Subject: Re: Adding sha1 hashed passwords
To: Bill Studenmund <>
From: Simon J. Gerraty <>
List: tech-userlevel
Date: 05/29/2004 23:32:05
On Sat, 29 May 2004 17:40:49 -0700, Bill Studenmund writes:
>__sha1crypt is in the library's name space, while crypt_sha1 is in the=20
>application's name space. So __sha1crypt is better for internal uses.

So if I add:


to libcrypt we can avoid a version bump.

Now hmac_sha1.c just does some defines and inlucdes hmac.c
which I _think_ belongs in libc/hash no?
So I could add

hmac_md5	- any need?

to libc?

Should libcrypt then use hmac_sha1 in libc or __hmac_sha1 in libcrypt?
putting hmac_sha1 in libc seems reasonable since we rely on SHA1 from
there anyway.

Also, is it considered evil for pwd_gensalt to call __crypt_*?
if so, what's a good solution?