Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 10 Jul 2009 02:50:21 +0400
From: Solar Designer <>
Subject: Re: patch for new john format: phpass (also works for phpBBv3)

On Thu, Jul 09, 2009 at 10:48:11AM -0500, JimF wrote:
> john- is released on 

Thanks!  I've placed this into the FTP contrib directory as well.

> This version adds salt hash, binary hashes and sets the copyright data to 
> be what was recommended.


I had another look at the code, and I see that you're doing some weird
stuff with strchr() calls on itoa64.  I recommend that you use
atoi64[ARCH_INDEX(...)] instead, and then you don't need the strchr()
calls.  Also, in phpassmd5_binary() you convert pointers, which may be
64-bit, to (unsigned), which is usually 32-bit.  Chances are that this
will work right anyway, because you only use pointer differences in the
end (so dropping the high 32 bits shouldn't affect the results), yet
this is wrong.  Switching to the use of atoi64[ARCH_INDEX(...)] will
eliminate the need for the pointer math anyway.

Thanks again,


P.S. Please don't over-quote when you post to the list.  I had to edit
almost all of your postings in the moderation queue, removing extra
quoting.  If you find yourself quoting the mailing list manager's
automated unsubscribe notice (which you did all the time you were
replying!), then you're definitely doing something wrong - and I won't
let such a posting through without having to edit the quoting first
(which I'd rather not be spending my time on).

To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.