NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commitca59dfa

committed

Apply upstream fix for blowfish signed-character bug (CVE-2011-2483).

A password containing a character with the high bit set was misprocessedon machines where char is signed (which is most). This could cause thepreceding one to three characters to fail to affect the hashed result,thus weakening the password. The result was also unportable, and failedto match some other blowfish implementations such as OpenBSD's.Since the fix changes the output for such passwords, upstream choseto provide a compatibility hack: password salts beginning with $2x$(instead of the usual $2a$ for blowfish) are intentionally processed"wrong" to give the same hash as before. Stored password hashes canthus be modified if necessary to still match, though it'd be betterto change any affected passwords.In passing, sync a couple other upstream changes that marginally improveperformance and/or tighten error checking.Back-patch to all supported branches. Since this issue is alreadypublic, no reason not to commit the fix ASAP.

1 parent38c0e72 commitca59dfaCopy full SHA for ca59dfa

File tree

2 files changed

+17

-10

lines changed

contrib/pgcrypto
- crypt-blowfish.c
- px-crypt.c

2 files changed

+17

-10

lines changed

`‎contrib/pgcrypto/crypt-blowfish.c`

Lines changed: 16 additions & 10 deletions

Original file line number	Diff line number	Diff line change
`@@ -5,8 +5,8 @@`
`5`	`5`	`* and crypt(3) interfaces added, but optimizations specific to password`
`6`	`6`	`* cracking removed.`
`7`	`7`	`*`
`8`		`- * Written by Solar Designer <solar@openwall.com> in 1998-2001, and placed`
`9`		`- * in the public domain.`
	`8`	`+ * Written by Solar Designer <solar atopenwall.com> in 1998-2002 and`
	`9`	`+ *placedin the public domain.`
`10`	`10`	`*`
`11`	`11`	`* There's absolutely no warranty.`
`12`	`12`	`*`
`@@ -19,9 +19,9 @@`
`19`	`19`	`* of your choice.`
`20`	`20`	`*`
`21`	`21`	`* This implementation is compatible with OpenBSD bcrypt.c (version 2a)`
`22`		`- * by Niels Provos <provos@physnet.uni-hamburg.de>, and uses some of his`
`23`		`- * ideas. The password hashing algorithm was designed by David Mazieres`
`24`		`- * <dm@lcs.mit.edu>.`
	`22`	`+ * by Niels Provos <provos at citi.umich.edu>, and uses some of his`
	`23`	`+ * ideas.The password hashing algorithm was designed by David Mazieres`
	`24`	`+ * <dm atlcs.mit.edu>.`
`25`	`25`	`*`
`26`	`26`	`* There's a paper on the algorithm that explains its design decisions:`
`27`	`27`	`*`
`@@ -40,7 +40,7 @@`
`40`	`40`	`#ifdef__i386__`
`41`	`41`	`#defineBF_ASM0/* 1 */`
`42`	`42`	`#defineBF_SCALE1`
`43`		`-#elif defined(__alpha__)`
	`43`	`+#elif defined(__x86_64__)\|\| defined(__alpha__)\|\| defined(__hppa__)`
`44`	`44`	`#defineBF_ASM0`
`45`	`45`	`#defineBF_SCALE1`
`46`	`46`	`#else`
`@@ -49,6 +49,7 @@`
`49`	`49`	`#endif`
`50`	`50`
`51`	`51`	`typedefunsignedintBF_word;`
	`52`	`+typedefsignedintBF_word_signed;`
`52`	`53`
`53`	`54`	`/* Number of Blowfish rounds, this is also hardcoded into a few places */`
`54`	`55`	`#defineBF_N16`
`@@ -544,7 +545,8 @@ extern void _BF_body_r(BF_ctx *ctx);`
`544`	`545`	`#endif`
`545`	`546`
`546`	`547`	`staticvoid`
`547`		`-BF_set_key(constchar*key,BF_keyexpanded,BF_keyinitial)`
	`548`	`+BF_set_key(constchar*key,BF_keyexpanded,BF_keyinitial,`
	`549`	`+intsign_extension_bug)`
`548`	`550`	`{`
`549`	`551`	`constchar*ptr=key;`
`550`	`552`	`inti,`
`@@ -557,7 +559,10 @@ BF_set_key(const char *key, BF_key expanded, BF_key initial)`
`557`	`559`	`for (j=0;j<4;j++)`
`558`	`560`	`{`
`559`	`561`	`tmp <<=8;`
`560`		`-tmp \|=*ptr;`
	`562`	`+if (sign_extension_bug)`
	`563`	`+tmp \|= (BF_word_signed) (signedchar)*ptr;`
	`564`	`+else`
	`565`	`+tmp \|= (unsignedchar)*ptr;`
`561`	`566`
`562`	`567`	`if (!*ptr)`
`563`	`568`	`ptr=key;`
`@@ -599,10 +604,11 @@ _crypt_blowfish_rn(const char key, const char setting,`
`599`	`604`
`600`	`605`	`if (setting[0]!='$'\|\|`
`601`	`606`	`setting[1]!='2'\|\|`
`602`		`-setting[2]!='a'\|\|`
	`607`	`+(setting[2]!='a'&&setting[2]!='x')\|\|`
`603`	`608`	`setting[3]!='$'\|\|`
`604`	`609`	`setting[4]<'0'\|\|setting[4]>'3'\|\|`
`605`	`610`	`setting[5]<'0'\|\|setting[5]>'9'\|\|`
	`611`	`+(setting[4]=='3'&&setting[5]>'1')\|\|`
`606`	`612`	`setting[6]!='$')`
`607`	`613`	`{`
`608`	`614`	`returnNULL;`
`@@ -616,7 +622,7 @@ _crypt_blowfish_rn(const char key, const char setting,`
`616`	`622`	`}`
`617`	`623`	`BF_swap(data.binary.salt,4);`
`618`	`624`
`619`		`-BF_set_key(key,data.expanded_key,data.ctx.P);`
	`625`	`+BF_set_key(key,data.expanded_key,data.ctx.P,setting[2]=='x');`
`620`	`626`
`621`	`627`	`memcpy(data.ctx.S,BF_init_state.S,sizeof(data.ctx.S));`
`622`	`628`

`‎contrib/pgcrypto/px-crypt.c`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -79,6 +79,7 @@ struct px_crypt_algo`
`79`	`79`	`staticconststructpx_crypt_algo`
`80`	`80`	`px_crypt_list[]= {`
`81`	`81`	`{"$2a$",4,run_crypt_bf},`
	`82`	`+{"$2x$",4,run_crypt_bf},`
`82`	`83`	`{"$2$",3,NULL},/* N/A */`
`83`	`84`	`{"$1$",3,run_crypt_md5},`
`84`	`85`	`{"_",1,run_crypt_des},`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitca59dfa

File tree

2 files changed

2 files changed

`‎contrib/pgcrypto/crypt-blowfish.c`

`‎contrib/pgcrypto/px-crypt.c`

0 commit comments