* libmisc/salt.c: Make sure method is not NULL, defaulting to DES.

Thanks to Dan Kopecek <dkopecek@redhat.com>. * src/chpasswd.c, src/chgpasswd.c: Do not use DES by default, but the system default define in /Etc/login.defs. Thanks to Dan Kopecek <dkopecek@redhat.com>. * NEWS, man/chpasswd.8.xml, man/chgpasswd.8.xml: Do not mention DES as the default algorithm. * src/chpasswd.c, src/chgpasswd.c: Tag the ENCRYPTMETHOD_SELECT dependent code accordingly.
2007-11-24 00:16:41 +00:00 · 2007-11-24 00:16:41 +00:00 · 2e782e3d7d
commit 2e782e3d7d
parent e1e619074c
6 changed files with 40 additions and 14 deletions
--- a/8
+++ b/8
@ -2,7 +2,13 @@
 	* libmisc/salt.c: Make sure method is not NULL, defaulting to DES.
 	Thanks to Dan Kopecek <dkopecek@redhat.com>.
-
+	* src/chpasswd.c, src/chgpasswd.c: Do not use DES by default, but
 	the system default define in /Etc/login.defs. Thanks to Dan
 	Kopecek <dkopecek@redhat.com>.
 	* NEWS, man/chpasswd.8.xml, man/chgpasswd.8.xml: Do not mention
 	DES as the default algorithm.
 	* src/chpasswd.c, src/chgpasswd.c: Tag the ENCRYPTMETHOD_SELECT
 	dependent code accordingly.
 2007-11-23  Nicolas François  <nicolas.francois@centraliens.net>
--- a/2
+++ b/2
@ -55,6 +55,8 @@ shadow-4.0.18.1 -> shadow-4.0.18.2					UNRELEASED
  passwords.
 - chpaswd, chgpasswd, newusers: New options -c/--crypt-method and
  -s/--sha-rounds to supersede the system default encryption algorithm.
 - chpaswd, chgpasswd, newusers: DES is no more the default algorithm. They
  will respect the system default configured in /etc/login.defs
 *** documentation:
 - Generate the translated manpages from PO at build time.
--- a/man/chgpasswd.8.xml
+++ b/man/chgpasswd.8.xml
@ -32,8 +32,8 @@
      remap='I'>password</emphasis>
    </para>
    <para>
-      By default the supplied password must be in clear-text. Default
+      By default the supplied password must be in clear-text, and is
-      encryption algorithm is DES.
+      encrypted by <command>chgpasswd</command>.
    </para>
    <para>
      The default encryption algorithm can be defined for the system with
--- a/man/chpasswd.8.xml
+++ b/man/chpasswd.8.xml
@ -32,9 +32,9 @@
      remap='I'>password</emphasis>
    </para>
    <para>
-      By default the supplied password must be in clear-text. Default
+      By default the supplied password must be in clear-text, and is
-      encryption algorithm is DES. Also the password age will be updated, if
+      encrypted by <command>chpasswd</command>.
-      present.
+      Also the password age will be updated, if present.
    </para>
    <para>
      The default encryption algorithm can be defined for the system with
--- a/src/chgpasswd.c
+++ b/src/chgpasswd.c
@ -76,8 +76,7 @@ static void usage (void)
 			   "  -c, --crypt-method	the crypt method (one of %s)\n"
 			   "  -e, --encrypted	supplied passwords are encrypted\n"
 			   "  -h, --help		display this help message and exit\n"
-			   "  -m, --md5		use MD5 encryption instead of DES when the supplied\n"
+			   "  -m, --md5		encrypt the clear text password using the MD5 algorithm\n"
 			   "			passwords are not encrypted\n"
 			   "%s"
 			   "\n"),
 			 Prog,
@ -128,12 +127,20 @@ int main (int argc, char **argv)
 			{"encrypted", no_argument, NULL, 'e'},
 			{"help", no_argument, NULL, 'h'},
 			{"md5", no_argument, NULL, 'm'},
 #ifdef ENCRYPTMETHOD_SELECT
 			{"sha-rounds", required_argument, NULL, 's'},
 #endif
 			{NULL, 0, NULL, '\0'}
 		};
 		while ((c =
-			getopt_long (argc, argv, "c:ehms:", long_options,
+			getopt_long (argc, argv,
 #ifdef ENCRYPTMETHOD_SELECT
 			             "c:ehms:",
 #else
 			             "c:ehm",
 #endif
 			             long_options,
 				     &option_index)) != -1) {
 			switch (c) {
 			case 'c':
@ -149,6 +156,7 @@ int main (int argc, char **argv)
 			case 'm':
 				md5flg = 1;
 				break;
 #ifdef ENCRYPTMETHOD_SELECT
 			case 's':
 				sflg = 1;
 				if (!getlong(optarg, &sha_rounds)) {
@ -158,6 +166,7 @@ int main (int argc, char **argv)
 					usage ();
 				}
 				break;
 #endif
 			case 0:
 				/* long option */
 				break;
@ -312,7 +321,7 @@ int main (int argc, char **argv)
 				if (sflg)
 					arg = &sha_rounds;
 			} else
-				crypt_method = "DES";
+				crypt_method = NULL;
 			cp = pw_encrypt (newpwd,
 			                 crypt_make_salt(crypt_method, arg));
 		}
--- a/src/chpasswd.c
+++ b/src/chpasswd.c
@ -73,8 +73,7 @@ static void usage (void)
 			   "  -c, --crypt-method	the crypt method (one of %s)\n"
 			   "  -e, --encrypted	supplied passwords are encrypted\n"
 			   "  -h, --help		display this help message and exit\n"
-			   "  -m, --md5		use MD5 encryption instead of DES when the supplied\n"
+			   "  -m, --md5		encrypt the clear text password using the MD5 algorithm\n"
 			   "			passwords are not encrypted\n"
 			   "%s"
 			   "\n"),
 			 Prog,
@ -124,12 +123,20 @@ int main (int argc, char **argv)
 			{"encrypted", no_argument, NULL, 'e'},
 			{"help", no_argument, NULL, 'h'},
 			{"md5", no_argument, NULL, 'm'},
 #ifdef ENCRYPTMETHOD_SELECT
 			{"sha-rounds", required_argument, NULL, 's'},
 #endif
 			{NULL, 0, NULL, '\0'}
 		};
 		while ((c =
-			getopt_long (argc, argv, "c:ehms:", long_options,
+			getopt_long (argc, argv,
 #ifdef ENCRYPTMETHOD_SELECT
 			             "c:ehms:",
 #else
 			             "c:ehm",
 #endif
 			             long_options,
 				     &option_index)) != -1) {
 			switch (c) {
 			case 'c':
@ -145,6 +152,7 @@ int main (int argc, char **argv)
 			case 'm':
 				md5flg = 1;
 				break;
 #ifdef ENCRYPTMETHOD_SELECT
 			case 's':
 				sflg = 1;
 				if (!getlong(optarg, &sha_rounds)) {
@ -154,6 +162,7 @@ int main (int argc, char **argv)
 					usage ();
 				}
 				break;
 #endif
 			case 0:
 				/* long option */
 				break;
@ -310,7 +319,7 @@ int main (int argc, char **argv)
 				if (sflg)
 					arg = &sha_rounds;
 			} else
-				crypt_method = "DES";
+				crypt_method = NULL;
 			cp = pw_encrypt (newpwd,
 			                 crypt_make_salt(crypt_method, arg));
 		}