From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/1792
Path: news.gmane.org!not-for-mail
From: Rich Felker <dalias@aerifal.cx>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: Help-wanted tasks for musl
Date: Wed, 29 Aug 2012 13:01:32 -0400
Message-ID: <20120829170132.GY27715@brightrain.aerifal.cx>
References: <20120819172921.GF16602@port70.net>
 <20120820005128.GB27715@brightrain.aerifal.cx>
 <20120820013502.GG16602@port70.net>
 <20120820013950.GC27715@brightrain.aerifal.cx>
 <20120820015854.GH16602@port70.net>
 <20120820021223.GE27715@brightrain.aerifal.cx>
 <20120828200942.GF1104@port70.net>
 <20120828233506.GG1104@port70.net>
 <20120829143012.GT27715@brightrain.aerifal.cx>
 <20120829151459.GJ1104@port70.net>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: ger.gmane.org 1346259580 19729 80.91.229.3 (29 Aug 2012 16:59:40 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 29 Aug 2012 16:59:40 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-1793-gllmg-musl=m.gmane.org@lists.openwall.com Wed Aug 29 18:59:41 2012
Return-path: <musl-return-1793-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@plane.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-1793-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1T6lcA-0001ZQ-Ez
	for gllmg-musl@plane.gmane.org; Wed, 29 Aug 2012 18:59:38 +0200
Original-Received: (qmail 11684 invoked by uid 550); 29 Aug 2012 16:59:36 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 11676 invoked from network); 29 Aug 2012 16:59:36 -0000
Content-Disposition: inline
In-Reply-To: <20120829151459.GJ1104@port70.net>
User-Agent: Mutt/1.5.21 (2010-09-15)
Xref: news.gmane.org gmane.linux.lib.musl.general:1792
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/1792>

On Wed, Aug 29, 2012 at 05:14:59PM +0200, Szabolcs Nagy wrote:
> * Rich Felker <dalias@aerifal.cx> [2012-08-29 10:30:12 -0400]:
> > see the attached for my proposed changes.
> > 
> 
> looks ok
> 
> > /* key limit is not part of the original design, added for DoS protection */
> > #define KEY_MAX 256
> > #define SALT_MAX 16
> > #define ROUNDS_DEFAULT 5000
> > #define ROUNDS_MIN 1000
> > #define ROUNDS_MAX 999999
> > 
> 
> i'd add a comment like
> 
> /* max rounds limit is lower than in the reference */

Committed. I also put strict rounds count checks in place for the
existing hashes. Previously the only limit was on blowfish where the
limit kept the runtime down to minutes instead of months/years, but
that was of little practical benefit. Anyone who thinks the limits are
too low/too high/whatever is welcome to bikeshed this...

Rich