![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / login
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.74 / (download) - annotate - [select for diffs], Wed Mar 8 04:43:11 2023 UTC (14 months, 1 week ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
HEAD
Changes since 1.73: +1 -3 lines
Diff to previous 1.73 (colored)
Delete obsolete /* ARGSUSED */ lint comments. ok miod@ millert@
Revision 1.73 / (download) - annotate - [select for diffs], Sun Oct 24 21:24:16 2021 UTC (2 years, 6 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.72: +3 -3 lines
Diff to previous 1.72 (colored)
For open/openat, if the flags parameter does not contain O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
Revision 1.71.2.1 / (download) - annotate - [select for diffs], Wed Dec 4 09:52:22 2019 UTC (4 years, 5 months ago) by deraadt
Branch: OPENBSD_6_6
Changes since 1.71: +9 -4 lines
Diff to previous 1.71 (colored) next main 1.72 (colored)
This is 6.6/010_libcauth.patch.sig libc's authentication privsep layer performed insufficient username validation. Repair work mostly by markus and millert, first of all solving the primary problem, then adding some additional validation points. And then futher validation in login and su. Reported by Qualys
Revision 1.70.4.1 / (download) - annotate - [select for diffs], Wed Dec 4 09:51:49 2019 UTC (4 years, 5 months ago) by deraadt
Branch: OPENBSD_6_5
Changes since 1.70: +9 -4 lines
Diff to previous 1.70 (colored) next main 1.71 (colored)
This is 6.5/021_libcauth.patch.sig libc's authentication privsep layer performed insufficient username validation. Repair work mostly by markus and millert, first of all solving the primary problem, then adding some additional validation points. And then futher validation in login and su. Reported by Qualys
Revision 1.72 / (download) - annotate - [select for diffs], Wed Dec 4 09:51:07 2019 UTC (4 years, 5 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.71: +9 -4 lines
Diff to previous 1.71 (colored)
libc's authentication privsep layer performed insufficient username validation. Repair work mostly by markus and millert, first of all solving the primary problem, then adding some additional validation points. And then futher validation in login and su. This will be 6.5/021_libcauth.patch.sig and 6.6/010_libcauth.patch.sig Reported by Qualys
Revision 1.71 / (download) - annotate - [select for diffs], Fri Jun 28 13:35:01 2019 UTC (4 years, 10 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE
Branch point for: OPENBSD_6_6
Changes since 1.70: +6 -6 lines
Diff to previous 1.70 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.70 / (download) - annotate - [select for diffs], Wed Aug 15 19:38:47 2018 UTC (5 years, 9 months ago) by fcambus
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Branch point for: OPENBSD_6_5
Changes since 1.69: +3 -4 lines
Diff to previous 1.69 (colored)
Remove dead assignment in login(1). Since rev 1.36, the instance variable is never read again so we can simply drop the else clause with the assignment. While there, also drop the useless increment, as pointed out by tom@. OK deraadt@ (previous version), millert@, tom@
Revision 1.69 / (download) - annotate - [select for diffs], Fri Dec 8 17:04:15 2017 UTC (6 years, 5 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.68: +2 -5 lines
Diff to previous 1.68 (colored)
Convert snprintf+write into dprintf. It is simply easier to read, and provides retry on short-write file descriptors. ok florian, previous versions seen by millert
Revision 1.68 / (download) - annotate - [select for diffs], Sun Aug 21 03:26:04 2016 UTC (7 years, 8 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.67: +2 -2 lines
Diff to previous 1.67 (colored)
Change sleep from crazy backoff to one second of sleep between retries ok deraadt@
Revision 1.67 / (download) - annotate - [select for diffs], Sat Dec 26 20:51:35 2015 UTC (8 years, 4 months ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.66: +6 -7 lines
Diff to previous 1.66 (colored)
Use pread/pwrite instead separate lseek+read/write for lastlog. Cast to off_t before multiplication to avoid truncation on ILP32 ok kettenis@ mmcc@
Revision 1.66 / (download) - annotate - [select for diffs], Wed Dec 9 19:26:26 2015 UTC (8 years, 5 months ago) by mmcc
Branch: MAIN
Changes since 1.65: +2 -3 lines
Diff to previous 1.65 (colored)
Remove NULL-check before free(). ok tb@
Revision 1.65 / (download) - annotate - [select for diffs], Mon Oct 26 15:29:17 2015 UTC (8 years, 6 months ago) by zhuk
Branch: MAIN
Changes since 1.64: +1 -15 lines
Diff to previous 1.64 (colored)
Put off some "notyet" dust from login.c. okay millert@ and deraadt@
Revision 1.64 / (download) - annotate - [select for diffs], Sun Mar 15 00:41:28 2015 UTC (9 years, 2 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.63: +5 -3 lines
Diff to previous 1.63 (colored)
