summaryrefslogtreecommitdiff
path: root/src/lib/libc/crypt (follow)
Commit message (Collapse)AuthorAgeFilesLines
* delete documentation for deleted DES interfacestedu2014-12-082-87/+3
|
* remove setkey and encrypt interfaces. they are useless and dangerous.tedu2014-12-083-116/+9
| | | | ok deraadt naddy
* macro cleanup; kaspars at bankovskis dot netschwarze2014-12-022-49/+55
|
* rand48(3) not drand48(3) to align with the actual man page and Xrmillert2014-11-251-3/+3
| | | | entries.
* no need for md5 xrtedu2014-11-251-3/+2
|
* revert the bludgeoning of DES. if we need a thread safe crypt, maybe it'stedu2014-11-251-31/+33
| | | | better to find one instead of continuing to mangle this mess.
* push some global data down into functions to make this threadlier.tedu2014-11-251-33/+31
| | | | only doing what's needed for crypt_hashpass. sigh.
* introduce a hashspace define and check that there's enough space totedu2014-11-241-15/+10
| | | | write out a hash. also simplify writing out the hash.
* check crypt() for null. noticed by Jonas Termansentedu2014-11-241-2/+2
|
* space needed between macro args and punctuation;jmc2014-11-211-2/+2
|
* add ERRORS, HISTORY, AUTHORS, Copyright year, and some missing macros;schwarze2014-11-211-6/+39
| | | | ok tedu@ on a previous version
* Let crypt_checkpass() set EACCES after bcrypt_checkpass() failure;schwarze2014-11-211-2/+4
| | | | ok tedu@
* change prototype for crypt_newhash. the login_cap_t is a holdover from itstedu2014-11-212-15/+10
| | | | | | pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
* split crypt_checkpass off into a new filetedu2014-11-203-36/+73
|
* add crypt_newhash to NAME and add an MLINK;jmc2014-11-182-4/+6
|
* add new function crypt_newhash to simplify creating new hashes.tedu2014-11-172-3/+46
| | | | | does most of the work pwd_gensalt did, but also creates the hash. (unused yet)
* missing newlinederaadt2014-07-211-1/+2
|
* Move more OS-specific functionality to arc4random.h headers.bcook2014-07-202-6/+14
| | | | | | | | Move <sys/mman.h> and raise(SIGKILL) calls to OS-specific headers. On OpenBSD, move thread_private.h as well to arc4random.h. On Windows, use TerminateProcess on getentropy failure. ok deraadt@
* From ISO/IEC 9899:1999 and 9899:201x,guenther2014-07-201-3/+3
| | | | | | | | | 6.11.5 - Storage-class specifiers: The placement of a storage-class specifier other than at the beginning of the declaration specifiers in a declaration is an obsolescent feature. Diff from Jean-Philippe Ouellet (jean-philippe (at) ouellet.biz)
* arc4random re-seeds with getentropy() now; ok deraadt@ jmc@naddy2014-07-191-3/+3
|
* Change _rs_allocate so it can combine the two regions (rs and rsx)deraadt2014-07-192-28/+25
| | | | | | | | | | into one if a system has an awesome getentropy(). In that case it is valid to totally throw away the rsx state in the child. If the getentropy() is not very good and has a lazy reseed operation, this combining is a bad idea, and the reseed should probably continue to use the "something old, something new" mix. _rs_allocate() can accomodate either method, but not on the fly. ok matthew
* Seperate arc4random's os-dependent parts into static inline functions,deraadt2014-07-182-36/+57
| | | | | making it much easier for libressl -portable to fill in the gaps. ok bcook beck
* "Race-free because we're running single-threaded in a newderaadt2014-07-171-1/+5
| | | | | address space, and once allocated rs is never deallocated." document the forkhandler to save reviewers time, with matthew
* #ifdef wrap the _rs_forkhandlerderaadt2014-07-161-1/+3
|
* added handler for an atfork hook from kettenis@bcook2014-07-161-1/+10
