From e2e79e022bd0815f76ca57243324eb59f75899be Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Thu, 20 Nov 2014 19:18:25 +0000
Subject: split crypt_checkpass off into a new file

---
 src/lib/libc/crypt/crypt_checkpass.3 | 61 ++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100644 src/lib/libc/crypt/crypt_checkpass.3

(limited to 'src/lib/libc/crypt/crypt_checkpass.3')

diff --git a/src/lib/libc/crypt/crypt_checkpass.3 b/src/lib/libc/crypt/crypt_checkpass.3
new file mode 100644
index 0000000000..3a360fb899
--- /dev/null
+++ b/src/lib/libc/crypt/crypt_checkpass.3
@@ -0,0 +1,61 @@
+.\" $OpenBSD: crypt_checkpass.3,v 1.1 2014/11/20 19:18:25 tedu Exp $
+.\"
+.\" Copyright (c) Ted Unangst <tedu@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: November 20 2014 $
+.Dt CRYPT_CHECKPASS 3
+.Os
+.Sh NAME
+.Nm crypt_checkpass ,
+.Nm crypt_newhash
+.Nd password hashing
+.Sh SYNOPSIS
+.In unistd.h
+.Ft int
+.Fn crypt_checkpass "const char *password" "const char *hash"
+.In login_cap.h
+.Ft int
+.Fn crypt_newhash "const char *password" "login_cap_t *lc" "char *hash" "size_t hashsize"
+.Sh DESCRIPTION
+The
+.Fn crypt_checkpass
+function is provided to simplify checking a user's password.
+If both the hash and the password are the empty string, authentication
+is a success.
+Otherwise, the password is hashed and compared to the provided hash.
+If the hash is NULL, authentication will always fail, but a default
+amount of work is performed to simulate the hashing operation.
+A successful match will return 0.
+A failure will return \-1 and set errno.
+.Pp
+The
+.Fn crypt_newhash
+function is provided to simplify the creation of new password hashes.
+The provided
+.Fa password
+is randomly salted and hashed and stored in
+.Fa hash .
+The login class argument
+.Fa lc
+is used to identify the preferred hashing algorithm and parameters.
+Refer to
+.Xr login.conf 5 .
+.Sh RETURN VALUES
+These functions
+return 0 on success and -1 on failure.
+.Sh SEE ALSO
+.Xr crypt 3 ,
+.Xr login.conf 5 ,
+.Xr passwd 5
-- 
cgit v1.2.3-55-g6feb