whois/whois-5.0.11-mkpasswd-add-support-for-the-new-2y-blowfish-tag-CVE-2011-2483.diff

From 757e302cc12f962ee1e04ccc572d0553bcfb780c Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Thu, 14 Jul 2011 13:38:08 +0200
Subject: [PATCH whois 4/7] add support for the new 2y blowfish tag (CVE-2011-2483)

---
 mkpasswd.c |    9 +++++++--
 1 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/mkpasswd.c b/mkpasswd.c
index 8bdc7f3..281d970 100644
--- a/mkpasswd.c
+++ b/mkpasswd.c
@@ -86,9 +86,13 @@ static const struct crypt_method methods[] = {
 #if defined FreeBSD
     { "bf",		"$2$",  22,	22,	0, "Blowfish (FreeBSD)" },
 #endif
-#if defined OpenBSD || (defined __SVR4 && defined __sun) || defined HAVE_CRYPT_GENSALT
+#if defined OpenBSD || (defined __SVR4 && defined __sun)
     { "bf",		"$2a$", 22,	22,	1, "Blowfish" },
 #endif
+#if defined HAVE_CRYPT_GENSALT
+    { "bf",		"$2a$", 22,	22,	1, "Blowfish, system-specific on 8-bit chars" },
+    { "bfy",		"$2y$", 22,	22,	1, "Blowfish, correct handling of 8-bit chars" },
+#endif
 #if defined FreeBSD
     { "nt",		"$3$",  0,	0,	0, "NT-Hash" },
 #endif
@@ -226,7 +230,8 @@ int main(int argc, char *argv[])
 	salt_prefix = methods[0].prefix;
     }
 
-    if (streq(salt_prefix, "$2a$")) {		/* OpenBSD Blowfish  */
+    if (streq(salt_prefix, "$2a$")
+    || streq(salt_prefix, "$2y$")) {		/* OpenBSD Blowfish  */
 	if (rounds <= 4)
 	    rounds = 4;
 	/* actually for 2a it is the logarithm of the number of rounds */
-- 
1.7.3.4
Accepting request 76616 from home:lnussel:crypt_blowfish - enable use of crypt_gensalt to support all glibc supported algorithms - allow 8bit passwords read from file - support new blowfish $2y algorithm I've sent the patches to Marco d'Itri <md@linux.it>, he said he will include them in the next whois release. OBS-URL: https://build.opensuse.org/request/show/76616 OBS-URL: https://build.opensuse.org/package/show/network:utilities/whois?expand=0&rev=19 2011-07-27 06:21:55 +00:00			`From 757e302cc12f962ee1e04ccc572d0553bcfb780c Mon Sep 17 00:00:00 2001`
			`From: Ludwig Nussel <ludwig.nussel@suse.de>`
			`Date: Thu, 14 Jul 2011 13:38:08 +0200`
			`Subject: [PATCH whois 4/7] add support for the new 2y blowfish tag (CVE-2011-2483)`

			`---`
			`mkpasswd.c \| 9 +++++++--`
			`1 files changed, 7 insertions(+), 2 deletions(-)`

			`diff --git a/mkpasswd.c b/mkpasswd.c`
			`index 8bdc7f3..281d970 100644`
			`--- a/mkpasswd.c`
			`+++ b/mkpasswd.c`
			`@@ -86,9 +86,13 @@ static const struct crypt_method methods[] = {`
			`#if defined FreeBSD`
			`{ "bf", "$2$", 22, 22, 0, "Blowfish (FreeBSD)" },`
			`#endif`
			`-#if defined OpenBSD \|\| (defined __SVR4 && defined __sun) \|\| defined HAVE_CRYPT_GENSALT`
			`+#if defined OpenBSD \|\| (defined __SVR4 && defined __sun)`
			`{ "bf", "$2a$", 22, 22, 1, "Blowfish" },`
			`#endif`
			`+#if defined HAVE_CRYPT_GENSALT`
			`+ { "bf", "$2a$", 22, 22, 1, "Blowfish, system-specific on 8-bit chars" },`
			`+ { "bfy", "$2y$", 22, 22, 1, "Blowfish, correct handling of 8-bit chars" },`
			`+#endif`
			`#if defined FreeBSD`
			`{ "nt", "$3$", 0, 0, 0, "NT-Hash" },`
			`#endif`
			`@@ -226,7 +230,8 @@ int main(int argc, char *argv[])`
			`salt_prefix = methods[0].prefix;`
			`}`

			`- if (streq(salt_prefix, "$2a$")) { /* OpenBSD Blowfish */`
			`+ if (streq(salt_prefix, "$2a$")`
			`+ \|\| streq(salt_prefix, "$2y$")) { /* OpenBSD Blowfish */`
			`if (rounds <= 4)`
			`rounds = 4;`
			`/* actually for 2a it is the logarithm of the number of rounds */`
			`--`
			`1.7.3.4`