tzfile.h is an internal header that should never have been installed. What's worse, the tzfile.h that gets installed is over 20 years old and doesn't match the real tzfile.h in libc/time. This makes the tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE define has been moved to time.h temporarily until its usage is replaced by 1900 in the tree. Actual removal of tzfile.h is pending a ports build. Based on a diff from deraadt@
Revision 1.63 / (download) - annotate - [select for diffs], Fri Jan 16 06:40:09 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.62: +5 -5 lines
Diff to previous 1.62 (colored)
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
Revision 1.62 / (download) - annotate - [select for diffs], Tue May 20 01:25:23 2014 UTC (10 years ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.61: +5 -5 lines
Diff to previous 1.61 (colored)
Use errc/warnc to simplify code. Also, in 'ftp', always put the error message last, after the hostname/ipaddr. ok jsing@ krw@ millert@
Revision 1.61 / (download) - annotate - [select for diffs], Tue Oct 27 23:59:40 2009 UTC (14 years, 6 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.60: +1 -14 lines
Diff to previous 1.60 (colored)
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
Revision 1.60 / (download) - annotate - [select for diffs], Sat Sep 5 14:04:38 2009 UTC (14 years, 8 months ago) by tobias
Branch: MAIN
Changes since 1.59: +5 -4 lines
Diff to previous 1.59 (colored)
- properly free fqdn if it gets reassigned due to multiple -h options - fixed comment typos with input by and ok millert, otto
Revision 1.59 / (download) - annotate - [select for diffs], Mon Aug 31 22:25:43 2009 UTC (14 years, 8 months ago) by martynas
Branch: MAIN
Changes since 1.58: +8 -6 lines
Diff to previous 1.58 (colored)
also, like ssh, set up MAIL to the location we've just checked so that ksh could take advantage of it. ok millert@
Revision 1.58 / (download) - annotate - [select for diffs], Mon Aug 3 21:43:07 2009 UTC (14 years, 9 months ago) by martynas
Branch: MAIN
Changes since 1.57: +3 -3 lines
Diff to previous 1.57 (colored)
properly pass SHELL from password file; not a login configuration variable (restores behavior pre-rev. 1.30). ok millert@
Revision 1.57 / (download) - annotate - [select for diffs], Mon Apr 2 07:01:33 2007 UTC (17 years, 1 month ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.56: +4 -4 lines
Diff to previous 1.56 (colored)
tweak the -LR options, after similar changes to tcpdrop(8); ok deraadt
Revision 1.56 / (download) - annotate - [select for diffs], Mon Mar 26 14:29:37 2007 UTC (17 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.55: +4 -4 lines
Diff to previous 1.55 (colored)
tidy up SYNOPSIS, options description, FILES, and usage(); from Igor Sobrado
Revision 1.55 / (download) - annotate - [select for diffs], Mon Aug 30 23:00:22 2004 UTC (19 years, 8 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0,
OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8,
OPENBSD_3_7_BASE,
OPENBSD_3_7,
OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.54: +3 -3 lines
Diff to previous 1.54 (colored)
For username foo.bar, don't treat "bar" as a kerberos instance, that was a kerb4'ism. OK deraadt@
Revision 1.54 / (download) - annotate - [select for diffs], Fri Jan 23 04:36:37 2004 UTC (20 years, 4 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.53: +3 -8 lines
Diff to previous 1.53 (colored)
Move a closefrom(2) into the block that execs su(1) where it can do the most good. There is already another closefrom(2) for the normal code path. Also remove a bogus comment. Discussed with deraadt@
Revision 1.53 / (download) - annotate - [select for diffs], Fri Jan 23 03:48:43 2004 UTC (20 years, 4 months ago) by deraadt
Branch: MAIN
Changes since 1.52: +4 -6 lines
Diff to previous 1.52 (colored)
Use closefrom(); ok millert tedu
Revision 1.52 / (download) - annotate - [select for diffs], Sun Nov 9 20:13:57 2003 UTC (20 years, 6 months ago) by otto
Branch: MAIN
Changes since 1.51: +3 -3 lines
Diff to previous 1.51 (colored)
Typos in comments from Jared Yanovich <jjy2+ at pitt dot edu>
Revision 1.51 / (download) - annotate - [select for diffs], Tue Aug 12 13:14:58 2003 UTC (20 years, 9 months ago) by hin
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.50: +2 -27 lines
Diff to previous 1.50 (colored)
Clean up obsolete kerberos 4 stuff ok millert@
Revision 1.50 / (download) - annotate - [select for diffs], Tue Jun 3 02:56:10 2003 UTC (20 years, 11 months ago) by millert
Branch: MAIN
Changes since 1.49: +3 -7 lines
Diff to previous 1.49 (colored)
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
Revision 1.49 / (download) - annotate - [select for diffs], Wed Oct 16 01:08:56 2002 UTC (21 years, 7 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3
Changes since 1.48: +61 -39 lines
Diff to previous 1.48 (colored)
Remove the setuid bit from /usr/bin/login. If login is run by a user with a non-zero euid, it will now exec "su -L -l". The only things that need to do this are shells with a "login" builtin and the emulation that su(1) now does is good enough for this purpose.
