On Mon, Apr 16, 2001 at 06:05:38PM -0500, Steve Langasek wrote: > Since portability to other OSes is a concern for Linux-PAM, even integrated > bcrypt support in glibc doesn't eliminate the need for bcrypt support in PAM. This is assuming that we want to provide support for all password hashes Linux-PAM modules could handle on all platforms supported by Linux-PAM. I'm not sure this needs to be one of Linux-PAM goals. > One of my long-term aspirations for pam_unix is to reorder the module such > that it can detect what crypt algorithms are supported by the OS crypt() > function, and compile in its own implementation for *only* those it needs to > provide. This would be an improvement, but I think a more consistent approach is to provide a library with crypt_rn() and crypt_gensalt_rn(), but only link the modules against it on platforms which lack one or both of these functions. This is assuming we/I will be able to get these functions into glibc's libcrypt. If not, then we could do the same for just crypt(). -- /sd
