| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
can be found.
Submitted by: Bruce
Notes:
svn path=/head/; revision=43152
|
| |
|
|
| |
Notes:
svn path=/head/; revision=43092
|
| |
|
|
|
|
|
|
|
| |
the Makefile handles des support by just including the single .c file.
Reviewed by: Mark Murray
Notes:
svn path=/head/; revision=42982
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Secure Hashing Algorithm - 1 (SHA-1), along with the further
refinement of what $x$salt$hash means. With this new crypt the
following are all acceptable:
$1$
$MD5$
$SHA1$
Note: $2$ is used by OpenBSD's Blowfish, which I considered adding
as $BF$, but there is no actual need for it with SHA-1. However,
somebody wishing to add OpenBSD password support could easilly add
it in now.
There is also a malloc_crypt() available in the library now, which
behaves exactly the same as crypt(), but it uses a malloced buffer
instead of a static buffer. However, this is not standard so will
likely not be used much (at all).
Also, for those interested I did a brief speed test Pentium 166/MMX,
which shows the DES crypt to do approximately 2640 crypts a CPU second,
MD5 to do about 62 crypts a CPU second and SHA1 to do about 18 crypts
a CPU second.
Reviewed by: Mark Murray
Notes:
svn path=/head/; revision=42981
|
| |
|
|
|
|
|
| |
link. Shared libraries are in ${SHLIBDIR}, not necessarily in ${LIBDIR}.
Notes:
svn path=/head/; revision=38753
|
| |
|
|
| |
Notes:
svn path=/head/; revision=38635
|
| |
|
|
| |
Notes:
svn path=/head/; revision=38632
|
| |
|
|
|
|
|
| |
between libscrypt.a and libdescrypt.a
Notes:
svn path=/head/; revision=36443
|
| |
|
|
|
|
|
|
| |
add the required extra symlink. Set the -soname to libcrypt.so so that
the symlink is used at runtime rather than resolved at compile time.
Notes:
svn path=/head/; revision=29146
|
| |
|
|
| |
Notes:
svn path=/head/; revision=22993
|
| |
|
|
|
|
|
|
|
|
|
| |
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
Notes:
svn path=/head/; revision=21673
|
| |
|
|
|
|
|
|
| |
Submitted by: Craig Leres <leres@ee.lbl.gov>
Submitted by: Theo Deraadt <deraadt@theos.com>
Notes:
svn path=/head/; revision=18918
|
| |
|
|
|
|
|
| |
Submitted-By: Kent Vander Velden <graphix@iastate.edu>
Notes:
svn path=/head/; revision=17141
|
| |
|
|
| |
Notes:
svn path=/head/; revision=8870
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
$(DESTDIR)/$(LIBDIR) (I need SHLIBDIR. The / was a bug and the
$(...) style was inconsistent.)
Install ordinary libraries in ${DESTDIR}${LIBDIR} instead of in
$(DESTDIR)/$(LIBDIR).
Change remaining $(...) to ${...}.
Notes:
svn path=/head/; revision=4454
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This effectively changes the non-DES password algoritm.
If you have the "securedist" installed you will have no problems with this.
(Though you might want to consider using this password-encryption instead
of the DES-based if your system is likely to be hacked)
If you are running a -current system without the "securedist" installed:
YOU WILL NEED TO CHANGE ALL PASSWORDS !! There is no backwards mode.
Suggested procedure is:
Update your sources
cd /usr/src/lib/libcrypt
make clean
make all
make install
passwd root
<set roots new password>
change password for any other users on the system.
This algorithm is expected to be much better than the traditional DES-
based algorithm. It uses the MD5 algorithm at what it is best at, as
opposed to the DES algorithm at something it isn't good at at all. The
algorithm is designed such that it should very hard to shortcut the
calculations needed to build a dictionary, and to make partial knowledge
(Hmm, his password starts with a 'P'...) useless. Of course if somebody
breaks the MD5 algorithm this looses too.
The salt is 48 bits (8 char @ base64).
The encrypted password is 128 bits.
And I am positively delighted to say that it takes 34 msec to crypt() a
password on a Pentium/60Mhz, so building a dictionary is not really an
option for hackers at the moment.
Notes:
svn path=/head/; revision=4246
|
| |
|
|
|
|
|
| |
Submitted by: geoff
Notes:
svn path=/head/; revision=2155
|
| |
|
|
|
|
|
| |
Submitted by: Geoff Rehmet
Notes:
svn path=/head/; revision=2045
|
| |
|
|
|
|
|
|
| |
a symlink to it. (The real libcrypt will be installed as libdescrypt.)
Submitted by: Geoff.
Notes:
svn path=/head/; revision=1989
|
|
|
crypt() ripped out
Reviewed by: Geoff Rehmet
Submitted by: Nate Williams
Notes:
svn path=/cvs2svn/branches/natecrypt/; revision=1984
|
