From owner-freebsd-stable@FreeBSD.ORG Fri Oct 24 16:18:59 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 48B6CA23 for ; Fri, 24 Oct 2014 16:18:59 +0000 (UTC) Received: from m2j4.x.rootbsd.net (pirzyk.org [IPv6:2607:fc50:1:5900:216:3eff:fe10:3498]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 03F4BA5D for ; Fri, 24 Oct 2014 16:18:58 +0000 (UTC) Received: from [192.168.1.126] (c-50-165-9-144.hsd1.il.comcast.net [50.165.9.144]) (authenticated bits=0) by m2j4.x.rootbsd.net (8.14.7/8.14.7) with ESMTP id s9OGInSh075330 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Fri, 24 Oct 2014 11:18:51 -0500 (CDT) (envelope-from pirzyk@freeBSD.org) Content-Type: multipart/signed; boundary="Apple-Mail=_33CE962D-51CE-43C8-BBCE-B40CAFA70727"; protocol="application/pgp-signature"; micalg=pgp-sha256 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-14:11.crypt From: Jim Pirzyk In-Reply-To: Date: Fri, 24 Oct 2014 11:18:42 -0500 Message-Id: <23061782-21F6-4509-9362-2DAEED692F72@freeBSD.org> References: <201410222107.s9ML7nLC010739@freefall.freebsd.org> To: Ronald Klop X-Mailer: Apple Mail (2.1878.6) X-Virus-Scanned: clamav-milter 0.98.4 at pirzyk.org X-Virus-Status: Clean X-Spam-Status: No, score=-0.9 required=8.0 tests=ALL_TRUSTED,TW_SV autolearn=unavailable autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on pirzyk.org Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Oct 2014 16:18:59 -0000 --Apple-Mail=_33CE962D-51CE-43C8-BBCE-B40CAFA70727 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 That statement is really irrelevant because this is the submitter, what = was the crypt() behavior back in the 2.0 days? Did anyone in FreeBSD = verify this statement? Why was that behavior not restored, as opposed = to chaining the default encryption algorithm. If login.conf was lost, = mangled, etc in the old days, you would still get md5/sha1/=85/etc = encryption, now you just get DES. I think the security implications of this change should have required a = bigger review, like at least sign off from security-officer@freebsd.org If this was a POSIX compatibility issue, that should have been evaluated = and reviewed properly. It feels there were not enough eyes on this = change and if as you say this is not affected the default passwd = algorithm, that should have also been noted in the Errata note. - JimP On Oct 24, 2014, at 8:48 AM, Ronald Klop wrote: > Hi, >=20 > I have nothing to do with the actual coding, but please reread comment = 7 from the bug report: > 'This doesn't have anything common with system default password = encryption, this is realized using /etc/login.conf and applications like = passwd, etc.' >=20 > Regards, > Ronald. >=20 > On Fri, 24 Oct 2014 15:21:48 +0200, Jim Pirzyk = wrote: >=20 >> I think this should be reopened and reverted. This is the wrong = answer and has not taken into account the history of crypt() on FreeBSD. = I point you to the svn log: >>=20 >> http://svnweb.freebsd.org/base?view=3Drevision&revision=3D4246 >>=20 >> and >>=20 >> http://www.freebsd.org/releases/2.0/notes.html >>=20 >> If password security for FreeBSD is all you need, and you have no >> requirement for copying encrypted passwords from different hosts = (Suns, >> DEC machines, etc) into FreeBSD password entries, then FreeBSD's MD5 >> based security may be all you require! We feel that our default = security >> model is more than a match for DES, and without any messy export = issues >> to deal with. If you're outside (or even inside) the U.S., give it a = try! >>=20 >> We are reversing 20+ years of FreeBSD progress. >>=20 >> - JimP >>=20 >> On Oct 24, 2014, at 8:11 AM, Ronald Klop = wrote: >>=20 >>> See: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D192277 >>>=20 >>> Regards, >>> Ronald. >>>=20 >>> On Fri, 24 Oct 2014 13:14:20 +0200, Jim Pirzyk = wrote: >>>=20 >>>> Hi, >>>>=20 >>>> I was wondering if there is more information about this change? = FreeBSD changed the default away from DES to MD5 back in the 1.1.5 -> = 2.0 transition. It seems to me a downgrade and rewarding bad = programming to be changing back to DES now. Also the proper course of = action is to correct programs that make the wrong assumption about what = crypt() changes. >>>>=20 >>>> Thanks >>>>=20 >>>> - JimP >>>>=20 >>>> On Oct 22, 2014, at 4:07 PM, FreeBSD Errata Notices = wrote: >>>>=20 >>>>> Signed PGP part >>>>> = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D >>>>> FreeBSD-EN-14:11.crypt = Errata Notice >>>>> The = FreeBSD Project >>>>>=20 >>>>> Topic: crypt(3) default hashing algorithm >>>>>=20 >>>>> Category: core >>>>> Module: libcrypt >>>>> Announced: 2014-10-22 >>>>> Affects: FreeBSD 9.3 and FreeBSD 10.0-STABLE after = 2014-05-11 and >>>>> before 2014-10-16. >>>>> Corrected: 2014-10-13 15:56:47 UTC (stable/10, = 10.1-PRERELEASE) >>>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-RC3) >>>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-RC2-p2) >>>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-RC1-p2) >>>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-BETA3-p2) >>>>> 