Re: Todo for release?

mailing list of musl libc
 help / color / mirror / code / Atom feed

From: Rich Felker <dalias@aerifal.cx>
To: musl@lists.openwall.com
Subject: Re: Todo for release?
Date: Mon, 13 Aug 2012 22:58:05 -0400	[thread overview]
Message-ID: <20120814025805.GE27715@brightrain.aerifal.cx> (raw)
In-Reply-To: <20120814024903.GA10188@openwall.com>

On Tue, Aug 14, 2012 at 06:49:03AM +0400, Solar Designer wrote:
> > If this issue is as simple to solve as it sounds, it might make sense
> > to allow arbitrary key sizes. After all, programs that could be DoS'd
> > by long keys are already going to be limiting key length themselves.
> 
> That's wishful thinking.

Are you sure? I haven't read the code lately, but I can't imagine any
login daemon is going to be calling realloc() in a loop to read an
arbitrarily long password before authentication. That just sounds
gratuitously broken (i.e. someone went out of their way to write
painful code that does nothing useful and makes their daemon
susceptible to DoS).

> > If time grew superlinearly in key length, I'd say it should definitely
> > be limited, but since the growth is just linear (the expected growth
> > rate for any interface that takes a string argument), I think it's
> > less clear what should be done.
> 
> Yes, it is not clear what should be done.

If it's a toss-up on whether we should limit key length for runtime
considerations, I might just go on a basis of how it affects code
complexity for handling long keys and thus still limit them.

> > something that can never match. By the way, would you agree that all
> > programs that generate new password hashes should do so by calling
> > crypt twice, the second time using the output of the first as the
> > setting/salt, and verify that the results match? This seems to be the
> > only safe/portable way to make sure you got a valid hash and not an
> > error.
> 
> This makes sense, yet it sounds overkill to me.  I'd simply check for
> hash && strlen(hash) >= 13.

Indeed, strlen(hash)>=13 is certainly a necessary condition, but is it
sufficient? I could imagine a hypothetical crypt implementation that
puts error messages in the unmatchable hash as a debugging aid to why
generating the hash failed, but I agree they probably don't exist.
Still, changing your password should not be a frequent action, so it
might make the most sense to do the check the way I suggested.

Rich

next prev parent reply	other threads:[~2012-08-14  2:58 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-08-13 18:53 Rich Felker
2012-08-13 21:31 ` Szabolcs Nagy
2012-08-13 21:53   ` Rich Felker
2012-08-13 22:06     ` Solar Designer
2012-08-14 15:02       ` Szabolcs Nagy
2012-08-15  0:30         ` Szabolcs Nagy
2012-08-13 22:20   ` Solar Designer
2012-08-14  1:46     ` Rich Felker
2012-08-14  2:13       ` Solar Designer
2012-08-14  2:35         ` Rich Felker
2012-08-14  2:49           ` Solar Designer
2012-08-14  2:58             ` Rich Felker [this message]
2012-08-14  3:35               ` Solar Designer
2012-08-14  4:49                 ` Rich Felker
2012-08-15  4:08 ` Rich Felker
2012-08-15  8:55   ` Daniel Cegiełka
2012-08-15 10:20     ` Szabolcs Nagy
2012-08-15 10:53       ` Daniel Cegiełka
2012-08-15 13:10         ` John Spencer
2012-08-15 13:23           ` Daniel Cegiełka
2012-08-15 13:32       ` Szabolcs Nagy
2012-08-15 14:36         ` Rich Felker
2012-08-17  9:49           ` Szabolcs Nagy
2012-08-17 12:10             ` Rich Felker
2012-08-22 17:45               ` Daniel Cegiełka
2012-08-22 18:57                 ` Rich Felker
2012-08-22 19:15                   ` Daniel Cegiełka
2012-08-22 20:24                   ` Richard Pennington
2012-08-22 22:44                     ` Rich Felker
2012-08-15 12:36     ` Rich Felker
2012-08-15 12:57   ` Luca Barbato
2012-08-15 14:34     ` Rich Felker
2012-08-15 18:28       ` Luca Barbato
2012-08-15 18:35         ` Rich Felker
2012-08-15 21:25         ` Rich Felker
2012-08-16 17:11           ` Luca Barbato
2012-08-15 13:27   ` Richard Pennington
2012-08-15 22:44 ` boris brezillon

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20120814025805.GE27715@brightrain.aerifal.cx \
    --to=dalias@aerifal.cx \
    --cc=musl@lists.openwall.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/musl/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).