public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/2100] New: blowfish crypt support
@ 2006-01-01 16:49 stlman at poczta dot fm
2006-05-28 17:51 ` [Bug libc/2100] " solar at openwall dot com
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: stlman at poczta dot fm @ 2006-01-01 16:49 UTC (permalink / raw)
To: glibc-bugs
IMHO GNU C Library should include support for Blowfish crypt(3) coding. It is
now available as a patch from http://www.openwall.com/crypt/. Currently three
major free *BSD variants offer support for it. It seems to be much better than
than MD5 because of its scalability.
http://www.freebsd.org/cgi/man.cgi?query=crypt&apropos=0&sektion=3&manpath=FreeBSD+6.0-RELEASE+and+Ports&format=html
http://www.openbsd.org/cgi-bin/man.cgi?query=crypt&apropos=0&sektion=3&manpath=OpenBSD+Current&arch=i386&format=html
http://netbsd.gw.com/cgi-bin/man-cgi?crypt+3+NetBSD-current
--
Summary: blowfish crypt support
Product: glibc
Version: unspecified
Status: NEW
Severity: enhancement
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: stlman at poczta dot fm
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=2100
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/2100] blowfish crypt support
2006-01-01 16:49 [Bug libc/2100] New: blowfish crypt support stlman at poczta dot fm
@ 2006-05-28 17:51 ` solar at openwall dot com
2007-04-24 6:55 ` robert at linuxfromscratch dot org
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: solar at openwall dot com @ 2006-05-28 17:51 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From solar at openwall dot com 2006-05-28 17:51 -------
The tiny glibc patch currently included in the crypt_blowfish package might not
be suitable for inclusion - in particular, it assumes that the optional x86
assembly file is misplaced for the sake of simplicity in the current
installation instructions for [advanced] end-users.
If this stuff would be accepted in general only needing a proper patch, I'd be
happy to re-work the patch to make it suitable for inclusion. So please let me
know.
--
What |Removed |Added
----------------------------------------------------------------------------
CC| |solar at openwall dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=2100
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/2100] blowfish crypt support
2006-01-01 16:49 [Bug libc/2100] New: blowfish crypt support stlman at poczta dot fm
2006-05-28 17:51 ` [Bug libc/2100] " solar at openwall dot com
@ 2007-04-24 6:55 ` robert at linuxfromscratch dot org
2007-09-19 22:38 ` drepper at redhat dot com
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: robert at linuxfromscratch dot org @ 2007-04-24 6:55 UTC (permalink / raw)
To: glibc-bugs
--
What |Removed |Added
----------------------------------------------------------------------------
CC| |robert at linuxfromscratch
| |dot org
http://sourceware.org/bugzilla/show_bug.cgi?id=2100
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/2100] blowfish crypt support
2006-01-01 16:49 [Bug libc/2100] New: blowfish crypt support stlman at poczta dot fm
2006-05-28 17:51 ` [Bug libc/2100] " solar at openwall dot com
2007-04-24 6:55 ` robert at linuxfromscratch dot org
@ 2007-09-19 22:38 ` drepper at redhat dot com
2007-09-26 7:57 ` stlman at poczta dot fm
2007-09-26 18:19 ` drepper at redhat dot com
4 siblings, 0 replies; 6+ messages in thread
From: drepper at redhat dot com @ 2007-09-19 22:38 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From drepper at redhat dot com 2007-09-19 22:38 -------
I'm not going to add Blowfish support since this is not solving the problem (see
http://people.redhat.com/drepper/sha-crypt.html). But I did add a new, safer,
not based on MD5 method to cvs.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
http://sourceware.org/bugzilla/show_bug.cgi?id=2100
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/2100] blowfish crypt support
2006-01-01 16:49 [Bug libc/2100] New: blowfish crypt support stlman at poczta dot fm
` (2 preceding siblings ...)
2007-09-19 22:38 ` drepper at redhat dot com
@ 2007-09-26 7:57 ` stlman at poczta dot fm
2007-09-26 18:19 ` drepper at redhat dot com
4 siblings, 0 replies; 6+ messages in thread
From: stlman at poczta dot fm @ 2007-09-26 7:57 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From stlman at poczta dot fm 2007-09-26 07:57 -------
(In reply to comment #2)
> I'm not going to add Blowfish support since this is not solving the problem
The paper gives good reasons to implement sha-based crypt scheme, no doubt. But
IMHO this does not have to mean glibc cannot support bcrypt(), does it? If you
look at the pages in my first not you will find that *BSD C libraries implement
even more schemes e.g. NT-hash. More algorithms make system more interoperable.
Alexander offered a proper patch to integrate it so there wouldn't be too much
work for you.
Last and least. Forgive me my conspiracy theories but if a government agency
tells me: "use this encryption", I can hear: "we assure you, no one else but us
can break it" ;-)
--
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
http://sourceware.org/bugzilla/show_bug.cgi?id=2100
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug libc/2100] blowfish crypt support
2006-01-01 16:49 [Bug libc/2100] New: blowfish crypt support stlman at poczta dot fm
` (3 preceding siblings ...)
2007-09-26 7:57 ` stlman at poczta dot fm
@ 2007-09-26 18:19 ` drepper at redhat dot com
4 siblings, 0 replies; 6+ messages in thread
From: drepper at redhat dot com @ 2007-09-26 18:19 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From drepper at redhat dot com 2007-09-26 18:19 -------
(In reply to comment #3)
But
> IMHO this does not have to mean glibc cannot support bcrypt(), does it?
Yes, it does. I'm not carrying around code unnecessarily. And diversity is bad
since this means you run into trouble in heterogeneous environments.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |FIXED
http://sourceware.org/bugzilla/show_bug.cgi?id=2100
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2007-09-26 18:19 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2006-01-01 16:49 [Bug libc/2100] New: blowfish crypt support stlman at poczta dot fm
2006-05-28 17:51 ` [Bug libc/2100] " solar at openwall dot com
2007-04-24 6:55 ` robert at linuxfromscratch dot org
2007-09-19 22:38 ` drepper at redhat dot com
2007-09-26 7:57 ` stlman at poczta dot fm
2007-09-26 18:19 ` drepper at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).