3
I Use This!
Very Low Activity

Commits : Listings

Analyzed 12 days ago. based on code collected 12 days ago.
Nov 29, 2016 — Nov 29, 2017
Commit Message Contributor Files Modified Lines Added Lines Removed Code Location Date
Unexport _passwdqc_memzero in libpasswdqc 4aa9033d1f9280cdd918de1c33ce8e56?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32 More... over 1 year ago
1.3.1: - With "non-unix", initialize the pw_dir field in fake_pw now that (since passwdqc 1.1.3 in 2009) passwdqc_check.c uses that field. Bug reported by Jim Paris via Debian: https://bugs.debian.org/831356 - Use size_t for variables holding strlen() return values. - Cap "max" at 10000 (in case a config set it higher; the default remains 40). - Check against the shortest allowed password length prior to checking against the old password (this affects reporting when the old password is empty). - For zeroization of sensitive data, use a wrapper around memset() called via a function pointer to reduce the likelihood of a compiler optimizing those calls out and to allow for overriding of this function with an OS-specific "secure" memory zeroization function. - In pwqgen, set stdout to non-buffered, and zeroize and free our own buffer holding the generated password. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 1 year ago
Updated copyright years 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 1 year ago
Set stdout to non-buffered, and zeroize and free our own buffer holding the generated password prior to exiting. (The freeing of memory is just to keep memory leak detectors happy.) 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 1 year ago
Introduced _passwdqc_memzero(), currently as a wrapper around memset() called via a function pointer to reduce the likelihood of a compiler optimizing those memset() calls out and to allow for overriding of this function with an OS-specific "secure" memory zeroization function. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 1 year ago
Cap "max" at 10000. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 1 year ago
Use size_t for variables holding strlen() return values 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 1 year ago
With "non-unix", initialize the pw_dir field in fake_pw now that (since passwdqc 1.1.3 in 2009) passwdqc_check.c uses that field. Bug reported by Jim Paris via Debian: https://bugs.debian.org/831356 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 1 year ago
1.3.0: - When checking is_simple() after discounting a common character sequence, apply the (negative) bias even for the passphrase length check. Previously, we were not doing this because passphrases are normally built from words, and the same code was being used for the check for dictionary words. - Expanded the list of common character sequences. Along with the change above, this reduces the number of passing passwords for RockYou top 100k from 35 to 18, and for RockYou top 1M from 2333 to 2273 (all of these are with passwdqc's default policy). - Moved the common character sequences check to be made after the dictionary words check, to avoid introducing more cases of misreporting. - Added pwqcheck.php, a PHP wrapper function around the pwqcheck program. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 4 years ago
Added pwqcheck.php, a PHP wrapper function around the pwqcheck program 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 4 years ago
Expanded the list of common character sequences. Along with the previous commit, this reduces the number of passing passwords for RockYou top 100k from 35 to 18, and for RockYou top 1M from 2333 to 2273 (all of these are with passwdqc's default policy). Also, moved the common character sequences check to be made after the dictionary words check, to avoid introducing more cases of misreporting. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 4 years ago
When checking is_simple() after discounting a common character sequence, apply the (negative) bias even for the passphrase length check. Previously, we were not doing this because passphrases are normally built from words, and the same code was being used for the check for dictionary words. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 4 years ago
1.2.4: - In randomly generated passphrases: toggle case of the first character of each word only if we wouldn't achieve sufficient entropy otherwise, use a trailing separator if we achieve sufficient entropy even with the final word omitted (in fact, we now enable the use of different separators in more cases for this reason), use dashes rather than spaces to separate words when different separator characters are not in use. - Expanded the allowed size of randomly-generated passphrases in bits (now it's 24 to 85 in the tools, and 24 to 136 in the passwdqc_random() interface). 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 4 years ago
In randomly generated passphrases: toggle case of the first character of each word only if we wouldn't achieve sufficient entropy otherwise, use a trailing separator if we achieve sufficient entropy even with the final word omitted (in fact, we now enable the use of separators in more cases for this reason). Expanded the allowed size of randomly-generated passphrases in bits (now it's 24 to 85 in the tools, and 24 to 136 in the passwdqc_random() interface). 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 4 years ago
Added and made use of the WORDSET_4K_LENGTH_MAX cpp macro, currently 6. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 4 years ago
Added cpp macros for the constants, added source code comments. This source code change does not affect the generated code. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 4 years ago
When different separator characters are not in use, use dashes rather than spaces to separate the words. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 4 years ago
Allow for trailing separator character in cases where we're using separators anyway and another one would be sufficient to provide the requested entropy, without having to add a word. In practice, this happens for requested entropy of 66 to 68 bits. Before this change, a space character would be used in place of the last separator, and another word would be added (providing excessive entropy beyond of what was requested). 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 4 years ago
Added Darwin (Mac OS X) support to the Makefile, loosely based on a patch by Ronald Ip (thanks!) 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 5 years ago
Declared all pre-initialized arrays and structs as const 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 5 years ago
1.2.3: Handle possible NULL returns from crypt() 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 5 years ago
Added a link to a wiki page with detailed Solaris-specific instructions to the PLATFORMS file. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 7 years ago
Added a link to http://openwall.info/wiki/passwdqc/solaris 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 7 years ago
Introduced the GNU'ish "uninstall" make target name (a synonym for "remove"). 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 7 years ago
Deal with: pam_passwdqc.c: In function `pam_sm_chauthtok': pam_passwdqc.c:242: warning: `check_reason' might be used uninitialized in this function as seen with gcc 2.95 (current versions of gcc figure the following "if" out, whereas older versions like this are not smart enough). 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 7 years ago
1.2.2 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 7 years ago
On Solaris, use /usr/ucb/install explicitly (we don't support their /usr/sbin/install) and install under /usr/lib instead of /lib. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 7 years ago
URL-encoded the asterisks in the archive.org URLs such that they don't break the C comment. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 7 years ago
1.2.1 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 7 years ago
When matching against the reversed new password, always pass the original non-reversed new password (possibly with a substring removed) into is_simple(), but remove or check the correct substring in is_based() considering that the matching is possibly being done against the reversed password. 603263c8fcc39d101718ff8a419b6517?&s=32&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon32
Solar Designer
as solar
More... over 7 years ago