summaryrefslogtreecommitdiffstats
path: root/lib/libcrypt/Makefile
Commit message (Collapse)AuthorAgeFilesLines
* MAN[1-9] -> MAN.ru2001-03-271-1/+1
|
* Help standalone builds by getting libutil.h from src/lib/libutilpeter2001-03-211-1/+1
|
* Add OpenBSD-style blowfish password hashing. This makes one lessmarkm2001-03-111-2/+2
| | | | | | | | | | gratuitous difference between us and our sister project. This was given to me _ages_ ago. May apologies to Paul for the length of time its taken me to commit. Obtained from: Niels Provos <provos@physnet.uni-hamburg.de>/OpenBSD Submitted by: Paul Herman <pherman@frenchfries.net>
* Merge into a single US-exportable libcrypt, which only providespeter2000-12-281-54/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | one-way hash functions for authentication purposes. There is no more "set the libcrypt->libXXXcrypt" nightmare. - Undo the libmd.so hack, use -D to hide the md5c.c internals. - Remove the symlink hacks in release/Makefile - the algorthm is set by set_crypt_format() as before. If this is not called, it tries to heuristically figure out the hash format, and if all else fails, it uses the optional auth.conf entry to chose the overall default hash. - Since source has non-hidden crypto in it there may be some issues with having the source it in some countries, so preserve the "secure/*" division. You can still build a des-free libcrypt library if you want to badly enough. This should not be a problem in the US or exporting from the US as freebsd.org had notified BXA some time ago. That makes this stuff re-exportable by anyone. - For consistancy, the default in absence of any other clues is md5. This is to try and minimize POLA across buildworld where folk may suddenly be activating des-crypt()-hash support. Since the des hash may not always be present, it seemed sensible to make the stronger md5 algorithm the default. All things being equal, no functionality is lost. Reviewed-by: jkh (flame-proof suit on)
* How did you sneak in...green2000-08-221-1/+1
|
* Add working and easy crypt(3)-switching. Yes, we need a whole new APIgreen2000-08-221-1/+2
| | | | | | | | | | | | | | for crypt(3) by now. In any case: Add crypt_set_format(3) + documentation to -lcrypt. Add login_setcryptfmt(3) + documentation to -lutil. Support for switching crypt formats in passwd(8). Support for switching crypt formats in pw(8). The simple synopsis is: edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :) Reviewed by: peter
* Zap SHA1 password support. This will be re-implemented at a later date.kris2000-01-071-2/+2
|
* Remove -lmd. Use dlopen() and dlsym() instead for calls to the MD5* andpeter1999-12-171-3/+0
| | | | | SHA* routines so that callers of libcrypt are not exposed to the internal implementation.
* Someone changed major numbers of the libraries from 2 to 3 for 0 (zero) reasons.dt1999-09-211-1/+1
| | | | | | | | | Revert the major number back to 2. libcrypt only export one function, before the recent changes and now: char *crypt(const char *key, const char *salt); The prototype didn't changed. Internal representation of `char' and `char *' didn't changed. Therefore, there is no reason to change the version number.
* Somebody deleted the SONAME override causing the symlink to be expandedpeter1999-09-211-0/+4
| | | | | at link time and the target name compiled into the binaries. ie: everything used libscrypt or libdescrypt explicitly.
* Big code cleanup. (Inspired by Brandon Gillespie). Also move asmarkm1999-09-201-15/+35
| | | | much as possible away from secure/ to make extending easier.
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* Simplified using new SYMLINKS macro, mainly to test this macro. Thebde1999-03-231-26/+15
| | | | | | | | | | ifdefs are too ugly for this to be much of a simplification. The existence tests are even uglier now. Note that the previous commit was not submitted by me. It missed the point and just added a second layer of unused removals. Fixed hard-coded "libcrypt"s. The LCRYPTBASE macro mainly makes things hard to read, but use it while we have it.
