pam_unix: Add support for (gost-)yescrypt hashing methods.

libxcrypt (v4.2 and later) has added support for the yescrypt hashing method; gost-yescrypt has been added in v4.3. * modules/pam_unix/pam_unix.8.xml: Documentation for (gost-)yescrypt. * modules/pam_unix/pam_unix_acct.c: Use 64 bit type for control flags. * modules/pam_unix/pam_unix_auth.c: Likewise. * modules/pam_unix/pam_unix_passwd.c: Likewise. * modules/pam_unix/pam_unix_sess.c: Likewise. * modules/pam_unix/passverify.c: Add support for (gost-)yescrypt. * modules/pam_unix/passverify.h: Use 64 bit type for control flags. * modules/pam_unix/support.c: Set sane rounds for (gost-)yescrypt. * modules/pam_unix/support.h: Add support for (gost-)yescrypt.
author: Björn Esser <besser82@fedoraproject.org> 2018-11-15 16:38:05 +0100
committer: Tomáš Mráz <t8m@users.noreply.github.com> 2018-11-23 15:39:24 +0100
commit: 16bd523f85ede9fa9115f80e826f2d803d7e61d4 (patch)
tree: 66ebe2f6abb103f8937c69b03fa7c797dbb1cf4f /modules/pam_unix/pam_unix.8.xml
parent: b8ba9fafae478ae96529d61e2ce163b338f9b29b (diff)
1 files changed, 33 insertions, 2 deletions
diff --git a/modules/pam_unix/pam_unix.8.xml b/modules/pam_unix/pam_unix.8.xml
index 1b318f11..cae2aeaa 100644
--- a/modules/pam_unix/pam_unix.8.xml
+++ b/modules/pam_unix/pam_unix.8.xml
@@ -333,12 +333,43 @@
       </varlistentry>
       <varlistentry>
         <term>
+          <option>gost_yescrypt</option>
+        </term>
+        <listitem>
+          <para>
+            When a user changes their password next,
+            encrypt it with the gost-yescrypt algorithm. If the
+            gost-yescrypt algorithm is not known to the <citerefentry>
+	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+            </citerefentry> function,
+            fall back to MD5.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>
+          <option>yescrypt</option>
+        </term>
+        <listitem>
+          <para>
+            When a user changes their password next,
+            encrypt it with the yescrypt algorithm. If the
+            yescrypt algorithm is not known to the <citerefentry>
+	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+            </citerefentry> function,
+            fall back to MD5.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>
           <option>rounds=<replaceable>n</replaceable></option>
         </term>
         <listitem>
           <para>
-            Set the optional number of rounds of the SHA256, SHA512
-            and blowfish password hashing algorithms to
+            Set the optional number of rounds of the SHA256, SHA512,
+            blowfish, gost-yescrypt, and yescrypt password hashing
+            algorithms to
             <replaceable>n</replaceable>.
           </para>
         </listitem>
author	Björn Esser <besser82@fedoraproject.org>	2018-11-15 16:38:05 +0100
committer	Tomáš Mráz <t8m@users.noreply.github.com>	2018-11-23 15:39:24 +0100
commit	16bd523f85ede9fa9115f80e826f2d803d7e61d4 (patch)
tree	66ebe2f6abb103f8937c69b03fa7c797dbb1cf4f /modules/pam_unix/pam_unix.8.xml
parent	b8ba9fafae478ae96529d61e2ce163b338f9b29b (diff)