Am 03.05.22 um 14:51 schrieb Emmanuel Deloget:
Le mar. 3 mai 2022 à 13:58, Andreas Helmcke <a...@helmcke.name> a écrit :
diff --git a/libbb/pw_encrypt.c b/libbb/pw_encrypt.c
index 3463fd95b..2da4ab1d0 100644
--- a/libbb/pw_encrypt.c
+++ b/libbb/pw_encrypt.c
@@ -70,6 +70,24 @@ char* FAST_FUNC crypt_make_pw_salt(char
salt[MAX_PW_SALT_LEN], const char *algo)
salt[1] = '5' + (strcasecmp(algo, "sha512") == 0);
len = 16/2;
}
+#endif
+#if ENABLE_USE_BCRYPT
+ if ((algo[0]|0x20) == 'b') { /* bcrypt */
+ int cost = 0;
+#if ENABLE_FEATURE_BCRYPT_COST
It seems to me that if ENABLE_USE_BCRYPT is set, then the bcrypt cost
is always there. Am I missing something?
+ cost = (CONFIG_FEATURE_BCRYPT_COST);
+#endif
+ if (cost < 0 || cost > 31)
This allows values (1, 2, 3) that are outside the range of the values
specified in the config text.
BTW, if the values outside [4, 31] are invalid, maybe a compile-time
error would be a good thing? (this is actually a real question, not a
code change suggestion). That would make the code a bit smaller as you
could confidently and directly use (CONFIG_FEATURE_BCRYPT_COST / 10)
and (CONFIG_FEATURE_BCRYPT_COST % 10) in the code below (no need to
set a cost variable).
Good idea.
My intention was to try to avoid compile time errors, but a clear error
while compiling is better than some unexpected effects later.
+config FEATURE_BCRYPT_COST
+ int "bcrypt cost"
+ range 4 31
+ default 10
+ depends on USE_BCRYPT
+ help
+ Cost paramter for the bcrypt hashing algorithm.
typo: parameter
Changed, thanks.
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
