--- hashalot-0.3.orig/hashalot.1
+++ hashalot-0.3/hashalot.1
@@ -2,15 +2,19 @@
 .SH NAME
 hashalot \- read a passphrase and print a hash
 .SH SYNOPSIS
-.B  hashalot [ \-s SALT ] [ \-x ] [ \-n #BYTES ] HASHTYPE
+.B  hashalot [ \-s SALT ] [ \-x ] [ \-n #BYTES ] [ -q ] [ HASHTYPE ]
 .br
-.B  HASHTYPE [ \-s SALT ] [ \-x ] [ \-n #BYTES ]
+.B  HASHTYPE [ \-s SALT ] [ \-x ] [ \-n #BYTES ] [ -q ]
 .SH DESCRIPTION
 .PP
 \fIhashalot\fP is a small tool that reads a passphrase from standard
 input, hashes it using the given hash type, and prints the result to
 standard output.
 .PP
+\fBWarning\fP: If you do not use the \fB\-x\fP option, the hash is
+printed in binary. This may wedge your terminal settings, or even force
+you to log out.
+.PP
 Supported values for \fIHASHTYPE\fP:
 .br
 .RS 8
@@ -36,6 +40,12 @@
 default is as appropriate for the specified hash algorithm: 20 bytes for
 RIPEMD160, 32 bytes for SHA256, etc. The default for the "rmd160compat"
 hash is 16 bytes, for compatibility with the old kerneli.org utilities.
+.PP
+The
+.B \-q
+option causes
+.B hashalot
+to be more quiet and not print some warnings which may be superfluous.
 .SH AUTHOR
 Ben Slusky <sluskyb@paranoiacs.org>
 .PP
--- hashalot-0.3.orig/debian/sha512.1
+++ hashalot-0.3/debian/sha512.1
@@ -0,0 +1 @@
+.so man1/hashalot.1
--- hashalot-0.3.orig/debian/dirs
+++ hashalot-0.3/debian/dirs
@@ -0,0 +1 @@
+usr/sbin
--- hashalot-0.3.orig/debian/sha256.1
+++ hashalot-0.3/debian/sha256.1
@@ -0,0 +1 @@
+.so man1/hashalot.1
--- hashalot-0.3.orig/debian/sha384.1
+++ hashalot-0.3/debian/sha384.1
@@ -0,0 +1 @@
+.so man1/hashalot.1
--- hashalot-0.3.orig/debian/README
+++ hashalot-0.3/debian/README
@@ -0,0 +1,6 @@
+hashalot
+--------
+
+This is a small program which reads a passphrase on stdin and hashes it.
+
+Matthias Urlichs <smurf@debian.org>, Tue,  9 Mar 2004 12:27:51 +0100
--- hashalot-0.3.orig/debian/compat
+++ hashalot-0.3/debian/compat
@@ -0,0 +1 @@
+5
--- hashalot-0.3.orig/debian/changelog
+++ hashalot-0.3/debian/changelog
@@ -0,0 +1,86 @@
+hashalot (0.3-5) unstable; urgency=low
+
+  * Fix segfault or wrong output on long input on RMD160, use all of input
+    instead of just the first 128 bytes.  Fix by Luc Maisonobe.
+  * Use debhelper level 5, don't ignore errors on "make clean".
+  * Drop unused /usr/bin.
+  * Add Vcs-Svn and Vcs-Browser.
+  * Yank away config.{sub,guess}.
+  * Add a watch file.
+  * Reverted all autotoolage fixes, they're unused but greatly increase the
+    diff's size.
+  * Recommends -> Suggests, it has changed meaning.
+
+ -- Adam Borowski <kilobyte@angband.pl>  Fri, 25 Jan 2008 10:26:46 +0100
+
+hashalot (0.3-4) unstable; urgency=low
+
+  * New maintainer.
+  * Policy version 3.7.2 (no changes needed).
+  * Updated FSF's address.
+  * Enabled the testsuite for non-cross builds.
+
+ -- Adam Borowski <kilobyte@angband.pl>  Thu,  1 Jun 2006 05:07:14 +0200
+
+hashalot (0.3-3) unstable; urgency=low
+
+  * Fix dangling manpage symlinks.
