| CRYPT_CHECKSALT(3) | Library Functions Manual | CRYPT_CHECKSALT(3) |
crypt_checksalt —
validate a crypt setting string
Crypt Library (libcrypt, -lcrypt)
#include
<crypt.h>
int
crypt_checksalt(const char
*setting);
crypt_checksalt checks the
setting string against the system configuration and
reports whether the hashing method and parameters it specifies are
acceptable. It is intended to be used by programs such as
login(1) to determine whether the user's passphrase should
be re-hashed using the currently preferred hashing method.
The return value is 0 if there is nothing wrong with this setting. Otherwise, it is one of the following constants:
CRYPT_SALT_OKCRYPT_SALT_INVALIDCRYPT_SALT_METHOD_DISABLED
(Not implemented, yet)crypt will fail if
passed this setting. Manual intervention will be
required to reactivate the user's account.CRYPT_SALT_METHOD_LEGACY
(Not implemented, yet)crypt will still authenticate a passphrase against
this setting, but if authentication succeeds, the passphrase should be
re-hashed using the currently preferred method.CRYPT_SALT_TOO_CHEAP
(Not implemented, yet)crypt will still authenticate a passphrase against
this setting, but if authentication succeeds, the passphrase should be
re-hashed using the currently preferred method.<crypt.h> will
define the macro CRYPT_CHECKSALT_AVAILABLE if
crypt_checksalt is available in the current version
of libxcrypt.
Since full configurability is not yet implemented, the current
implementation will only ever return CRYPT_SALT_OK
(0) or CRYPT_SALT_INVALID when invoked.
The function crypt_checksalt is not part
of any standard. It was added to libxcrypt in version 4.3.0.
For an explanation of the terms used in this section, see attributes(7).
| Interface | Attribute | Value |
| Thread safety | MT-Safe |
| November 8, 2018 | libxcrypt |