diff options
| author | Björn Esser <besser82@fedoraproject.org> | 2018-11-23 19:57:43 +0100 |
|---|---|---|
| committer | Tomáš Mráz <t8m@users.noreply.github.com> | 2020-01-17 16:52:32 +0100 |
| commit | a12ec8b879337c15acba04fe7f5c8e75f5a91809 (patch) | |
| tree | 46e34165a7f569cc80e4f28c65ce8385bf2eb08a /modules/pam_unix/pam_unix.8.xml | |
| parent | ded7401a0bc743aaffa785a8b015ceec7780462d (diff) | |
| download | pam-a12ec8b879337c15acba04fe7f5c8e75f5a91809.tar.gz pam-a12ec8b879337c15acba04fe7f5c8e75f5a91809.tar.bz2 pam-a12ec8b879337c15acba04fe7f5c8e75f5a91809.zip | |
pam_unix: Return NULL instead of calling crypt_md5_wrapper().
If the call to the crypt(3) function failed for some reason during
hashing a new login passphrase, the wrapper function for computing
a hash with the md5crypt method was called internally by the pam_unix
module in previous versions of linux-pam.
With CVE-2012-3287 in mind, the md5crypt method is not considered to
be a safe nor recommended hashing method for a new login passphrase
since at least 2012. Thus pam_unix should error out in case of a
failure in crypt(3) instead of silently computing a hashed passphrase
using a potentially unsafe method.
* modules/pam_unix/pam_unix.8.xml: Update documentation.
* modules/pam_unix/passverify.c (create_password_hash): Return NULL
on error instead of silently invoke crypt_md5_wrapper().
Diffstat (limited to 'modules/pam_unix/pam_unix.8.xml')
| -rw-r--r-- | modules/pam_unix/pam_unix.8.xml | 35 |
1 files changed, 15 insertions, 20 deletions
diff --git a/modules/pam_unix/pam_unix.8.xml b/modules/pam_unix/pam_unix.8.xml index cae2aeaa..93a01c89 100644 --- a/modules/pam_unix/pam_unix.8.xml +++ b/modules/pam_unix/pam_unix.8.xml @@ -293,11 +293,10 @@ <listitem> <para> When a user changes their password next, - encrypt it with the SHA256 algorithm. If the - SHA256 algorithm is not known to the <citerefentry> + encrypt it with the SHA256 algorithm. The + SHA256 algorithm must be supported by the <citerefentry> <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum> - </citerefentry> function, - fall back to MD5. + </citerefentry> function. </para> </listitem> </varlistentry> @@ -308,11 +307,10 @@ <listitem> <para> When a user changes their password next, - encrypt it with the SHA512 algorithm. If the - SHA512 algorithm is not known to the <citerefentry> + encrypt it with the SHA512 algorithm. The + SHA512 algorithm must be supported by the <citerefentry> <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum> - </citerefentry> function, - fall back to MD5. + </citerefentry> function. </para> </listitem> </varlistentry> @@ -323,11 +321,10 @@ <listitem> <para> When a user changes their password next, - encrypt it with the blowfish algorithm. If the - blowfish algorithm is not known to the <citerefentry> + encrypt it with the blowfish algorithm. The + blowfish algorithm must be supported by the <citerefentry> <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum> - </citerefentry> function, - fall back to MD5. + </citerefentry> function. </para> </listitem> </varlistentry> @@ -338,11 +335,10 @@ <listitem> <para> When a user changes their password next, - encrypt it with the gost-yescrypt algorithm. If the - gost-yescrypt algorithm is not known to the <citerefentry> + encrypt it with the gost-yescrypt algorithm. The + gost-yescrypt algorithm must be supported by the <citerefentry> <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum> - </citerefentry> function, - fall back to MD5. + </citerefentry> function. </para> </listitem> </varlistentry> @@ -353,11 +349,10 @@ <listitem> <para> When a user changes their password next, - encrypt it with the yescrypt algorithm. If the - yescrypt algorithm is not known to the <citerefentry> + encrypt it with the yescrypt algorithm. The + yescrypt algorithm must be supported by the <citerefentry> <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum> - </citerefentry> function, - fall back to MD5. + </citerefentry> function. </para> </listitem> </varlistentry> |