Skip to content

Commit

Permalink
Update gitignore, NEWS, and TODO.
Browse files Browse the repository at this point in the history
  • Loading branch information
besser82 committed Jan 3, 2025
1 parent f89bb4d commit f257b59
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 9 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ test/crypt-des
test/crypt-gost-yescrypt
test/crypt-kat
test/crypt-md5
test/crypt-multithread
test/crypt-nthash
test/crypt-pbkdf1-sha1
test/crypt-scrypt
Expand Down
9 changes: 9 additions & 0 deletions NEWS
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,15 @@ Please send bug reports, questions and suggestions to
<https://github.com/besser82/libxcrypt/issues>.

Version 4.4.38
* crypt and crypt_gensalt now use per-thread storage areas for their
output, allocated upon the first call in each thread that uses them.
This makes it safe to call these functions from multiple threads
simultaneously (but consecutive calls will still clobber the
previous output).
This feature is a safety net against sloppy coding. Programs are
still strongly encouraged to use the reentrant functions instead,
because this safety net is not guaranteed by any standard
(although we are informed that Solaris also does this).

Version 4.4.37
* Several fixes to the manpages (issue #185).
Expand Down
9 changes: 0 additions & 9 deletions TODO.md
Original file line number Diff line number Diff line change
Expand Up @@ -67,15 +67,6 @@ It was last updated 20 October 2018.
* If we do, should it know how to trigger the trusted-path
password prompt in modern GUI environments? (probably)

* Make the crypt and crypt_gensalt static state thread-specific?
* Solaris 11 may have done this (its `crypt(3)` manpage describes
it as MT-Safe and I don’t see any other way they could have
accomplished that).
* if allocated on first use, this would also shave 32kB of
data segment off the shared library
* alternatively, add a global lock and *crash the program* if we
detect concurrent calls

* Allow access to more of yescrypt’s tunable parameters and ROM
feature, in a way that’s generic enough that we could also use it
for e.g. Argon2’s tunable parameters
Expand Down

0 comments on commit f257b59

Please sign in to comment.