Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 4 Jun 2011 18:47:45 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: John 1.7.7-jumbo-5

Jim -

On Fri, Jun 03, 2011 at 12:19:57PM -0500, jfoug wrote:
> I am FAR from tied to the changes I made to many formats to get J-5 properly
> working on the Sparc64 system.  If all that is involved is to tiny_alloc an
> aligned buffer at the start of self test, and then to memcpy from the data
> return of fmt->binary() into this buffer, and doing this removes the crash
> problems, then I will look at making that change, and rolling back the
> changes for the alignment crashes I was getting.  I do not have any time
> today to look into this, and to test the roll backs, but if this gets john
> to work properly, and keeps the original requirements (which there were no
> requirements), then I am all for it.

I reviewed the code more closely, and it appears to be a little bit
trickier than that.  Besides the self-tests, loader.c passes binary()'s
returned pointer directly into binary_hash[]() functions:

		binary = format->methods.binary(piece);
		pw_hash = db->password_hash_func(binary);
...
	binary = format->methods.binary(ciphertext);
	hash = db->password_hash_func(binary);

So we'd need to patch these as well (and it might have slight
performance impact on the loader), or we need to stay with the changes
you made in 1.7.7-jumbo-5.

BTW, you patched mschapv2_split() as well - perhaps this was not needed -
you only needed to patch mschapv2_get_binary(), but not _split().

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