UTC (5 years, 11 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)
Call pledge(2) earlier before opening the auth channel and readpassphrase() Before this change, only the password validation was pledged, now it also includes some more code including the "Password:" prompt. To pledge the code earlier, the getpwnam_shadow() had to be moved up - it works under "getpw" but it does not return the actual password hash under pledge. This also works with yp(ldap). OK deraadt@ tb@ brynet@
Revision 1.9 / (download) - annotate - [select for diffs], Wed Jun 13 14:54:42 2018 UTC (5 years, 11 months ago) by reyk
Branch: MAIN
Changes since 1.8: +1 -3 lines
Diff to previous 1.8 (colored)
Remove #ifdef PASSWD, it was always enabled and is a leftover from krb5 days. No other uses of -DPASSWD were found in the tree. OK deraadt@ tb@ brynet@
Revision 1.8 / (download) - annotate - [select for diffs], Sat Sep 3 10:50:16 2016 UTC (7 years, 9 months ago) by gsoares
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)
convert to use readpassphrase() instead of DEPRECATED/getpass() OK millert@
Revision 1.7 / (download) - annotate - [select for diffs], Fri Sep 2 10:36:51 2016 UTC (7 years, 9 months ago) by gsoares
Branch: MAIN
Changes since 1.6: +1 -4 lines
Diff to previous 1.6 (colored)
krb5 bits should rest in peace OK deraadt
Revision 1.6 / (download) - annotate - [select for diffs], Sat Oct 24 13:53:20 2015 UTC (8 years, 7 months ago) by ajacoutot
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.5: +1 -2 lines
Diff to previous 1.5 (colored)
Don't compile pwd_gensalt, it's not needed since we use crypt_checkpass. ok tedu@
Revision 1.5 / (download) - annotate - [select for diffs], Fri Jan 16 06:39:50 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
Revision 1.4 / (download) - annotate - [select for diffs], Fri Jun 1 01:43:19 2012 UTC (12 years ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)
add a krb5-noverify option for login.conf that disables verification of the server against a local host keytab file when you're authing users with login_krb5. useful for when you need to auth users but dealing with the domain admins is painful... ok sthen@ jj@ millert@
Revision 1.3 / (download) - annotate - [select for diffs], Thu Mar 9 19:14:10 2006 UTC (18 years, 3 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.2: +3 -2 lines
Diff to previous 1.2 (colored)
Foil potential timing attacks by using the correct password hash instead of "xx". In practice this means bcrypt() will be used for non-existent users instead of DES crypt(). Adapted from a patch by Peter Philipp. OK deraadt@
Revision 1.2 / (download) - annotate - [select for diffs], Thu Apr 14 18:33:42 2005 UTC (19 years, 1 month ago) by biorn
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.1: +1 -4 lines
Diff to previous 1.1 (colored)
drop some krb4 stuff ok beck@
Revision 1.1 / (download) - annotate - [select for diffs], Tue Jun 26 05:03:28 2001 UTC (22 years, 11 months ago) by hin
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7,
OPENBSD_3_6_BASE,
OPENBSD_3_6,
OPENBSD_3_5_BASE,
OPENBSD_3_5,
OPENBSD_3_4_BASE,
OPENBSD_3_4,
OPENBSD_3_3_BASE,
OPENBSD_3_3,
OPENBSD_3_2_BASE,
OPENBSD_3_2,
OPENBSD_3_1_BASE,
OPENBSD_3_1,
OPENBSD_3_0_BASE,
OPENBSD_3_0
Cleanup and unify login_passwd, login_krb4, login_krb4-or-pwd, login_krb5 and login_krb5-or-pwd.