Issue 1 now resolved, fix pushed to master branch as well as OpenSSL_1_1_0-stable.
Issue 2 remaining. Cheers, Richard On Tue Sep 13 20:32:18 2016, levitte wrote: > I can confirm issue one and raise you one: it's not just on Windows > > On it. > > Cheers, > Richard > > On Tue Sep 13 17:23:48 2016, bkhow...@gmail.com wrote: > > This may be two requests, one a bug and one a feature request. > > > > Issue 1: openssl 1.1.0 passwd on Windows 64 doesn't generate MD5 passwords > > (-1 / -apr1), returns "<NULL>". I haven't tested other platforms. See > > output below. > > > > Issue 2: openssl 1.1.0 passwd doesn't support newer password hashing > > algorithms used by unix / linux platforms. This limitation may force > > people to use weaker password storage than possible, for example if > > generating crypts using openssl passwd to feed into usermod -p. Please add > > support for password types 5 (SHA-256) and 6 (SHA-512). > > > > http://man7.org/linux/man-pages/man3/crypt.3.html > > > > ID | Method > > ───────────────────────────────────────────────────────── > > 1 | MD5 > > 2a | Blowfish (not in mainline glibc; added in some > > | Linux distributions) > > 5 | SHA-256 (since glibc 2.7) > > 6 | SHA-512 (since glibc 2.7) > > > > > > Issue 1: collateral: > > > > Working in OpenSSL 1.0.2.h: > > D:\>openssl version > > OpenSSL 1.0.2h 3 May 2016 > > > > D:\>openssl passwd -apr1 password > > $apr1$hU.5TC8J$BaYCimZriQeWKBSupbQuO. > > > > D:\>openssl passwd -1 password > > $1$LxNTmc7h$FHDYsVvavnYy0KqB.2ZIx0 > > > > Compiled Openssl 1.1.0: > > > > D:\OpenSSL\openssl-1.1.0\apps>.\openssl version > > OpenSSL 1.1.0 25 Aug 2016 > > > > D:\OpenSSL\openssl-1.1.0\apps>.\openssl version > > OpenSSL 1.1.0 25 Aug 2016 > > > > D:\OpenSSL\openssl-1.1.0\apps>.\openssl passwd password > > UZ8kfkzdGoYTQ > > > > D:\OpenSSL\openssl-1.1.0\apps>.\openssl passwd -1 password > > <NULL> > > > > D:\OpenSSL\openssl-1.1.0\apps>.\openssl passwd -apr1 password > > <NULL> > > > > (To show that MD5 wasn't compiled out): > > > > D:\Download\OpenSSL\openssl-1.1.0\apps>.\openssl passwd -help > > Usage: passwd [options] > > Valid options are: > > -help Display this summary > > -in infile Pead passwords from file > > -noverify Never verify when reading password from terminal > > -quiet No warnings > > -table Format output as table > > -reverse Switch table columns > > -salt val Use provided salt > > -stdin Read passwords from stdin > > -apr1 MD5-based password algorithm, Apache variant > > -1 MD5-based password algorithm > > -crypt Standard Unix password algorithm (default) > > > -- > Richard Levitte > levi...@openssl.org -- Richard Levitte levi...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4674 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev