| 259065 |
07-Dec-2013 |
gjb |
- Copy stable/10 (r259064) to releng/10.0 as part of the
10.0-RELEASE cycle.
- Update __FreeBSD_version [1]
- Set branch name to -RC1
[1] 10.0-CURRENT __FreeBSD_version value ended at '55', so
start releng/10.0 at '100' so the branch is started with
a value ending in zero.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation |
| 256281 |
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
|
| 246873 |
16-Feb-2013 |
dim |
In contrib/opie/opiekey.c, use the correct length to zero the secret.
Found by: clang ToT
Reviewed by: delphij
MFC after: 3 days
|
| 243933 |
06-Dec-2012 |
eadler |
Clean up hardcoded ar(1) flags in the tree to use the global ARFLAGS in
share/mk/sys.mk instead.
This is part of a medium term project to permit deterministic builds of
FreeBSD.
Submitted by: Erik Cederstrand <erik@cederstrand.dk>
Reviewed by: imp, toolchain@
Approved by: cperciva
MFC after: 2 weeks
|
| 239169 |
10-Aug-2012 |
delphij |
RFC 2289 requires all hashes be stored in little endian format before
folding to 64 bits, while SHA1 code is big endian. Therefore, a bswap32
is required before using the value.
Without this change, the implementation does not conform to test vector
found in RFC 2289.
PR: bin/170519
Submitted by: Arthur Mesh <arthurmesh gmail com> (with changes)
MFC after: 1 week
|
| 208586 |
27-May-2010 |
cperciva |
Change the current working directory to be inside the jail created by
the jail(8) command. [10:04]
Fix a one-NUL-byte buffer overflow in libopie. [10:05]
Correctly sanity-check a buffer length in nfs mount. [10:06]
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-10:04.jail
Security: FreeBSD-SA-10:05.opie
Security: FreeBSD-SA-10:06.nfsclient
|
| 202086 |
11-Jan-2010 |
ed |
Don't include <utmp.h> when using <utmpx.h>.
libopie includes both <utmp.h> and <utmpx.h> in this case and uses some
#defines to let the code use struct utmpx and its utility functions.
We'd better not include <utmp.h> here, because maybe it will not be
present in the future.
|
| 187920 |
30-Jan-2009 |
gabor |
- Remove non-existing reference
- Fix trailing comma
PR: docs/85118
Submitted by: vs
MFC after: 3 days
|
| 156997 |
22-Mar-2006 |
cperciva |
Add missing code needed for the detection of IPSec packet replays. [1]
Correctly identify the user running opiepasswd(1) when the login name
differs from the account name. [2]
Security: FreeBSD-SA-06:11.ipsec [1]
Security: FreeBSD-SA-06:12.opie [2]
|
| 148506 |
29-Jul-2005 |
ache |
Create /etc/opiekeys with 0600, not 0644
PR: 84221
|
| 117501 |
13-Jul-2003 |
kris |
FreeBSD does not use this code, but ftpd_popen() contains a buffer overflow.
We might as well patch it.
Submitted by: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>
PR: bin/23352
MFC After: The average time before an unpatched Windows 2000 server gets owned
|
| 109680 |
22-Jan-2003 |
des |
When computing a new seed for an existing user, opienewseed() would
incorrectly compute the length of the numeric portion of the previous
seed, causing the new seed to be one character shorter than the old
one.
This patch has been submitted to the vendor; I'm committing it right
away since the file is already off the vendor branch.
MFC after: 3 days
|
| 92914 |
21-Mar-2002 |
markm |
Resolve conflicts.
|
| 92907 |
21-Mar-2002 |
markm |
This commit was generated by cvs2svn to compensate for changes in r92906,
which included commits to RCS files with non-trunk default branches.
|
| 89766 |
24-Jan-2002 |
ache |
Zeroing memset() in opiechallenge() really is not needed because it is the
very first thing immediately following opielookup() does being entered, i.e.
look at this:
int opielookup FUNCTION((opie, principal), struct opie *opie AND char
*principal
)
{
int i;
memset(opie, 0, sizeof(struct opie));
...
|
| 89135 |
09-Jan-2002 |
joerg |
Make the -a flag to opiekey(1) actually work as advertised.
Reviewed by: ache, audit, security
MFC after: 1 week
|
| 88845 |
03-Jan-2002 |
ache |
Repo copied to /usr/src/lib/libopie/
|
| 82495 |
29-Aug-2001 |
ache |
Add heuristic to detect SSH connection (in the same style as other
heuristics already here which not supposed to be secure, just helpers).
Approved by: security@ silence
|
| 81973 |
20-Aug-2001 |
markm |
Fix overflow problem when giving a username that is too long.
