summaryrefslogtreecommitdiff
path: root/src/lib/libc/crypt (follow)
Commit message (Collapse)AuthorAgeFilesLines
* remove unused blowfish inline definesjsg2022-08-281-8/+1
| | | | inline use was removed in 1998
* fix indenttb2022-07-311-2/+2
|
* Randomise the rekey interval a little. Previously, the chacha20djm2022-07-311-2/+8
| | | | | | | instance would be rekeyed every 1.6MB. This makes it happen at a random point somewhere in the 1-2MB range. Feedback deraadt@ visa@, ok tb@ visa@
* Remove unused ivbits argument from chacha_keysetup to match otherdtucker2022-02-282-4/+4
| | | | instances in the tree. ok deraadt@
* Niels agreed to remove the advertising clause; switching thesedjm2021-11-292-11/+5
| | | | to 3-term BSD license.
* add missing .h file includederaadt2021-10-291-2/+3
| | | | from Emil Engler
* Add support for timeconting in userland.pirofti2020-07-061-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | This diff exposes parts of clock_gettime(2) and gettimeofday(2) to userland via libc eliberating processes from the need for a context switch everytime they want to count the passage of time. If a timecounter clock can be exposed to userland than it needs to set its tc_user member to a non-zero value. Tested with one or multiple counters per architecture. The timing data is shared through a pointer found in the new ELF auxiliary vector AUX_openbsd_timekeep containing timehands information that is frequently updated by the kernel. Timing differences between the last kernel update and the current time are adjusted in userland by the tc_get_timecount() function inside the MD usertc.c file. This permits a much more responsive environment, quite visible in browsers, office programs and gaming (apparently one is are able to fly in Minecraft now). Tested by robert@, sthen@, naddy@, kmos@, phessler@, and many others! OK from at least kettenis@, cheloha@, naddy@, sthen@
* zap trailing whitespace;jmc2019-09-291-3/+3
|
* Xr random 4 in a better wayderaadt2019-09-281-3/+5
|
* correct mispellings of EACCES; from Kris Katterjohnlibressl-v3.0.0deraadt2019-07-291-3/+3
|
* In the incredibly unbelievable circumstance where _rs_init() fails toderaadt2019-03-241-2/+2
| | | | | | | | | allocate pages, don't call abort() because of corefile data leakage concerns, but simply _exit(). The reasoning is _rs_init() will only fail if someone finds a way to apply specific pressure against this failure point, for the purpose of leaking information into a core which they can read. We don't need a corefile in this instance to debug that. So take this "lever" away from whoever in the future wants to do that.
* include stdint.h over sys/types.hbcook2019-01-201-2/+2
| | | | ok deraadt@ tedu@
* zap trailing whitespace;jmc2017-07-221-2/+2
|
* rework the page a bit, clarify a few things, maybe better wordingtedu2017-07-221-8/+13
|
* Pull in <time.h> for clock_gettime()guenther2016-08-261-1/+2
| | | | ok deraadt@
* increase the minimum for auto rounds to 6. that was the previous low boundtedu2016-06-261-2/+2
| | | | for login.conf, and we don't want to go lower.
* for some time now mandoc has not required MLINKS to functionjmc2016-03-301-8/+1
| | | | | | | | | | | | correctly - logically complete that now by removing MLINKS from base; authors need only to ensure there is an entry in NAME for any function/ util being added. MLINKS will still work, and remain for perl to ease upgrades; ok nicm (curses) bcook (ssl) ok schwarze, who provided a lot of feedback and assistance ok tb natano jung
* update NAME section to include all documented functions,jmc2015-11-101-3/+3
| | | | | | or otherwise change Dt to reflect the name of an existing function; feedback/ok schwarze
* Wrap <pwd.h> so that calls go direct and the symbols are all weak.guenther2015-09-132-7/+8
| | | | Hide bcrypt_autorounds(), prefixing with an underbar for static builds.
* The number of rounds is just two digits in the salt. We've alreadymillert2015-09-131-2/+2
| | | | | verified that they are there via isdigit() so we can convert from ASCII to an int without using atoi(). OK guenther@ deraadt@
* Wrap <stdlib.h> so that calls go direct and the symbols not in theguenther2015-09-132-2/+5
| | | | | | C standard are all weak. Apply __{BEGIN,END}_HIDDEN_DECLS to gdtoa{,imp}.h, hiding the arch-specific __strtorx, __ULtox_D2A, __strtorQ, __ULtoQ_D2A symbols.
