httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 53410] SHA-2 password hashes with more than 9999 rounds not accepted
Date Mon, 16 Jul 2012 19:18:39 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=53410

Jason Ovich <jasonovich@mailfish.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|FIXED                       |---

--- Comment #3 from Jason Ovich <jasonovich@mailfish.de> ---
Hmm, I've read through the code again and the fix consists of increasing the
size of the (static) buffer holding a copy of the crypted password. I don't see
why this size limit is necessary at all. Why not just do a straight-forward
strcmp(crypt_pw, hash) at the end?

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message