Also minor declaration/header fixes while auditing the code.
|
| 81596 |
13-Aug-2001 |
ache |
Fix uninitialized "force" variable.
PR: 23203
Submitted by: fenner
Approved by: markm
|
| 79711 |
14-Jul-2001 |
markm |
Fix SHA1 hashing.
|
| 79710 |
14-Jul-2001 |
markm |
Usse a better method to get a user's credentials, as uid's may be
legally duplicated.
Requested by: ache
|
| 79634 |
12-Jul-2001 |
ru |
Eliminate troff(1) warnings that were hiding some useful text.
|
| 78644 |
23-Jun-2001 |
ache |
Make the similar changes as in our keyinfo, i.e. allow user to get his own
sequence and allow root to get everybody's one. Before this change user
can't get his own sequence, root required.
|
| 73570 |
05-Mar-2001 |
kris |
This commit was generated by cvs2svn to compensate for changes in r73569,
which included commits to RCS files with non-trunk default branches.
|
| 62877 |
10-Jul-2000 |
kris |
Correct security hole in setproctitle(). We don't compile this code, but
having the security hole there makes my skin itch.
|
| 60572 |
15-May-2000 |
kris |
Add some extra functions adapted from OpenBSD, in preparation for
OpenSSH OPIE support.
|
| 59300 |
17-Apr-2000 |
kris |
Allow applications to disable the installation of the atexit() handler
which cleans up OPIE lockfiles. This is required for pam_opie.
Submitted by: Jim Bloom <bloom@acm.org>
|
| 59121 |
10-Apr-2000 |
kris |
Resolve conflicts
|
| 59119 |
10-Apr-2000 |
kris |
This commit was generated by cvs2svn to compensate for changes in r59118,
which included commits to RCS files with non-trunk default branches.
|
| 56297 |
19-Jan-2000 |
chris |
- Use proper markup for a section header.
- Replace nonexistent OPIE_PROMPT_MAX with OPIE_CHALLENGE_MAX
PR: 16209
Submitted by: Tetsuro Furuya <tfuruya@ppp142197.asahi-net.or.jp>
|
| 39012 |
09-Sep-1998 |
imp |
sprintf -> snprintf
|
| 37304 |
30-Jun-1998 |
bde |
Fixed printf format errors.
|
| 36982 |
14-Jun-1998 |
steve |
'They They' -> 'They'
PR: 6912
Submitted by: Stefan Eggers <seggers@semyam.dinoco.de>
|
| 31940 |
22-Dec-1997 |
alex |
YTK fix.
|
| 31433 |
27-Nov-1997 |
steve |
Make this manpage reveal its true identity. A diff of these
changes has also been sent to opie-bugs@inner.net.
PR: 5129
Submitted by: jkh
|
| 30035 |
01-Oct-1997 |
ache |
Move locks from /etc/opielocks to /var/run/opielocks to keep
/etc non-writeable as possible
|
| 29976 |
29-Sep-1997 |
ache |
This commit was generated by cvs2svn to compensate for changes in r29975,
which included commits to RCS files with non-trunk default branches.
|
| 29972 |
29-Sep-1997 |
ache |
Oops, __END_DECLS was in wrong place
|
| 29969 |
29-Sep-1997 |
ache |
Not used in this version
|
| 29968 |
29-Sep-1997 |
ache |
Moved to libopie
|
| 29967 |
29-Sep-1997 |
ache |
Merge
|
| 29965 |
29-Sep-1997 |
ache |
This commit was generated by cvs2svn to compensate for changes in r29964,
which included commits to RCS files with non-trunk default branches.
|
| 29068 |
03-Sep-1997 |
pst |
Remove bits of libmissing we don't care about.
|
| 28810 |
26-Aug-1997 |
pst |
Update synopsis. A partial fix has also been submitted to opie@bugs@inner.net
Submitted by: bde
|
| 27925 |
05-Aug-1997 |
ache |
Detect null secret as error, it is temp. fix until next release
Submitted by: Craig Metz <cmetz@inner.net>
|
| 23540 |
08-Mar-1997 |
pst |
Make OPIE's public API use BSD conventions.
|
| 22373 |
07-Feb-1997 |
pst |
Config information for FreeBSD
|
| 22372 |
07-Feb-1997 |
pst |
Minimal man page changes to reflect integrated ftpd/login/su
|
| 22371 |
07-Feb-1997 |
pst |
Disconnect OPIE from internal MD4/5 routines
|
| 22348 |
06-Feb-1997 |
pst |
This commit was generated by cvs2svn to compensate for changes in r22347,
which included commits to RCS files with non-trunk default branches.
|