path: root/src
diff options
authorRich Felker <>2012-08-29 12:44:27 -0400
committerRich Felker <>2012-08-29 12:44:27 -0400
commit507b6091fa75903ff05c21a4470b7b7cc3061d0d (patch)
tree57a36ff9071332772d67aa65b529e9912768ba9a /src
parent88bf5a8a8d7d796f63cca8589f4de67aa8345f1a (diff)
limit sha512 rounds to similar runtime to sha256 limit
these limits could definitely use review, but for now, i feel consistency and erring on the side of preventing servers from getting bogged down by excessively-slow user-provided settings (think .htpasswd) are the best policy. blowfish should be updated to match.
Diffstat (limited to 'src')
1 files changed, 1 insertions, 1 deletions
diff --git a/src/misc/crypt_sha512.c b/src/misc/crypt_sha512.c
index 7ca804e8..2c0de698 100644
--- a/src/misc/crypt_sha512.c
+++ b/src/misc/crypt_sha512.c
@@ -193,7 +193,7 @@ static char *to64(char *s, unsigned int u, int n)
#define SALT_MAX 16
#define ROUNDS_DEFAULT 5000
#define ROUNDS_MIN 1000
-#define ROUNDS_MAX 50000
+#define ROUNDS_MAX 20000
/* hash n bytes of the repeated md message digest */
static void hashmd(struct sha512 *s, unsigned int n, const void *md)