Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 9 Feb 2013 05:02:39 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: sha512crypt formats matching salt detection bug

On Fri, Feb 08, 2013 at 10:58:32PM -0200, Claudio Andr? wrote:
> We do. But we obey this restriction.
> 
> 
> static void * get_salt(char *ciphertext) {
>     ...
>             srounds = srounds < ROUNDS_MIN ?
>                     ROUNDS_MIN : srounds;
>             out.rounds = srounds > ROUNDS_MAX ?
>                     ROUNDS_MAX : srounds;
>     ...
>     return &out;

Oh, I think we should drop that, at least for min - or we may simply set
our ROUNDS_MIN to 1.  We may also print a warning.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