![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / libexec / login_passwd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.20 / (download) - annotate - [select for diffs], Tue Nov 16 21:55:21 2021 UTC (2 years, 6 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
HEAD
Changes since 1.19: +4 -4 lines
Diff to previous 1.19 (colored)
fix an accidental NULL deref introduced last year, found by patrick. rewrite the code with a goto so this never happens again. ok patrick millert
Revision 1.19 / (download) - annotate - [select for diffs], Sat Jan 2 20:32:20 2021 UTC (3 years, 5 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.18: +2 -3 lines
Diff to previous 1.18 (colored)
Check auth_mkvalue(3) return value for NULL (malloc failure). For constant strings we don't actually need to use auth_mkvalue(3). Problem reported by Ross L Richardson.
Revision 1.18 / (download) - annotate - [select for diffs], Fri May 15 17:25:39 2020 UTC (4 years ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.17: +5 -4 lines
Diff to previous 1.17 (colored)
Fix handling of passwd entries with an empty password. Initialize "pass" to the empty string instead of NULL, otherwise crypt_checkpass() will dereference NULL. From Yuichiro Naito via yasuoka@. OK deraadt@
Revision 1.17 / (download) - annotate - [select for diffs], Tue Dec 24 13:13:33 2019 UTC (4 years, 5 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.16: +5 -4 lines
Diff to previous 1.16 (colored)
Merge two missed fixes from login.c to login_passwd.c. - use the correct length when checking for "-v lastchance=yes" - don't try to zero pass if it is NULL From miod@
Revision 1.16 / (download) - annotate - [select for diffs], Sat Dec 21 18:56:27 2019 UTC (4 years, 5 months ago) by millert
Branch: MAIN
Changes since 1.15: +132 -32 lines
Diff to previous 1.15 (colored)
Replace modular version with origin BSDi version with our updates. In 2001 login_passwd was made modular so we could use the same source for passwd and kerberos auth. Now that we no longer have kerberos integrated we can simplify login_passwd. OK deraadt@
Revision 1.15 / (download) - annotate - [select for diffs], Wed Jun 13 15:02:09 2018 UTC (5 years, 11 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.14: +2 -4 lines
Diff to previous 1.14 (colored)
Call pledge(2) earlier before opening the auth channel and readpassphrase() Before this change, only the password validation was pledged, now it also includes some more code including the "Password:" prompt. To pledge the code earlier, the getpwnam_shadow() had to be moved up - it works under "getpw" but it does not return the actual password hash under pledge. This also works with yp(ldap). OK deraadt@ tb@ brynet@
Revision 1.14 / (download) - annotate - [select for diffs], Thu Nov 19 18:37:01 2015 UTC (8 years, 6 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.13: +5 -3 lines
Diff to previous 1.13 (colored)
Call syslog() if login_* pledge fails; OK deraadt@
Revision 1.13 / (download) - annotate - [select for diffs], Wed Nov 18 19:27:46 2015 UTC (8 years, 6 months ago) by tedu
Branch: MAIN
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
use _shadow getpw functions. these utilities obviously deal with hashes.
Revision 1.12 / (download) - annotate - [select for diffs], Wed Oct 14 17:06:58 2015 UTC (8 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.11: +5 -1 lines
Diff to previous 1.11 (colored)
pledge "stdio rpath" is good enough for these mainline BSD auth login programs. (I am very surprised pledge ended up working for programs like this) ok semarie millert
Revision 1.11 / (download) - annotate - [select for diffs], Mon Oct 5 17:31:17 2015 UTC (8 years, 8 months ago) by millert
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
Use explicit_bzero() instead of memset() for zeroing out secrets. OK deraadt@
Revision 1.10 / (download) - annotate - [select for diffs], Tue Sep 16 22:07:02 2014 UTC (9 years, 8 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.9: +7 -22 lines
Diff to previous 1.9 (colored)
use crypt_checkpass function to make things simple
Revision 1.9 / (download) - annotate - [select for diffs], Thu Mar 9 19:14:10 2006 UTC (18 years, 3 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.8: +11 -4 lines
Diff to previous 1.8 (colored)
Foil potential timing attacks by using the correct password hash instead of "xx". In practice this means bcrypt() will be used for non-existent users instead of DES crypt(). Adapted from a patch by Peter Philipp. OK deraadt@
Revision 1.8 / (download) - annotate - [select for diffs], Wed Mar 10 21:30:27 2004 UTC (20 years, 3 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8,
OPENBSD_3_7_BASE,
OPENBSD_3_7,
OPENBSD_3_6_BASE,
OPENBSD_3_6,
OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.7: +3 -1 lines
Diff to previous 1.7 (colored)
More checking for a NULL return value from getpass(). otto@ OK
Revision 1.7 / (download) - annotate - [select for diffs], Tue Jul 29 18:39:23 2003 UTC (20 years, 10 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)
spaces
Revision 1.6 / (download) - annotate - [select for diffs], Tue Mar 19 20:22:21 2002 UTC (22 years, 2 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3,
OPENBSD_3_2_BASE,
OPENBSD_3_2,
OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.5: +13 -10 lines
Diff to previous 1.5 (colored)
Only accept the empty string for users with no password. Previously, any password was accepted (that's how crypt() behaves).
Revision 1.5 / (download) - annotate - [select for diffs], Sun Aug 12 21:55:46 2001 UTC (22 years, 10 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.4: +6 -6 lines
Diff to previous 1.4 (colored)
some KNF
Revision 1.4 / (download) - annotate - [select for diffs], Fri Jun 29 05:56:36 2001 UTC (22 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +9 -10 lines
Diff to previous 1.3 (colored)
ugly
Revision 1.3 / (download) - annotate - [select for diffs], Tue Jun 26 05:03:28 2001 UTC (22 years, 11 months ago) by hin
Branch: MAIN
Changes since 1.2: +28 -140 lines
Diff to previous 1.2 (colored)
Cleanup and unify login_passwd, login_krb4, login_krb4-or-pwd, login_krb5 and login_krb5-or-pwd.
Revision 1.2 / (download) - annotate - [select for diffs], Mon Jun 25 21:52:16 2001 UTC (22 years, 11 months ago) by hin
Branch: MAIN
Changes since 1.1: +3 -17 lines
Diff to previous 1.1 (colored)
Don't do the root instance handling stuff; su no longer does it.
Revision 1.1 / (download) - annotate - [select for diffs], Tue Dec 12 02:33:44 2000 UTC (23 years, 6 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9
passwd login script; authenticates the user via passwd/yp will be used when BSD authentication is enabled