* Fix symlinking. Without the -f "force" option, the wrong versionmarkm1999-01-241-4/+4
| | | | | can be found. Submitted by: Bruce
* The new crypt code broke "make world". Back it out.markm1999-01-231-27/+27
|
* Rewrite of crypt library to be more modular, and addition of thebrandon1999-01-211-27/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | Secure Hashing Algorithm - 1 (SHA-1), along with the further refinement of what $x$salt$hash means. With this new crypt the following are all acceptable: $1$ $MD5$ $SHA1$ Note: $2$ is used by OpenBSD's Blowfish, which I considered adding as $BF$, but there is no actual need for it with SHA-1. However, somebody wishing to add OpenBSD password support could easilly add it in now. There is also a malloc_crypt() available in the library now, which behaves exactly the same as crypt(), but it uses a malloced buffer instead of a static buffer. However, this is not standard so will likely not be used much (at all). Also, for those interested I did a brief speed test Pentium 166/MMX, which shows the DES crypt to do approximately 2640 crypts a CPU second, MD5 to do about 62 crypts a CPU second and SHA1 to do about 18 crypts a CPU second. Reviewed by: Mark Murray
* Fixed the elf case of the creation of the libcrypt.so -> libscrypt->sobde1998-09-021-2/+2
| | | | link. Shared libraries are in ${SHLIBDIR}, not necessarily in ${LIBDIR}.
* BINFORMAT -> OBJFORMAT ready for E-day.jb1998-08-301-3/+3
|
* BINFORMAT -> OBJFORMAT ready for E-day.jb1998-08-301-2/+2
|
* Turn on the rcsid storage so that it's easier to tell the differencepeter1998-05-281-2/+2
| | | | between libscrypt.a and libdescrypt.a
* When compiling under elf, use correct library naming conventions. Alsopeter1997-09-051-3/+19
| | | | | add the required extra symlink. Set the -soname to libcrypt.so so that the symlink is used at runtime rather than resolved at compile time.
* Revert $FreeBSD$ to $Id$peter1997-02-221-1/+1
|
* Make the long-awaited change from $Id$ to $FreeBSD$jkh1997-01-141-1/+1
| | | | | | | | This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
* Remove trailing whitespace.rgrimes1995-05-301-2/+2
|
* Install shared libraries in ${DESTDIR}${SHLIBDIR} instead of inbde1994-11-141-15/+15
| | | | | | | | | | $(DESTDIR)/$(LIBDIR) (I need SHLIBDIR. The / was a bug and the $(...) style was inconsistent.) Install ordinary libraries in ${DESTDIR}${LIBDIR} instead of in $(DESTDIR)/$(LIBDIR). Change remaining $(...) to ${...}.
* *** ATTENTION *** YOU MIGHT BE ABOUT TO BE HOSED *** ATTENTION ***phk1994-11-071-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This effectively changes the non-DES password algoritm. If you have the "securedist" installed you will have no problems with this. (Though you might want to consider using this password-encryption instead of the DES-based if your system is likely to be hacked) If you are running a -current system without the "securedist" installed: YOU WILL NEED TO CHANGE ALL PASSWORDS !! There is no backwards mode. Suggested procedure is: Update your sources cd /usr/src/lib/libcrypt make clean make all make install passwd root <set roots new password> change password for any other users on the system. This algorithm is expected to be much better than the traditional DES- based algorithm. It uses the MD5 algorithm at what it is best at, as opposed to the DES algorithm at something it isn't good at at all. The algorithm is designed such that it should very hard to shortcut the calculations needed to build a dictionary, and to make partial knowledge (Hmm, his password starts with a 'P'...) useless. Of course if somebody breaks the MD5 algorithm this looses too. The salt is 48 bits (8 char @ base64). The encrypted password is 128 bits. And I am positively delighted to say that it takes 34 msec to crypt() a password on a Pentium/60Mhz, so building a dictionary is not really an option for hackers at the moment.
* Fix afterinstall rule for generating links to the real libcryptcsgr1994-08-201-7/+13
| | | | Submitted by: geoff
* Fix afterinstall rule for NOSHARED casecsgr1994-08-121-1/+6
| | | | Submitted by: Geoff Rehmet
* The password scrambler now becomes libscrypt, and libcrypt iscsgr1994-08-091-0/+19
| | | | | a symlink to it. (The real libcrypt will be installed as libdescrypt.) Submitted by: Geoff.
* Nates password scrambler, from FreebSD 1.1.5, but with everything except csgr1994-08-091-0/+9
crypt() ripped out Reviewed by: Geoff Rehmet Submitted by: Nate Williams
OpenPOWER on IntegriCloud