christos
6fa2277528
Revert putting a $ as the final character for blowfish. It is not required by
...
MCF and we want to be compatible.
2020-03-25 21:02:26 +00:00
christos
fd9ae3edee
Add missing trailing $ for blowfish
2020-03-25 18:36:29 +00:00
riastradh
1239c2bb08
Publish explicit_memset and consttime_memequal in userland libc.
...
Remove the double-underscore from the userland versions, and do the
weak alias dance instead, now that these are public parts of libc.
As discussed on tech-userlevel:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
(option 3)
2013-08-28 17:47:07 +00:00
riastradh
82db4b9858
Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
...
consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots,
so please let me know.
2013-06-24 04:21:19 +00:00
drochner
8588929dc5
Add "consttime_bcmp" and "explicit_bzero" functions for both kernel
...
abd userland, as proposed on tech-security, with explicit_bzero using
a volatile function pointer as suggested by Alan Barrett.
Both do what the name says. For userland, both are prefixed by "__"
to keep them out of the user namespace.
Change some memset/memcmp uses to the new functions where it makes
sense -- these are just some examples, more to come.
2012-08-30 12:16:48 +00:00
matt
f9113d007b
Use C89 functions definitions.
...
Remove use of __P
2012-03-21 05:33:26 +00:00
christos
3b47f52ce7
clamp length to 72 (73) characters.
2011-12-28 03:12:38 +00:00
christos
0d2c1e1b4f
- go back to returning NULL, we are going to wrap crypt instead.
...
- limit length of key to 253 to prevent truncation.
2011-12-27 23:33:41 +00:00
christos
671f563b75
we want to check against "*0" not "*\0"
2011-12-27 22:01:26 +00:00
christos
91160c96e4
Instead of returning ":" on error, return "*0" or "*1" which will always result
...
in logged password entries, even if the calling program decides to blindly
use them. Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3
2011-12-27 19:36:10 +00:00
christos
c9260d16b9
Return ":1" on error instead of ":", so that sloppy password creation programs
...
don't end up confusing libc or the other way around. From Solar Designer
2011-12-26 21:51:53 +00:00
drochner
ccdea5df98
-fix maximum length of salt (missing prefix, rounding error)
...
-clip number of rounds at 31 -- this is log2 of the real number,
and anything larger would break exponentation
-catch possible atoi() error where log2(rounds) is parsed in the
salt prefix
-zero crypto state on exit
from Open/FreeBSD
2011-05-16 10:45:56 +00:00
drochner
65b9988ba4
gently add some "const", and avoid some casts
...
compiles with WARNS=4 now (on i386 and alpha)
2006-10-27 19:39:11 +00:00
mlelstv
999ac788ac
don't segfault on NULL pointer if number of rounds is
...
not specified in passwd.conf.
2006-10-24 22:49:19 +00:00
christos
d205f30a4b
fix compile issue and de-lint
2005-01-12 05:27:35 +00:00
christos
3131ddcccc
- change the gensalt functions to take an optional string instead of
...
the number of rounds.
- make pw_gensalt() more generic, so that it does not depend in libutil.
2005-01-12 03:32:52 +00:00
christos
7724b89cd5
add local prototype for old salt function
2005-01-11 23:02:16 +00:00
christos
2c53ed1484
Write __gensalt_blowfish function that does not use static storage and
...
can return an error. Make the old bcrypt_gensalt() function use that.
XXX: should gc bcrypt_gensalt(). What uses it?
2005-01-11 22:39:21 +00:00
jdolecek
b91cb5be6c
add __RCSID()
2003-08-06 08:34:32 +00:00
thorpej
90099f5fe1
hrink the Blowfish routines down to only what we need for __bcrypt(),
...
and don't export any of the Blowfish functionality outside bcrypt.c.
2003-04-17 00:31:04 +00:00
itojun
c89c003ed2
support bcrypt password. can be chosen by "blowfish" keyword in passwd.conf.
...
from openbsd
2002-05-24 04:02:47 +00:00