FreeBSD Bugzilla – Attachment 85066 Details for
Bug 121146
[patch] adduser(8) produces defective blowfish cipher password hashes on FreeBSD 7.0-RC3 amd64 and i386
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
pw-salt-size.diff
pw-salt-size.diff (text/x-diff; charset=us-ascii), 941 bytes, created by
Jaakko Heinonen
on 2008-02-27 18:01:56 UTC
(
hide
)
Description:
pw-salt-size.diff
Filename:
MIME Type:
Creator:
Jaakko Heinonen
Created:
2008-02-27 18:01:56 UTC
Size:
941 bytes
patch
obsolete
>Index: pw_user.c >=================================================================== >RCS file: /home/ncvs/src/usr.sbin/pw/pw_user.c,v >retrieving revision 1.61 >diff -p -u -r1.61 pw_user.c >--- pw_user.c 30 Mar 2007 12:57:25 -0000 1.61 >+++ pw_user.c 27 Feb 2008 17:51:56 -0000 >@@ -1029,22 +1029,24 @@ pw_shellpolicy(struct userconf * cnf, st > return shell_path(cnf->shelldir, cnf->shells, sh ? sh : cnf->shell_default); > } > >+#define SALTSIZE 32 >+ > static char const chars[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ."; > > char * > pw_pwcrypt(char *password) > { > int i; >- char salt[12]; >+ char salt[SALTSIZE + 1]; > > static char buf[256]; > > /* > * Calculate a salt value > */ >- for (i = 0; i < 8; i++) >+ for (i = 0; i < SALTSIZE; i++) > salt[i] = chars[arc4random() % 63]; >- salt[i] = '\0'; >+ salt[SALTSIZE] = '\0'; > > return strcpy(buf, crypt(password, salt)); > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=85066">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 121146
: 85066