* Wrap <unistd.h> so that internal calls go direct and they're all weak symbolsguenther2015-09-122-2/+6
| | | | Delete unused 'fd' argument from internal function oldttyname()
* Wrap blowfish, sha*, md5, and rmd160 so that internal calls go directguenther2015-09-111-1/+14
| | | | ok deraadt@
* Add support for building arc4random with MSVC.bcook2015-09-101-7/+8
| | | | | | | By default, MSVC's stdlib.h defines min(), so we need to spell out something less common to avoid picking it up. ok deraadt@ beck@ miod@
* call it bcrypt in the man page tootedu2015-07-231-3/+3
|
* permit "bcrypt" as an alias for "blowfish". this is, after all, whattedu2015-07-231-11/+27
| | | | | | | 99% of the world calls it. allow just "bcrypt" without params to mean auto-tune ("bcrypt,a"). default remains 8 rounds (for now) ok deraadt
* Unbreak, add errno headerjeremy2015-07-181-1/+2
| | | | OK tedu@
* set errno in null cases, just in case.tedu2015-07-181-2/+3
|
* standards compliant error return (null). will make ruby happier, at least.tedu2015-07-181-5/+2
| | | | ok deraadt jeremy
* If crypt(3) is called with an unknown setting, return NULL insteadbluhm2015-05-131-1/+3
| | | | | of some undefined value. OK tedu@
* bludgeon DES support out of crypt. long live the bcrypt.tedu2015-04-062-761/+9
|
* we don't let strtonum errors bleed through now.tedu2015-02-241-4/+2
|
* Set errno to EINVAL, instead of letting ERANGE escape out.tedu2015-02-241-2/+4
| | | | | | Printing strerror() in that case will say result too large, even if rounds is actually too small. invalid is less specific, but less incorrect. ok millert
* use a width specifier for lists, and Sq rather than Dq for single lettersjmc2015-02-111-3/+3
| | | | to avoid swamping it;
* the possible algos for pref should be documented heretedu2015-02-111-4/+11
|
* dial the time back to about 0.1s, closer to the original targets andtedu2015-01-281-4/+4
| | | | friendlier for users. requested by deraadt
* Move to the <limits.h> universe.deraadt2015-01-162-4/+2
| | | | review by millert, binary checking process with doug, concept with guenther
* remove unused variablechl2015-01-151-2/+1
| | | | ok tedu@
* back in september I did the large abstraction refactoring to allow thesederaadt2015-01-152-2/+4
| | | | other systems to fit into the same mold, so add copyright
* rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks,tedu2015-01-121-9/+9
| | | | nor are they the same size.
* stupid me. need errno.htedu2015-01-071-1/+2
|
* set errno = EINVAL for invalid salts and hashes in most functions.tedu2015-01-071-12/+20
| | | | | | | remember to set EACCES in bcrypt_checkpass for hash differences. the higher level crypt_checkpass function will reset errno to EACCES in all cases, which is probably the right behavior, but this change gives code working with the lower level functions the correct errno if they care.
* convert clock() to clock_gettime() for improved precision (and accuracy?)tedu2015-01-051-7/+9
| | | | | guenther suggested using thread time, which actually may improve accuracy if somebody puts this in a threaded program.
* copy bcrypt autotune from encrypt(1) and expose via crypt_newhashtedu2014-12-302-5/+43
| | | | ok deraadt miod
* simplify crypt_checkpass. The API promise is that this function doesn'ttedu2014-12-241-11/+5
| | | | | | | | | use global data. The simplest fix is to only check blowfish passwords, and implicitly lock out DES passwords. crypt_checkpass is currently only used in one place, passwd, to verify the local user's password, so this is probably acceptable. Gives people a little more time to migrate away from DES before introduing checkpass into more places.
* delete documentation for deleted DES interfacestedu2014-12-082-87/+3
|
* remove setkey and encrypt interfaces. they are useless and dangerous.tedu2014-12-083-116/+9
| | | | ok deraadt naddy
* macro cleanup; kaspars at bankovskis dot netschwarze2014-12-022-49/+55
|
* rand48(3) not drand48(3) to align with the actual man page and Xrmillert2014-11-251-3/+3
| | | | entries.
* no need for md5 xrtedu2014-11-251-3/+2
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 16:52:48 +0000