Bug 27775

Summary:

Too short salt of Blowfish of 4.3-STABLE

Product:

Base System

Reporter:

Yoshihiro Koya <Yoshihiro.Koya>

Component:

bin

Assignee:

Mark Murray <markm>

Status:

Closed FIXED

Severity:

Affects Only Me

Priority:

Normal

Version:

4.3-STABLE

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
file.diff	none

Description Yoshihiro Koya 2001-05-30 18:30:01 UTC

	Salt for blowfish generated by passwd(1) is too short.

Fix: local_passwd.c of rev. 1.27 seems to work well.
Please MFC.	
How-To-Repeat: 	Use passwd with blowfish hashing scheme.
  Then you would obtain something like
foo:$2a$04$wJnEuWLj..............OFE3dSydtf7u8rFWbuNGJ7rH0YNUYsW:1010:20::0:0:User &:/tmp:/bin/csh
  (The above user foo and his password is an experimental one. :-)

Comment 1 Doug Barton freebsd_committer

2001-05-31 08:43:24 UTC

Responsible Changed
From-To: freebsd-bugs->markm


He did the deed

Comment 2 Mark Murray freebsd_committer

2001-05-31 09:08:44 UTC

State Changed
From-To: open->closed

Committed, thanks!