confd: add supoprt for yescrypt

Fixes #447

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>

configs/aarch64_defconfig

@@ -58,6 +58,7 @@ BR2_PACKAGE_PYTHON_GUNICORN=y
 BR2_PACKAGE_LIBSSH_OPENSSL=y
 BR2_PACKAGE_LIBSSH2=y
 BR2_PACKAGE_LIBSSH2_OPENSSL=y
+BR2_PACKAGE_LIBXCRYPT=y
 BR2_PACKAGE_LIBOPENSSL_BIN=y
 BR2_PACKAGE_LIBCURL_CURL=y
 BR2_PACKAGE_NETOPEER2_CLI=y
@@ -95,6 +96,7 @@ BR2_PACKAGE_SOCAT=y
 BR2_PACKAGE_TCPDUMP=y
 BR2_PACKAGE_TRACEROUTE=y
 BR2_PACKAGE_ULOGD=y
+BR2_PACKAGE_WHOIS=y
 BR2_PACKAGE_BASH_COMPLETION=y
 BR2_PACKAGE_SUDO=y
 BR2_PACKAGE_TTYD=y

configs/r2s_defconfig

@@ -68,6 +68,7 @@ BR2_PACKAGE_PYTHON_GUNICORN=y
 BR2_PACKAGE_LIBSSH_OPENSSL=y
 BR2_PACKAGE_LIBSSH2=y
 BR2_PACKAGE_LIBSSH2_OPENSSL=y
+BR2_PACKAGE_LIBXCRYPT=y
 BR2_PACKAGE_LIBOPENSSL_BIN=y
 BR2_PACKAGE_LIBCURL_CURL=y
 BR2_PACKAGE_NETOPEER2_CLI=y
@@ -105,6 +106,7 @@ BR2_PACKAGE_SOCAT=y
 BR2_PACKAGE_TCPDUMP=y
 BR2_PACKAGE_TRACEROUTE=y
 BR2_PACKAGE_ULOGD=y
+BR2_PACKAGE_WHOIS=y
 BR2_PACKAGE_BASH_COMPLETION=y
 BR2_PACKAGE_SUDO=y
 BR2_PACKAGE_TTYD=y

configs/x86_64_defconfig

@@ -53,6 +53,7 @@ BR2_PACKAGE_PYTHON_GUNICORN=y
 BR2_PACKAGE_LIBSSH_OPENSSL=y
 BR2_PACKAGE_LIBSSH2=y
 BR2_PACKAGE_LIBSSH2_OPENSSL=y
+BR2_PACKAGE_LIBXCRYPT=y
 BR2_PACKAGE_LIBOPENSSL_BIN=y
 BR2_PACKAGE_LIBCURL_CURL=y
 BR2_PACKAGE_NETOPEER2_CLI=y
@@ -90,6 +91,7 @@ BR2_PACKAGE_SOCAT=y
 BR2_PACKAGE_TCPDUMP=y
 BR2_PACKAGE_TRACEROUTE=y
 BR2_PACKAGE_ULOGD=y
+BR2_PACKAGE_WHOIS=y
 BR2_PACKAGE_BASH_COMPLETION=y
 BR2_PACKAGE_SUDO=y
 BR2_PACKAGE_TTYD=y

src/confd/yang/infix-system@2024-04-12.yang

@@ -86,17 +86,18 @@ module infix-system {
       + '|$1$[a-zA-Z0-9./]{1,8}$[a-zA-Z0-9./]{22}'
       + '|$5$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{43}'
       + '|$6$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{86}'
+      + '|$y$[a-zA-Z0-9./]+$[a-zA-Z0-9./]{1,86}$[a-zA-Z0-9./]{43}'
       + '|$factory$.*';
     }
     description
         "The crypt-hash type is used to store passwords using a hash
          function. This type extends the existing crypt-hash type to
-         support the reserved string $factory$, which is used for
-         device-specific factory default hash.  It is up to the
-         underlying system to define this further, but one example
-         is to use Vital Product Data (VPD) information, e.g., an
-         onboard EEPROM where a device hash is stored for the initial
-         'admin' user.
+         support yescrypt as well as the reserved string $factory$,
+         which is used for device-specific factory default hash.  It
+         is up to the underlying system to define this further, but
+         one example is to use Vital Product Data (VPD) information,
+         e.g., an onboard EEPROM where a device hash is stored for
+         the initial 'admin' user.
 
          A value of this type matches one of the forms:
 
@@ -127,6 +128,7 @@ module infix-system {
             1 | MD5           | crypt-hash-md5
             5 | SHA-256       | crypt-hash-sha-256
             6 | SHA-512       | crypt-hash-sha-512
+            y | yescrypt      | crypt-hash-yescrypt
 
          The server indicates support for the different hash functions
          by advertising the corresponding feature.";

src/klish-plugin-infix/xml/infix.xml

@@ -188,11 +188,12 @@
         <PARAM name="pwsalt" ptype="/STRING" help="Must not use prefix like $1$"/>
       </COMMAND>
       <COMMAND name="type" help="Optional hash algorithm type.">
-        <PARAM name="pwhash" ptype="/STRING" help="Hash algorithm.">
+        <PARAM name="pwhash" ptype="/STRING" help="Hash crypt algorithm.">
           <COMPL>
-            <ACTION sym="printl">md5</ACTION>
-            <ACTION sym="printl">sha256</ACTION>
-            <ACTION sym="printl">sha512</ACTION>
+            <ACTION sym="printl">md5crypt</ACTION>
+            <ACTION sym="printl">sha256crypt</ACTION>
+            <ACTION sym="printl">sha512crypt</ACTION>
+            <ACTION sym="printl">yescrypt</ACTION>
           </COMPL>
         </PARAM>
       </COMMAND>