On Sat, 23 May 2020 22:08:11 +0100, Stuart Henderson <s...@spacehopper.org> wrote:
> I think bumping the minimum to 2^9 would be reasonable, there's a more > noticeable delay on some machines but I think that's fair enough (any > cracking is likely to be done on a fast machine, and the user can > force it lower themselves if they want to take the risk). I think it's a good move. Isn't this is needed as well then? Index: cryptutil.c =================================================================== RCS file: /cvs/src/lib/libc/crypt/cryptutil.c,v retrieving revision 1.12 diff -u -p -r1.12 cryptutil.c --- cryptutil.c 13 Sep 2015 15:33:48 -0000 1.12 +++ cryptutil.c 24 May 2020 01:57:39 -0000 @@ -54,7 +54,7 @@ int crypt_newhash(const char *pass, const char *pref, char *hash, size_t hashlen) { int rv = -1; - const char *defaultpref = "blowfish,8"; + const char *defaultpref = "blowfish,9"; const char *errstr; const char *choices[] = { "blowfish", "bcrypt" }; size_t maxchoice = sizeof(choices) / sizeof(choices[0]); Cheers, Daniel