Subject: bin/26779: pwhash(1) SHA1 feature displays incorrect hash
To: None <gnats-bugs@gnats.NetBSD.org>
From: None <jeffi@rcn.com>
List: netbsd-bugs
Date: 08/28/2004 03:10:46
>Number: 26779
>Category: bin
>Synopsis: pwhash(1) SHA1 feature displays incorrect hash
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Aug 28 03:11:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator: Jeff Ito
>Release: NetBSD 2.0G
>Organization:
>Environment:
NetBSD netbsd 2.0G NetBSD 2.0G (LAB) #13: Fri Aug 6 12:31:55 EDT 2004
>Description:
pwhash incorrectly displays SHA1 hashed strings
The commit that added this feature suggests the correct output is:
$<tag>$<iterations>$<salt>$<digest>
This is not what is output
>How-To-Repeat:
{809} pwhash -S 10 test
HOVJUheRqd422
after below patch:
{813} pwhash -S 10 test
$sha1$9$uPCSKCDn$MDLEk1LHvIXpt2CUDSHMjOCC/led
>Fix:
Index: pwhash.c
===================================================================
RCS file: /cvsroot/src/usr.bin/pwhash/pwhash.c,v
retrieving revision 1.6
diff -u -r1.6 pwhash.c
--- pwhash.c 2 Jul 2004 00:05:23 -0000 1.6
+++ pwhash.c 28 Aug 2004 03:07:02 -0000
@@ -125,6 +125,7 @@
__crypt_to64(&buffer[n + 4], arc4random(), 4);
buffer[n + 8] = '$';
buffer[n + 9] = '\0';
+ salt = buffer;
}
break;
case DO_BLF:
>Release-Note:
>Audit-Trail:
>Unformatted: