SecBSD's official ports repository

2023-08-16 22:26:55 +00:00 · 2023-08-16 22:26:55 +00:00 · 2c0afcbbf3
commit 2c0afcbbf3
64331 changed files with 5339189 additions and 0 deletions
--- a/java/jBCrypt/patches/patch-src_org_mindrot_jbcrypt_BCrypt_java
+++ b/java/jBCrypt/patches/patch-src_org_mindrot_jbcrypt_BCrypt_java
@ -0,0 +1,34 @@
+Accept $2b$ bcrypt prefix.
+
+jBCrypt didn't have the 255-char bug affecting OpenBSD libc in the
+first place, so its $2a$ handling doesn't match OpenBSD's. Changing
+that would break compatibility with older jBCrypt versions with long
+passwords which is more likely to be a problem than compatibility with
+old OpenBSD, so that is left alone for now.
+
+Index: src/org/mindrot/jbcrypt/BCrypt.java
+--- src/org/mindrot/jbcrypt/BCrypt.java.orig
+++ src/org/mindrot/jbcrypt/BCrypt.java
+@@ -661,7 +661,11 @@ public class BCrypt {
+ 			off = 3;
+ 		else {
+ 			minor = salt.charAt(2);
+-			if (minor != 'a' || salt.charAt(3) != '$')
+			// 2;  short-lived original
+			// 2a; specified UTF-8 and terminating NUL
+			// 2b; 256-char wrap bug in OpenBSD libc was fixed
+			// (jBCrypt handling of 2a doesn't match OpenBSD's as it didn't have the bug)
+			if ((minor != 'a' && minor != 'b') || salt.charAt(3) != '$')
+ 				throw new IllegalArgumentException ("Invalid salt revision");
+ 			off = 4;
+ 		}
+@@ -716,6 +720,9 @@ public class BCrypt {
+ 
+ 		random.nextBytes(rnd);
+ 
+		// keep writing $2a$ for now to give backwards compat with
+		// older jBCrypt versions; though this means that bcrypts of
+		// very long input passwords might not be accepted by OpenBSD
+ 		rs.append("$2a$");
+ 		if (log_rounds < 10)
+ 			rs.append("0");