Revision 1.48 / (download) - annotate - [select for diffs], Tue Jul 2 01:36:19 2002 UTC (21 years, 10 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.47: +17 -12 lines
Diff to previous 1.47 (colored)
Kill setjmp/longjmp from a signal handler. All we really need is to use sigaction() w/o SA_RESTART to allow ^C to interrupt motd(). deraadt@ OK.
Revision 1.47 / (download) - annotate - [select for diffs], Tue Jul 2 01:15:08 2002 UTC (21 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.46: +58 -67 lines
Diff to previous 1.46 (colored)
KNF and signal race fixes; millert ok
Revision 1.46 / (download) - annotate - [select for diffs], Sat Mar 30 18:16:05 2002 UTC (22 years, 1 month ago) by vincent
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.45: +3 -3 lines
Diff to previous 1.45 (colored)
warn -> warnx, because we put the strerror() manually. ok millert
Revision 1.45 / (download) - annotate - [select for diffs], Sat Feb 16 21:27:48 2002 UTC (22 years, 3 months ago) by millert
Branch: MAIN
Changes since 1.44: +16 -16 lines
Diff to previous 1.44 (colored)
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
Revision 1.44 / (download) - annotate - [select for diffs], Sun Jan 6 21:59:15 2002 UTC (22 years, 4 months ago) by millert
Branch: MAIN
Changes since 1.43: +4 -8 lines
Diff to previous 1.43 (colored)
Do not allow root to login via an insecure tty even if the auth method does not use plaintext passwords due to the possibility of connection hijacking. This restores the pre-3.0 behavior and closes PR 2299.
Revision 1.43 / (download) - annotate - [select for diffs], Sun Aug 12 02:45:33 2001 UTC (22 years, 9 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE,
OPENBSD_3_0
Changes since 1.42: +3 -3 lines
Diff to previous 1.42 (colored)
Sync usage message to man page
Revision 1.42 / (download) - annotate - [select for diffs], Mon Jul 9 07:04:49 2001 UTC (22 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.41: +3 -3 lines
Diff to previous 1.41 (colored)
correct type on last arg to execl(); nordin@cse.ogi.edu
Revision 1.41 / (download) - annotate - [select for diffs], Fri Jul 6 18:12:06 2001 UTC (22 years, 10 months ago) by pvalchev
Branch: MAIN
Changes since 1.40: +3 -2 lines
Diff to previous 1.40 (colored)
missing prototypes; ok millert
Revision 1.40 / (download) - annotate - [select for diffs], Thu Jun 28 22:49:42 2001 UTC (22 years, 10 months ago) by millert
Branch: MAIN
Changes since 1.39: +4 -4 lines
Diff to previous 1.39 (colored)
'/' can also be an instance separator (e.g. kerb5)
Revision 1.39 / (download) - annotate - [select for diffs], Mon Jun 25 16:18:37 2001 UTC (22 years, 10 months ago) by millert
Branch: MAIN
Changes since 1.38: +5 -4 lines
Diff to previous 1.38 (colored)
Add a "login" option to allow differentiation between authentication that creates a login session vs. a simple identity check. Gets passed as a -v option to the login scripts. To be used by kerberos to know when to create new tickets.
