Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 4 Jun 2011 10:21:07 -0500
From: "JFoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: Re: John 1.7.7-jumbo-5

----- Original Message ----- 
From: "Solar Designer" <solar@...nwall.com>
> I reviewed the code more closely, and it appears to be a little bit
> trickier than that.  Besides the self-tests, loader.c passes binary()'s
> returned pointer directly into binary_hash[]() functions:

I also dug into this.  I could remove many of the changes, but some were 
much more difficult.  Also, in self test, the return from salt is passed 
back to the formats unchanged, to the salt_hash.  That is another function 
that many formats do the typecast to integer size, and lop off the end, 
thus, will also require an aligned buffer.

> binary = format->methods.binary(piece);
> pw_hash = db->password_hash_func(binary);
> ...
> binary = format->methods.binary(ciphertext);
> hash = db->password_hash_func(binary);
>
> So we'd need to patch these as well (and it might have slight
> performance impact on the loader), or we need to stay with the changes
> you made in 1.7.7-jumbo-5.
>
> BTW, you patched mschapv2_split() as well - perhaps this was not needed -
> you only needed to patch mschapv2_get_binary(), but not _split().

Once I found the 'pattern' ,when I was working through the formats, I pretty 
much did the same for all.  If there was a static char[] or static uchar[], 
I changed that to a first time through alloc aligned pointer.  There may 
have been areas which were totally unwarranted.

Jim. 

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