pgcrypto: bug in gen_salt (md5/xdes)

From: Marko Kreen <markokr(at)gmail(dot)com>
To: pgsql-patches(at)postgresql(dot)org
Subject: pgcrypto: bug in gen_salt (md5/xdes)
Date: 2006-01-02 22:55:36
Message-ID: e51f66da0601021455x2a793feaq6f06d9d486485db4@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches

There is a signedness bug in Openwall gen_salt code that
pgcrypto uses. This makes the salt space for md5 and xdes
algorithms a lot smaller.

Salts for blowfish and standard des are unaffected.

Attached is upstream fix for it. This applies all the
way from 7.2 to 8.1 and HEAD. Please apply this to all
active branches.

--
marko

Attachment Content-Type Size
fix.gensalt.diff text/x-patch 2.7 KB

Responses

Browse pgsql-patches by date

  From Date Subject
Next Message Joe Conway 2006-01-03 02:34:23 Re: [BUGS] BUG #2129: dblink problem
Previous Message Tom Lane 2006-01-02 21:48:45 Re: Stats collector performance improvement