2014-10-21 21:09:54 UTC (stable/9, 9.3-STABLE) >>>>> 2014-10-21 23:50:46 UTC (releng/9.3, 9.3-RELEASE-p4) >>>>>=20 >>>>> For general information regarding FreeBSD Errata Notices and = Security >>>>> Advisories, including descriptions of the fields above, security >>>>> branches, and the following sections, please visit >>>>> . >>>>>=20 >>>>> I. Background >>>>>=20 >>>>> The crypt(3) function performs password hashing. Different = algorithms >>>>> of varying strength are available, with older, weaker algorithms = being >>>>> retained for compatibility. >>>>>=20 >>>>> The crypt(3) function was originally based on the DES encryption >>>>> algorithm and generated a 13-character hash from an = eight-character >>>>> password (longer passwords were truncated) and a two-character = salt. >>>>>=20 >>>>> II. Problem Description >>>>>=20 >>>>> In recent FreeBSD releases, the default algorithm for crypt(3) was >>>>> changed to SHA-512, which generates a much longer hash than the >>>>> traditional DES-based algorithm. >>>>>=20 >>>>> III. Impact >>>>>=20 >>>>> Many applications assume that crypt(3) always returns a = traditional DES >>>>> hash, and blindly copy it into a short buffer without bounds = checks. This >>>>> may lead to a variety of undesirable results including, at worst, = crashing >>>>> the application. >>>>>=20 >>>>> IV. Workaround >>>>>=20 >>>>> No workaround is available. >>>>>=20 >>>>> V. Solution >>>>>=20 >>>>> Perform one of the following: >>>>>=20 >>>>> 1) Upgrade your system to a supported FreeBSD stable or release / = security >>>>> branch (releng) dated after the correction date. >>>>>=20 >>>>> 2) To update your present system via a source code patch: >>>>>=20 >>>>> The following patches have been verified to apply to the = applicable >>>>> FreeBSD release branches. >>>>>=20 >>>>> a) Download the relevant patch from the location below, and verify = the >>>>> detached PGP signature using your PGP utility. >>>>>=20 >>>>> # fetch http://security.FreeBSD.org/patches/EN-14:11/crypt.patch >>>>> # fetch = http://security.FreeBSD.org/patches/EN-14:11/crypt.patch.asc >>>>> # gpg --verify crypt.patch.asc >>>>>=20 >>>>> b) Apply the patch. Execute the following commands as root: >>>>>=20 >>>>> # cd /usr/src >>>>> # patch < /path/to/patch >>>>>=20 >>>>> c) Recompile the operating system using buildworld and = installworld as >>>>> described in . >>>>>=20 >>>>> Restart all deamons using the library, or reboot the system. >>>>>=20 >>>>> 3) To update your system via a binary patch: >>>>>=20 >>>>> Systems running a RELEASE version of FreeBSD on the i386 or amd64 >>>>> platforms can be updated via the freebsd-update(8) utility: >>>>>=20 >>>>> # freebsd-update fetch >>>>> # freebsd-update install >>>>>=20 >>>>> VI. Correction details >>>>>=20 >>>>> The following list contains the revision numbers of each file that = was >>>>> corrected in FreeBSD. >>>>>=20 >>>>> Branch/path = Revision >>>>> = ------------------------------------------------------------------------- >>>>> stable/9/ = r273425 >>>>> releng/9.3/ = r273438 >>>>> stable/10/ = r273043 >>>>> releng/10.1/ = r273187 >>>>> = ------------------------------------------------------------------------- >>>>>=20 >>>>> To see which files were modified by a particular revision, run the >>>>> following command, replacing NNNNNN with the revision number, on a >>>>> machine with Subversion installed: >>>>>=20 >>>>> # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base >>>>>=20 >>>>> Or visit the following URL, replacing NNNNNN with the revision = number: >>>>>=20 >>>>> >>>>>=20 >>>>> VII. References >>>>>=20 >>>>> The latest revision of this Errata Notice is available at >>>>> http://security.FreeBSD.org/advisories/FreeBSD-EN-14:11.crypt.asc >>>>>=20 >>>>> _______________________________________________ >>>>> freebsd-announce@freebsd.org mailing list >>>>> http://lists.freebsd.org/mailman/listinfo/freebsd-announce >>>>> To unsubscribe, send any mail to = "freebsd-announce-unsubscribe@freebsd.org" >>>>=20 >>>> --- @(#) $Id: dot.signature,v 1.15 2007/12/27 15:06:13 pirzyk Exp $ >>>> __o jim@pirzyk.org = -------------------------------------------------- >>>> _'\<,_ >>>> (*)/ (*) I'd rather be out biking. >>=20 >> --- @(#) $Id: dot.signature,v 1.15 2007/12/27 15:06:13 pirzyk Exp $ >> __o jim@pirzyk.org = -------------------------------------------------- >> _'\<,_ >> (*)/ (*) I'd rather be out biking. --- @(#) $Id: dot.signature,v 1.15 2007/12/27 15:06:13 pirzyk Exp $ __o jim@pirzyk.org = -------------------------------------------------- _'\<,_ (*)/ (*) I'd rather be out biking. --Apple-Mail=_33CE962D-51CE-43C8-BBCE-B40CAFA70727 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iFcDBQFUSnvp+2AFq07nokoRCKVjAQCrJnCdSrLlL9QRfVjejAUcpwYnf34XGTre F+YMp1DVJwEA6rKcd7HONwYUbQ/fRfdYrfIAqDmqy1yE5n6uvuHWKls= =e/mR -----END PGP SIGNATURE----- --Apple-Mail=_33CE962D-51CE-43C8-BBCE-B40CAFA70727--