Module Name:src
Committed By: martin
Date: Sun Oct 31 14:48:42 UTC 2021
Modified Files:
src/lib/libcrypt [netbsd-8]: crypt-sha1.c
Log Message:
Pull up following revision(s) (requested by nia in ticket #1705):
lib/libcrypt/crypt-sha1.c: revision 1.10
libcrypt: Fix a floating point exception when a low number of HMAC-SHA1
iterations are specified.
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.8.18.1 src/lib/libcrypt/crypt-sha1.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libcrypt/crypt-sha1.c
diff -u src/lib/libcrypt/crypt-sha1.c:1.8 src/lib/libcrypt/crypt-sha1.c:1.8.18.1
--- src/lib/libcrypt/crypt-sha1.c:1.8 Wed Aug 28 17:47:07 2013
+++ src/lib/libcrypt/crypt-sha1.c Sun Oct 31 14:48:42 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: crypt-sha1.c,v 1.8 2013/08/28 17:47:07 riastradh Exp $ */
+/* $NetBSD: crypt-sha1.c,v 1.8.18.1 2021/10/31 14:48:42 martin Exp $ */
/*
* Copyright (c) 2004, Juniper Networks, Inc.
@@ -31,7 +31,7 @@
#include
#if !defined(lint)
-__RCSID("$NetBSD: crypt-sha1.c,v 1.8 2013/08/28 17:47:07 riastradh Exp $");
+__RCSID("$NetBSD: crypt-sha1.c,v 1.8.18.1 2021/10/31 14:48:42 martin Exp $");
#endif /* not lint */
#include
@@ -71,24 +71,15 @@ __RCSID("$NetBSD: crypt-sha1.c,v 1.8 201
unsigned int
__crypt_sha1_iterations (unsigned int hint)
{
-static int once = 1;
-
/*
* We treat CRYPT_SHA1_ITERATIONS as a hint.
* Make it harder for someone to pre-compute hashes for a
* dictionary attack by not using the same iteration count for
* every entry.
*/
-
-if (once) {
- int pid = getpid();
-
- srandom(time(NULL) ^ (pid * pid));
- once = 0;
-}
-if (hint == 0)
+if (hint < 4)
hint = CRYPT_SHA1_ITERATIONS;
-return hint - (random() % (hint / 4));
+return hint - arc4random_uniform(hint / 4);
}
/*