On Thu, Sep 25, 2003 at 09:19:08PM +0200, Thorsten Kukuk wrote: > On Thu, Sep 25, Solar Designer wrote: > > > > > http://www.openwall.com/crypt/ > > > SuSE Linux has it since 8.0. > > crypt_blowfish is fully integrated into Owl and distributions by > > ALT Linux team, as the default password hashing scheme. It is a > > part of the glibc package on ASPLinux and SuSE. > > ... and SuSE Linux. > > Not only SuSE. Corrected. (Also on a few other web pages where I had just SuSE, -- you're packaging more of my stuff.) > > I've downloaded glibc-2.3.2-6.src.rpm from SuSE 8.2 and looked at it > > briefly. I notice that you disable the x86 assembly code in > > crypt_blowfish, why? There was a thread-safety problem in that code > > which has since been corrected, so you could want to update to > > crypt_blowfish 0.4.5 and re-enable that code: > > We had massive problems with this, but I don't remember what it was > anymore. It had something to do with the toolchain. I will enable it > again and make same tests. Thank you! I'd appreciate it if you drop me a note whenever you happen to apply a patch to something I wrote, -- I now notice that you have a few Makefile patches to my PAM modules and I'll probably apply those for later versions. As for your integration of bcrypt password hashing, I notice that you don't currently have support for specifying the iteration counts. I think this is something to correct, either by enhancing pam_unix2 even further or by migrating to pam_tcb. -- Alexander _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
