[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS / secure ldap transactions, userPassword hashing questions



> So it would seem the short answer to my question is I either choose one
> of the ones listed in the manpage, or do something like add the
> additional hash support to crypt() itself, which doesn't appeal to me
> since I'd be changing one of the distributed-with-the-OS-core
> functions.

Depends on how modular your system is. Some libc implementations have
"pluggable" crypt(), for instance. If you want to investigate this route,
ask your libc developers.

> Would it a big deal to make a feature request for something like
> SHA-256, SHA-512, and/or Blowfish support?

Well, in terms of going to the ITS page and getting something requested on
the record, probably not. But in terms of it actually getting done, some
code attached to that ITS would go a long way. See
libraries/liblutil/passwd.c.