Revision 1.38 / (download) - annotate - [select for diffs], Sun Jun 24 17:12:52 2001 UTC (22 years, 11 months ago) by millert
Branch: MAIN
Changes since 1.37: +3 -4 lines
Diff to previous 1.37 (colored)
When setting uid, set to 0 if rootlogin flag is set, regardless of pw_uid. Fixes problem with user.root instances not haveing uid 0 in kerberos.
Revision 1.37 / (download) - annotate - [select for diffs], Tue Jun 19 16:21:49 2001 UTC (22 years, 11 months ago) by millert
Branch: MAIN
Changes since 1.36: +25 -14 lines
Diff to previous 1.36 (colored)
If we timeout during login and the user tried to login call badlogin() before exit. SUggested by <vii@users.sourceforge.net> Add some new login.conf variables: o login-timeout - login prompt timeout o login-tries - max login tries o login-backoff - number of attempts before backing off (and sleeping)
Revision 1.36 / (download) - annotate - [select for diffs], Tue May 29 21:39:26 2001 UTC (22 years, 11 months ago) by millert
Branch: MAIN
Changes since 1.35: +452 -305 lines
Diff to previous 1.35 (colored)
BSD auth support. k5login.c and klogin.c are no longer used but will remain for the time being until Kerberos support is up to snuff.
Revision 1.35 / (download) - annotate - [select for diffs], Sat Oct 14 20:33:13 2000 UTC (23 years, 7 months ago) by miod
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE,
OPENBSD_2_9,
OPENBSD_2_8_BASE,
OPENBSD_2_8
Changes since 1.34: +6 -2 lines
Diff to previous 1.34 (colored)
Make empty passwords work again when login is compiled with kerberos support.
Revision 1.34 / (download) - annotate - [select for diffs], Fri Sep 15 07:13:48 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.33: +37 -15 lines
Diff to previous 1.33 (colored)
check return value for setenv(3) for failure, and deal appropriately
Revision 1.33 / (download) - annotate - [select for diffs], Mon Sep 4 19:15:27 2000 UTC (23 years, 8 months ago) by millert
Branch: MAIN
Changes since 1.32: +12 -12 lines
Diff to previous 1.32 (colored)
Check for account expiration before password expiration; sigh@kuzirabekon.econ.nagasaki-u.ac.jp
Revision 1.32 / (download) - annotate - [select for diffs], Thu Aug 24 20:08:06 2000 UTC (23 years, 8 months ago) by millert
Branch: MAIN
Changes since 1.31: +6 -5 lines
Diff to previous 1.31 (colored)
Last change inadvertantly broke non-kerberos logins. It's not clear that the authok flag is really meaningful but keep it for now.
Revision 1.31 / (download) - annotate - [select for diffs], Thu Aug 24 20:05:07 2000 UTC (23 years, 8 months ago) by millert
Branch: MAIN
Changes since 1.30: +4 -4 lines
Diff to previous 1.30 (colored)
Fix non-root kerberos logins broken after rev 1.29. That change was correct but it uncovered a bug that had thusfar stayed hidden due more to serendipity than anything else. Problem found by danh@openbsd.org
Revision 1.30 / (download) - annotate - [select for diffs], Sun Aug 20 18:42:39 2000 UTC (23 years, 9 months ago) by millert
Branch: MAIN
Changes since 1.29: +63 -47 lines
Diff to previous 1.29 (colored)
Add calls to setusercontext() and login_get*(). We basically call setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class.
Revision 1.29 / (download) - annotate - [select for diffs], Mon Jul 17 16:43:14 2000 UTC (23 years, 10 months ago) by millert
Branch: MAIN
Changes since 1.28: +25 -20 lines
Diff to previous 1.28 (colored)
o use strlcpy() where sensible o when trying to login as root on a non-secure tty always say "login refused" regardless of whether the password is correct or not
Revision 1.28 / (download) - annotate - [select for diffs], Thu Dec 30 01:07:23 1999 UTC (24 years, 4 months ago) by ericj
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE,
OPENBSD_2_7
Changes since 1.27: +2 -3 lines
Diff to previous 1.27 (colored)
login already decleared in util.h
Revision 1.27 / (download) - annotate - [select for diffs], Tue Aug 17 09:13:15 1999 UTC (24 years, 9 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.26: +3 -3 lines
Diff to previous 1.26 (colored)
More <sys/file.h> vs. <fcntl.h> and open() flags fixes.
Revision 1.26 / (download) - annotate - [select for diffs], Mon Jul 13 02:11:36 1998 UTC (25 years, 10 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_2_5_BASE,
OPENBSD_2_5,
OPENBSD_2_4_BASE,
OPENBSD_2_4
Changes since 1.25: +5 -4 lines
Diff to previous 1.25 (colored)
ftpd: sleep for an indeterminate amount for non-existant logins
to simulate a crypt, like login does.
Use SEEK_* not L_* and kill some 0L's used in lseek while we're there.
Revision 1.25 / (download) - annotate - [select for diffs], Sun Jul 5 20:30:46 1998 UTC (25 years, 10 months ago) by millert
Branch: MAIN
Changes since 1.24: +18 -3 lines
Diff to previous 1.24 (colored)
No need to call pwcheck() (and hence crypt()) if the user does not exist. The only reason I did that in the first place was to get a fake s/key challenge. Now if the use does not exist we just get the challenge if password was 's/key' else sleep for a bit to make it look like we are doing a crypt().
Revision 1.24 / (download) - annotate - [select for diffs], Thu Mar 26 20:28:11 1998 UTC (26 years, 1 month ago) by art
Branch: MAIN
CVS Tags: OPENBSD_2_3_BASE,
OPENBSD_2_3
Changes since 1.23: +17 -8 lines
Diff to previous 1.23 (colored)
fix cleaning up of bad environment variables (LD_* and IFS), -Wall cleanup and add ability to fetch AFS-tokens for those who happen to have AFS.
Revision 1.23 / (download) - annotate - [select for diffs], Tue Nov 4 19:01:05 1997 UTC (26 years, 6 months ago) by millert
Branch: MAIN
Changes since 1.22: +4 -2 lines
Diff to previous 1.22 (colored)
Do pwcheck() even if the user does not exist. This means that if there is an alternate authentication scheme it will get run even when the username does not exist, preventing an info gathering attack. Short story: for user "imbogus" and pass "s/key" you will get a faked up s/key prompt.
Revision 1.22 / (download) - annotate - [select for diffs], Fri Jun 20 04:55:00 1997 UTC (26 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_2_2_BASE,
OPENBSD_2_2
Changes since 1.21: +5 -4 lines
Diff to previous 1.21 (colored)
do not screw up setenv()
Revision 1.21 / (download) - annotate - [select for diffs], Mon Jun 2 03:08:55 1997 UTC (26 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.20: +8 -3 lines
Diff to previous 1.20 (colored)
if hostname==domainname and has only one dot, trim less severely for -h option; based on code from wisner@gryphon.com
Revision 1.20 / (download) - annotate - [select for diffs], Sat Apr 19 21:01:12 1997 UTC (27 years, 1 month ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_2_1_BASE,
OPENBSD_2_1
Changes since 1.19: +7 -5 lines
Diff to previous 1.19 (colored)
strncpy paranoia, how much do you trust getpwent?
Revision 1.19 / (download) - annotate - [select for diffs], Sun Feb 16 04:39:07 1997 UTC (27 years, 3 months ago) by downsj
Branch: MAIN
Changes since 1.18: +4 -3 lines
Diff to previous 1.18 (colored)
/sbin/nologin implies hushlogin.
Revision 1.18 / (download) - annotate - [select for diffs], Tue Feb 4 03:39:11 1997 UTC (27 years, 3 months ago) by flipk
Branch: MAIN
Changes since 1.17: +9 -5 lines
Diff to previous 1.17 (colored)
make it compile if KERBEROS{,5} not defined
Revision 1.17 / (download) - annotate - [select for diffs], Mon Jan 27 20:44:14 1997 UTC (27 years, 3 months ago) by dm
Branch: MAIN
Changes since 1.16: +6 -2 lines
Diff to previous 1.16 (colored)
security
Revision 1.16 / (download) - annotate - [select for diffs], Wed Jan 15 23:43:03 1997 UTC (27 years, 4 months ago) by millert
Branch: MAIN
Changes since 1.15: +3 -3 lines
Diff to previous 1.15 (colored)
getopt(3) returns -1 when out of args, not EOF, whee!
