diff options
-rw-r--r-- | etc/login.conf | 1 | ||||
-rw-r--r-- | lib/libutil/login.conf.5 | 2 | ||||
-rw-r--r-- | usr.bin/passwd/local_passwd.c | 8 |
3 files changed, 8 insertions, 3 deletions
diff --git a/etc/login.conf b/etc/login.conf index 74ded6f..6c1faa0 100644 --- a/etc/login.conf +++ b/etc/login.conf @@ -24,6 +24,7 @@ default:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin ~/bin:\ :nologin=/var/run/nologin:\ + :passwd_format=md5:\ :cputime=unlimited:\ :datasize=unlimited:\ :stacksize=unlimited:\ diff --git a/lib/libutil/login.conf.5 b/lib/libutil/login.conf.5 index b579bf5..5a5a1db 100644 --- a/lib/libutil/login.conf.5 +++ b/lib/libutil/login.conf.5 @@ -206,7 +206,7 @@ ensure octal interpretation. .It "minpasswordlen number 6 The minimum length a local password may be. .It "passwd_format string md5 The encryption format that new or changed passwords will use. -Valid values include "md5" and "des". +Valid values include "des", "md5" and "blf". NIS clients using a .No non- Ns Fx NIS server should probably use "des". diff --git a/usr.bin/passwd/local_passwd.c b/usr.bin/passwd/local_passwd.c index ccf8bbb..ce2e46b 100644 --- a/usr.bin/passwd/local_passwd.c +++ b/usr.bin/passwd/local_passwd.c @@ -100,7 +100,7 @@ getnewpasswd(pw, nis) #ifdef LOGIN_CAP login_cap_t * lc; #endif - char buf[_PASSWORD_LEN+1], salt[10]; + char buf[_PASSWORD_LEN+1], salt[32]; struct timeval tv; if (!nis) @@ -182,7 +182,11 @@ getnewpasswd(pw, nis) to64(&salt[0], random(), 3); to64(&salt[3], tv.tv_usec, 3); to64(&salt[6], tv.tv_sec, 2); - salt[8] = '\0'; + to64(&salt[8], random(), 5); + to64(&salt[13], random(), 5); + to64(&salt[17], random(), 5); + to64(&salt[22], random(), 5); + salt[27] = '\0'; #endif return (crypt(buf, salt)); } |