From owner-freebsd-current@FreeBSD.ORG Sat Mar 8 02:43:48 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 62CE017F; Sat, 8 Mar 2014 02:43:48 +0000 (UTC) Received: from h2.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3C52ECF8; Sat, 8 Mar 2014 02:43:47 +0000 (UTC) Received: from h2.funkthat.com (localhost [127.0.0.1]) by h2.funkthat.com (8.14.3/8.14.3) with ESMTP id s282hgLg020407 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 7 Mar 2014 18:43:42 -0800 (PST) (envelope-from jmg@h2.funkthat.com) Received: (from jmg@localhost) by h2.funkthat.com (8.14.3/8.14.3/Submit) id s282hg9m020406; Fri, 7 Mar 2014 18:43:42 -0800 (PST) (envelope-from jmg) Date: Fri, 7 Mar 2014 18:43:42 -0800 From: John-Mark Gurney To: d@delphij.net Subject: Re: Feature Proposal: Transparent upgrade of crypt() algorithms Message-ID: <20140308024342.GC17019@funkthat.com> Mail-Followup-To: d@delphij.net, nanoman@nanoman.ca, Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= , freebsd-current@freebsd.org, secteam@freebsd.org References: <2167732.JmQmEPMV2N@desktop.reztek> <201403070913.30359.jhb@freebsd.org> <5319DE84.3040602@allanjude.com> <20140307161313.GA49137@nanocomputer.nanoman.ca> <531A2CC1.8080802@allanjude.com> <20140307215223.GB49137@nanocomputer.nanoman.ca> <531A42F3.5020207@delphij.net> <20140307225050.GC50880@nanocomputer.nanoman.ca> <531A660D.3040101@delphij.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <531A660D.3040101@delphij.net> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.2-RELEASE i386 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (h2.funkthat.com [127.0.0.1]); Fri, 07 Mar 2014 18:43:42 -0800 (PST) Cc: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= , freebsd-current@freebsd.org, nanoman@nanoman.ca, secteam@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Mar 2014 02:43:48 -0000 Xin Li wrote this message on Fri, Mar 07, 2014 at 16:36 -0800: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 03/07/14 14:50, A.J. Kehoe IV (Nanoman) wrote: > > Xin Li wrote: > >> Hi, > >> > >> On 03/07/14 13:52, A.J. Kehoe IV (Nanoman) wrote: > >>> Allan Jude wrote: > >>>> On 2014-03-07 11:13, A.J. Kehoe IV (Nanoman) wrote: > >>>>> Allan Jude wrote: > >>>>> > >>>>> [...] > >>>>> > >>>>>> Honestly, my use case is just silently upgrading the > >>>>>> strength of the hashing algorithm (when combined with my > >>>>>> other feature request). Updating my bcrypt hashes from > >>>>>> $2a$04$ to $2b$12$ or something. Same applies for the > >>>>>> default sha512, maybe I want to update to rounds=15000 > >>>>> > >>>>> Like this? > >>>>> > >>>>> http://www.freebsd.org/cgi/query-pr.cgi?pr=182518 > >>>>> > >>>>> Request for comments: > >>>>> > >>>>> http://docs.freebsd.org/cgi/mid.cgi?20140106205156.GD4903 > > > > [...] > > > >> Speaking for adding rounds, the only problem that needs to be > >> fixed is that the proposed patch makes it possible to create > >> conflicting configuration (passwd_format and passwd_modular can > >> use different hashing algorithms) and need to be fixed and > >> polished. I like the idea of making it possible to use more > >> rounds though. > > > > This was deliberate for backward compatibility. passwd_format will > > be used by default if passwd_modular isn't defined. If > > passwd_modular is defined as "disabled", then passwd_format will be > > used. > > Well, my point is that the two shouldn't be allowed to exist together > if they can mean something conflicting. Allowing passwd_format=sha512 > AND passwd_modular=$2a$08$ in the same configuration creates confusion > and it's not good. > > My suggestion is that we either have: > > a) passwd_format and passwd_round (so that they don't conflict), or > > b) extend passwd_format in a compatible manner to allow specifying a > round, or, Couldn't we merge passwd_format and passwd_modular into one, being either the name, or the begining salt string? since the salt string always begins w/ $, they wouldn't conflict, and could be properly resolved... > c) make passwd_format and passwd_modular conflict so we don't silently > accept it and instead bail out when doing pwd_mkdb. > > > What do you think of the idea of putting this into libcrypt instead > > of pam_unix.c, and then patching pam_unix.c and pw_user.c to > > reference libcrypt? > > Which part of the idea? I think it's a bad idea to make libcrypt to > depend on libutil (for login_cap(3)) but we should probably provide > new wrappers in login_cap(3) to do the common things when requested > for various password manipulating tools to reduce duplicated code. So, the current code in pam_unix is: login_setcryptfmt which calls crypt_set_format as necessary makesalt crypt So, we could expand crypt_set_format to understand the two, and keep a copy of the rounds data, or we could expose makesalt into maybe crypt_makesalt (this would be nice) w/ an optional arg that provides either the name or the beging salt string w/ rounds, i.e. what passwd_format would contain... and update pam_unix and friends to use this... This last method would make login_setcryptfmt unnecessary, so I'm not sure how good/bad that is.. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."