Revision 1.15 / (download) - annotate - [select for diffs], Sun Dec 22 03:25:55 1996 UTC (27 years, 5 months ago) by tholo
Branch: MAIN
Changes since 1.14: +6 -3 lines
Diff to previous 1.14 (colored)
Deal with _POSIX_SAVED_IDS when relinquishing privileges
Revision 1.14 / (download) - annotate - [select for diffs], Wed Dec 4 04:04:41 1996 UTC (27 years, 5 months ago) by millert
Branch: MAIN
Changes since 1.13: +36 -20 lines
Diff to previous 1.13 (colored)
Implement -u (remote user) option for login (only root may use it). We now store remote user in failedlogin struct too. Also add REMOTEHOST and REMOTEUSER environmental vars.
Revision 1.13 / (download) - annotate - [select for diffs], Sat Nov 9 20:17:17 1996 UTC (27 years, 6 months ago) by millert
Branch: MAIN
Changes since 1.12: +8 -2 lines
Diff to previous 1.12 (colored)
Adds support for logging and reporting on failed login attempts via sparse file /var/log/failedlogin.
Revision 1.12 / (download) - annotate - [select for diffs], Sat Nov 9 07:43:22 1996 UTC (27 years, 6 months ago) by millert
Branch: MAIN
Changes since 1.11: +5 -5 lines
Diff to previous 1.11 (colored)
Ensure that username is initialized to NULL.
Revision 1.11 / (download) - annotate - [select for diffs], Sat Nov 9 06:39:41 1996 UTC (27 years, 6 months ago) by millert
Branch: MAIN
Changes since 1.10: +16 -2 lines
Diff to previous 1.10 (colored)
Log failures if user closes network session while in username/password prompt phase. Previously the SIGHUP was not catched and so failures were not logged. Noticed by bitblt.
Revision 1.10 / (download) - annotate - [select for diffs], Tue Nov 5 18:23:49 1996 UTC (27 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.9: +2 -5 lines
Diff to previous 1.9 (colored)
dialup stuff is garbage
Revision 1.9 / (download) - annotate - [select for diffs], Thu Oct 31 03:22:10 1996 UTC (27 years, 6 months ago) by millert
Branch: MAIN
Changes since 1.8: +12 -2 lines
Diff to previous 1.8 (colored)
Strip out $LD_* and $IFS if given -p. Code taken from telnetd.
Revision 1.8 / (download) - annotate - [select for diffs], Wed Oct 23 01:28:56 1996 UTC (27 years, 7 months ago) by millert
Branch: MAIN
Changes since 1.7: +3 -6 lines
Diff to previous 1.7 (colored)
skey_authenticate() now fakes up a challenge if user does not have an entry in the keys file. Don't want to give info to information gathering attack.
Revision 1.7 / (download) - annotate - [select for diffs], Wed Sep 18 20:39:06 1996 UTC (27 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_2_0_BASE,
OPENBSD_2_0
Changes since 1.6: +4 -7 lines
Diff to previous 1.6 (colored)
block info gathering attack; netbsd pr#2768; daw@panix.com
Revision 1.6 / (download) - annotate - [select for diffs], Wed Jul 31 12:21:43 1996 UTC (27 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.5: +4 -2 lines
Diff to previous 1.5 (colored)
fbtab support from wietse
Revision 1.5 / (download) - annotate - [select for diffs], Sat Jul 20 09:10:59 1996 UTC (27 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.4: +8 -2 lines
Diff to previous 1.4 (colored)
use euid/egid to get into homedir; from dean@fsa.ca
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jun 26 05:36:01 1996 UTC (27 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +2 -1 lines
Diff to previous 1.3 (colored)
rcsid
Revision 1.3 / (download) - annotate - [select for diffs], Wed May 22 11:35:24 1996 UTC (28 years ago) by deraadt
Branch: MAIN
Changes since 1.2: +3 -2 lines
Diff to previous 1.2 (colored)
libutil
Revision 1.2 / (download) - annotate - [select for diffs], Wed Nov 15 06:27:30 1995 UTC (28 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.1: +2 -0 lines
Diff to previous 1.1 (colored)
do not credit UCB if we are not prepared to credit everyone
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Wed Oct 18 08:45:34 1995 UTC (28 years, 7 months ago) by deraadt
CVS Tags: netbsd_1_1
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
initial import of NetBSD tree
Revision 1.1 / (download) - annotate - [select for diffs], Wed Oct 18 08:45:34 1995 UTC (28 years, 7 months ago) by deraadt
Branch: MAIN
Initial revision