You are not logged in.
- Topics: Active | Unanswered
#1 2015-02-16 15:12:29
- rootio
- Member
- Registered: 2015-02-16
- Posts: 4
Blowfish (bcrypt) patch for glibc with Dovecot
Hello,
$ doveadm pw -lCRYPT MD5 MD5-CRYPT SHA SHA1 SHA256 SHA512 SMD5 SSHA SSHA256 SSHA512 PLAIN CLEAR CLEARTEXT PLAIN-TRUNC CRAM-MD5 SCRAM-SHA-1 HMAC-MD5 DIGEST-MD5 PLAIN-MD4 PLAIN-MD5 LDAP-MD5 LANMAN NTLM OTP SKEY RPA SHA256-CRYPT SHA512-CRYPT
BLF-CRYPT is missing, I think I need to patch the glibc library to add Blowfish support for Dovecot, but I'm not sure.
I found some links:
http://bcrypt.sourceforge.net/
http://www.openwall.com/crypt/
https://aur.archlinux.org/packages/bcrypt/
Thanks :-)
Last edited by rootio (2015-02-16 15:27:12)
Offline
#2 2015-02-16 19:01:55
- clfarron4
- Member
- From: London, UK
- Registered: 2013-06-28
- Posts: 2,163
- Website
Re: Blowfish (bcrypt) patch for glibc with Dovecot
As I understand it, libc implementations don't typically ship with blowfish, though some distributions will ship it.
From what I see in the Arch source tarball for glibc, it certainly isn't patched in. You could patch it in yourself through something like ABS for your own use, but if you believe that it ArchLinux should ship it, then add it as a Feature Request on the bug tracker.
Claire is fine.
Problems? I have dysgraphia, so clear and concise please.
My public GPG key for package signing
My x86_64 package repository
Offline
#3 2015-02-16 21:02:55
- rootio
- Member
- Registered: 2015-02-16
- Posts: 4
Re: Blowfish (bcrypt) patch for glibc with Dovecot
Done, https://bugs.archlinux.org/task/43846 thanks 
Offline
#4 2015-02-16 21:32:02
- Allan
- Pacman
- From: Brisbane, AU
- Registered: 2007-06-09
- Posts: 11,484
- Website
Re: Blowfish (bcrypt) patch for glibc with Dovecot
Patches have to go through the upstream developers.
Offline
#5 2015-02-17 14:24:29
- rootio
- Member
- Registered: 2015-02-16
- Posts: 4
Re: Blowfish (bcrypt) patch for glibc with Dovecot
Hey Allan, do I need to post something somewhere then ?
Offline
#6 2015-02-17 20:15:34
- clfarron4
- Member
- From: London, UK
- Registered: 2013-06-28
- Posts: 2,163
- Website
Re: Blowfish (bcrypt) patch for glibc with Dovecot
Hey Allan, do I need to post something somewhere then ?
A quick Google reveals the GNU C Library Development Page. Try there, as that's the upstream.
Claire is fine.
Problems? I have dysgraphia, so clear and concise please.
My public GPG key for package signing
My x86_64 package repository
Offline
#7 2015-02-17 21:17:55
- rootio
- Member
- Registered: 2015-02-16
- Posts: 4
Re: Blowfish (bcrypt) patch for glibc with Dovecot
Ho ok, I was not sure about what Allan was talking about, I don't want to waste my time trying to convinced the libc team to implement Blowfish, they probably don't want to implement it because it's not NIST approved. I'll figure it out. Thanks
Last edited by rootio (2015-02-17 21:18:18)
Offline