openhub.net
Black Duck Software, Inc.
Black Duck Open Hub
Follow @
OH
Sign In
Join Now
Projects
People
Organizations
Tools
Blog
BDSA
Projects
People
Projects
Organizations
Forums
O
Openwall - passwdqc
Settings
|
Report Duplicate
3
I Use This!
×
Login Required
Log in to Open Hub
Remember Me
Very Low Activity
Commits
: Listings
Analyzed
about 5 hours
ago. based on code collected
about 10 hours
ago.
Apr 24, 2023 — Apr 24, 2024
Showing page 4 of 10
Search / Filter on:
Commit Message
Contributor
Files Modified
Lines Added
Lines Removed
Code Location
Date
Introduced _passwdqc_memzero(), currently as a wrapper around memset() called via a function pointer to reduce the likelihood of a compiler optimizing those memset() calls out and to allow for overriding of this function with an OS-specific "secure" memory zeroization function.
Solar Designer
More...
almost 8 years ago
Cap "max" at 10000.
Solar Designer
More...
almost 8 years ago
Use size_t for variables holding strlen() return values
Solar Designer
More...
almost 8 years ago
With "non-unix", initialize the pw_dir field in fake_pw now that (since passwdqc 1.1.3 in 2009) passwdqc_check.c uses that field. Bug reported by Jim Paris via Debian: https://bugs.debian.org/831356
Solar Designer
More...
almost 8 years ago
1.3.0: - When checking is_simple() after discounting a common character sequence, apply the (negative) bias even for the passphrase length check. Previously, we were not doing this because passphrases are normally built from words, and the same code was being used for the check for dictionary words. - Expanded the list of common character sequences. Along with the change above, this reduces the number of passing passwords for RockYou top 100k from 35 to 18, and for RockYou top 1M from 2333 to 2273 (all of these are with passwdqc's default policy). - Moved the common character sequences check to be made after the dictionary words check, to avoid introducing more cases of misreporting. - Added pwqcheck.php, a PHP wrapper function around the pwqcheck program.
Solar Designer
More...
about 11 years ago
Added pwqcheck.php, a PHP wrapper function around the pwqcheck program
Solar Designer
More...
about 11 years ago
Expanded the list of common character sequences. Along with the previous commit, this reduces the number of passing passwords for RockYou top 100k from 35 to 18, and for RockYou top 1M from 2333 to 2273 (all of these are with passwdqc's default policy). Also, moved the common character sequences check to be made after the dictionary words check, to avoid introducing more cases of misreporting.
Solar Designer
More...
about 11 years ago
When checking is_simple() after discounting a common character sequence, apply the (negative) bias even for the passphrase length check. Previously, we were not doing this because passphrases are normally built from words, and the same code was being used for the check for dictionary words.
Solar Designer
More...
about 11 years ago
1.2.4: - In randomly generated passphrases: toggle case of the first character of each word only if we wouldn't achieve sufficient entropy otherwise, use a trailing separator if we achieve sufficient entropy even with the final word omitted (in fact, we now enable the use of different separators in more cases for this reason), use dashes rather than spaces to separate words when different separator characters are not in use. - Expanded the allowed size of randomly-generated passphrases in bits (now it's 24 to 85 in the tools, and 24 to 136 in the passwdqc_random() interface).
Solar Designer
More...
about 11 years ago
In randomly generated passphrases: toggle case of the first character of each word only if we wouldn't achieve sufficient entropy otherwise, use a trailing separator if we achieve sufficient entropy even with the final word omitted (in fact, we now enable the use of separators in more cases for this reason). Expanded the allowed size of randomly-generated passphrases in bits (now it's 24 to 85 in the tools, and 24 to 136 in the passwdqc_random() interface).
Solar Designer
More...
about 11 years ago
Added and made use of the WORDSET_4K_LENGTH_MAX cpp macro, currently 6.
Solar Designer
More...
about 11 years ago
Added cpp macros for the constants, added source code comments. This source code change does not affect the generated code.
Solar Designer
More...
about 11 years ago
When different separator characters are not in use, use dashes rather than spaces to separate the words.
Solar Designer
More...
about 11 years ago
Allow for trailing separator character in cases where we're using separators anyway and another one would be sufficient to provide the requested entropy, without having to add a word. In practice, this happens for requested entropy of 66 to 68 bits. Before this change, a space character would be used in place of the last separator, and another word would be added (providing excessive entropy beyond of what was requested).
Solar Designer
More...
about 11 years ago
Added Darwin (Mac OS X) support to the Makefile, loosely based on a patch by Ronald Ip (thanks!)
Solar Designer
More...
over 11 years ago
Declared all pre-initialized arrays and structs as const
Solar Designer
More...
over 11 years ago
1.2.3: Handle possible NULL returns from crypt()
Solar Designer
More...
over 11 years ago
Added a link to a wiki page with detailed Solaris-specific instructions to the PLATFORMS file.
Solar Designer
More...
almost 14 years ago
Added a link to http://openwall.info/wiki/passwdqc/solaris
Solar Designer
More...
almost 14 years ago
Introduced the GNU'ish "uninstall" make target name (a synonym for "remove").
Solar Designer
More...
almost 14 years ago
Deal with: pam_passwdqc.c: In function `pam_sm_chauthtok': pam_passwdqc.c:242: warning: `check_reason' might be used uninitialized in this function as seen with gcc 2.95 (current versions of gcc figure the following "if" out, whereas older versions like this are not smart enough).
Solar Designer
More...
almost 14 years ago
1.2.2
Solar Designer
More...
almost 14 years ago
On Solaris, use /usr/ucb/install explicitly (we don't support their /usr/sbin/install) and install under /usr/lib instead of /lib.
Solar Designer
More...
almost 14 years ago
URL-encoded the asterisks in the archive.org URLs such that they don't break the C comment.
Solar Designer
More...
about 14 years ago
1.2.1
Solar Designer
More...
about 14 years ago
When matching against the reversed new password, always pass the original non-reversed new password (possibly with a substring removed) into is_simple(), but remove or check the correct substring in is_based() considering that the matching is possibly being done against the reversed password.
Solar Designer
More...
about 14 years ago
Wrote a lengthy comment with some historical notes about the word list, confirming its public domain status. Documented assumptions that the rest of passwdqc makes about the word list.
Solar Designer
More...
about 14 years ago
Added -W option to CFLAGS for non-RPM builds
Dmitry V. Levin
More...
about 14 years ago
Added -W option to CFLAGS*
Dmitry V. Levin
More...
about 14 years ago
Adjusted sprintf format string to match the change of signedness
Dmitry V. Levin
More...
about 14 years ago
←
1
2
3
4
5
6
7
8
9
10
→
This site uses cookies to give you the best possible experience. By using the site, you consent to our use of cookies. For more information, please see our
Privacy Policy
Agree