mkpasswd: Default to SHA512 instead of inherently insecure DES.

author William Pitcock <redacted>

Wed, 15 Sep 2010 08:44:58 +0000 (03:44 -0500)

committer William Pitcock <redacted>

Wed, 15 Sep 2010 08:44:58 +0000 (03:44 -0500)
author William Pitcock <redacted>
Wed, 15 Sep 2010 08:44:58 +0000 (03:44 -0500)
committer William Pitcock <redacted>
Wed, 15 Sep 2010 08:44:58 +0000 (03:44 -0500)
diff --git a/tools/mkpasswd.c b/tools/mkpasswd.c

index 1e891db4bac67d4938b0f2f37a754707b857f824..d831d2df42c2823c3907c1db87df9ff70eaba7a3 100644 (file)
--- a/tools/mkpasswd.c
+++ b/tools/mkpasswd.c
@@ -189,15 +189,6 @@ main(int argc, char *argv[])
                 else
                         salt = make_sha256_salt(length);
         }
-       else if(flag & FLAG_SHA512)
-       {
-               if(length == 0)
-                       length = 16;
-               if(flag & FLAG_SALT)
-                       salt = make_sha512_salt_para(saltpara);
-               else
-                       salt = make_sha512_salt(length);
-       }
         else if(flag & FLAG_EXT)
         {
                 /* XXX - rounds needs to be done */
@@ -218,7 +209,7 @@ main(int argc, char *argv[])
                         salt = make_ext_salt(rounds);
                 }
         }
-       else
+       else if (flag & FLAG_DES)
         {
                 if(flag & FLAG_SALT)
                 {
@@ -237,6 +228,15 @@ main(int argc, char *argv[])
                         salt = make_des_salt();
                 }
         }
+       else
+       {
+               if(length == 0)
+                       length = 16;
+               if(flag & FLAG_SALT)
+                       salt = make_sha512_salt_para(saltpara);
+               else
+                       salt = make_sha512_salt(length);
+       }
  
         if(flag & FLAG_PASS)
         {
author	William Pitcock <redacted>
	Wed, 15 Sep 2010 08:44:58 +0000 (03:44 -0500)
committer	William Pitcock <redacted>
	Wed, 15 Sep 2010 08:44:58 +0000 (03:44 -0500)