You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@apr.apache.org by yl...@apache.org on 2017/02/02 13:14:16 UTC

svn commit: r1781391 - /apr/apr/trunk/crypto/crypt_blowfish.c

Author: ylavic
Date: Thu Feb  2 13:14:16 2017
New Revision: 1781391

URL: http://svn.apache.org/viewvc?rev=1781391&view=rev
Log:
apr_crypto: follow up to r1772803.
Still avoid excessive bcrypt iterations, verification side this time.


Modified:
    apr/apr/trunk/crypto/crypt_blowfish.c

Modified: apr/apr/trunk/crypto/crypt_blowfish.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/crypt_blowfish.c?rev=1781391&r1=1781390&r2=1781391&view=diff
==============================================================================
--- apr/apr/trunk/crypto/crypt_blowfish.c (original)
+++ apr/apr/trunk/crypto/crypt_blowfish.c Thu Feb  2 13:14:16 2017
@@ -675,9 +675,9 @@ static char *BF_crypt(const char *key, c
 	    setting[2] < 'a' || setting[2] > 'z' ||
 	    !flags_by_subtype[(unsigned int)(unsigned char)setting[2] - 'a'] ||
 	    setting[3] != '$' ||
-	    setting[4] < '0' || setting[4] > '3' ||
+	    setting[4] < '0' || setting[4] > '1' ||
 	    setting[5] < '0' || setting[5] > '9' ||
-	    (setting[4] == '3' && setting[5] > '1') ||
+	    (setting[4] == '1' && setting[5] > '7') ||
 	    setting[6] != '$') {
 		__set_errno(EINVAL);
 		return NULL;