From: William Pitcock <redacted>
Date: Wed, 15 Sep 2010 08:44:58 +0000 (-0500)
Subject: mkpasswd: Default to SHA512 instead of inherently insecure DES.
X-Git-Url: https://jfr.im/git/irc/rqf/shadowircd.git/commitdiff_plain/1146ee7dc478b184ee102155940ff961f3919b8f

mkpasswd: Default to SHA512 instead of inherently insecure DES.
---

diff --git a/tools/mkpasswd.c b/tools/mkpasswd.c
index 1e891db..d831d2d 100644
--- a/tools/mkpasswd.c
+++ b/tools/mkpasswd.c
@@ -189,15 +189,6 @@ main(int argc, char *argv[])
 		else
 			salt = make_sha256_salt(length);
 	}
-	else if(flag & FLAG_SHA512)
-	{
-		if(length == 0)
-			length = 16;
-		if(flag & FLAG_SALT)
-			salt = make_sha512_salt_para(saltpara);
-		else
-			salt = make_sha512_salt(length);
-	}
 	else if(flag & FLAG_EXT)
 	{
 		/* XXX - rounds needs to be done */
@@ -218,7 +209,7 @@ main(int argc, char *argv[])
 			salt = make_ext_salt(rounds);
 		}
 	}
-	else
+	else if (flag & FLAG_DES)
 	{
 		if(flag & FLAG_SALT)
 		{
@@ -237,6 +228,15 @@ main(int argc, char *argv[])
 			salt = make_des_salt();
 		}
 	}
+	else
+	{
+		if(length == 0)
+			length = 16;
+		if(flag & FLAG_SALT)
+			salt = make_sha512_salt_para(saltpara);
+		else
+			salt = make_sha512_salt(length);
+	}
 
 	if(flag & FLAG_PASS)
 	{