]> git.ipfire.org Git - thirdparty/shadow.git/commitdiff
lib/, man/: Default to SHA512 instead of DES
authorAlejandro Colomar <alx@kernel.org>
Fri, 26 Dec 2025 23:59:04 +0000 (00:59 +0100)
committerSerge Hallyn <serge@hallyn.com>
Wed, 15 Jul 2026 14:10:08 +0000 (09:10 -0500)
DES is insecure; use it only if explicitly requested.

Closes: <https://github.com/shadow-maint/shadow/issues/1278>
Reported-by: Andre Boscatto <andreboscatto@gmail.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
lib/obscure.c
lib/salt.c
man/login.defs.d/ENCRYPT_METHOD.xml

index 342bb812d64a65fedb01fcd99c5305e81fea0289..64d0e7ee54f6f1cbca1912263d4c1eb174ae30a7 100644 (file)
@@ -215,19 +215,11 @@ obscure_get_range(int *minlen, int *maxlen)
        }
 
        method = getdef_str ("ENCRYPT_METHOD");
-       if (NULL != method) {
-               if (   streq(method, "MD5")
-                   || streq(method, "SHA256")
-                   || streq(method, "SHA512")
-#ifdef USE_BCRYPT
-                   || streq(method, "BCRYPT")
-#endif
-#ifdef USE_YESCRYPT
-                   || streq(method, "YESCRYPT")
-#endif
-                   ) {
-                       return;
-               }
-       }
+       if (NULL == method)
+               return;
+
+       if (!streq(method, "DES"))
+               return;
+
        *maxlen = getdef_num ("PASS_MAX_LEN", 8);
 }
index 4a66d0132c3ea09cafce80f98b589adad65d17e0..98b8a81946a2bd398112d9e1a2be05902ad95ad9 100644 (file)
@@ -356,7 +356,7 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
 
        bzero(result, GENSALT_SETTING_SIZE);
 
-       method = meth ?: getdef_str("ENCRYPT_METHOD") ?: "DES";
+       method = meth ?: getdef_str("ENCRYPT_METHOD") ?: "SHA512";
 
        if (streq(method, "MD5")) {
                MAGNUM(result, '1');
@@ -382,6 +382,7 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
                rounds = SHA_get_salt_rounds (arg);
                SHA_salt_rounds_to_buf (result, rounds);
        } else if (streq(method, "SHA512")) {
+sha512:
                MAGNUM(result, '6');
                salt_len = SHA_CRYPT_SALT_SIZE;
                rounds = SHA_get_salt_rounds (arg);
@@ -389,11 +390,9 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
        } else if (!streq(method, "DES")) {
                fprintf (log_get_logfd(),
                         _("Invalid ENCRYPT_METHOD value: '%s'.\n"
-                          "Defaulting to DES.\n"),
+                          "Defaulting to SHA512.\n"),
                         method);
-               salt_len = MAX_SALT_SIZE;
-               rounds = 0;
-               bzero(result, GENSALT_SETTING_SIZE);
+               goto sha512;
        }
 
 #if USE_XCRYPT_GENSALT
index 1865bf0f9ee880664ce7961bde134457ce38eeaf..6af3b118707083947445dcdb69b5e0db50de826d 100644 (file)
     <para>
       It can take one of these values: <phrase condition="bcrypt">
       <replaceable>BCRYPT</replaceable>,</phrase>
-      <replaceable>DES</replaceable> (default),
+      <replaceable>DES</replaceable>,
       <replaceable>MD5</replaceable>,
       <replaceable>SHA256</replaceable>,
-      <replaceable>SHA512</replaceable>,
+      <replaceable>SHA512</replaceable> (default),
       <phrase condition="yescrypt">
       <replaceable>YESCRYPT</replaceable></phrase>.
       MD5 and DES should not be used for new hashes, see