Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 22 Jun 2007 02:30:56 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Strange bug when testing --format=ssha

On Thu, Jun 21, 2007 at 11:26:26PM +0200, Frank Dittrich wrote:
> Benchmarking: Netscape LDAP SSHA MMX [salted SHA1]... FAILED (get_hash[0])

Yes, this thing is buggy.  I recall that prior to me adding the multi-
vs. single-salt benchmarks in -all-7, --test for this hash type would
succeed, but an actual cracking run would report self-test failure.
The generic code (non-MMX/SSE) for this hash type works fine.

I did not bother trying to get it debugged and fixed.  After all, it's
just a contributed patch (what a good excuse).

> Then I discovered that the test fails or succeeds depending on
> which of the two CPUs runs the test.
> If I run two tests in parallel, one of them fails,
> the other succeeds.

I cannot confirm this.  For me, the test fails or succeeds "randomly",
regardless of what CPU it runs on and whether there's another instance
running.  Sometimes both instances would fail, sometimes just one, and
in other cases both would succeed.  This is on a dual-P3 system with
Linux 2.4.34-ow1 (no address space layout randomization).  Also, I am
able to get the test to fail on a single-CPU system (P4 with no HT
running the 2.6.18-8.el5.028stab023 OpenVZ kernel built without SMP
support), although most of the time it succeeds.

> Since john runs a benchmark for many salts and for a single salt,
> I suspect the bug is triggered immediately after switching
> the number of salts to test.

Yes, this appears to be the case.

> Then I built the linux-x86-64 version on an Athlon 64 X2 machine.
...
> (On this box, it's harder to tell which of the CPUs is occupied,
> because they can't be clocked down individually.)

In "top" from procps 3.x, hit "f", then "j", then Enter.  For procps 2.x,
it's "y" instead of "j".  With either version, you can also use "s", "1",
Enter to have the process list updated every second.

> Any ideas what else I could test are welcome.

I'm afraid that this needs to be debugged for real.  Determine just what
and when starts to differ between successful and failed tests.

Thanks,

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