FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F14.4 2023-08-16T17:54:42Z 2023-08-16T17:54:42Z Warner Losh imp@FreeBSD.org 2023-08-16T17:54:42Z urn:sha1:1d386b48a555f61cb7325543adbbb5c3f3407a66 Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/ 2023-08-16T17:54:16Z Warner Losh imp@FreeBSD.org 2023-08-16T17:54:16Z urn:sha1:b3e7694832e81d7a904a10f525f8797b753bf0d3 Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/ 2021-06-15T10:06:40Z Edward Tomasz Napierala trasz@FreeBSD.org 2021-06-15T10:04:11Z urn:sha1:7d681ad774f00cf06c4ef910add91e0f8a79f7ae This code was originally written for non-reentrant crypt(3). In 5f521d7ba72, a thread-safe crypt_r(3) was introduced. However, it looks like the DES implementation is still not re-entrant; routines like setup_salt() or des_setkey() still use global variables. Instead of something drastic, eg removing DES support altogether, just mark those variables as thread-local. This adds about 30kB of data per thread. Given that this only applies to DES, I think the impact is minimal. Reviewed By: markj Sponsored by: NetApp, Inc. Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D30674 2016-08-10T15:16:28Z Ed Schouten ed@FreeBSD.org 2016-08-10T15:16:28Z urn:sha1:5f521d7ba72145092ea23ff6081d8791ad6c1f9d glibc has a pretty nice function called crypt_r(3), which is nothing more than crypt(3), but thread-safe. It accomplishes this by introducing a 'struct crypt_data' structure that contains a buffer that is large enough to hold the resulting string. Let's go ahead and also add this function. It would be a shame if a useful function like this wouldn't be usable in multithreaded apps. Refactor crypt.c and all of the backends to no longer declare static arrays, but write their output in a provided buffer. There is no need to do any buffer length computation here, as we'll just need to ensure that 'struct crypt_data' is large enough, which it is. _PASSWORD_LEN is defined to 128 bytes, but in this case I'm picking 256, as this is going to be part of the actual ABI. Differential Revision: https://reviews.freebsd.org/D7306 2015-06-16T23:57:29Z Allan Jude allanjude@FreeBSD.org 2015-06-16T23:57:29Z urn:sha1:a3b20e50a92f92e15eaf191c1fd84f223f411043 crypt_blowfish and many implementations based on it (Apache, PHP, PostgreSQL) implemented $2y$ before OpenBSD went with $2b$. This changes marks them as equivalent. http://www.openwall.com/lists/announce/2011/07/17/1 This change is required for applications that use the base crypt() implementation (including nginx) to be able to validate $2y$ hashes Reviewed by: eadler Approved by: delphij MFC after: 1 week Relnotes: yes Sponsored by: ScaleEngine Inc. Differential Revision: https://reviews.freebsd.org/D2742 2014-05-14T00:50:31Z Xin LI delphij@FreeBSD.org 2014-05-14T00:50:31Z urn:sha1:185e05ee1a28a5fd897416874d5c71eb69198341 MFC after: 2 weeks Relnotes: default Blowfish crypt(3) format have been changed to $2b$. 2014-02-25T23:03:48Z Xin LI delphij@FreeBSD.org 2014-02-25T23:03:48Z urn:sha1:43e3038611943925a3a9560242b9218a68a8fb6f Notable changes: - Support of $2b$ password format to address a problem where very long passwords (more than 256 characters, when an integer overflow would happen and cause the length to wrap at 256). - Updated pseudo code in comments to reflect the reality. - Removed our local shortcut of processing magic string and rely on the centralized and tigntened validation. - Diff reduction from upstream. For now we are still generating the older $02a$ format of password but we will migrate to the new format once the format is formally finalized. MFC after: 1 month 2012-05-30T12:01:28Z Bjoern A. Zeeb bz@FreeBSD.org 2012-05-30T12:01:28Z urn:sha1:071183ef48062f3d4cd317aac2b7639dc2d70dc9 Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02] Security: FreeBSD-SA-12:01.openssl (revised) Security: FreeBSD-SA-12:02.crypt Approved by: so (bz, simon) 2012-02-22T01:23:14Z Kevin Lo kevlo@FreeBSD.org 2012-02-22T01:23:14Z urn:sha1:19ab58bfe3daf34d714195dcbd0f91e480924f7e Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3 2003-06-02T19:17:24Z Mark Murray markm@FreeBSD.org 2003-06-02T19:17:24Z urn:sha1:c8fa8e25d77016f36e63790f2ceccb90613ccb2e required to make crypt(3) blowfish "$2a$..." hashes. Lint and warnsify.