Rebenchmark (admittedly not really on that newer of hardware) and
bump the hash iterations by about 10%.
heimdal-history now requires the Perl modules Const::Fast and
JSON::MaybeXS instead of Readonly and JSON.
- Explicitly erase the copy of the password made in the Heimdal plugin.
+ Increase hash iterations for heimdal-history by about 10% to maintain
+ the time required for a password hash at about 0.1 seconds on not
+ horribly modern hardware. This will affect newly-stored history
+ entries but will not invalidate existing password history entries.
+
+ Explicitly erase the copy of the password made in the Heimdal plugin
+ before freeing memory.
Add a spec file for building RPMs, contributed by Daria Phoebe
Brashear.
# The number of PBKDF2 iterations to use when hashing passwords. This number
# should be chosen so as to force the hash operation to take approximately 0.1
# seconds on current hardware.
-const my $HASH_ITERATIONS => 40128;
+const my $HASH_ITERATIONS => 45144;
# Path to the history database. Currently, this must be a Berkeley DB file in
# the old DB_HASH format. Keys will be principal names, and values will be a