From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/2857
Path: news.gmane.org!not-for-mail
From: Rich Felker <dalias@aerifal.cx>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: shadow.h
Date: Wed, 27 Feb 2013 11:52:33 -0500
Message-ID: <20130227165233.GI20323@brightrain.aerifal.cx>
References: <CAPLrYES3e2qOE9W5bHh536BHw1EaT518Lb_FRyuW0hqJN6O8NQ@mail.gmail.com>
 <20130226231901.GI6181@port70.net>
 <CAPLrYEQP78x+Hn=ssukPOC-hBCyquS_O_bn+hTY8EesVi8_UeQ@mail.gmail.com>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Trace: ger.gmane.org 1361983968 10319 80.91.229.3 (27 Feb 2013 16:52:48 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 27 Feb 2013 16:52:48 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-2858-gllmg-musl=m.gmane.org@lists.openwall.com Wed Feb 27 17:53:11 2013
Return-path: <musl-return-2858-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@plane.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-2858-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1UAkFg-0005hL-Td
	for gllmg-musl@plane.gmane.org; Wed, 27 Feb 2013 17:53:09 +0100
Original-Received: (qmail 32025 invoked by uid 550); 27 Feb 2013 16:52:46 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 32014 invoked from network); 27 Feb 2013 16:52:46 -0000
Content-Disposition: inline
In-Reply-To: <CAPLrYEQP78x+Hn=ssukPOC-hBCyquS_O_bn+hTY8EesVi8_UeQ@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Xref: news.gmane.org gmane.linux.lib.musl.general:2857
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/2857>

On Wed, Feb 27, 2013 at 09:24:40AM +0100, Daniel Cegiełka wrote:
> 2013/2/27 Szabolcs Nagy <nsz@port70.net>:
> 
> > /etc/shadow requires priviledge escalation for password changes
> > so putspent is dangerous, pam_unix should be deprecated on
> > modern systems
> >
> > http://www.openwall.com/tcb/
> >
> > (i think this already came up a few times, maybe it should be in a faq..)
> 
> owl's tcb and musl? It's harder than it seems.
> 
> 1) __crypt_blowfish() in musl isn't compatible with
> __crypt_blowfish_rn().. so lack of support for owl's

This is intentional. __-prefixed functions are not intended to be
externally visible except for a small set (e.g. stdio_ext.h) with
historical precedent or ABI things like __errno_location.

I hope we can work with owl to get a good solution. I'm not sure why
they don't just use crypt_r, since it would certainly do the job, but
if they want to use the special functions when available, they could
still include a fallback to crypt_r.

> __crypt_gensalt_ra() and crypt_ra/rn() etc. (owl's salt and tcb
> prefixes):

My feeling was that salt generation doesn't belong in libc. Just
adding these functions into the owl pam code should do the trick.

Rich