9:17 p.m.
repo: git://git.gitano.org.uk/personal/richardipsum/lua-scrypt.git
ref: richardipsum/no-saltgen-override
HEAD: 7f8a987500377ff516b75e0384c82ef1ccf45e82
Hi,
Modern libscrypt seems to do the right thing with respect to salt generation.
Merging this to master obviously breaks this build for jessie or any
other platform using similarly old versions of libscrypt. I don't know
whether we still want to support jessie or not, or whether it would be
sufficient to tag the current HEAD as known good on jessie and move on.
Thanks,
Richard
Richard Ipsum (1):
Don't override libscrypt saltgen
luascrypt.c | 22 +---------------------
1 file changed, 1 insertion(+), 21 deletions(-)
--
2.13.0
9:17 p.m.
New subject: [PATCH 1/1] Don't override libscrypt saltgen
libscrypt now generates salt correctly,
indeed using the very method currently used by lua-scrypt.[1]
[1]: https://sources.debian.net/src/libscrypt/1.21-3/crypto-scrypt-saltgen.c/
---
luascrypt.c | 22 +---------------------
1 file changed, 1 insertion(+), 21 deletions(-)
diff --git a/luascrypt.c b/luascrypt.c
index 181f1e8..85ae01c 100644
--- a/luascrypt.c
+++ b/luascrypt.c
@@ -22,26 +22,6 @@
#include "base64.h"
-static void
-luascrypt_salt_gen(char *salt, int saltlen)
-{
- int fd;
- /* We'd go with libscrypt's implementation, but since libscrypt's salt
- * generation is time based, we cannot fully trust it to generate
- * unique salts so to improve our chances we assume we have urandom
- * and fall back to libscrypt's implementation if we don't. Since the
- * libscrypt implementation is fast, call it, and then overwrite it
- * if we can...
- */
- libscrypt_salt_gen(salt, saltlen);
-
- fd = open("/dev/urandom", O_RDONLY);
- if (fd >= 0) {
- read(fd, salt, saltlen); /* Ignore errors in these two calls */
- close(fd); /* Since we have our fallback. */
- }
-}
-
static int
luascrypt_hash_password(lua_State *L)
{
@@ -71,7 +51,7 @@ luascrypt_hash_password(lua_State *L)
"N is too large (limited to 2^15)");
}
- luascrypt_salt_gen(salt, sizeof(salt));
+ libscrypt_salt_gen((uint8_t *) salt, sizeof(salt));
if (libscrypt_scrypt((uint8_t*)passwd, passwd_len,
(uint8_t*)salt, sizeof(salt),
--
2.13.0
1:07 a.m.
On Sat, Jun 03, 2017 at 13:17:48 +0100, Richard Ipsum wrote:
Modern libscrypt seems to do the right thing with respect to salt
generation.
Merging this to master obviously breaks this build for jessie or any
other platform using similarly old versions of libscrypt. I don't know
whether we still want to support jessie or not, or whether it would be
sufficient to tag the current HEAD as known good on jessie and move on.
Until Stretch is significantly more common, we need to support jessie at least.
Is this something we can ifdef for now?
D.
--
Daniel Silverstone http://www.digital-scurf.org/
PGP mail accepted and encouraged. Key Id: 3CCE BABE 206C 3B69
3:34 a.m.
On Sat, Jun 03, 2017 at 05:07:57PM +0100, Daniel Silverstone wrote:
On Sat, Jun 03, 2017 at 13:17:48 +0100, Richard Ipsum wrote:
> Modern libscrypt seems to do the right thing with respect to salt generation.
> Merging this to master obviously breaks this build for jessie or any
> other platform using similarly old versions of libscrypt. I don't know
> whether we still want to support jessie or not, or whether it would be
> sufficient to tag the current HEAD as known good on jessie and move on.
Until Stretch is significantly more common, we need to support jessie at least.
Is this something we can ifdef for now?
We could add a build option for it? I don't know what that should be called.
Thoughts?
3:43 a.m.
On Sat, Jun 03, 2017 at 19:34:09 +0100, Richard Ipsum wrote:
On Sat, Jun 03, 2017 at 05:07:57PM +0100, Daniel Silverstone wrote:
> On Sat, Jun 03, 2017 at 13:17:48 +0100, Richard Ipsum wrote:
> > Modern libscrypt seems to do the right thing with respect to salt generation.
> > Merging this to master obviously breaks this build for jessie or any
> > other platform using similarly old versions of libscrypt. I don't know
> > whether we still want to support jessie or not, or whether it would be
> > sufficient to tag the current HEAD as known good on jessie and move on.
>
> Until Stretch is significantly more common, we need to support jessie at least.
>
> Is this something we can ifdef for now?
We could add a build option for it? I don't know what that should be called.
Thoughts?
I think I'd have a define TRUST_LIBSCRYPT_SALT_GEN which defaults to zero
D.
--
Daniel Silverstone http://www.digital-scurf.org/
PGP mail accepted and encouraged. Key Id: 3CCE BABE 206C 3B69
2303
days inactive
2303
days old
4 comments
2 participants
participants (2)
-
Daniel Silverstone -
Richard Ipsum