-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, On 03/07/14 13:52, A.J. Kehoe IV (Nanoman) wrote: > Allan Jude wrote: >> On 2014-03-07 11:13, A.J. Kehoe IV (Nanoman) wrote: >>> Allan Jude wrote: >>> >>> [...] >>> >>>> Honestly, my use case is just silently upgrading the strength >>>> of the hashing algorithm (when combined with my other feature >>>> request). Updating my bcrypt hashes from $2a$04$ to $2b$12$ >>>> or something. Same applies for the default sha512, maybe I >>>> want to update to rounds=15000 >>> >>> Like this? >>> >>> http://www.freebsd.org/cgi/query-pr.cgi?pr=182518 >>> >>> Request for comments: >>> >>> http://docs.freebsd.org/cgi/mid.cgi?20140106205156.GD4903 >>> >> >> This looks like what we wanted. In the feedback you talked about >> some changes to your patch required to make it work, is there any >> progress on those? > > Derek's patches worked perfectly for our needs, but we're the sort > of people who use vipw and our own utilities for user management. > It wasn't until later that we discovered at least one other file > would need patching to satisfy everyone. We didn't want to employ > the same copy-pasta method, so we asked for feedback about our > proposed alternative. > > secteam_at_, do you have any comments? Before we put any more work > into this, we want to be sure that our proposal is an acceptable > one. > Did you mean adding rounds capability, or transparent upgrade of crypt() algorithms, or both? I need some time to digest the whole transparent upgrade idea but in general I think it's good. Speaking for adding rounds, the only problem that needs to be fixed is that the proposed patch makes it possible to create conflicting configuration (passwd_format and passwd_modular can use different hashing algorithms) and need to be fixed and polished. I like the idea of making it possible to use more rounds though. Cheers, - -- Xin LI <delphij_at_delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBCgAGBQJTGkLzAAoJEJW2GBstM+nsaVoP/017iARGzd++lCsfqyFDozGk nXJjatlrIcRjrbCmVRT0lsHiK/hoYJ4zZPeOu8EXU1Qs0/wggGHYePX7+zEVob2S YCxhqUOdG/jqrHnH8bljzWE/OtI7Y4PvFOLpsWkOE/uulssQfGDMSy8WJzFriqzv GXjAEyFrGXCT29gW6ozTRfDfPSOfd4MhwewbMYAUykSqucMfkG4FaDAgLxv/XdRi YmLQZuxxTzEqMYanZGq/0e5CvOwOuncd0aVxncJC8ZRcsHs5cqbzcyDkkRwvw/YU g1OsLXiO08zej0rOz1E4pud8O6q3unG5dNcz9Y96oNo0fJONMrk9IetCUCHBsR8N eyWJQyHL7wwwNlC5k8U9cOnsL3zxBv54N6bfWuWNNDpJmNrvgMr9LdPso+AX0gLD y4RhVJeLCQbLrkQawoM1+Ki5N0mQibk9BBGXH/ZPScP1pNqVt9tqXp94N5ZPLV54 Uu4cn/2uKjtTjl76YFlCTvfwwiuWgds1k6CnKZIW8luOp4cG5XOoOSztONqWr6S/ yd7SLDV4f8PC7Fi1iSkSuVW5MYz1I7RRVR1Z27oV3e3UwXwIgqRjHJawNZqIgVe1 4lk84+fm75ULLfiA6bgkMCjylyWHCzrdOQt/Zx+0vyZOer5x2p4gZmnYAyV2EQIP TM611j1UES6OUGFkfbWa =4Qur -----END PGP SIGNATURE-----Received on Fri Mar 07 2014 - 21:06:45 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:47 UTC