Created attachment 2941 [details] Updated patch for glibc 2.14 to add sha-256/512 support Description of problem: Up to and including glibc-2.12.1-11.3.mga1 crypt(3) supported sha-256 and sha-512 password hashes. The patch to support this was dropped from glibc-2.14.1-8.mga2, however. This caused several (ruby and python) applications to fail as they could not validate the passwords anymore. Version-Release number of selected component (if applicable): glibc 2.14.1 How reproducible: See below. Steps to Reproduce: 1. ruby -e 'puts "my-secret".crypt("$5$rounds=10000$sHpTPaXHPpFF8agG")' 2. ruby -e 'puts "my-secret".crypt("$6$rounds=10000$sHpTPaXHPpFF8agG")' 3. python -c 'from crypt import crypt; print(crypt("my-secret", "$5$rounds=10000$sHpTPaXHPpFF8agG"))' 4. python -c 'from crypt import crypt; print(crypt("my-secret", "$6$rounds=10000$sHpTPaXHPpFF8agG"))' In each case it should print out $5$rounds=10000$sHpTPaXHPpFF8agG$IrVp.2mghjnCxFjXofJOCHDjzVywrvp8VXC.41wngvD or $6$rounds=10000$sHpTPaXHPpFF8agG$7LCyF.mfj96JeySXYze1Ut8z.TZYOzg5HrCzJC7jYe69L.nM89eg2bp.WYkW8aed2xwuL/zeaOhqev2MA1GhI0 If it instead it prints out '*0' then the algorithm is not supported.
Created attachment 2942 [details] Updated spec for the updated patch
Source RPM: (none) => glibc-2.14.1-8.mga2.src.rpm
Keywords: (none) => PATCHCC: (none) => thierry.vignaudAssignee: bugsquad => tmb
Created attachment 2947 [details] Updated spec for the updated patch Oops, just realized I had accidentally removed a hunk when I cleaned up the spec for submission.
Attachment 2942 is obsolete: 0 => 1
Ah, sorry ... seems I disabled the patch by mistake during 2.14 rebase here: http://svnweb.mageia.org/packages/cauldron/glibc/current/SPECS/glibc.spec?r1=156157&r2=156310 I will re-add it and push it as an update for Mageia 2 along with a few other fixes I have queued probably by the end of the week... I will fix in Cauldron too, so it will work for mga3 Thanks for noticing it, and sorry for the problem
Status: NEW => ASSIGNED
Fixed in Cauldron with glibc-2.16-13.mga3 Fixed in SVN for Mageia 2 and queued for next update: http://svnweb.mageia.org/packages?view=revision&revision=306739
CC: thierry.vignaud => (none)
Wow, that was fast! Thanks.
Closing then
Status: ASSIGNED => RESOLVEDCC: (none) => thierry.vignaudResolution: (none) => FIXED