Howard Chu wrote:

michael@stroeder.com wrote:

...

Doesn't this ask for fully integrating SHA-2 password support into libraries/liblutil/passwd.c?

Clearly you haven't thought this through.

Maybe.

But one question: Why is SHA-1 in the core and SHA-2 isn't? IMO that's just an arbitrary choice.

No, because that doesn't solve the problem of how to use other contrib passwd modules.

If you come up with another overall solution to avoid reading the config when using slappasswd I'm of course fine with that too.

Ciao, Michael.