[RADIATOR] Using unix crypto ?

Heikki Vatiainen hvn at open.com.au
Fri Apr 30 15:00:53 UTC 2021


On 14.4.2021 10.01, Patrik Forsberg wrote:

> I see.. thanks for your response then I at least know why 😊

>> -----Original Message-----
>> From: radiator <radiator-bounces at lists.open.com.au> On Behalf Of Heikki Vatiainen

>> To summarise: at this point $2y$ support depends on the OS Radiator runs on. OS independent support would need code changes so it's not immediately possible with, for example, having suitable modules installed.

We took a closer look at this, and it seems the situation this time is 
quite good: there's a Perl module Crypt::Eksblowfish::Bcrypt that's 
available and it's implementation of bcrypt was not affected by the 
problem that lead to use of $2y$ prefix. What we could do is to see if 
libc crypt supports bcrypt, with fallback to Crypt::Eksblowfish::Bcrypt 
if it's present.

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.


More information about the radiator mailing list