|
Message-ID: <20120829143012.GT27715@brightrain.aerifal.cx>
Date: Wed, 29 Aug 2012 10:30:12 -0400
From: Rich Felker <dalias@...ifal.cx>
To: musl@...ts.openwall.com
Subject: Re: Help-wanted tasks for musl
On Wed, Aug 29, 2012 at 01:35:06AM +0200, Szabolcs Nagy wrote:
> * Szabolcs Nagy <nsz@...t70.net> [2012-08-28 22:09:42 +0200]:
> > * Rich Felker <dalias@...ifal.cx> [2012-08-19 22:12:23 -0400]:
> > > On Mon, Aug 20, 2012 at 03:58:54AM +0200, Szabolcs Nagy wrote:
> > > > sha and md5 crypt does not decode the salt
> > > > it is directly passed to a hash function
> > >
> > > Ah, that makes it uglier then, because presumably some of these
> > > malformed things you mentioned are "valid" salt.
> > >
> >
> > i modified my sha crypt implementation so it is very strict
> > about the rounds= part of the salt and checks for key length
> >
>
> removed the unrolling, modified key limit and added salt check:
see the attached for my proposed changes.
rich
View attachment "crypt_sha256.c" of type "text/plain" (8585 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.