Merging upstream version 3.5.5 (Closes: #1098233).
Signed-off-by: Daniel Baumann <daniel@debian.org>
This commit is contained in:
parent
c86ae7dcba
commit
6af28b7e8e
GPG key ID:
FBB4F0E80A80222F
144 changed files with 43534 additions and 11497 deletions
124
modules/iana-crypt-hash@2014-04-04.yang
Normal file
124
modules/iana-crypt-hash@2014-04-04.yang
Normal file
|
|
@ -0,0 +1,124 @@
|
|||
module iana-crypt-hash {
|
||||
namespace "urn:ietf:params:xml:ns:yang:iana-crypt-hash";
|
||||
prefix ianach;
|
||||
|
||||
organization "IANA";
|
||||
contact
|
||||
" Internet Assigned Numbers Authority
|
||||
|
||||
Postal: ICANN
|
||||
4676 Admiralty Way, Suite 330
|
||||
Marina del Rey, CA 90292
|
||||
|
||||
Tel: +1 310 823 9358
|
||||
E-Mail: iana&iana.org";
|
||||
description
|
||||
"This YANG module defines a typedef for storing passwords
|
||||
using a hash function, and features to indicate which hash
|
||||
functions are supported by an implementation.
|
||||
|
||||
The latest revision of this YANG module can be obtained from
|
||||
the IANA web site.
|
||||
|
||||
Requests for new values should be made to IANA via
|
||||
email (iana&iana.org).
|
||||
|
||||
Copyright (c) 2014 IETF Trust and the persons identified as
|
||||
authors of the code. All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or
|
||||
without modification, is permitted pursuant to, and subject
|
||||
to the license terms contained in, the Simplified BSD License
|
||||
set forth in Section 4.c of the IETF Trust's Legal Provisions
|
||||
Relating to IETF Documents
|
||||
(http://trustee.ietf.org/license-info).
|
||||
|
||||
The initial version of this YANG module is part of RFC XXXX;
|
||||
see the RFC itself for full legal notices.";
|
||||
// RFC Ed.: replace XXXX with actual RFC number and remove this
|
||||
// note.
|
||||
|
||||
// RFC Ed.: update the date below with the date of RFC publication
|
||||
// and remove this note.
|
||||
revision 2014-04-04 {
|
||||
description
|
||||
"Initial revision.";
|
||||
reference
|
||||
"RFC XXXX: A YANG Data Model for System Management";
|
||||
}
|
||||
|
||||
typedef crypt-hash {
|
||||
type string {
|
||||
pattern
|
||||
'$0$.*'
|
||||
+ '|$1$[a-zA-Z0-9./]{1,8}$[a-zA-Z0-9./]{22}'
|
||||
+ '|$5$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{43}'
|
||||
+ '|$6$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{86}';
|
||||
}
|
||||
description
|
||||
"The crypt-hash type is used to store passwords using
|
||||
a hash function. The algorithms for applying the hash
|
||||
function and encoding the result are implemented in
|
||||
various UNIX systems as the function crypt(3).
|
||||
|
||||
A value of this type matches one of the forms:
|
||||
|
||||
$0$<clear text password>
|
||||
$<id>$<salt>$<password hash>
|
||||
$<id>$<parameter>$<salt>$<password hash>
|
||||
|
||||
The '$0$' prefix signals that the value is clear text. When
|
||||
such a value is received by the server, a hash value is
|
||||
calculated, and the string '$<id>$<salt>$' or
|
||||
$<id>$<parameter>$<salt>$ is prepended to the result. This
|
||||
value is stored in the configuration data store.
|
||||
|
||||
If a value starting with '$<id>$', where <id> is not '0', is
|
||||
received, the server knows that the value already represents a
|
||||
hashed value, and stores it as is in the data store.
|
||||
|
||||
When a server needs to verify a password given by a user, it
|
||||
finds the stored password hash string for that user, extracts
|
||||
the salt, and calculates the hash with the salt and given
|
||||
password as input. If the calculated hash value is the same
|
||||
as the stored value, the password given by the client is
|
||||
accepted.
|
||||
|
||||
This type defines the following hash functions:
|
||||
|
||||
id | hash function | feature
|
||||
---+---------------+-------------------
|
||||
1 | MD5 | crypt-hash-md5
|
||||
5 | SHA-256 | crypt-hash-sha-256
|
||||
6 | SHA-512 | crypt-hash-sha-512
|
||||
|
||||
The server indicates support for the different hash functions
|
||||
by advertising the corresponding feature.";
|
||||
reference
|
||||
"IEEE Std 1003.1-2008 - crypt() function
|
||||
RFC 1321: The MD5 Message-Digest Algorithm
|
||||
FIPS.180-3.2008: Secure Hash Standard";
|
||||
}
|
||||
|
||||
feature crypt-hash-md5 {
|
||||
description
|
||||
"Indicates that the device supports the MD5
|
||||
hash function in 'crypt-hash' values";
|
||||
reference "RFC 1321: The MD5 Message-Digest Algorithm";
|
||||
}
|
||||
|
||||
feature crypt-hash-sha-256 {
|
||||
description
|
||||
"Indicates that the device supports the SHA-256
|
||||
hash function in 'crypt-hash' values";
|
||||
reference "FIPS.180-3.2008: Secure Hash Standard";
|
||||
}
|
||||
|
||||
feature crypt-hash-sha-512 {
|
||||
description
|
||||
"Indicates that the device supports the SHA-512
|
||||
hash function in 'crypt-hash' values";
|
||||
reference "FIPS.180-3.2008: Secure Hash Standard";
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue