Module Name: src Committed By: jmmv Date: Sat Dec 4 14:57:57 UTC 2010
Modified Files: src/distrib/utils/sysinst: defs.h install.c menus.mi msg.mi.de msg.mi.en msg.mi.es msg.mi.fr msg.mi.pl util.c Log Message: Remove password cipher selection as discussed in current-us...@. Users who really really really want to change the default setting can continue to change their cipher algorithm right after a clean install by modifying /etc/passwd.conf and regenerating the root password if previously set by sysinst. To generate a diff of this commit: cvs rdiff -u -r1.148 -r1.149 src/distrib/utils/sysinst/defs.h cvs rdiff -u -r1.43 -r1.44 src/distrib/utils/sysinst/install.c cvs rdiff -u -r1.38 -r1.39 src/distrib/utils/sysinst/menus.mi cvs rdiff -u -r1.52 -r1.53 src/distrib/utils/sysinst/msg.mi.de cvs rdiff -u -r1.160 -r1.161 src/distrib/utils/sysinst/msg.mi.en cvs rdiff -u -r1.29 -r1.30 src/distrib/utils/sysinst/msg.mi.es cvs rdiff -u -r1.110 -r1.111 src/distrib/utils/sysinst/msg.mi.fr cvs rdiff -u -r1.68 -r1.69 src/distrib/utils/sysinst/msg.mi.pl cvs rdiff -u -r1.165 -r1.166 src/distrib/utils/sysinst/util.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/distrib/utils/sysinst/defs.h diff -u src/distrib/utils/sysinst/defs.h:1.148 src/distrib/utils/sysinst/defs.h:1.149 --- src/distrib/utils/sysinst/defs.h:1.148 Wed Jan 27 11:02:03 2010 +++ src/distrib/utils/sysinst/defs.h Sat Dec 4 14:57:56 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: defs.h,v 1.148 2010/01/27 11:02:03 jmmv Exp $ */ +/* $NetBSD: defs.h,v 1.149 2010/12/04 14:57:56 jmmv Exp $ */ /* * Copyright 1997 Piermont Information Systems Inc. @@ -409,7 +409,6 @@ int get_and_unpack_sets(int, msg, msg, msg); int sanity_check(void); int set_timezone(void); -void set_crypt_type(void); int set_root_password(void); int set_root_shell(void); void scripting_fprintf(FILE *, const char *, ...); Index: src/distrib/utils/sysinst/install.c diff -u src/distrib/utils/sysinst/install.c:1.43 src/distrib/utils/sysinst/install.c:1.44 --- src/distrib/utils/sysinst/install.c:1.43 Sat Sep 19 14:57:27 2009 +++ src/distrib/utils/sysinst/install.c Sat Dec 4 14:57:56 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: install.c,v 1.43 2009/09/19 14:57:27 abs Exp $ */ +/* $NetBSD: install.c,v 1.44 2010/12/04 14:57:56 jmmv Exp $ */ /* * Copyright 1997 Piermont Information Systems Inc. @@ -123,8 +123,6 @@ set_timezone(); - set_crypt_type(); - set_root_password(); set_root_shell(); Index: src/distrib/utils/sysinst/menus.mi diff -u src/distrib/utils/sysinst/menus.mi:1.38 src/distrib/utils/sysinst/menus.mi:1.39 --- src/distrib/utils/sysinst/menus.mi:1.38 Tue Mar 30 20:09:25 2010 +++ src/distrib/utils/sysinst/menus.mi Sat Dec 4 14:57:56 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: menus.mi,v 1.38 2010/03/30 20:09:25 martin Exp $ */ +/* $NetBSD: menus.mi,v 1.39 2010/12/04 14:57:56 jmmv Exp $ */ /*- * Copyright (c) 2003 The NetBSD Foundation, Inc. @@ -293,13 +293,6 @@ option MSG_Set_finished, exit, action { *(int *)arg = SET_OK; }; option MSG_Abort_fetch, exit, action { *(int *)arg = SET_RETRY; }; -menu crypttype, title MSG_Password_cipher, y=15; - option MSG_SHA1, exit, action { yesno = 4; }; - option MSG_DES, exit, action { yesno = 1; }; - option MSG_MD5, exit, action { yesno = 2; }; - option MSG_Blowfish_2_7_round, exit, action { yesno = 3; }; - option MSG_do_not_change, exit, action { yesno = 0; }; - menu fd_type, title MSG_fd_type, y=16; option "msdos", exit, action { fd_type = "msdos"; }; option "ffs", exit, action { fd_type = "ffs"; }; Index: src/distrib/utils/sysinst/msg.mi.de diff -u src/distrib/utils/sysinst/msg.mi.de:1.52 src/distrib/utils/sysinst/msg.mi.de:1.53 --- src/distrib/utils/sysinst/msg.mi.de:1.52 Tue Mar 30 20:09:25 2010 +++ src/distrib/utils/sysinst/msg.mi.de Sat Dec 4 14:57:56 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: msg.mi.de,v 1.52 2010/03/30 20:09:25 martin Exp $ */ +/* $NetBSD: msg.mi.de,v 1.53 2010/12/04 14:57:56 jmmv Exp $ */ /* * Copyright 1997 Piermont Information Systems Inc. @@ -890,22 +890,6 @@ message tz_back { Zurück zum Zeitzonenmenü.} -message choose_crypt -{Bitte wählen Sie den gewünschten Ver-/Entschlüsselungsalgorithmus (Cipher) -für Benutzerpassworte. NetBSD kann DES, MD5, Blowfish oder SHA1 benutzen. - -Das traditionelle DES-System ist mit den meisten anderen UNIX-ähnlichen -Betriebssystemen kompatibel, allerdings werden nur die ersten 8 Zeichen eines -jeden Passworts berücksichtigt. Das MD5, Blowfish und SHA1 System erlaubt -längere Passwörter, was unter Umständen als sicherer interpretiert werden kann. - -Wenn Sie ein Netzwerk haben und planen, NIS zu nutzen, berücksichtigen -Sie hier bitte auch die Möglichkeiten der anderen Maschinen im Netzwerk. - -Wenn Sie NetBSD aktualisieren und die bestehende Konfiguration nicht -verändern möchten, so wählen Sie "Beibehalten". -} - message swapactive {Das Laufwerk, das Sie ausgewählt haben, verfügt über eine Swappartition, die gegenwärtig auch benutzt wird. @@ -998,12 +982,6 @@ message Skip_group {Paketgruppe überspringen} message Abandon {Installation abbrechen} message Abort_fetch {Holen abbrechen} -message Password_cipher {Passwort Verschlüsselungsverfahren} -message DES {DES} -message MD5 {MD5} -message Blowfish_2_7_round {Blowfish mit 2^7 Wiederholungen} -message SHA1 {SHA1} -message do_not_change {Beibehalten} message Device {Gerät} message File_system {Dateisystem} message Select_IPv6_DNS_server { Auswählen eines IPv6 DNS Servers} Index: src/distrib/utils/sysinst/msg.mi.en diff -u src/distrib/utils/sysinst/msg.mi.en:1.160 src/distrib/utils/sysinst/msg.mi.en:1.161 --- src/distrib/utils/sysinst/msg.mi.en:1.160 Tue Mar 30 20:09:25 2010 +++ src/distrib/utils/sysinst/msg.mi.en Sat Dec 4 14:57:56 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: msg.mi.en,v 1.160 2010/03/30 20:09:25 martin Exp $ */ +/* $NetBSD: msg.mi.en,v 1.161 2010/12/04 14:57:56 jmmv Exp $ */ /* * Copyright 1997 Piermont Information Systems Inc. @@ -831,22 +831,6 @@ message tz_back { Back to main timezone list} -message choose_crypt -{Please choose the password cipher to use. NetBSD can be configured to use -either the DES, MD5, Blowfish or SHA1 schemes. - -The traditional DES scheme is compatible with most other Unix-like operating -systems, but only the first 8 characters of any password will be recognised. -The MD5, Blowfish and SHA1 schemes allow for longer passwords, and some would -argue that it's more secure. - -If you have a network and intend to use NIS, please bear in mind the -capabilities of other machines on your network. - -If you are upgrading and would like to keep configuration unchanged, -choose the last option "do not change". -} - message swapactive {The disk that you selected has a swap partition that may currently be in use if your system is low on memory. Because you are going to @@ -940,12 +924,6 @@ message Skip_group {Skip set group} message Abandon {Abandon installation} message Abort_fetch {Abort fetch} -message Password_cipher {Password cipher} -message DES {DES} -message