summaryrefslogtreecommitdiff
path: root/src/lib/libc/crypt/cryptutil.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* make login.conf(5) and crypt_newhash(3) and the underlying codederaadt2024-01-221-2/+2
| | | | | | | | consistant regarding bcrypt,a instead of blowfish,a. "blowfish" is a historical alias which we don't need to document as firmly as "bcrypt". report about difficult manual page discovery from ataraxia937 ok millert
* Wrap <pwd.h> so that calls go direct and the symbols are all weak.guenther2015-09-131-5/+3
| | | | Hide bcrypt_autorounds(), prefixing with an underbar for static builds.
* Wrap <unistd.h> so that internal calls go direct and they're all weak symbolsguenther2015-09-121-1/+3
| | | | Delete unused 'fd' argument from internal function oldttyname()
* permit "bcrypt" as an alias for "blowfish". this is, after all, whattedu2015-07-231-11/+27
| | | | | | | 99% of the world calls it. allow just "bcrypt" without params to mean auto-tune ("bcrypt,a"). default remains 8 rounds (for now) ok deraadt
* Set errno to EINVAL, instead of letting ERANGE escape out.tedu2015-02-241-2/+4
| | | | | | Printing strerror() in that case will say result too large, even if rounds is actually too small. invalid is less specific, but less incorrect. ok millert
* remove unused variablechl2015-01-151-2/+1
| | | | ok tedu@
* copy bcrypt autotune from encrypt(1) and expose via crypt_newhashtedu2014-12-301-4/+10
| | | | ok deraadt miod
* simplify crypt_checkpass. The API promise is that this function doesn'ttedu2014-12-241-11/+5
| | | | | | | | | use global data. The simplest fix is to only check blowfish passwords, and implicitly lock out DES passwords. crypt_checkpass is currently only used in one place, passwd, to verify the local user's password, so this is probably acceptable. Gives people a little more time to migrate away from DES before introduing checkpass into more places.
* check crypt() for null. noticed by Jonas Termansentedu2014-11-241-2/+2
|
* Let crypt_checkpass() set EACCES after bcrypt_checkpass() failure;schwarze2014-11-211-2/+4
| | | | ok tedu@
* change prototype for crypt_newhash. the login_cap_t is a holdover from itstedu2014-11-211-8/+4
| | | | | | pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
* add new function crypt_newhash to simplify creating new hashes.tedu2014-11-171-1/+29
| | | | | does most of the work pwd_gensalt did, but also creates the hash. (unused yet)
* remove md5crypt.tedu2014-05-121-0/+54
while changing things, add a crypt_checkpass wrapper that handles most of the edge cases. (not quite ready for production, though.) ok deraadt
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-04 15:30:12 +0000