Date: Fri, 1 Dec 2000 02:44:59 -0800 (PST) From: andre@express.ru To: freebsd-gnats-submit@FreeBSD.org Subject: bin/23204: length of salt in crypt() is not the same as described in man 3 crypt Message-ID: <200012011044.eB1Aixj84532@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 23204
>Category: bin
>Synopsis: length of salt in crypt() is not the same as described in man 3 crypt
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Dec 01 02:50:01 PST 2000
>Closed-Date:
>Last-Modified:
>Originator: Andre Yelistratov
>Release: 4.2-STABLE
>Organization:
>Environment:
$uname -a
FreeBSD satan.express.ru 4.2-STABLE FreeBSD 4.2-STABLE #0: Fri Nov 24 22:20:30 MSK 2000 root@satan.express.ru:/usr/obj/usr/src/sys/SATAN i386
>Description:
man 3 crypt:
Modular crypt:
If the salt begins with the string $digit$ then the Modular Crypt Format
is used. The digit represents which algorithm is used in encryption.
Following the token is the actual salt to use in the encryption. The
length of the salt is limited to 16 characters--because the length of the
^^^^^^^^^^^^^^^^^^^^^
returned output is also limited (_PASSWORD_LEN). The salt must be termi-
nated with the end of the string (NULL) or a dollar sign. Any characters
after the dollar sign are ignored.
Currently supported algorithms are:
1 MD5
===========================================================
In reality length of salt is limited to 8 characters.
>How-To-Repeat:
$cat crp.c
#include <unistd.h>
#include <stdio.h>
main () {
char passwd[]="testpasswd";
char salt[]="$1$1234567890$";
char *hash;
hash = crypt(passwd, salt);
printf("%s\n", hash);
}
$cc -o crp crp.c -lcrypt
$./crp
$1$12345678$VYreJG4qkG1D4.4X8s6o41
>Fix:
--- crypt.h.orig Fri Dec 1 12:29:40 2000
+++ crypt.h Fri Dec 1 12:29:55 2000
@@ -29,6 +29,7 @@
/* magic sizes */
#define MD5_SIZE 16
+#define MD5_SALT_SIZE 16
char *crypt_des(const char *pw, const char *salt);
char *crypt_md5(const char *pw, const char *salt);
--- crypt-md5.c.orig Fri Dec 1 12:23:28 2000
+++ crypt-md5.c Fri Dec 1 12:30:26 2000
@@ -66,8 +66,8 @@
if(!strncmp(sp,magic,strlen(magic)))
sp += strlen(magic);
- /* It stops at the first '$', max 8 chars */
- for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++)
+ /* It stops at the first '$', max MD5_SALT_SIZE chars */
+ for(ep=sp;*ep && *ep != '$' && ep < (sp+MD5_SALT_SIZE);ep++)
continue;
/* get the length of the true salt */
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200012011044.eB1Aixj84532>