From a5ab4882348d26addc9830a44e053238dfa2cb58 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 6 May 2021 10:08:30 +1000
Subject: remove built-in support for md5crypt()

Users of MD5-hashed password should arrange for ./configure to link
against libxcrypt or similar. Though it would be better to avoid use
of MD5 password hashing entirely, it's arguably worse than DEScrypt.

feedback and ok dtucker@
---
 INSTALL | 5 -----
 1 file changed, 5 deletions(-)

(limited to 'INSTALL')

diff --git a/INSTALL b/INSTALL
index dddd912c..b6e53ab6 100644
--- a/INSTALL
+++ b/INSTALL
@@ -197,11 +197,6 @@ it if lastlog is installed in a different place.
 --with-osfsia, --without-osfsia will enable or disable OSF1's Security
 Integration Architecture.  The default for OSF1 machines is enable.
 
---with-md5-passwords will enable the use of MD5 passwords. Enable this
-if your operating system uses MD5 passwords and the system crypt() does
-not support them directly (see the crypt(3/3c) man page). If enabled, the
-resulting binary will support both MD5 and traditional crypt passwords.
-
 --with-utmpx enables utmpx support. utmpx support is automatic for
 some platforms.
 
-- 
cgit v1.2.1