Red Hat Bugzilla – Bug 173834
blowfish support in glibc - crypt()
Last modified: 2016-11-24 07:35:39 EST
Description of problem:
This bug is opened in relation to a feature request for support of blowfish
crypt in shadow/passwd files. glibc - crypt() should support blowfish in
addition to md5 hash.
I'm not sure, but did Bugzilla remove the keyword FutureFeature from this
report when adding me as Cc? If yes, slap one of the Bugzilla guys, please...
Blowfish support will not be added since it doesn't solve the problem (see
http://people.redhat.com/drepper/sha-crypt.html). But a new, safer, not based
on MD5 method will appear with the next rawhide build.
As explained in comment #2, no change will come. It's fixed differently.
This bug is closed because implementing it didn't solve a problem with a different, much weaker protocol? I beg to differ. Bcrypt solves every problem with SHA by removing its weak self entirely.
The fix for SHA did not solve this bug at all. Also, there is need for password synchronization across numerous infrastructures which any change to SHA did not solve.
This issue will be highlighted during our discussion with our sales rep for reasons why we won't be paying any more for Red Hat "support", if one can use the word that vaguely. Over the years we've learned that we're only paying for the privilege of being told what Red Hat can't be bothered to fix.