Date: Fri, 24 Oct 2014 11:18:42 -0500 From: Jim Pirzyk <pirzyk@freeBSD.org> To: Ronald Klop <ronald-lists@klop.ws> Cc: freebsd-stable@freebsd.org Subject: Re: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-14:11.crypt Message-ID: <23061782-21F6-4509-9362-2DAEED692F72@freeBSD.org> In-Reply-To: <op.xn8lzxyvkndu52@ronaldradial.radialsg.local> References: <201410222107.s9ML7nLC010739@freefall.freebsd.org> <F0DAE32B-34CF-4191-9070-A517ACDC6E2A@freeBSD.org> <op.xn8j96kqkndu52@ronaldradial.radialsg.local> <AC160955-2FEC-49FA-9E1F-B4DE948DCF00@freeBSD.org> <op.xn8lzxyvkndu52@ronaldradial.radialsg.local>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_33CE962D-51CE-43C8-BBCE-B40CAFA70727 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 That statement is really irrelevant because this is the submitter, what = was the crypt() behavior back in the 2.0 days? Did anyone in FreeBSD = verify this statement? Why was that behavior not restored, as opposed = to chaining the default encryption algorithm. If login.conf was lost, = mangled, etc in the old days, you would still get md5/sha1/=85/etc = encryption, now you just get DES. I think the security implications of this change should have required a = bigger review, like at least sign off from security-officer@freebsd.org If this was a POSIX compatibility issue, that should have been evaluated = and reviewed properly. It feels there were not enough eyes on this = change and if as you say this is not affected the default passwd = algorithm, that should have also been noted in the Errata note. - JimP On Oct 24, 2014, at 8:48 AM, Ronald Klop <ronald-lists@klop.ws> wrote: > Hi, >=20 > I have nothing to do with the actual coding, but please reread comment = 7 from the bug report: > 'This doesn't have anything common with system default password = encryption, this is realized using /etc/login.conf and applications like = passwd, etc.' >=20 > Regards, > Ronald. >=20 > On Fri, 24 Oct 2014 15:21:48 +0200, Jim Pirzyk <pirzyk@freebsd.org> = wrote: >=20 >> I think this should be reopened and reverted. This is the wrong = answer and has not taken into account the history of crypt() on FreeBSD. = I point you to the svn log: >>=20 >> http://svnweb.freebsd.org/base?view=3Drevision&revision=3D4246 >>=20 >> and >>=20 >> http://www.freebsd.org/releases/2.0/notes.html >>=20 >> If password security for FreeBSD is all you need, and you have no >> requirement for copying encrypted passwords from different hosts = (Suns, >> DEC machines, etc) into FreeBSD password entries, then FreeBSD's MD5 >> based security may be all you require! We feel that our default = security >> model is more than a match for DES, and without any messy export = issues >> to deal with. If you're outside (or even inside) the U.S., give it a = try! >>=20 >> We are reversing 20+ years of FreeBSD progress. >>=20 >> - JimP >>=20 >> On Oct 24, 2014, at 8:11 AM, Ronald Klop <ronald-lists@klop.ws> = wrote: >>=20 >>> See: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D192277 >>>=20 >>> Regards, >>> Ronald. >>>=20 >>> On Fri, 24 Oct 2014 13:14:20 +0200, Jim Pirzyk <pirzyk@freebsd.org> = wrote: >>>=20 >>>> Hi, >>>>=20 >>>> I was wondering if there is more information about this change? = FreeBSD changed the default away from DES to MD5 back in the 1.1.5 -> = 2.0 transition. It seems to me a downgrade and rewarding bad = programming to be changing back to DES now. Also the proper course of = action is to correct programs that make the wrong assumption about what = crypt() changes. >>>>=20 >>>> Thanks >>>>=20 >>>> - JimP >>>>=20 >>>> On Oct 22, 2014, at 4:07 PM, FreeBSD Errata Notices = <errata-notices@freebsd.org> wrote: >>>>=20 >>>>> Signed PGP part >>>>> = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D >>>>> FreeBSD-EN-14:11.crypt = Errata Notice >>>>> The = FreeBSD Project >>>>>=20 >>>>> Topic: crypt(3) default hashing algorithm >>>>>=20 >>>>> Category: core >>>>> Module: libcrypt >>>>> Announced: 2014-10-22 >>>>> Affects: FreeBSD 9.3 and FreeBSD 10.0-STABLE after = 2014-05-11 and >>>>> before 2014-10-16. >>>>> Corrected: 2014-10-13 15:56:47 UTC (stable/10, = 10.1-PRERELEASE) >>>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-RC3) >>>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-RC2-p2) >>>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-RC1-p2) >>>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-BETA3-p2) >>>>> 2014-10-21 21:09:54 UTC (stable/9, 9.3-STABLE) >>>>> 2014-10-21 23:50:46 UTC (releng/9.3, 9.3-RELEASE-p4) >>>>>=20 >>>>> For general information regarding FreeBSD Errata Notices and = Security >>>>> Advisories, including descriptions of the fields above, security >>>>> branches, and the following sections, please visit >>>>> <URL:http://security.freebsd.org/>. >>>>>=20 >>>>> I. Background >>>>>=20 >>>>> The crypt(3) function performs password hashing. Different = algorithms >>>>> of varying strength are available, with older, weaker algorithms = being >>>>> retained for compatibility. >>>>>=20 >>>>> The crypt(3) function was originally based on the DES encryption >>>>> algorithm and generated a 13-character hash from an = eight-character >>>>> password (longer passwords were truncated) and a two-character = salt. >>>>>=20 >>>>> II. Problem Description >>>>>=20 >>>>> In recent FreeBSD releases, the default algorithm for crypt(3) was >>>>> changed to SHA-512, which generates a much longer hash than the >>>>> traditional DES-based algorithm. >>>>>=20 >>>>> III. Impact >>>>>=20 >>>>> Many applications assume that crypt(3) always returns a = traditional DES >>>>> hash, and blindly copy it into a short buffer without bounds = checks. This >>>>> may lead to a variety of undesirable results including, at worst, = crashing >>>>> the application. >>>>>=20 >>>>> IV. Workaround >>>>>=20 >>>>> No workaround is available. >>>>>=20 >>>>> V. Solution >>>>>=20 >>>>> Perform one of the following: >>>>>=20 >>>>> 1) Upgrade your system to a supported FreeBSD stable or release / = security >>>>> branch (releng) dated after the correction date. >>>>>=20 >>>>> 2) To update your present system via a source code patch: >>>>>=20 >>>>> The following patches have been verified to apply to the = applicable >>>>> FreeBSD release branches. >>>>>=20 >>>>> a) Download the relevant patch from the location below, and verify = the >>>>> detached PGP signature using your PGP utility. >>>>>=20 >>>>> # fetch http://security.FreeBSD.org/patches/EN-14:11/crypt.patch >>>>> # fetch = http://security.FreeBSD.org/patches/EN-14:11/crypt.patch.asc >>>>> # gpg --verify crypt.patch.asc >>>>>=20 >>>>> b) Apply the patch. Execute the following commands as root: >>>>>=20 >>>>> # cd /usr/src >>>>> # patch < /path/to/patch >>>>>=20 >>>>> c) Recompile the operating system using buildworld and = installworld as >>>>> described in <URL:http://www.FreeBSD.org/handbook/makeworld.html>. >>>>>=20 >>>>> Restart all deamons using the library, or reboot the system. >>>>>=20 >>>>> 3) To update your system via a binary patch: >>>>>=20 >>>>> Systems running a RELEASE version of FreeBSD on the i386 or amd64 >>>>> platforms can be updated via the freebsd-update(8) utility: >>>>>=20 >>>>> # freebsd-update fetch >>>>> # freebsd-update install >>>>>=20 >>>>> VI. Correction details >>>>>=20 >>>>> The following list contains the revision numbers of each file that = was >>>>> corrected in FreeBSD. >>>>>=20 >>>>> Branch/path = Revision >>>>> = ------------------------------------------------------------------------- >>>>> stable/9/ = r273425 >>>>> releng/9.3/ = r273438 >>>>> stable/10/ = r273043 >>>>> releng/10.1/ = r273187 >>>>> = ------------------------------------------------------------------------- >>>>>=20 >>>>> To see which files were modified by a particular revision, run the >>>>> following command, replacing NNNNNN with the revision number, on a >>>>> machine with Subversion installed: >>>>>=20 >>>>> # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base >>>>>=20 >>>>> Or visit the following URL, replacing NNNNNN with the revision = number: >>>>>=20 >>>>> <URL:http://svnweb.freebsd.org/base?view=3Drevision&revision=3DNNNNN= N> >>>>>=20 >>>>> VII. References >>>>>=20 >>>>> The latest revision of this Errata Notice is available at >>>>> http://security.FreeBSD.org/advisories/FreeBSD-EN-14:11.crypt.asc >>>>>=20 >>>>> _______________________________________________ >>>>> freebsd-announce@freebsd.org mailing list >>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-announce >>>>> To unsubscribe, send any mail to = "freebsd-announce-unsubscribe@freebsd.org" >>>>=20 >>>> --- @(#) $Id: dot.signature,v 1.15 2007/12/27 15:06:13 pirzyk Exp $ >>>> __o jim@pirzyk.org = -------------------------------------------------- >>>> _'\<,_ >>>> (*)/ (*) I'd rather be out biking. >>=20 >> --- @(#) $Id: dot.signature,v 1.15 2007/12/27 15:06:13 pirzyk Exp $ >> __o jim@pirzyk.org = -------------------------------------------------- >> _'\<,_ >> (*)/ (*) I'd rather be out biking. --- @(#) $Id: dot.signature,v 1.15 2007/12/27 15:06:13 pirzyk Exp $ __o jim@pirzyk.org = -------------------------------------------------- _'\<,_ (*)/ (*) I'd rather be out biking. --Apple-Mail=_33CE962D-51CE-43C8-BBCE-B40CAFA70727 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iFcDBQFUSnvp+2AFq07nokoRCKVjAQCrJnCdSrLlL9QRfVjejAUcpwYnf34XGTre F+YMp1DVJwEA6rKcd7HONwYUbQ/fRfdYrfIAqDmqy1yE5n6uvuHWKls= =e/mR -----END PGP SIGNATURE----- --Apple-Mail=_33CE962D-51CE-43C8-BBCE-B40CAFA70727--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?23061782-21F6-4509-9362-2DAEED692F72>