> On Jun 26, 2017, at 10:49 PM, Ted Unangst <t...@tedunangst.com> wrote: > > [...] > >> >> CC'd tedu@ because I'm not sure if I'm using crypt_newhash(3) >> correctly. >> >> Ted: In other places people use _PASSWORD_LEN for the length >> of the hash buffer. Clearly this works, but it feels off. >> _PASSWORD_LEN is meant to be an upper bound on length of >> the plaintext, not the hash output, right? >> >> Is there a better way to size my buffer for use with >> crypt_newhash(3)? > > yes, but there is no better define for the output buffer. perhaps PASS_MAX, > i'm not sure why everything settled on _PASSWORD_LEN.
fwiw, PASS_MAX is now deprecated by POSIX. I think leaving it as _PASSWORD_LEN for consistency with the rest of the tree for now is probably better. Would a later patch exposing something like, I dunno, "BCRYPT_HASHMAX" to includers of unistd.h be welcome? A documented define would round out the API. -- Scott Cheloha
