lib/salt.c: gensalt(): Default to SHA512 instead of DES

[alejandro-colomar]

DES is insecure; use it only if explicitly requested.

• Closes: Fallback to DES when ENCRYPT_METHOD is unset is insecure: propose SHA512 or safe default #1278
• Reported-by:@andreboscatto
• Cc: @ikerexxe

---

Do not merge before the release of 4.20.

Revisions:

v1b

• Rebase

$ git rd 
1:  f4dd13ccb108 < -:  ------------ */: Remove support for MD5_CRYPT_ENAB
2:  85771ad90a6c < -:  ------------ lib/salt.c: Compact conditionals
3:  fdc32380c44a < -:  ------------ */: chpasswd(8): -m,--md5: Remove option
4:  43b5bef9f464 < -:  ------------ */: chgpasswd(8): -m,--md5: Remove option
5:  5bb41add8c8a = 1:  0c12025560a2 lib/salt.c: gensalt(): Default to SHA512 instead of DES

v1c

• Rebase

$ git rd 
1:  0c120255 = 1:  887f62eb lib/salt.c: gensalt(): Default to SHA512 instead of DES

v2

• Update login.defs(5). [@hallyn ]

$ git rd 
1:  887f62eb ! 1:  f7c5a949 lib/salt.c: gensalt(): Default to SHA512 instead of DES
    @@ Metadata
     Author: Alejandro Colomar <alx@kernel.org>
     
      ## Commit message ##
    -    lib/salt.c: gensalt(): Default to SHA512 instead of DES
    +    lib/, man/: Default to SHA512 instead of DES
     
         DES is insecure; use it only if explicitly requested.
     
    @@ lib/salt.c: static /*@observer@*/const char *gensalt (size_t salt_size)
        }
      
      #if USE_XCRYPT_GENSALT
    +
    + ## man/login.defs.d/ENCRYPT_METHOD.xml ##
    +@@
    +     <para>
    +       It can take one of these values: <phrase condition="bcrypt">
    +       <replaceable>BCRYPT</replaceable>,</phrase>
    +-      <replaceable>DES</replaceable> (default),
    ++      <replaceable>DES</replaceable>,
    +       <replaceable>MD5</replaceable>,
    +       <replaceable>SHA256</replaceable>,
    +-      <replaceable>SHA512</replaceable>,
    ++      <replaceable>SHA512</replaceable> (default),
    +       <phrase condition="yescrypt">
    +       <replaceable>YESCRYPT</replaceable></phrase>.
    +       MD5 and DES should not be used for new hashes, see

v2b

• Rebase

$ git rd
1:  f7c5a949 = 1:  571a06e6 lib/, man/: Default to SHA512 instead of DES

[alejandro-colomar]

@hallyn , @ikerexxe

Should we merge this already, or should we wait for one release where the support for SHA256/512 is mandatory before enabling it by default?

[hallyn]

I'm ok merging this. Note that man/login.defs.d/ENCRYPT_METHOD.xml memtions DES being the default.

[alejandro-colomar]

I'm ok merging this. Note that man/login.defs.d/ENCRYPT_METHOD.xml memtions DES being the default.

Thanks! I've updated that. I'll open for review.