From owner-freebsd-doc Fri Apr 5 2:10:12 2002 Delivered-To: freebsd-doc@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id DA90237B41B for ; Fri, 5 Apr 2002 02:10:00 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g35AA0V35985; Fri, 5 Apr 2002 02:10:00 -0800 (PST) (envelope-from gnats) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 4FAD937B41A for ; Fri, 5 Apr 2002 02:05:22 -0800 (PST) Received: (from nobody@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g35A5Mo33553; Fri, 5 Apr 2002 02:05:22 -0800 (PST) (envelope-from nobody) Message-Id: <200204051005.g35A5Mo33553@freefall.freebsd.org> Date: Fri, 5 Apr 2002 02:05:22 -0800 (PST) From: Andre Yelistratov To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: docs/36782: md5 salt documented as being 16 bytes max length. In reailty it is 8 bytes max length. Sender: owner-freebsd-doc@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 36782 >Category: docs >Synopsis: md5 salt documented as being 16 bytes max length. In reailty it is 8 bytes max length. >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Apr 05 02:10:00 PST 2002 >Closed-Date: >Last-Modified: >Originator: Andre Yelistratov >Release: 4.5-Stable >Organization: Servocomp >Environment: FreeBSD andre.servocomp.ru 4.5-STABLE FreeBSD 4.5-STABLE #1: Tue Mar 12 14:28:26 MSK 2002 root@andre.servocomp.ru:/usr/obj/usr/src/sys/ANDRE i386 >Description: The maximum length of salt in MD5 is hardoded at crypt-md5.c and represents 8 bytes, contrary to 'man 3 crypt': 'The length of the salt is limited to 16 characters'. crypt-md5.c: /* Refine the Salt first */ sp = salt; [skip] /* It stops at the first '$', max 8 chars */ for(ep=sp;*ep && *ep != '$' && ep < (sp+8);ep++) continue; >How-To-Repeat: call md5 crypt() with any salt longer than 8 chars. >Fix: Trivial. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message