man-pages/man-pages-2.75-crypt.patch

diff -up man-pages-2.75/man3/crypt.3.pom man-pages-2.75/man3/crypt.3
--- man-pages-2.75/man3/crypt.3.pom	2008-01-03 17:07:29.000000000 +0100
+++ man-pages-2.75/man3/crypt.3	2008-01-14 11:04:42.000000000 +0100
@@ -141,22 +141,59 @@ function was not implemented, probably b
 SVr4, 4.3BSD, POSIX.1-2001
 .SH NOTES
 .SS Glibc Notes
-The glibc2 version of this function has the following additional features.
+The glibc2 version of this function has the following additional features:
+
 If
 .I salt
-is a character string starting with the three characters "$1$"
-followed by at most eight characters, and optionally terminated by "$",
-then instead of using the DES machine, the glibc crypt function
-uses an MD5-based algorithm, and outputs up to 34 bytes,
-namely "$1$<salt>$<encoded>", where
-"<salt>" stands for the up to 8 characters following "$1$" in the salt,
-and "<encoded>" is a further 22 characters.
-The characters in "<salt>" and "<encoded>" are drawn from the set
+is a character string starting with the three characters "$<ID>$"
+followed by a string terminated by "$",
+
+$<ID>$<salt>$<pwd>
+
+then instead of using the DES machine, ID identifies the method used and 
+this then determines how the rest of the password string is
+interpreted.  So far the following ID values are in use:
+
+.TS
+l l.
+ID  | Method
+_
+1   | MD5 (Linux, BSD)
+2a  | Blowfish (OpenBSD)
+md5 | Sun MD5
+.TE                 
+                     
+For the new SHA-256 and SHA-512 methods the following values are
+selected:
+                     
+.TS 
+l l.
+ID  | Method
+_
+5   | SHA-256
+6   | SHA-512
+.TE
+
+So $5$<salt>$<pwd> is a SHA-256 encoded password and $6$<salt>$<pwd> is a
+SHA-512 encoded one.
+
+"<salt>" stands for the up to 16 characters following "$ID$" in the salt.
+The pwd part of the password string is the actual computed password.
+The size of this string is fixed:
+
+.TS
+l l.
+MD5 | 22 characters
+SHA-256 | 43 characters
+SHA-512 | 86 characters
+.TE
+
+The characters in "<salt>" and "<pwd>" are drawn from the set
 [\fBa\fP\(en\fBzA\fP\(en\fBZ0\fP\(en\fB9./\fP].
-The entire
+In SHA implementation the entire
 .I key
 is significant here (instead of only the first
-8 bytes).
+8 bytes in MD5).
 .SH "SEE ALSO"
 .BR login (1),
 .BR passwd (1),
- update crypt.3 man page 2008-01-14 10:28:03 +00:00			`diff -up man-pages-2.75/man3/crypt.3.pom man-pages-2.75/man3/crypt.3`
			`--- man-pages-2.75/man3/crypt.3.pom 2008-01-03 17:07:29.000000000 +0100`
			`+++ man-pages-2.75/man3/crypt.3 2008-01-14 11:04:42.000000000 +0100`
			`@@ -141,22 +141,59 @@ function was not implemented, probably b`
			`SVr4, 4.3BSD, POSIX.1-2001`
			`.SH NOTES`
			`.SS Glibc Notes`
			`-The glibc2 version of this function has the following additional features.`
			`+The glibc2 version of this function has the following additional features:`
			`+`
			`If`
			`.I salt`
			`-is a character string starting with the three characters "$1$"`
			`-followed by at most eight characters, and optionally terminated by "$",`
			`-then instead of using the DES machine, the glibc crypt function`
			`-uses an MD5-based algorithm, and outputs up to 34 bytes,`
			`-namely "$1$<salt>$<encoded>", where`
			`-"<salt>" stands for the up to 8 characters following "$1$" in the salt,`
			`-and "<encoded>" is a further 22 characters.`
			`-The characters in "<salt>" and "<encoded>" are drawn from the set`
			`+is a character string starting with the three characters "$<ID>$"`
			`+followed by a string terminated by "$",`
			`+`
			`+$<ID>$<salt>$<pwd>`
			`+`
			`+then instead of using the DES machine, ID identifies the method used and`
			`+this then determines how the rest of the password string is`
			`+interpreted. So far the following ID values are in use:`
			`+`
			`+.TS`
			`+l l.`
			`+ID \| Method`
			`+_`
			`+1 \| MD5 (Linux, BSD)`
			`+2a \| Blowfish (OpenBSD)`
			`+md5 \| Sun MD5`
			`+.TE`
			`+`
			`+For the new SHA-256 and SHA-512 methods the following values are`
			`+selected:`
			`+`
			`+.TS`
			`+l l.`
			`+ID \| Method`
			`+_`
			`+5 \| SHA-256`
			`+6 \| SHA-512`
			`+.TE`
			`+`
			`+So $5$<salt>$<pwd> is a SHA-256 encoded password and $6$<salt>$<pwd> is a`
			`+SHA-512 encoded one.`
			`+`
			`+"<salt>" stands for the up to 16 characters following "$ID$" in the salt.`
			`+The pwd part of the password string is the actual computed password.`
			`+The size of this string is fixed:`
			`+`
			`+.TS`
			`+l l.`
			`+MD5 \| 22 characters`
			`+SHA-256 \| 43 characters`
			`+SHA-512 \| 86 characters`
			`+.TE`
			`+`
			`+The characters in "<salt>" and "<pwd>" are drawn from the set`
			`[\fBa\fP\(en\fBzA\fP\(en\fBZ0\fP\(en\fB9./\fP].`
			`-The entire`
			`+In SHA implementation the entire`
			`.I key`
			`is significant here (instead of only the first`
			`-8 bytes).`
			`+8 bytes in MD5).`
			`.SH "SEE ALSO"`
			`.BR login (1),`
			`.BR passwd (1),`