[Pkg-shadow-devel] Adding a new key in login.defs to select HMAC algorithm in pam

Iker Pedrosa ipedrosa at redhat.com
Wed Apr 21 09:25:45 BST 2021


I'd like to add a new key value in the login.defs file to select the HMAC
algorithm used in pam_timestamp module. I already have a PR in pam
repository [1 <https://github.com/linux-pam/linux-pam/pull/342>] that
changes the actual hmac implementation embedded in pam_timestamp for one
that is provided by openssl. This library provides several algorithms to
calculate the HMAC message and in order to select the algorithm I decided
to get the configure from login.defs.

That brings me to my questions:

   1. Would the shadow-utils project be willing to accept a PR that adds
   this new key value?
   2. Do you think "HMAC_CRYPTO_ALGO" is a sufficiently meaningful name for
   the key?

[1] https://github.com/linux-pam/linux-pam/pull/342


Iker Pedrosa

Software Engineer, Identity Management team

Red Hat <https://www.redhat.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20210421/00a0d9ee/attachment.htm>

More information about the Pkg-shadow-devel mailing list