Commit Graph

8 Commits

Author SHA1 Message Date
Mark Murray
bf513f6958 Add a new hash type. This "NT-hash" is compatible with the password
hashing scheme used in Microsoft's NT machines. IT IS NOT SECURE!
DON'T USE IT! This is for the use of competent sysadmins only!

Submitted by:	Michael Bretterklieber
2003-06-02 19:29:27 +00:00
Mark Murray
f2ac424af7 No functional change, but big code cleanup. WARNS, lint(1) and style(9). 2002-03-06 17:18:09 +00:00
Mark Murray
5c1296168b Add OpenBSD-style blowfish password hashing. This makes one less
gratuitous difference between us and our sister project.

This was given to me _ages_ ago. May apologies to Paul for the length
of time its taken me to commit.

Obtained from:	Niels Provos <provos@physnet.uni-hamburg.de>/OpenBSD
Submitted by:	Paul Herman <pherman@frenchfries.net>
2001-03-11 16:05:43 +00:00
Brian Feldman
04c9749ff0 Add working and easy crypt(3)-switching. Yes, we need a whole new API
for crypt(3) by now.  In any case:

Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).

The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)

Reviewed by:	peter
2000-08-22 02:15:54 +00:00
Kris Kennaway
0ade301d10 Zap SHA1 password support. This will be re-implemented at a later date. 2000-01-07 06:33:54 +00:00
Mark Murray
e9a56ad5ca Big code cleanup. (Inspired by Brandon Gillespie). Also move as
much as possible away from secure/ to make extending easier.
1999-09-20 12:45:49 +00:00
Mark Murray
4fdd3d5417 The new crypt code broke "make world". Back it out. 1999-01-23 08:27:46 +00:00
Brandon Gillespie
da5c7089a3 Rewrite of crypt library to be more modular, and addition of the
Secure Hashing Algorithm - 1 (SHA-1), along with the further
refinement of what $x$salt$hash means.  With this new crypt the
following are all acceptable:

    $1$
    $MD5$
    $SHA1$

Note: $2$ is used by OpenBSD's Blowfish, which I considered adding
as $BF$, but there is no actual need for it with SHA-1.  However,
somebody wishing to add OpenBSD password support could easilly add
it in now.

There is also a malloc_crypt() available in the library now, which
behaves exactly the same as crypt(), but it uses a malloced buffer
instead of a static buffer.  However, this is not standard so will
likely not be used much (at all).

Also, for those interested I did a brief speed test Pentium 166/MMX,
which shows the DES crypt to do approximately 2640 crypts a CPU second,
MD5 to do about 62 crypts a CPU second and SHA1 to do about 18 crypts
a CPU second.

Reviewed by:	Mark Murray
1999-01-21 13:50:09 +00:00