MD5 {MD5} -message Blowfish_2_7_round {Blowfish 2^7 round} -message SHA1 {SHA1} -message do_not_change {do not change} message Device {Device} message File_system {File system} message Select_IPv6_DNS_server { Select IPv6 DNS server} Index: src/distrib/utils/sysinst/msg.mi.es diff -u src/distrib/utils/sysinst/msg.mi.es:1.29 src/distrib/utils/sysinst/msg.mi.es:1.30 --- src/distrib/utils/sysinst/msg.mi.es:1.29 Tue Mar 30 20:09:25 2010 +++ src/distrib/utils/sysinst/msg.mi.es Sat Dec 4 14:57:56 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: msg.mi.es,v 1.29 2010/03/30 20:09:25 martin Exp $ */ +/* $NetBSD: msg.mi.es,v 1.30 2010/12/04 14:57:56 jmmv Exp $ */ /* * Copyright 1997 Piermont Information Systems Inc. @@ -855,23 +855,6 @@ message tz_back { Volver a la lista principal de zonas horarias} -message choose_crypt -{Por favor, seleccione el algoritmo de cifrado de contraseñas a usar. -NetBSD puede ser configurado para usar los esquemas DES, MD5 o Blowfish. - -El esquema tradicional DES es compatible con la mayoría de los demás -sistemas operativos de tipo Unix, pero sólo se reconocerán los primeros 8 -carácteres de cualquier contraseña. -Los esquemas MD5 y Blowfish permiten contraseñas más largas, y algunos -aseguran que es más seguro. - -Si tiene una red y pretende usar NIS, por favor considere las capacidades -de otras máquinas en su red. - -Si está actualizando y le gustaria mantener la configuración sin cambios, -escoja la última opción «no cambiar». -} - message swapactive {El disco que ha seleccionado tiene una partición de intercambio (swap) que puede que esté en uso actualmente si su sistema tiene poca memoria. Como @@ -966,12 +949,6 @@ message Skip_group {Omitir grupo de conjuntos} message Abandon {Abandonar instalación} message Abort_fetch {Abortar lectura} -message Password_cipher {Cifrado de las contraseñas} -message DES {DES} -message MD5 {MD5} -message Blowfish_2_7_round {Blowfish 2^7 round} -message SHA1 {SHA1} -message do_not_change {no cambiar} message Device {Dispositivo} message File_system {Sistema de archivos} message Select_IPv6_DNS_server { Seleccione servidor DNS de IPv6} Index: src/distrib/utils/sysinst/msg.mi.fr diff -u src/distrib/utils/sysinst/msg.mi.fr:1.110 src/distrib/utils/sysinst/msg.mi.fr:1.111 --- src/distrib/utils/sysinst/msg.mi.fr:1.110 Tue Mar 30 20:09:25 2010 +++ src/distrib/utils/sysinst/msg.mi.fr Sat Dec 4 14:57:56 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: msg.mi.fr,v 1.110 2010/03/30 20:09:25 martin Exp $ */ +/* $NetBSD: msg.mi.fr,v 1.111 2010/12/04 14:57:56 jmmv Exp $ */ /* * Copyright 1997 Piermont Information Systems Inc. @@ -912,23 +912,6 @@ message tz_back { Retour à la liste principale des fuseaux horaires} -message choose_crypt -{ -Veuillez sélectionner le type de hachage des mots de passe. -NetBSD supporte DES, MD5, Blowfish et SHA1. - -DES est compatible avec la plupart des systèmes de type Unix mais ne -permet pas d'utiliser plus de huit caractères pour les mots de passe. -MD5, Blowfish et SHA1 permettent d'utiliser des mots de passe plus longs, -ce qui peut être plus sécurisé. - -Si votre réseau comporte NIS, veuillez vérifier la capacité des -autres machines composant ce dernier. - -Si vous effectuez une mise à jour et que vous souhaitez conserver la -configuration déjà existante, veuillez choisir "Ne rien changer". -} - message swapactive { Le disque sélectionné dispose d'une partition d'échange (swap) qui @@ -1032,12 +1015,6 @@ message Skip_group {Sauter ce groupe} message Abandon {Abandonner l'installation} message Abort_fetch {Annuler la récupération} -message Password_cipher {Chiffrement du mot de passe} -message DES {DES} -message MD5 {MD5} -message Blowfish_2_7_round {Blowfish à 2^7 rondes} -message SHA1 {SHA1} -message do_not_change {ne rien changer} message Device {Périphérique} message File_system {Système de fichiers} message Select_IPv6_DNS_server { Choisissez un serveur de noms IPv6 :} Index: src/distrib/utils/sysinst/msg.mi.pl diff -u src/distrib/utils/sysinst/msg.mi.pl:1.68 src/distrib/utils/sysinst/msg.mi.pl:1.69 --- src/distrib/utils/sysinst/msg.mi.pl:1.68 Tue Mar 30 20:09:25 2010 +++ src/distrib/utils/sysinst/msg.mi.pl Sat Dec 4 14:57:57 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: msg.mi.pl,v 1.68 2010/03/30 20:09:25 martin Exp $ */ +/* $NetBSD: msg.mi.pl,v 1.69 2010/12/04 14:57:57 jmmv Exp $ */ /* Based on english version: */ /* NetBSD: msg.mi.pl,v 1.36 2004/04/17 18:55:35 atatat Exp */ @@ -828,22 +828,6 @@ message tz_back {Powroc do glownej listy stref} -message choose_crypt -{Wybierz sposob szyfrowania hasel, ktorego chcesz uzywac. NetBSD moze korzystac -z DES, MD5 lub Blowfish. - -Tradycyjna metoda DES jest kompatybilna z wiekszoscia unixowych systemow -operacyjnych, ale wtedy tylko 8 pierwszych znakow w hasle jest rozpoznawanych. -Metody MD5 oraz Blowfish umozliwiaja dluzsze hasla, niektorzy uwazaja to za -bardziej bezpieczne. - -Jesli posiadasz siec oraz zamierasz korzystac z NIS, pamietaj o mozliwosciach -maszyn w twojej sieci i wynikajacych stad ograniczeniach. - -Jezeli uaktualniasz swoj system i nie chcesz, aby zostaly dokonane zmiany w -konfiguracji, wybierz ostatnia opcje "nie zmieniaj". -} - message swapactive {Dysk, ktory wybrales posiada partycje wymiany, ktora moze byc aktualnie w uzyciu jesli twoj system ma malo pamieci. Poniewaz chcesz zmienic uklad @@ -933,12 +917,6 @@ message Skip_group {Pomin grupe pakietow} message Abandon {Przerwij instalacje} message Abort_fetch {Przerwij pobieranie} -message Password_cipher {Kodowanie hasel} -message DES {DES} -message MD5 {MD5} -message Blowfish_2_7_round {Blowfish 2^7 round} -message SHA1 {SHA1} -message do_not_change {nie zmieniaj} message Device {Urzadzenie} message File_system {SystemPlikow} message Select_IPv6_DNS_server { Wybierz serwer nazw IPv6} Index: src/distrib/utils/sysinst/util.c diff -u src/distrib/utils/sysinst/util.c:1.165 src/distrib/utils/sysinst/util.c:1.166 --- src/distrib/utils/sysinst/util.c:1.165 Mon Apr 5 22:53:02 2010 +++ src/distrib/utils/sysinst/util.c Sat Dec 4 14:57:57 2010 @@ -1,4 +1,4 @@ -/* $NetBSD: util.c,v 1.165 2010/04/05 22:53:02 martin Exp $ */ +/* $NetBSD: util.c,v 1.166 2010/12/04 14:57:57 jmmv Exp $ */ /* * Copyright 1997 Piermont Information Systems Inc. @@ -1354,41 +1354,6 @@ return 1; } -static -void -replace_crypt_type(const char *localcipher, const char *ypcipher) -{ - - replace("/etc/passwd.conf", "s/^.*default:.*$/default:/;" - "s/^.*localcipher.*$/\tlocalcipher = %s/;" - "s/^.*ypcipher.*$/\typcipher = %s/", localcipher, ypcipher); -} - -void -set_crypt_type(void) -{ - - msg_display(MSG_choose_crypt); - process_menu(MENU_crypttype, NULL); - - switch (yesno) { - case 0: - break; - case 1: /* DES */ - replace_crypt_type("old", "old"); - break; - case 2: /* MD5 */ - replace_crypt_type("md5", "md5"); - break; - case 3: /* blowfish 2^7 */ - replace_crypt_type("blowfish,7", "blowfish,7"); - break; - case 4: /* sha1 */ - replace_crypt_type("sha1", "sha1"); - break; - } -} - int set_root_password(void) {