From 333f7ecfa3e040191c66b2b92f6c117ca2cbac1d Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sat, 27 Apr 2024 14:50:00 +0200
Subject: Adding upstream version 1:4.8.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml | 69 +++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml

(limited to 'man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml')

diff --git a/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml b/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml
new file mode 100644
index 0000000..0755e69
--- /dev/null
+++ b/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml
@@ -0,0 +1,69 @@
+<!--
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="sha_crypt">
+  <term><option>SHA_CRYPT_MIN_ROUNDS</option> (number)</term>
+  <term><option>SHA_CRYPT_MAX_ROUNDS</option> (number)</term>
+  <listitem>
+    <para>
+      When <option>ENCRYPT_METHOD</option> is set to
+      <replaceable>SHA256</replaceable> or
+      <replaceable>SHA512</replaceable>, this defines the number of SHA
+      rounds used by the encryption algorithm by default (when the number
+      of rounds is not specified on the command line).
+    </para>
+    <para>
+      With a lot of rounds, it is more difficult to brute forcing the
+      password. But note also that more CPU resources will be needed to
+      authenticate users.
+    </para>
+    <para>
+      If not specified, the libc will choose the default number of rounds
+      (5000).
+    </para>
+    <para>
+      The values must be inside the 1000-999,999,999 range.
+    </para>
+    <para>
+      If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or
+      <option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value
+      will be used.
+    </para>
+    <para>
+      If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt;
+      <option>SHA_CRYPT_MAX_ROUNDS</option>, the highest value will be
+      used.
+    </para>
+    <para condition="pam">
+      Note: This only affect the generation of group passwords.
+      The generation of user passwords is done by PAM and subject to the
+      PAM configuration. It is recommended to set this variable
+      consistently with the PAM configuration.
+    </para>
+  </listitem>
+</varlistentry>
-- 
cgit v1.2.3