freebsd-src

mirror of https://github.com/freebsd/freebsd-src.git synced 2024-11-27 17:52:43 +00:00

History

Andrey A. Chernov 1043140b4b MFC: r269806,r269809,r269811,r269810 r269806: Fix too long (seed length >12 chars) challenge handling. 1) " ext" length should be included into OPIE_CHALLENGE_MAX (as all places of opie code expects that). 2) Overflow check in challenge.c is off by 1 even with corrected OPIE_CHALLENGE_MAX 3) When fallback to randomchallenge() happens and rval is 0 (i.e. challenge is too long), its value should be set to error state too. To demonstrate the bug, run opiepasswd with valid seed: opiepasswd -s 1234567890123456 and notice that it falls back to randomchallenge() (i.e. no 1234567890123456 in the prompt). r269809: When sha1 support was added, they forget to increase OPIE_HASHNAME_MAX r269811: Last '/' for program name, not first one. r269810: Link otp-sha1 to match real challenge prompt, not otp-sha. PR: 191511 Submitted by: mitsururike@gmail.com (partially, PR 269806)	2014-08-18 02:13:45 +00:00
..
Makefile

Andrey A. Chernov 1043140b4b MFC: r269806,r269809,r269811,r269810

r269806:
Fix too long (seed length >12 chars) challenge handling.
1) " ext" length should be included into OPIE_CHALLENGE_MAX (as all places
of opie code expects that).
2) Overflow check in challenge.c is off by 1 even with corrected
OPIE_CHALLENGE_MAX
3) When fallback to randomchallenge() happens and rval is 0 (i.e.
challenge is too long), its value should be set to error state too.

To demonstrate the bug, run opiepasswd with valid seed:
opiepasswd -s 1234567890123456
and notice that it falls back to randomchallenge() (i.e. no
1234567890123456 in the prompt).

r269809:
When sha1 support was added, they forget to increase OPIE_HASHNAME_MAX

r269811:
Last '/' for program name, not first one.

r269810:
Link otp-sha1 to match real challenge prompt, not otp-sha.

PR:     191511
Submitted by: mitsururike@gmail.com (partially, PR 269806)

2014-08-18 02:13:45 +00:00

Makefile