From owner-freebsd-stable@FreeBSD.ORG Fri Oct 24 13:49:08 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C615C83B; Fri, 24 Oct 2014 13:49:08 +0000 (UTC) Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.81]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 85724776; Fri, 24 Oct 2014 13:49:08 +0000 (UTC) Received: from smtp.greenhost.nl ([213.108.104.138]) by smarthost1.greenhost.nl with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from ) id 1XhfEi-0000tZ-IK; Fri, 24 Oct 2014 15:49:06 +0200 Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes To: "Jim Pirzyk" Subject: Re: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-14:11.crypt References: <201410222107.s9ML7nLC010739@freefall.freebsd.org> Date: Fri, 24 Oct 2014 15:48:59 +0200 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: "Ronald Klop" Message-ID: In-Reply-To: User-Agent: Opera Mail/12.17 (Win32) X-Authenticated-As-Hash: 398f5522cb258ce43cb679602f8cfe8b62a256d1 X-Virus-Scanned: by clamav at smarthost1.samage.net X-Spam-Level: / X-Spam-Score: -0.2 X-Spam-Status: No, score=-0.2 required=5.0 tests=ALL_TRUSTED, BAYES_50 autolearn=disabled version=3.3.1 X-Scan-Signature: 1629bd954af37e9bd463cbe85bf61e19 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Oct 2014 13:49:08 -0000 Hi, I have nothing to do with the actual coding, but please reread comment 7 from the bug report: 'This doesn't have anything common with system default password encryption, this is realized using /etc/login.conf and applications like passwd, etc.' Regards, Ronald. On Fri, 24 Oct 2014 15:21:48 +0200, Jim Pirzyk wrote: > I think this should be reopened and reverted. This is the wrong answer > and has not taken into account the history of crypt() on FreeBSD. I > point you to the svn log: > > http://svnweb.freebsd.org/base?view=revision&revision=4246 > > and > > http://www.freebsd.org/releases/2.0/notes.html > > If password security for FreeBSD is all you need, and you have no > requirement for copying encrypted passwords from different hosts (Suns, > DEC machines, etc) into FreeBSD password entries, then FreeBSD's MD5 > based security may be all you require! We feel that our default security > model is more than a match for DES, and without any messy export issues > to deal with. If you're outside (or even inside) the U.S., give it a > try! > > We are reversing 20+ years of FreeBSD progress. > > - JimP > > On Oct 24, 2014, at 8:11 AM, Ronald Klop wrote: > >> See: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192277 >> >> Regards, >> Ronald. >> >> On Fri, 24 Oct 2014 13:14:20 +0200, Jim Pirzyk >> wrote: >> >>> Hi, >>> >>> I was wondering if there is more information about this change? >>> FreeBSD changed the default away from DES to MD5 back in the 1.1.5 -> >>> 2.0 transition. It seems to me a downgrade and rewarding bad >>> programming to be changing back to DES now. Also the proper course of >>> action is to correct programs that make the wrong assumption about >>> what crypt() changes. >>> >>> Thanks >>> >>> - JimP >>> >>> On Oct 22, 2014, at 4:07 PM, FreeBSD Errata Notices >>> wrote: >>> >>>> Signed PGP part >>>> ============================================================================= >>>> FreeBSD-EN-14:11.crypt >>>> Errata Notice >>>> The FreeBSD >>>> Project >>>> >>>> Topic: crypt(3) default hashing algorithm >>>> >>>> Category: core >>>> Module: libcrypt >>>> Announced: 2014-10-22 >>>> Affects: FreeBSD 9.3 and FreeBSD 10.0-STABLE after 2014-05-11 >>>> and >>>> before 2014-10-16. >>>> Corrected: 2014-10-13 15:56:47 UTC (stable/10, 10.1-PRERELEASE) >>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-RC3) >>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-RC2-p2) >>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-RC1-p2) >>>> 2014-10-16 21:39:04 UTC (releng/10.1, 10.1-BETA3-p2) >>>> 2014-10-21 21:09:54 UTC (stable/9, 9.3-STABLE) >>>> 2014-10-21 23:50:46 UTC (releng/9.3, 9.3-RELEASE-p4) >>>> >>>> For general information regarding FreeBSD Errata Notices and Security >>>> Advisories, including descriptions of the fields above, security >>>> branches, and the following sections, please visit >>>> . >>>> >>>> I. Background >>>> >>>> The crypt(3) function performs password hashing. Different algorithms >>>> of varying strength are available, with older, weaker algorithms being >>>> retained for compatibility. >>>> >>>> The crypt(3) function was originally based on the DES encryption >>>> algorithm and generated a 13-character hash from an eight-character >>>> password (longer passwords were truncated) and a two-character salt. >>>> >>>> II. Problem Description >>>> >>>> In recent FreeBSD releases, the default algorithm for crypt(3) was >>>> changed to SHA-512, which generates a much longer hash than the >>>> traditional DES-based algorithm. >>>> >>>> III. Impact >>>> >>>> Many applications assume that crypt(3) always returns a traditional >>>> DES >>>> hash, and blindly copy it into a short buffer without bounds checks. >>>> This >>>> may lead to a variety of undesirable results including, at worst, >>>> crashing >>>> the application. >>>> >>>> IV. Workaround >>>> >>>> No workaround is available. >>>> >>>> V. Solution >>>> >>>> Perform one of the following: >>>> >>>> 1) Upgrade your system to a supported FreeBSD stable or release / >>>> security >>>> branch (releng) dated after the correction date. >>>> >>>> 2) To update your present system via a source code patch: >>>> >>>> The following patches have been verified to apply to the applicable >>>> FreeBSD release branches. >>>> >>>> a) Download the relevant patch from the location below, and verify the >>>> detached PGP signature using your PGP utility. >>>> >>>> # fetch http://security.FreeBSD.org/patches/EN-14:11/crypt.patch >>>> # fetch http://security.FreeBSD.org/patches/EN-14:11/crypt.patch.asc >>>> # gpg --verify crypt.patch.asc >>>> >>>> b) Apply the patch. Execute the following commands as root: >>>> >>>> # cd /usr/src >>>> # patch < /path/to/patch >>>> >>>> c) Recompile the operating system using buildworld and installworld as >>>> described in . >>>> >>>> Restart all deamons using the library, or reboot the system. >>>> >>>> 3) To update your system via a binary patch: >>>> >>>> Systems running a RELEASE version of FreeBSD on the i386 or amd64 >>>> platforms can be updated via the freebsd-update(8) utility: >>>> >>>> # freebsd-update fetch >>>> # freebsd-update install >>>> >>>> VI. Correction details >>>> >>>> The following list contains the revision numbers of each file that was >>>> corrected in FreeBSD. >>>> >>>> Branch/path >>>> Revision >>>> ------------------------------------------------------------------------- >>>> stable/9/ >>>> r273425 >>>> releng/9.3/ >>>> r273438 >>>> stable/10/ >>>> r273043 >>>> releng/10.1/ >>>> r273187 >>>> ------------------------------------------------------------------------- >>>> >>>> To see which files were modified by a particular revision, run the >>>> following command, replacing NNNNNN with the revision number, on a >>>> machine with Subversion installed: >>>> >>>> # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base >>>> >>>> Or visit the following URL, replacing NNNNNN with the revision number: >>>> >>>> >>>> >>>> VII. References >>>> >>>> The latest revision of this Errata Notice is available at >>>> http://security.FreeBSD.org/advisories/FreeBSD-EN-14:11.crypt.asc >>>> >>>> _______________________________________________ >>>> freebsd-announce@freebsd.org mailing list >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-announce >>>> To unsubscribe, send any mail to >>>> "freebsd-announce-unsubscribe@freebsd.org" >>> >>> --- @(#) $Id: dot.signature,v 1.15 2007/12/27 15:06:13 pirzyk Exp $ >>> __o jim@pirzyk.org >>> -------------------------------------------------- >>> _'\<,_ >>> (*)/ (*) I'd rather be out biking. > > --- @(#) $Id: dot.signature,v 1.15 2007/12/27 15:06:13 pirzyk Exp $ > __o jim@pirzyk.org > -------------------------------------------------- > _'\<,_ > (*)/ (*) I'd rather be out biking.