From 197f613bac6c3f9a4bd7d1ea5fbf4769aea4ce1a Mon Sep 17 00:00:00 2001
From: Ivan Kohler <ivan@freeside.biz>
Date: Thu, 30 Nov 2017 15:11:34 -0800
Subject: [PATCH] sha512 crypt() export

---
 FS/FS/part_export/passwdfile.pm               | 4 ++--
 FS/FS/part_export/shellcommands.pm            | 4 ++--
 FS/FS/part_export/shellcommands_withdomain.pm | 4 ++--
 FS/FS/svc_acct.pm                             | 5 +++++
 4 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/FS/FS/part_export/passwdfile.pm b/FS/FS/part_export/passwdfile.pm
index 2978d2503..6713c8d82 100644
--- a/FS/FS/part_export/passwdfile.pm
+++ b/FS/FS/part_export/passwdfile.pm
@@ -9,8 +9,8 @@ use FS::part_export::null;
 
 tie %options, 'Tie::IxHash',
   'crypt' => { label=>'Password encryption',
-               type=>'select', options=>[qw(crypt md5)],
-               default=>'crypt',
+               type=>'select', options=>[qw(crypt md5 sha512)],
+               default=>'md5',
              },
 ;
 
diff --git a/FS/FS/part_export/shellcommands.pm b/FS/FS/part_export/shellcommands.pm
index 775af17ae..7c280e5f8 100644
--- a/FS/FS/part_export/shellcommands.pm
+++ b/FS/FS/part_export/shellcommands.pm
@@ -97,8 +97,8 @@ tie my %options, 'Tie::IxHash',
                         },
 
   'crypt' => { label   => 'Default password encryption',
-               type=>'select', options=>[qw(crypt md5)],
-               default => 'crypt',
+               type=>'select', options=>[qw(crypt md5 sha512)],
+               default => 'md5',
              },
   'groups_susp_reason' => { label =>
                              'Radius group mapping to reason (via template user)',
diff --git a/FS/FS/part_export/shellcommands_withdomain.pm b/FS/FS/part_export/shellcommands_withdomain.pm
index 29715b75b..b30713356 100644
--- a/FS/FS/part_export/shellcommands_withdomain.pm
+++ b/FS/FS/part_export/shellcommands_withdomain.pm
@@ -63,8 +63,8 @@ tie my %options, 'Tie::IxHash',
                  type  => 'checkbox',
            },
   'crypt' => { label   => 'Default password encryption',
-               type=>'select', options=>[qw(crypt md5)],
-               default => 'crypt',
+               type=>'select', options=>[qw(crypt md5 sha512)],
+               default => 'md5',
              },
   'fail_on_output' => {
       label => 'Treat any output from the command as an error',
diff --git a/FS/FS/svc_acct.pm b/FS/FS/svc_acct.pm
index 089498045..de9199da4 100644
--- a/FS/FS/svc_acct.pm
+++ b/FS/FS/svc_acct.pm
@@ -2542,6 +2542,11 @@ sub crypt_password {
       );
     } elsif ( $encryption eq 'md5' ) {
       return unix_md5_crypt( $self->_password );
+    } elsif ( $encryption eq 'sha512' ) {
+      return crypt(
+        $self->_password,
+        '$6$rounds=15420$'. join('', map $saltset[int(rand(64))], (1..16) )
+      );
     } elsif ( $encryption eq 'sha1_base64' ) { #for acct_sql
       my $pass = sha1_base64( $self->_password );
       $pass .= '=' x (4 - length($pass) % 4); #properly padded base64
-- 
2.11.0