Date: Wed, 15 Jul 2020 17:08:54 +0300 From: "Dmitry V. Levin" <ldv@...linux.org> To: owl-dev@...ts.openwall.com Subject: Re: [PATCH 0/5] pam_tcb update Hi, On Sat, Jul 07, 2018 at 02:37:58AM +0300, Dmitry V. Levin wrote: > On Fri, Jul 06, 2018 at 03:33:28PM +0200, Solar Designer wrote: > > On Thu, Jul 05, 2018 at 02:29:19AM +0300, Dmitry V. Levin wrote: > > > I've got a few patches for pam_tcb. Tested in Sisyphus. > > > > Thanks. I think we should get these into Owl-current (even though these > > changes don't matter much for Owl yet), test them a bit more in there, > > then release tcb 1.2. For the testing in Owl-current, use version > > numbers like 1.1.x or even 1.1.9.x (indicating that we're closer to 1.2 > > than to 1.1). > > OK, but I'm not sure I remember correctly how to get anything into > Owl-current. > > > For the release, we also need updated LICENSE (copyright years) and > > ChangeLog. We could also use this opportunity to relax the license for > > our newly written source files (not inherited from pam_unix). There's > > no reason to subject them to 3-clause BSD or GPL (BTW, of unspecified > > version) that the whole thing is under for historical reasons - we can > > as well use 0-clause BSD for them (add such comments to the files > > themselves). If we go for this, we need to ask Rafal for his approval. > > I don't mind changing the license this way, although I don't see any > practical difference so far. > > > > pam_tcb: use pam_get_authtok(3) instead of _unix_read_password > > > > Does this mean we're dropping OpenPAM support, which you had once added? > > No, I don't think so, OpenPAM provides pam_get_authtok with the same > interface as in Linux-PAM since 2002-04-08 and claims it is an OpenPAM > extension. Perhaps I should amend the commit message to mention this. > > I haven't tried to build anything with OpenPAM for quite some time, though. > > > > pam_tcb: request automatic prefix and entropy if libcrypt implements it > > > > Please add a 6th patch/commit that would change the default prefix from > > $2y$ to $2b$ to be friendlier to OpenBSD. I understand that ALT has to > > stay with $2y$ for a while longer, but I guess you can be overriding > > this default on pam_tcb's command line. > > OK I've finally managed to commit these changes. -- ldv
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.