On Tue, 3 May 2022 13:58:44 +0200 Andreas Helmcke <a...@helmcke.name> wrote:
> diff --git a/loginutils/Config.src b/loginutils/Config.src > index cbb09646b..cdcd7132f 100644 > --- a/loginutils/Config.src > +++ b/loginutils/Config.src > @@ -91,6 +91,28 @@ config USE_BB_CRYPT_SHA > With this option off, login will fail password check for any > user which has password encrypted with these algorithms. > > +config USE_BCRYPT > + bool "Enable the bcrypt crypt function" > + default n > + depends on !USE_BB_CRYPT > + help > + Enable this if you have passwords starting with $2a$, $2y$ or > + $2b$ in your /etc/passwd or /etc/shadow files. These passwords > + are hashed using the bcrypt algorithm. Requires the use of a C > + library that supports bcrypt. The manpage says 2a is blowfish, which this patch wouldn't enable. I'd also like a compile-time check for the libc support, something like #if GLIBC && GLIBC_VERSION < blah #error Your libc doesn't support bcrypt #endif - Lauri _______________________________________________ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox
