Date: Mon, 11 Jun 2012 16:00:14 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-security@freebsd.org Subject: Re: Default password hash Message-ID: <867gvene35.fsf@ds4.des.no> In-Reply-To: <4FD5CF47.7070800@sentex.net> (Mike Tancsa's message of "Mon, 11 Jun 2012 06:58:15 -0400") References: <86r4tqotjo.fsf@ds4.des.no> <4FD334BE.4020900@sentex.net> <86ipeyp73q.fsf@ds4.des.no> <4FD5CF47.7070800@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Tancsa <mike@sentex.net> writes: > Dag-Erling Sm=C3=B8rgrav <des@des.no> writes: > > Mike Tancsa <mike@sentex.net> writes: > > > Actually, any chance of MFC'ing SHA256 and 512 in RELENG_7 ? Its > > > currently not there. > > "not there" as in "not supported by crypt(3)"? > If you put in sha256|sha512 in passwd_format, the passwd that gets > chosen is DES, as in Data Encryption Standard, not Dag-Erling Sm=C3=B8rgr= av > ;-) This is non-trivial to fix, as the code that would need to be MFCed depends on libc changes. I'm worried about collateral damage from MFCing those changes. It may be possible to backport the sha2 code. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?867gvene35.fsf>