Site Navigation

Date:      Mon, 6 Jan 2014 15:51:56 -0500
From:      "A.J. Kehoe IV (Nanoman)" <nanoman@nanoman.ca>
To:        FreeBSD-current@FreeBSD.org
Subject:   Re: Better Password Hashes
Message-ID:  <20140106205156.GD4903@nanocomputer.nanoman.ca>
In-Reply-To: <20130930181611.GA90404@nanocomputer.nanoman.ca>
References:  <20130930181611.GA90404@nanocomputer.nanoman.ca>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]
A.J. Kehoe IV (Nanoman) wrote:

[...]

>http://www.freebsd.org/cgi/query-pr.cgi?pr=182518

[...]

It seems that pam_unix.c isn't the only file that needs patching.  Notice pw_pwcrypt and pw_password in pw_user.c:

http://svnweb.freebsd.org/base/head/usr.sbin/pw/pw_user.c?view=markup

Rather than copy Derek's code into pw_user.c, we're thinking that this would be a better solution:

1. Copy Derek's code into libcrypt.

2. Modify Derek's patches to reference libcrypt instead.

3. Write a patch for pw_user.c to reference libcrypt.

It's entirely possible that there are other utilities and libraries that also need to be patched.  Rather than use the copy-pasta method that appears to have been used between pam_unix.c and pw_user.c, everything can simply reference libcrypt.

Before we begin, does anyone have any comments?

-- 
A.J. Kehoe IV (Nanoman)     |  /"\  ASCII Ribbon Campaign
Nanoman's Company           |  \ /   - No HTML/RTF in E-mail
E-mail: nanoman@nanoman.ca  |   X    - No proprietary attachments
WWW: http://www.nanoman.ca/ |  / \   - Respect for open standards

[-- Attachment #2 --]
0�P	*�H��

��A0�=

10	+0	*�H��


���0�w0�_�

�[0
	*�H��


0y10U
Root CA10Uhttp://www.cacert.org1"0 UCA Cert Signing Authority1!0	*�H��

	
support@cacert.org0
130906235134Z
140305235134Z0=10UCAcert WoT User1!0	*�H��

	
nanoman@nanoman.ca0�
"0
	*�H��



�
0�

�

�VDj�
@�[H}����K�4��٪�:�C�J�yc��k�Xm�i��
~��F
6��x�1�JoeHQL`�w&.��P��H"w�}��|��oѬݘ2r6���ڛ?�
p���	.����y�a�w� �Nc��^�ʽ��h��N��mH�o$��l��sB1h���X�y�
��XU���ş������k�ք�))�Rn�Z�g_�Î��h�c$u��^��SϏ�d�moA�#k�����>��x����;�As�

��
B0�
>0U

�00V	`�H
��B

IGTo get your own certificate for FREE head over to http://www.CAcert.org0U

��0@U%907+
+

+

�7

+

�7
	`�H
��B
02+


&0$0"+
0
�http://ocsp.cacert.org01U*0(0&�$�"� http://crl.cacert.org/revoke.crl0U0�nanoman@nanoman.ca0
	*�H��


�
HO�7��췣�����=F�*M�k���-�r��
�|����#,�s0��y��9���9��oZ,�q�~�Y��I������}�s.P�!_���N�u�̈́l��[�Һ*u4��{��q\cj!��R��tj�O�_ڦr�ʳ�)��f���j�h�)c�@�7������B����tK���/��]�*JԁǞ�8ݸ�{Pu[~�7�1\��й���w;�\�\���M�������0f��v�m}`�]9v�g����A�6+1l}aAo ���u*у���\g�J��%���=�O��F���7M�!i�?��@D����G��|�pM�,�B��0��J�C�|u�=؜a6���;y?��$H��&Mj���7+�h4@�P��i�@2�+��[��J/$��3��O�bx�C;�.���(v9�+�7[�[JN��d��VJ�8N�`��^ʛ�Dɲ�i_٭ى��eR��kC�S����	�^�s�_63��o'$�~D�$������d{}>z;M�0�=0�%�

