summaryrefslogtreecommitdiffhomepage
path: root/svr-authpasswd.c
AgeCommit message (Expand)Author
2019-03-21limit password length to 100Matt Johnston
2018-08-23Wait to fail invalid usernamesMatt Johnston
2016-05-04Convert #ifdef to #if, other build changesMatt Johnston
2015-06-04buf_getstring and buf_putstring now use non-unsigned char*Matt Johnston
2015-06-03note about constant_time_strcmp and lengthsMatt Johnston
2013-10-03Constant time memcmp for the hmac and password cryptMatt Johnston
2013-04-29Avoid segfault for locked accounts (invalid salt to crypt())Matt Johnston
2013-02-12Allow configuring "allow blank password option" at runtimePaul Eggleton
2012-05-09Fix empty password immediate loginMatt Johnston
2012-05-09Return immediate success for blank passwords if allowedMatt Johnston
2011-10-26- Add ALLOW_BLANK_PASSWORD optionMatt Johnston
2011-02-23Improve capitalisation for all logged stringsMatt Johnston
2008-01-13Make a copy of passwd fields since getpwnam()'s retval isn't safe to keepMatt Johnston
2005-03-13* fix longstanding bug with connections being closed on failure toMatt Johnston
2004-12-23Log the IP along with auth success/fail attemptsMatt Johnston
2004-09-12Don't need to burn the payload buffer since process-packet.c does itMatt Johnston
2004-08-12Merging in the changes from 0.41-0.43 main Dropbear treeMatt Johnston
2004-08-12cleaning up the pubkey definesMatt Johnston
2004-08-08burn the buffer a bit earlierMatt Johnston
2004-08-08Be a bit safer with reentrant pw_nameMatt Johnston
2004-07-27Progressing client supportMatt Johnston
2004-06-01Makefile.in contains updated files requiredMatt Johnston