From owner-freebsd-bugs  Sun Jun  9  3: 7: 3 2002
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id BFE2837B401; Sun,  9 Jun 2002 03:07:00 -0700 (PDT)
Received: (from phk@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g59A70d90788;
	Sun, 9 Jun 2002 03:07:00 -0700 (PDT)
	(envelope-from phk)
Date: Sun, 9 Jun 2002 03:07:00 -0700 (PDT)
From: <phk@FreeBSD.org>
Message-Id: <200206091007.g59A70d90788@freefall.freebsd.org>
To: freebsd@spatula.net, phk@FreeBSD.org, freebsd-bugs@FreeBSD.org
Subject: Re: bin/39037: crypt-md5 may prematurely drop a source of entropy
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

Synopsis: crypt-md5 may prematurely drop a source of entropy

State-Changed-From-To: open->closed
State-Changed-By: phk
State-Changed-When: Sun Jun 9 03:04:08 PDT 2002
State-Changed-Why: 
Well, what can I say ?  I usually don't attain perfection, neither in first
nor last attempt :-)

Yes, there are certain things in the md5crypt which should have been
thought better out.  The piece of code you point out is just one example.

There have actually been a couple of revisions run over in OpenBSD, I've
seen $2$ and $2a$ passwords already.


http://www.freebsd.org/cgi/query-pr.cgi?pr=39037

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message