Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 799131 - sys-auth/pambase: add yescrypt password hashing support
Summary: sys-auth/pambase: add yescrypt password hashing support
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Mikle Kolyada (RETIRED)
URL:
Whiteboard:
Keywords: PATCH
Depends on:
Blocks: libxcrypt-migration
  Show dependency tree
 
Reported: 2021-06-29 00:28 UTC by Alexander Tsoy
Modified: 2021-12-18 17:48 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
0001-pambase.py-add-support-for-yescrypt-password-hashing.patch (0001-pambase.py-add-support-for-yescrypt-password-hashing.patch,1.57 KB, text/plain)
2021-06-29 10:11 UTC, Alexander Tsoy 		Details
0001-sys-auth-pambase-add-support-for-yescrypt-password-h.patch (0001-sys-auth-pambase-add-support-for-yescrypt-password-h.patch,2.17 KB, text/plain)
2021-06-29 10:12 UTC, Alexander Tsoy 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Tsoy 2021-06-29 00:28:14 UTC 
As Gentoo is migrating to sys-libs/libxcrypt, whould be nice to have an optional yescrypt support in pambase. Yescrypt is more resistant to offline password cracking than sha512 and it is supported by pam.

https://www.openwall.com/yescrypt/
Comment 1 Alexander Tsoy 2021-06-29 10:11:58 UTC 
Created attachment 720108 [details]
0001-pambase.py-add-support-for-yescrypt-password-hashing.patch
Comment 2 Alexander Tsoy 2021-06-29 10:12:56 UTC 
Created attachment 720111 [details]
0001-sys-auth-pambase-add-support-for-yescrypt-password-h.patch
Comment 3 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2021-06-29 14:42:09 UTC 
I agree that it makes sense but not earlier than I take a newer pam snapshot. Current situation with libxcrypt management via the cached autoconf variable is terrible.
Comment 5 Larry the Git Cow gentoo-dev 2021-12-18 17:48:35 UTC 
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d7791ef9dc7cf4e5ffd8abe9e4120c386b98e0c

commit 6d7791ef9dc7cf4e5ffd8abe9e4120c386b98e0c
Author:     Mikle Kolyada <zlogene@gentoo.org>
AuthorDate: 2021-12-18 17:48:03 +0000
Commit:     Mikle Kolyada <zlogene@gentoo.org>
CommitDate: 2021-12-18 17:48:32 +0000

    sys-auth/pambase: Version bump (v20211218)
    
    Closes: https://bugs.gentoo.org/799131
    Package-Manager: Portage-3.0.28, Repoman-3.0.3
    Signed-off-by: Mikle Kolyada <zlogene@gentoo.org>

 sys-auth/pambase/Manifest                |   1 +
 sys-auth/pambase/pambase-20211218.ebuild | 111 +++++++++++++++++++++++++++++++
 2 files changed, 112 insertions(+)