From db2b52425dced7665cc33cc9fb6ade688fcbce4a Mon Sep 17 00:00:00 2001
From: Denis Vlasenko <vda.linux@googlemail.com>
Date: Tue, 12 Dec 2006 17:14:56 +0000
Subject: passwd: added comment

---
 loginutils/passwd.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/loginutils/passwd.c b/loginutils/passwd.c
index a062596b4..c28e9b80e 100644
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -34,10 +34,15 @@ static void crypt_make_salt(char *p, int cnt)
 
 	x += getpid() + time(NULL) + clock();
 	do {
-		/* x = (x*1664525 + 1013904223) mod 2^32 generator is lame
+		/* x = (x*1664525 + 1013904223) % 2^32 generator is lame
 		 * (low-order bit is not "random", etc...),
 		 * but for our purposes it is good enough */
 		x = x*1664525 + 1013904223;
+		/* BTW, Park and Miller's "minimal standard generator" is
+		 * x = x*16807 % ((2^31)-1)
+		 * It has no problem with visibly alternating lowest bit
+		 * but is also weak in cryptographic sense + needs div,
+		 * which needs more code (and slower) on many CPUs */
 		*p++ = i64c(x >> 16);
 		*p++ = i64c(x >> 22);
 	} while (--cnt);
-- 
cgit v1.2.3