MFH (r272830): change the hardcoded default back to DES

MFH (r272833): remove last vestige of MD5 password hashes

1 files changed, 10 insertions, 7 deletions

diff --git a/lib/libcrypt/crypt.c b/lib/libcrypt/crypt.c
index c3ca4c2..623809e 100644
--- a/lib/libcrypt/crypt.c
+++ b/lib/libcrypt/crypt.c
@@ -37,24 +37,26 @@ __FBSDID("$FreeBSD$");
 #include "crypt.h"
 
 /*
- * List of supported crypt(3) formats.  The first element in the list will
- * be the default.
+ * List of supported crypt(3) formats.
+ *
+ * The default algorithm is the last entry in the list (second-to-last
+ * array element since the last is a sentinel).  The reason for placing
+ * the default last rather than first is that DES needs to be at the
+ * bottom for the algorithm guessing logic in crypt(3) to work correctly,
+ * and it needs to be the default for backward compatibility.
  */
 static const struct crypt_format {
 	const char *const name;
 	char *(*const func)(const char *, const char *);
 	const char *const magic;
 } crypt_formats[] = {
-	/* default format */
-	{ "sha512",	crypt_sha512,		"$6$"	},
-
-	/* other supported formats */
 	{ "md5",	crypt_md5,		"$1$"	},
 #ifdef HAS_BLOWFISH
 	{ "blf",	crypt_blowfish,		"$2"	},
 #endif
 	{ "nth",	crypt_nthash,		"$3$"	},
 	{ "sha256",	crypt_sha256,		"$5$"	},
+	{ "sha512",	crypt_sha512,		"$6$"	},
 #ifdef HAS_DES
 	{ "des",	crypt_des,		"_"	},
 #endif
@@ -63,7 +65,8 @@ static const struct crypt_format {
 	{ NULL,		NULL,			NULL	}
 };
 
-static const struct crypt_format *crypt_format = &crypt_formats[0];
+static const struct crypt_format *crypt_format =
+    &crypt_formats[(sizeof crypt_formats / sizeof *crypt_formats) - 2];
 
 #define DES_SALT_ALPHABET \
 	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"