|
 |
2de3ab |
From 234e8fa7b134d1ebabfdad980a3ae5b63c046c62 Mon Sep 17 00:00:00 2001
|
|
|
2de3ab |
From: Mike Gilbert <floppym@gentoo.org>
|
|
|
2de3ab |
Date: Sat, 14 Aug 2021 13:24:34 -0400
|
|
|
2de3ab |
Subject: [PATCH] libmisc: fix default value in SHA_get_salt_rounds()
|
|
|
2de3ab |
|
|
|
2de3ab |
If SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are both unspecified,
|
|
|
2de3ab |
use SHA_ROUNDS_DEFAULT.
|
|
|
2de3ab |
|
|
|
2de3ab |
Previously, the code fell through, calling shadow_random(-1, -1). This
|
|
|
2de3ab |
ultimately set rounds = (unsigned long) -1, which ends up being a very
|
|
|
2de3ab |
large number! This then got capped to SHA_ROUNDS_MAX later in the
|
|
|
2de3ab |
function.
|
|
|
2de3ab |
|
|
|
2de3ab |
The new behavior matches BCRYPT_get_salt_rounds().
|
|
|
2de3ab |
|
|
|
2de3ab |
Bug: https://bugs.gentoo.org/808195
|
|
|
2de3ab |
Fixes: https://github.com/shadow-maint/shadow/issues/393
|
|
|
2de3ab |
---
|
|
|
2de3ab |
libmisc/salt.c | 21 +++++++++++----------
|
|
|
2de3ab |
1 file changed, 11 insertions(+), 10 deletions(-)
|
|
|
2de3ab |
|
|
|
2de3ab |
diff --git a/libmisc/salt.c b/libmisc/salt.c
|
|
|
2de3ab |
index 91d528fd..30eefb9c 100644
|
|
|
2de3ab |
--- a/libmisc/salt.c
|
|
|
2de3ab |
+++ b/libmisc/salt.c
|
|
|
2de3ab |
@@ -223,20 +223,21 @@ static /*@observer@*/const unsigned long SHA_get_salt_rounds (/*@null@*/int *pre
|
|
|
2de3ab |
if ((-1 == min_rounds) && (-1 == max_rounds)) {
|
|
|
2de3ab |
rounds = SHA_ROUNDS_DEFAULT;
|
|
|
2de3ab |
}
|
|
|
2de3ab |
+ else {
|
|
|
2de3ab |
+ if (-1 == min_rounds) {
|
|
|
2de3ab |
+ min_rounds = max_rounds;
|
|
|
2de3ab |
+ }
|
|
|
2de3ab |
|
|
|
2de3ab |
- if (-1 == min_rounds) {
|
|
|
2de3ab |
- min_rounds = max_rounds;
|
|
|
2de3ab |
- }
|
|
|
2de3ab |
+ if (-1 == max_rounds) {
|
|
|
2de3ab |
+ max_rounds = min_rounds;
|
|
|
2de3ab |
+ }
|
|
|
2de3ab |
|
|
|
2de3ab |
- if (-1 == max_rounds) {
|
|
|
2de3ab |
- max_rounds = min_rounds;
|
|
|
2de3ab |
- }
|
|
|
2de3ab |
+ if (min_rounds > max_rounds) {
|
|
|
2de3ab |
+ max_rounds = min_rounds;
|
|
|
2de3ab |
+ }
|
|
|
2de3ab |
|
|
|
2de3ab |
- if (min_rounds > max_rounds) {
|
|
|
2de3ab |
- max_rounds = min_rounds;
|
|
|
2de3ab |
+ rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
|
|
|
2de3ab |
}
|
|
|
2de3ab |
-
|
|
|
2de3ab |
- rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
|
|
|
2de3ab |
} else if (0 == *prefered_rounds) {
|
|
|
2de3ab |
rounds = SHA_ROUNDS_DEFAULT;
|
|
|
2de3ab |
} else {
|
|
|
2de3ab |
--
|
|
|
2de3ab |
2.31.1
|
|
|
2de3ab |
|