SecBSD's official ports repository

This commit is contained in:
purplerain 2023-08-16 22:26:55 +00:00
commit 2c0afcbbf3
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
64331 changed files with 5339189 additions and 0 deletions

View file

@ -0,0 +1,34 @@
Accept $2b$ bcrypt prefix.
jBCrypt didn't have the 255-char bug affecting OpenBSD libc in the
first place, so its $2a$ handling doesn't match OpenBSD's. Changing
that would break compatibility with older jBCrypt versions with long
passwords which is more likely to be a problem than compatibility with
old OpenBSD, so that is left alone for now.
Index: src/org/mindrot/jbcrypt/BCrypt.java
--- src/org/mindrot/jbcrypt/BCrypt.java.orig
+++ src/org/mindrot/jbcrypt/BCrypt.java
@@ -661,7 +661,11 @@ public class BCrypt {
off = 3;
else {
minor = salt.charAt(2);
- if (minor != 'a' || salt.charAt(3) != '$')
+ // 2; short-lived original
+ // 2a; specified UTF-8 and terminating NUL
+ // 2b; 256-char wrap bug in OpenBSD libc was fixed
+ // (jBCrypt handling of 2a doesn't match OpenBSD's as it didn't have the bug)
+ if ((minor != 'a' && minor != 'b') || salt.charAt(3) != '$')
throw new IllegalArgumentException ("Invalid salt revision");
off = 4;
}
@@ -716,6 +720,9 @@ public class BCrypt {
random.nextBytes(rnd);
+ // keep writing $2a$ for now to give backwards compat with
+ // older jBCrypt versions; though this means that bcrypts of
+ // very long input passwords might not be accepted by OpenBSD
rs.append("$2a$");
if (log_rounds < 10)
rs.append("0");