O

Openwall - passwdqc

Settings | Report Duplicate

3

I Use This!

Very Low Activity

Commits : Listings

Analyzed about 5 hours ago. based on code collected about 10 hours ago.

Commit Message	Contributor	Files Modified	Lines Added	Lines Removed	Code Location	Date
Apr 24, 2023 — Apr 24, 2024 Showing page 4 of 10 Search / Filter on:
Introduced _passwdqc_memzero(), currently as a wrapper around memset() called via a function pointer to reduce the likelihood of a compiler optimizing those memset() calls out and to allow for overriding of this function with an OS-specific "secure" memory zeroization function.	Solar Designer	More...				almost 8 years ago
Cap "max" at 10000.	Solar Designer	More...				almost 8 years ago
Use size_t for variables holding strlen() return values	Solar Designer	More...				almost 8 years ago
With "non-unix", initialize the pw_dir field in fake_pw now that (since passwdqc 1.1.3 in 2009) passwdqc_check.c uses that field. Bug reported by Jim Paris via Debian: https://bugs.debian.org/831356	Solar Designer	More...				almost 8 years ago
1.3.0: - When checking is_simple() after discounting a common character sequence, apply the (negative) bias even for the passphrase length check. Previously, we were not doing this because passphrases are normally built from words, and the same code was being used for the check for dictionary words. - Expanded the list of common character sequences. Along with the change above, this reduces the number of passing passwords for RockYou top 100k from 35 to 18, and for RockYou top 1M from 2333 to 2273 (all of these are with passwdqc's default policy). - Moved the common character sequences check to be made after the dictionary words check, to avoid introducing more cases of misreporting. - Added pwqcheck.php, a PHP wrapper function around the pwqcheck program.	Solar Designer	More...				about 11 years ago
Added pwqcheck.php, a PHP wrapper function around the pwqcheck program	Solar Designer	More...				about 11 years ago
Expanded the list of common character sequences. Along with the previous commit, this reduces the number of passing passwords for RockYou top 100k from 35 to 18, and for RockYou top 1M from 2333 to 2273 (all of these are with passwdqc's default policy). Also, moved the common character sequences check to be made after the dictionary words check, to avoid introducing more cases of misreporting.	Solar Designer	More...				about 11 years ago
When checking is_simple() after discounting a common character sequence, apply the (negative) bias even for the passphrase length check. Previously, we were not doing this because passphrases are normally built from words, and the same code was being used for the check for dictionary words.	Solar Designer	More...				about 11 years ago
1.2.4: - In randomly generated passphrases: toggle case of the first character of each word only if we wouldn't achieve sufficient entropy otherwise, use a trailing separator if we achieve sufficient entropy even with the final word omitted (in fact, we now enable the use of different separators in more cases for this reason), use dashes rather than spaces to separate words when different separator characters are not in use. - Expanded the allowed size of randomly-generated passphrases in bits (now it's 24 to 85 in the tools, and 24 to 136 in the passwdqc_random() interface).	Solar Designer	More...				about 11 years ago
In randomly generated passphrases: toggle case of the first character of each word only if we wouldn't achieve sufficient entropy otherwise, use a trailing separator if we achieve sufficient entropy even with the final word omitted (in fact, we now enable the use of separators in more cases for this reason). Expanded the allowed size of randomly-generated passphrases in bits (now it's 24 to 85 in the tools, and 24 to 136 in the passwdqc_random() interface).	Solar Designer	More...				about 11 years ago
Added and made use of the WORDSET_4K_LENGTH_MAX cpp macro, currently 6.	Solar Designer	More...				about 11 years ago
Added cpp macros for the constants, added source code comments. This source code change does not affect the generated code.	Solar Designer	More...				about 11 years ago
When different separator characters are not in use, use dashes rather than spaces to separate the words.	Solar Designer	More...				about 11 years ago
Allow for trailing separator character in cases where we're using separators anyway and another one would be sufficient to provide the requested entropy, without having to add a word. In practice, this happens for requested entropy of 66 to 68 bits. Before this change, a space character would be used in place of the last separator, and another word would be added (providing excessive entropy beyond of what was requested).	Solar Designer	More...				about 11 years ago
Added Darwin (Mac OS X) support to the Makefile, loosely based on a patch by Ronald Ip (thanks!)	Solar Designer	More...				over 11 years ago
Declared all pre-initialized arrays and structs as const	Solar Designer	More...				over 11 years ago
1.2.3: Handle possible NULL returns from crypt()	Solar Designer	More...				over 11 years ago
Added a link to a wiki page with detailed Solaris-specific instructions to the PLATFORMS file.	Solar Designer	More...				almost 14 years ago
Added a link to http://openwall.info/wiki/passwdqc/solaris	Solar Designer	More...				almost 14 years ago
Introduced the GNU'ish "uninstall" make target name (a synonym for "remove").	Solar Designer	More...				almost 14 years ago
Deal with: pam_passwdqc.c: In function `pam_sm_chauthtok': pam_passwdqc.c:242: warning: `check_reason' might be used uninitialized in this function as seen with gcc 2.95 (current versions of gcc figure the following "if" out, whereas older versions like this are not smart enough).	Solar Designer	More...				almost 14 years ago
1.2.2	Solar Designer	More...				almost 14 years ago
On Solaris, use /usr/ucb/install explicitly (we don't support their /usr/sbin/install) and install under /usr/lib instead of /lib.	Solar Designer	More...				almost 14 years ago
URL-encoded the asterisks in the archive.org URLs such that they don't break the C comment.	Solar Designer	More...				about 14 years ago
1.2.1	Solar Designer	More...				about 14 years ago
When matching against the reversed new password, always pass the original non-reversed new password (possibly with a substring removed) into is_simple(), but remove or check the correct substring in is_based() considering that the matching is possibly being done against the reversed password.	Solar Designer	More...				about 14 years ago
Wrote a lengthy comment with some historical notes about the word list, confirming its public domain status. Documented assumptions that the rest of passwdqc makes about the word list.	Solar Designer	More...				about 14 years ago
Added -W option to CFLAGS for non-RPM builds	Dmitry V. Levin	More...				about 14 years ago
Added -W option to CFLAGS*	Dmitry V. Levin	More...				about 14 years ago
Adjusted sprintf format string to match the change of signedness	Dmitry V. Levin	More...				about 14 years ago

←
1
2
3
4
5
6
7
8
9
10
→