| | | | ok deraadt@ beck@ kettenis@
* While we thought this would make portable life easier it actuallybeck2014-07-131-3/+1
| | | | | makes it much harder. ok bcook@ kettenis@
* Wrap "thread_private.h" with #ifdef __OpenBSD__ so that other systemsderaadt2014-07-121-1/+3
| | | | | | can copy this file (plus chacha_private.h) directly and reuse it trivially. Well, as long as they have a getentropy() as well.. ok beck
* Split arc4random_uniform into it's own file, to assist other projectsderaadt2014-07-123-39/+60
| | | | | | now using this as upstream code. The particular problem is systems that contain older arc4random derivations lacking arc4random_uniform(). ok tedu miod
* Clean up after arc4random u_int32_t uint32_t changebeck2014-07-091-5/+5
| | | | ok jsing@
* changes to improve portabilitybcook2014-07-091-10/+11
| | | | ok beck@ deraadt@ jsing@ guenther@
* re-init and init code paths are now more shared, so the getpid()-basedderaadt2014-06-271-2/+3
| | | | portable code path must handle that; with brent cook
* Add back an #ifndef MAP_INHERIT_ZERO chunk to support the old getpid()deraadt2014-06-261-1/+13
| | | | | mechanism, to aid in portability to other systems as requested. ok matthew
* document why we explicit_bzeroderaadt2014-06-251-2/+2
|
* arc4random: hard fail with raise(SIGKILL) if getentropy() returns -1matthew2014-06-201-3/+4
| | | | | | | Allow other non-zero return values in case we change our mind to return an ssize_t byte count instead of simple success/fail. ok deraadt, djm
* Move rs_chacha and rs_buf into the same memory page and don't mark itmatthew2014-06-191-22/+31
| | | | | | | | | MAP_INHERIT_ZERO anymore. This restores arc4random's previous behavior where fork children would mix in some randomness from the parent process. New behavior noticed by deraadt ok deraadt, tedu
* Use MAP_INHERIT_ZERO in arc4random(3)matthew2014-06-171-37/+44
| | | | | | | | Now instead of calling getpid() each time a user invokes arc4random(), we're able to rely on the kernel zero'ing out the RNG state if the process forks. ok deraadt, djm
* For now... assume success of getentropy() just like we assumed successderaadt2014-06-131-3/+3
| | | | of sysctl(). Mark it with XXX while we consider.
* use getgentropy() call. If it fails, things are pretty bad --deraadt2014-06-131-8/+3
| | | | | call abort(). this direction discussed at length with miod beck tedu matthew etc
* Delete the extraneous "return" statement at the end of a void function.jca2014-05-311-2/+1
| | | | From Fritjof Bornebusch.
* Add missing header needed by isdigit().chl2014-05-171-4/+5
| | | | | | While there, sort headers. ok tedu@
* refactor some of the des crypt code to use fewer globals.tedu2014-05-172-42/+45
| | | | ok miod
* update NAME and MLINKS for previous;jmc2014-05-162-5/+7
|
* document crypt_checkpasstedu2014-05-161-1/+14
|
* use $2b in the bcrypt example, ok tedusthen2014-05-161-3/+3
|
* remove md5crypt.tedu2014-05-125-195/+65
| | | | | | while changing things, add a crypt_checkpass wrapper that handles most of the edge cases. (not quite ready for production, though.) ok deraadt
* missing NULL checks to see if init is needed. found hard way by deraadt.tedu2014-05-061-3/+3
|
* fix stupid committedu2014-05-061-5/+5
|
* use explicit_bzerotedu2014-05-061-5/+5
|
* clear a stack buffer with explicit_bzerotedu2014-05-061-2/+2
|
* move chacha context and buffer out of bss and allow mmap to place themtedu2014-05-061-6/+16
| | | | wherever it decides it would like them. first step. ok deraadt dlg djm
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-17 06:04:55 +0000