This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [RFC][PATCH][BZ 2100] blowfish support in libcrypt

On Thu, Jun 01, 2017 at 11:23:36AM +0200, Florian Weimer wrote:
> On 05/31/2017 07:33 PM, Björn Esser wrote:
> > +Solar Designer <solar at>
> I think we generally prefer patch submission from the original author or
> copyright holder.

I'm quite sure the original author has no time for this, but you
definitely can contact him on this subject.

> Are the crypt_gensalt functions strongly related to Blowfish support?

Not really.

> In any case, they need documentation,

JFYI, crypt_blowfish comes with its own crypt(3) manual page documenting them.

> and I'm not sure if the interfaces
> are properly designed (haven't looked in detail, admittedly).

They are properly designed, no doubts about it,
unlike the infamous change of crypt(3) to return NULL for bad salt.

As to this API extension, it's arguably even more important than having
bcrypt support in libcrypt.

The only drawback of adding crypt_gensalt et al functions without bcrypt
is potential breakage of various configure scripts that decide whether
to rely on bcrypt support in libcrypt or not based on the crypt_gensalt
availability in libcrypt.

> The other question is why we should add Blowfish support when the cipher
> is pretty much on everyone's banned list.

Is there any link between bcrypt support in libcrypt and Blowfish support
in ssh/ssl/etc, besides a psychological one?


Attachment: signature.asc
Description: PGP signature

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]