View Issue Details

IDProjectCategoryView StatusLast Update
0002682SOGowith SOGopublic2017-05-30 19:48
Reporterrejsmont Assigned Toludovic  
PrioritynormalSeverityfeatureReproducibilityalways
Status resolvedResolutionfixed 
Platform[Server] LinuxOSUbuntuOS Version12.04 LTS
Product Version2.2.2 
Summary0002682: Please add support for CRYPT-SHA256, CRYPT-SHA512 and CRYPT-BLF
Description

Sogo includes support for CRYPT-MD5, but lacks support for more secure variants. These CRYPT variants are supported by the crypt() function that sogo uses to generate md5-crypt passwords - the only difference is the magic string which is $5$ for SHA256 and $6$ for SHA512 and $2a$ for blowfish - the coding should be trivial.

I might try to make a pull request for that, but I am not that comfy with objective-C.

This feature would allow to nicely integrate SoGo with PAM using secure password storage mechanisms.

TagsNo tags attached.

Activities

ludovic

ludovic

2014-03-25 00:13

administrator   ~0006776

Have a quick look at: https://github.com/inverse-inc/sogo/blob/master/SoObjects/SOGo/NSData%2BCrypto.m

It's quite easy to add new schemes.

ludovic

ludovic

2017-05-30 19:48

administrator   ~0011884

Implemented all except Blowfish a while ago. No interest in Blowfish.

Issue History

Date Modified Username Field Change
2014-03-24 23:21 rejsmont New Issue
2014-03-25 00:13 ludovic Note Added: 0006776
2017-05-30 19:48 ludovic Note Added: 0011884
2017-05-30 19:48 ludovic Status new => resolved
2017-05-30 19:48 ludovic Resolution open => fixed
2017-05-30 19:48 ludovic Assigned To => ludovic