Hello everybody, I have just finished compiling glibc 2.3.2.ds1-13 patched to contain the crypt-blowfish support from the OWL project (http://openwall.com/crypt/). I applied, compiled and is running without any even the slightest problem. My goal is to modify the Debian shadow tools with the support for TCB (http://openwall.com/tcb/) as well as package their TCB PAM modules, TCB NSS library and all the utilites there are for TCB integration. All of the above require crypto-blowfish to be included in the libc. Attached you can find the dpatch which adds the support to the Debian libc (should be added as the last entry to debian/patches/00list) and the upstream crypt(3) manpage (for your reference). My question is whether there is any chance of including that support in the Debian package? IMHO, it would greately add to the Debian security and, since it doesn't change the glibc ABI nor introduce any incompatibilities, it would seamlessly integrate with Debian. The integration of shadow/other utilities with the TCB framework requires little work (a small patch to the shadow utilities) plus appropriate config files for the PAM-enabled programs. thanks a lot, marek
Attachment:
crypt.3.bz2
Description: Binary data
Attachment:
crypt-blowfish.dpatch.bz2
Description: Binary data
Attachment:
signature.asc
Description: Digital signature