From a4a61f54ff2307a7987143364a25ed7594dd2b1a Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Fri, 17 Dec 2010 05:33:06 +0000
Subject: [PATCH] allow default blowfish rounds to be tweakable by arch, no
 behavioral change ok deraadt

---
 src/etc/login.conf.in | 6 +++---
 src/etc/mklogin.conf  | 4 +++-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/etc/login.conf.in b/src/etc/login.conf.in
index 5c3840a4..04a4998e 100644
--- a/src/etc/login.conf.in
+++ b/src/etc/login.conf.in
@@ -1,4 +1,4 @@
-# $OpenBSD: login.conf.in,v 1.2 2007/01/09 10:20:12 millert Exp $
+# $OpenBSD: login.conf.in,v 1.3 2010/12/17 05:33:06 tedu Exp $
 
 #
 # Sample login.conf file.  See login.conf(5) for details.
@@ -46,7 +46,7 @@ default:\
 	:maxproc-cur=@DEF_MAXPROC_CUR@:\
 	:openfiles-cur=@DEF_OPENFILES_CUR@:\
 	:stacksize-cur=4M:\
-	:localcipher=blowfish,6:\
+	:localcipher=blowfish,@DEF_BLOWFISH_RNDS@:\
 	:ypcipher=old:\
 	:tc=auth-defaults:\
 	:tc=auth-ftp-defaults:
@@ -62,7 +62,7 @@ daemon:\
 	:maxproc=infinity:\
 	:openfiles-cur=128:\
 	:stacksize-cur=8M:\
-	:localcipher=blowfish,8:\
+	:localcipher=blowfish,@ROOT_BLOWFISH_RNDS@:\
 	:tc=default:
 
 #
diff --git a/src/etc/mklogin.conf b/src/etc/mklogin.conf
index e06deccf..87c4c749 100644
--- a/src/etc/mklogin.conf
+++ b/src/etc/mklogin.conf
@@ -5,7 +5,7 @@
 #
 # Usage: mklogin.conf [overrides_file] < login.conf.in > login.conf.out
 #
-# $OpenBSD: mklogin.conf,v 1.5 2010/12/02 20:41:13 millert Exp $
+# $OpenBSD: mklogin.conf,v 1.6 2010/12/17 05:33:06 tedu Exp $
 
 BEGIN {
 	# Default substitutions
@@ -19,6 +19,8 @@ BEGIN {
 	values["STAFF_MAXPROC_MAX"]="512"
 	values["STAFF_MAXPROC_CUR"]="128"
 	values["STAFF_OPENFILES_CUR"]="128"
+	values["DEF_BLOWFISH_RNDS"]="6"
+	values["ROOT_BLOWFISH_RNDS"]="8"
 
 	# Optional overrides
 	if (ARGC > 1) {