|
Message-ID: <ca36255a755961a0d682d5db2a830b30@smtp.hushmail.com> Date: Thu, 01 May 2014 11:50:32 +0200 From: magnum <john.magnum@...hmail.com> To: john-dev@...ts.openwall.com Subject: Re: hmacSHA256_fmt.c in john-1.7.9-jumbo-7 - allow long salts On 2014-05-01 11:00, Colm O'Flaherty wrote: > Fair points.. I followed the guidance at > http://openwall.info/wiki/how-to-make-patches (linked from > http://openwall.info/wiki/) > > Can I suggest that someone updates the recommended practice, as documented > on that page, so new people know the score? I did that right after sending but that page still barely mentions that we use GitHub nowadays (for Jumbo, that is. Someone could want to send a patch for core John and that's another thing). > I wasn't aware that 125 was the global max for the key, since it was being > used as hardcoded value. That was also based on ignorance my my part. I > initially reduced it to about 30 before realising that one of the test > cases failed because it had a long key, so I upped it back to 110, which > solved the problem. Maybe the best fix is for the code to use a constant > in this case, so the developer will know that they should not mess with it, > and so any change will have global effect. Yes, maybe we should add a macro in params.h. We do have PLAINTEXT_BUFFER_SIZE as 0x80 but that is gross size - it can be used in declarations but not in exact max tests. For some reason some other part of john pushes the usable part back a couple of bytes, to 125 instead of 127. > I've managed to avoid using Git to date (although I use it find source code > disclosure in web apps). Time for me to move into the next millennium, by > the sounds of it. It took me a while to get the hang of it but git is the best thing since sliced DES. If you're going to submit more stuff I recommend you create a GitHub account and fork the bleeding-jumbo branch of https://github.com/magnumripper/JohnTheRipper. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.