RepoMirrors
/
musl
mirror of git://git.musl-libc.org/musl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

limit sha512 rounds to similar runtime to sha256 limit 

these limits could definitely use review, but for now, i feel
consistency and erring on the side of preventing servers from getting
bogged down by excessively-slow user-provided settings (think
.htpasswd) are the best policy. blowfish should be updated to match.
This commit is contained in:
Rich Felker 2012-08-29 12:44:27 -04:00
parent 88bf5a8a8d
commit 507b6091fa
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/misc/crypt_sha512.c
View File

@ -193,7 +193,7 @@ static char *to64(char *s, unsigned int u, int n)
#define SALT_MAX 16 #define SALT_MAX 16
#define ROUNDS_DEFAULT 5000 #define ROUNDS_DEFAULT 5000
#define ROUNDS_MIN 1000 #define ROUNDS_MIN 1000
#define ROUNDS_MAX 50000 #define ROUNDS_MAX 20000
/* hash n bytes of the repeated md message digest */ /* hash n bytes of the repeated md message digest */
static void hashmd(struct sha512 *s, unsigned int n, const void *md) static void hashmd(struct sha512 *s, unsigned int n, const void *md)