0
	*�H��


0y10U
Root CA10Uhttp://www.cacert.org1"0 UCA Cert Signing Authority1!0	*�H��

	
support@cacert.org0
030330122949Z
330329122949Z0y10U
Root CA10Uhttp://www.cacert.org1"0 UCA Cert Signing Authority1!0	*�H��

	
support@cacert.org0�"0
	*�H��



�0�
�
�"��F}�6(P��3@�K�;f?1�k6��|��Nw6A��	��F�s`�n~��Xd�Ͱ�Ec�g
��ҿ>���L���5]l!ޞ ٺ�f27r�����XɎ�^�>��
l��[df*z�KSy���{�/
a+��~MV���ڒ��DAX`ef��D�˔�B~�eh�Q������W��kz��r�%[ ���2�H��.0B�%�k?�:��SH��Ҷ���4��zX+[�8��]fɘמ����t��qr`��o�3��4v>$z���o�E8G��A�J�����.�	�Yת�ғ}h.݋K�X�/�ꕧ��T���ۋQ"��þ�,����x� ӊ/?��Qe�!�
eE��|�ALO)�!�3uQ�w�������i�"�Ṕ1�{8�h[�+�~�_���rL�
�K ���Wʑ
��u!7�c
g>FOp g���Y�����ͺb��A�� �)�d)B�"�x��C�	QKZZ�q���s��

��
�0�
�0U�2������Ұ:�9�0��U#��0����2������Ұ:�9ѡ}�{0y10U
Root CA10Uhttp://www.cacert.org1"0 UCA Cert Signing Authority1!0	*�H��

	
support@cacert.org�
0U

�0

�02U+0)0'�%�#�!https://www.cacert.org/revoke.crl00	`�H
��B
#!https://www.cacert.org/revoke.crl04	`�H
��B
'%http://www.cacert.org/index.php?id=100V	`�H
��B

IGTo get your own certificate for FREE head over to http://www.cacert.org0
	*�H��


�
(��\��5
�o�j���h��X�>��ÐZ��`��C
��p��b����gX
06;�H��t�q>�+h�4b@F;S�(���f�S�M]�;�`��yi;�e��Ɓ�\���M
���U��7���pa�j|���.T>O!���܂���E�M�s<�e��v��j��7$��NmQ��ďʖm�C��0e';{�CCc�C���h���"���{Z>
7;����N˛͚�۲p�-J�ذ�oEH3��<2*T������#�G�dzq���c�~�/�
�ܟ+����H%���B���>�W���i�w4
K�ʠ�ƌ����27hs_�Q�IS6
�L�y��:u���
pg���/��y��=�s���o�g��/�$�{�H5)@��`ᖆP�zY؏!�ς��;�k����V#��l��H<��N���/	�So.�t�:c�¦�����D�
��l�$����pG.��Բ 	��d�$ܡ5��ԼU.}��U�Z֓�v�%sL�C1�\0�X

0��0y10U
Root CA10Uhttp://www.cacert.org1"0 UCA Cert Signing Authority1!0	*�H��

	
support@cacert.org
�[0	+���0	*�H��

	1	*�H��


0	*�H��

	1
140106205156Z0#	*�H��

	1�)4m
=��ı����=���0R	*�H��

	1E0C0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0
	*�H��



�
��>�Fm
y�S��u�^v�cfS[*L�A����QV;�GRW&�M���S��XXZ�
�j��i�F5!�ȧ5�+ɶ֡+��.D
9�"W���1���A�ڮƎ�Q�������s`Q�`�a%v8����K
"���9X���r����MLZ��U`���Q��0�z]0�-�8ZY�	��`۫�B�O��b�)�/ϔ*�4(�@�H$$�yY�@��4���/��*�`���ٸ��Cy�M��

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140106205156.GD4903>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact