plan9front.git - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2018-02-05	auth/asn12rsa: also convert ASN.1 encoded public key to plan9 format	cinap_lenrek

2018-01-21	factotum: implement mschapv2 role=server authentication (for ppp)	cinap_lenrek
	this implements the server part of mschapv2 with the new authserver changes. we also provide AuthInfo for the client now with the MPPE secret and the authenticator.
2018-01-21	authsrv: implement mschapv2 authentication, include MPPE secret in the ticket	cinap_lenrek
	this adds new rpc for mschapv2 authentication (21) deliver the MPPE secret not after the ticket/authenticator response as cheartext, but include it in the first 128 bit of the ticket key. and the authenticator in the first 160 bit of the authenticator random field.
2018-01-15	authsrv: fix chap	cinap_lenrek
	use OCHAPREPLYLEN instead of sizeof(reply) (no padding). exit after sending ticket response to force eof as factotum unconditionally reads tailing secret hash (as of mschap).
2018-01-07	forgot to commit asn1dump.c...	cinap_lenrek

2018-01-06	factotum: remove unused sshrsa.c	cinap_lenrek

2018-01-06	remove asn12dsa, dsa2pub, dsa2ssh and dsagen	cinap_lenrek
	was mostly usefull for old ssh.
2018-01-06	auth/asn1dump: include in mkfile	cinap_lenrek

2018-01-02	factotum: remove legacy wep protocol	cinap_lenrek

2018-01-01	factotum: replace custom hex parsing code with dec16() avoding timing side ↵	cinap_lenrek
	channels
2017-12-03	auth/factotum: add role=login protocol variant to dp9ik/p9sk1	cinap_lenrek
	the role=login protocol is ment to replace proto=p9cr in auth_userpasswd() from libauth to authenticate a user given a username and a password. in contrast to p9cr, it does not require an authentication server when user is the hostowner and its key is present in factotum.
2017-12-03	auth/login: add missing quotefmtinstall(), quote dom attribute	cinap_lenrek

2017-10-06	rsa: add auth/rsa2asn1, check write error in auth/rsa2x509 and auth/rsa2pub, ↵	cinap_lenrek
	document in rsa(8)
2017-06-18	auth/factotum: complete p9any v.2 server protocol, but don't enable it.	cinap_lenrek

2017-04-17	factotum: append public rsa encyption exponent after the modulus	cinap_lenrek
	this makes implementing ssh-rsa authentication easier, as we then can convert the public key directly to ssh format and check if the server will accept that public key. tlshand just needs the modulus to see if the public key matches the one it has from the certificate.
2017-04-17	rsa2ssh: drop support for version 1 key format	cinap_lenrek

2017-02-26	authsrv: handle short reads in initkeyseed()	cinap_lenrek

2017-02-26	authsrv: don't hash in hostowner key for keyseed	cinap_lenrek
	aiju → i don't like it, it's more bullshit ways to expose the key :) aiju → if someone can grab /adm/keyseed, they can also grab /adm/users and /adm/keys
2017-02-26	authsrv: salt the keyseed from /adm/keyseed file	cinap_lenrek
	change the keyseed key derivation to hkdf sha256 using the hostowners des key plus 256 bit random salt from /adm/keyseed.
2017-02-26	authsrv: fix mkkey() dummy key generation (thanks aiju)	cinap_lenrek

2017-02-26	authsrv: get rid of needreply parameter by changing vnc protocol handler	cinap_lenrek

2017-02-26	authsrv: more useful error reporting	aiju

2017-02-25	auth/asaudit: quote user and dom attributes in factotum key	cinap_lenrek

2017-02-25	asaudit: check factotum key ; netaudit: mention asaudit	aiju

2017-02-24	asaudit: missing \n in print	aiju

2017-02-24	merge	aiju

2017-02-24	add auth/asaudit	aiju

2017-02-24	auth/readnvram: also print dp9ik key	cinap_lenrek

2017-02-23	auth/keyfs: support -r flag to mount read-only	aiju

2017-02-09	factotum: support sha256 algorithm in rsa pkcs#1 signing	mischief
	also removed md2 oid, it is unused.
2017-02-06	rsagen: prefer 65537 as the default exponent when elen == 0, otherwise pick ↵	cinap_lenrek
	randomly
2017-01-26	auth/keyfs: use ulong for time	cinap_lenrek

2017-01-26	secstore/secuser: use ulong for time	cinap_lenrek

2017-01-22	factotum: fix memory leak in findkey()	cinap_lenrek

2016-12-26	keyfs: print error message when reading /adm/keys fails	cinap_lenrek

2016-12-22	auth/as: simplify further	cinap_lenrek

2016-12-22	auth/as, auth/none, auth/newns: consistent handling of command arguments, ↵	cinap_lenrek
	cleanup
2016-10-23	auth/factotum: bound the number of srv processes to 16, error the 9p rpc ↵	cinap_lenrek
	when it is over limit
2016-08-08	auth/fgui: use pale colors	cinap_lenrek

2016-08-04	auth/login: add dp9ik key to sub factotum, get rid of temporary /srv file	cinap_lenrek

2016-07-31	auth: various cleanups, use common readcons() from libauthsrv, zero keys ↵	cinap_lenrek
	after use
2016-07-31	auth/secstore: use common readcons() routine from libauthsrv	cinap_lenrek

2016-07-31	auth/factotum: use common readcons() function from libauthsrv	cinap_lenrek

2016-07-24	auth/changeuser: fix misleading print (secret is 31 chars max, not 256)	cinap_lenrek

2016-07-24	make error handling in 9p service loops consistent	cinap_lenrek
	when we get eof, stop the loop immidiately and do not rely on the read to eventually return an error. when convM2S() fails to decode the message, error out and stop the loop. there is no point in continuing.
2016-04-22	rsa: rename getkey() to getrsakey(), document rsa2csr in rsa(8)	cinap_lenrek

2016-04-21	rsagen: increase default key size to 2048 bits	cinap_lenrek

2016-03-01	auth/pemencode: fix usage()	BurnZeZ

2016-02-22	factotum: fix memory leak for p9any key confirmation, fix key handling for ↵	cinap_lenrek
	role=client when we look up role=speakfor key and askforkeys is set, the findkey() can return RpcNeedkey, which causes us to skip the query for a role=client key. Instead, we now check for the return value != RpcOk (and != RpcConfirm which we want to handle the same for both queries). we have to free the attribute lists when returning RpcConfirm.
2016-02-14	cron: just run /bin/rx to execute remote commands	cinap_lenrek