FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F13.5 2023-08-23T17:43:26Z 2023-08-23T17:43:26Z Warner Losh imp@FreeBSD.org 2023-08-22T01:31:41Z urn:sha1:3d497e17ebd33fe0f58d773e35ab994d750258d6 Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/ Similar commit in main: (cherry picked from commit 1d386b48a555) 2023-08-23T17:43:21Z Warner Losh imp@FreeBSD.org 2023-08-22T01:31:07Z urn:sha1:17da660ad5b3b9cd90e164dd4dbb9beaa7203054 Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/ Similar commit in main: (cherry picked from commit b3e7694832e8) 2016-08-10T15:16:28Z Ed Schouten ed@FreeBSD.org 2016-08-10T15:16:28Z urn:sha1:5f521d7ba72145092ea23ff6081d8791ad6c1f9d glibc has a pretty nice function called crypt_r(3), which is nothing more than crypt(3), but thread-safe. It accomplishes this by introducing a 'struct crypt_data' structure that contains a buffer that is large enough to hold the resulting string. Let's go ahead and also add this function. It would be a shame if a useful function like this wouldn't be usable in multithreaded apps. Refactor crypt.c and all of the backends to no longer declare static arrays, but write their output in a provided buffer. There is no need to do any buffer length computation here, as we'll just need to ensure that 'struct crypt_data' is large enough, which it is. _PASSWORD_LEN is defined to 128 bytes, but in this case I'm picking 256, as this is going to be part of the actual ABI. Differential Revision: https://reviews.freebsd.org/D7306 2015-06-16T23:57:29Z Allan Jude allanjude@FreeBSD.org 2015-06-16T23:57:29Z urn:sha1:a3b20e50a92f92e15eaf191c1fd84f223f411043 crypt_blowfish and many implementations based on it (Apache, PHP, PostgreSQL) implemented $2y$ before OpenBSD went with $2b$. This changes marks them as equivalent. http://www.openwall.com/lists/announce/2011/07/17/1 This change is required for applications that use the base crypt() implementation (including nginx) to be able to validate $2y$ hashes Reviewed by: eadler Approved by: delphij MFC after: 1 week Relnotes: yes Sponsored by: ScaleEngine Inc. Differential Revision: https://reviews.freebsd.org/D2742 2014-05-14T00:50:31Z Xin LI delphij@FreeBSD.org 2014-05-14T00:50:31Z urn:sha1:185e05ee1a28a5fd897416874d5c71eb69198341 MFC after: 2 weeks Relnotes: default Blowfish crypt(3) format have been changed to $2b$. 2014-02-25T23:03:48Z Xin LI delphij@FreeBSD.org 2014-02-25T23:03:48Z urn:sha1:43e3038611943925a3a9560242b9218a68a8fb6f Notable changes: - Support of $2b$ password format to address a problem where very long passwords (more than 256 characters, when an integer overflow would happen and cause the length to wrap at 256). - Updated pseudo code in comments to reflect the reality. - Removed our local shortcut of processing magic string and rely on the centralized and tigntened validation. - Diff reduction from upstream. For now we are still generating the older $02a$ format of password but we will migrate to the new format once the format is formally finalized. MFC after: 1 month 2012-05-30T12:01:28Z Bjoern A. Zeeb bz@FreeBSD.org 2012-05-30T12:01:28Z urn:sha1:071183ef48062f3d4cd317aac2b7639dc2d70dc9 Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02] Security: FreeBSD-SA-12:01.openssl (revised) Security: FreeBSD-SA-12:02.crypt Approved by: so (bz, simon) 2012-02-22T01:23:14Z Kevin Lo kevlo@FreeBSD.org 2012-02-22T01:23:14Z urn:sha1:19ab58bfe3daf34d714195dcbd0f91e480924f7e Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3 2003-06-02T19:17:24Z Mark Murray markm@FreeBSD.org 2003-06-02T19:17:24Z urn:sha1:c8fa8e25d77016f36e63790f2ceccb90613ccb2e required to make crypt(3) blowfish "$2a$..." hashes. Lint and warnsify. 2002-03-06T17:18:09Z Mark Murray markm@FreeBSD.org 2002-03-06T17:18:09Z urn:sha1:f2ac424af7b980ba4d858ecfd1644ce197d6869d