Date: Tue, 16 Feb 2016 21:44:17 +0100 From: Szabolcs Nagy <nsz@...t70.net> To: musl@...ts.openwall.com Subject: Re: list of security features in musl * Rich Felker <dalias@...c.org> [2016-02-16 15:39:14 -0500]: > On Tue, Feb 16, 2016 at 08:44:35PM +0100, Szabolcs Nagy wrote: > > * Solar Designer <solar@...nwall.com> [2016-02-16 20:45:32 +0300]: > > > On Thu, Feb 11, 2016 at 08:11:19PM +0100, Szabolcs Nagy wrote: > > > > - about 'security feature lists': > > > > the fedora project lists 'sha256 based passwd hash' in glibc > > > > as a security feature, that implementation is > > > > - a denial of service attack vector (computation depends on > > > > key length more than the admin controlled round count). > > > > - arch dependent(!), one can craft a passwd entry such that > > > > only 32bit machines can log in. > > > > > > What do you mean here? 32-bit overflow/wraparound with very high > > > rounds= specification? > > > > > > > no, > > > > rounds setting is specified in terms of strtoul which has > > saturating semantics so large values are not a problem > > (and out of range values are clamped into [1000,999999999]). > > > > but negative values are accepted by strtoul with different > > meaning on 32 vs 64bit systems (wraparound). > > (e.g. rounds=-4294967295 is clamped to 1000 vs 999999999). > > > > of course arch dependent output is not a useful property > > for a pbkdf so musl rejects negative rounds settings. > > http://git.musl-libc.org/cgit/musl/tree/src/crypt/crypt_sha256.c#n211 > > > > Rich, > > it seems musl has the wrong ROUNDS_MAX setting, do you > > mind adding two more 9s there: > > http://git.musl-libc.org/cgit/musl/commit/?id=aeaceb1fa89b865eb0bca739da9c450b5a054866 > > to follow the official spec: > > https://www.akkadia.org/drepper/SHA-crypt.txt > > (or reject large rounds so we don't generate non-portable hashes) > > The intent was to preclude extreme-DoS-range values of rounds, but > clamping is the wrong behavior to achieve that. Instead we should just > return 0 (fail the operation) if the value is greater than our > ROUNDS_MAX. Does that sound ok? > ok > Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.