Michal Mazurek wrote:
> When talking about this with mulander@ it came out that the docs could
> use a touch.
>
> The commit message for the diff that didn't update the docs was:
>
> permit "bcrypt" as an alias for "blowfish". this is, after all, what
> 99% of the world calls it.
> allow just "bcrypt" without params to mean auto-tune ("bcrypt,a").
> default remains 8 rounds (for now)
>
> Comments? OK?
>
> Index: lib/libc/crypt/crypt_checkpass.3
> ===================================================================
> RCS file: /cvs/src/lib/libc/crypt/crypt_checkpass.3,v
> retrieving revision 1.9
> diff -u -p -r1.9 crypt_checkpass.3
> --- lib/libc/crypt/crypt_checkpass.3 23 Jul 2015 22:20:02 -0000 1.9
> +++ lib/libc/crypt/crypt_checkpass.3 6 Jun 2017 19:06:59 -0000
> @@ -58,17 +58,29 @@ The provided
> .Fa password
> is randomly salted and hashed and stored in
> .Fa hash .
> +.Fa hash
> +must already be allocated, and
> +.Fa hashsize
> +must contain its size, which cannot be less than 61 bytes.
that's an implementation detail. if we're advising a limit, i think we
should say 128 or so.
i think the rest is fine.
