act-user: Use stronger hashing methods in make_crypted() if available. (!74) · Merge requests · accountsservice / accountsservice

Björn Esser requested to merge besser82/accountsservice:topic/besser82/yescrypt into master Jun 25, 2021

Most Linux distributions, including Fedora and RHEL 8, are shipping with libxcrypt >= 4.0.

Since that version of libxcrypt the provided family of crypt_gensalt() functions are able to use automatic entropy drawn from secure system ressources, like arc4random(), getentropy() or getrandom(). Those functions can also be used to select the strongenst hash method available in libxcrypt as a default.

Anyways, the settings generated by crypt_gensalt() are always guaranteed to work with the crypt() function.

Signed-off-by: Björn Esser besser82@fedoraproject.org

Edited Jun 26, 2021 by Björn Esser

act-user: Use stronger hashing methods in make_crypted() if available.

Merge request reports