+    - Closes: #256689
+
+ -- Matthias Urlichs <smurf@debian.org>  Mon, 28 Jun 2004 19:23:30 +0200
+
+hashalot (0.3-2) unstable; urgency=low
+
+  * Don't install manpage in /usr/man. Sigh.
+    - Closes: #256224
+  * Don't install cryptsetup; that's now a separate Debian package.
+    - Relates to #255676
+
+ -- Matthias Urlichs <smurf@debian.org>  Fri, 25 Jun 2004 17:35:03 +0200
+
+hashalot (0.3-1) unstable; urgency=low
+
+  * New Upstream release.
+    - New Upstream source location.
+    - Upstream now has a manpage (mine ;-)
+    - Closes: #254805
+  * Added '-q' option to suppress memory lock warning.
+    - Closes: #246430 (the part about hashalot being useless to non-root)
+      : could be setuid root instead, pending a security check
+    - but I am not moving hashalot to /usr/bin
+      : compatibility
+      : it's dangerous if called casually (binary output)
+  * Recommend dmsetup (called by cryptsetup script)
+    - Replacing cryptsetup with a "real" program will happen in one of the
+      next versions.
+
+ -- Matthias Urlichs <smurf@debian.org>  Fri, 18 Jun 2004 17:22:20 +0200
+
+hashalot (0.2-4) unstable; urgency=medium
+
+  * Move /usr/sbin/hashalot to /usr/bin.
+    - Closes: #246430.
+
+ -- Matthias Urlichs <smurf@debian.org>  Wed,  5 May 2004 04:28:43 +0200
+
+hashalot (0.2-3) unstable; urgency=low
+
+  * Include a stub manpage for cryptsetup
+
+ -- Matthias Urlichs <smurf@debian.org>  Sun, 28 Mar 2004 17:35:48 +0200
+
+hashalot (0.2-2) unstable; urgency=low
+
+  * hashalot.c: Erase the passphrase from memory when using a salt
+  * Include the cryptsetup.sh script
+
+ -- Matthias Urlichs <smurf@debian.org>  Tue,  9 Mar 2004 13:12:36 +0100
+
+hashalot (0.2-1) unstable; urgency=low
+
+  * Initial Release.                                              Closes:#237036
+  * Tell autoconf to use the config.h header and to allow-maintainer-mode.
+  * Wrote a small manpage
+
+ -- Matthias Urlichs <smurf@debian.org>  Tue,  9 Mar 2004 12:27:51 +0100
+
--- hashalot-0.3.orig/debian/control
+++ hashalot-0.3/debian/control
@@ -0,0 +1,18 @@
+Source: hashalot
+Section: utils
+Priority: optional
+Maintainer: Adam Borowski <kilobyte@angband.pl>
+Build-Depends: debhelper (>= 5.0.0), autotools-dev
+Standards-Version: 3.7.3
+Vcs-Svn: http://angband.pl/svn/deb/hashalot/trunk/
+Vcs-Browser: http://angband.pl/viewvc/deb/hashalot/trunk/
+
+Package: hashalot
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Suggests: dmsetup, cryptsetup
+Description: Read and hash a passphrase
+ This program will read a passphrase from standard input and print a binary
+ (not printable) hash to standard output. The output is suitable for use as
+ an encryption key.
+
--- hashalot-0.3.orig/debian/News.Debian
+++ hashalot-0.3/debian/News.Debian
@@ -0,0 +1,8 @@
+hashalot (0.3-2) unstable; urgency=low
+
+  hashalot no longer includes the "cryptsetup" script; that program
+  has been rewritten in C, has its own Debian package (by a different
+  maintainer), and lives in /sbin.
+
+ -- Matthias Urlichs <smurf@debian.org>  Fri, 25 Jun 2004 17:35:03 +0200
+
--- hashalot-0.3.orig/debian/watch
+++ hashalot-0.3/debian/watch
@@ -0,0 +1,2 @@
+version=3
+http://www.paranoiacs.org/~sluskyb/hacks/hashalot/hashalot-(.*).tar.gz
--- hashalot-0.3.orig/debian/rules
+++ hashalot-0.3/debian/rules
@@ -0,0 +1,87 @@
+#!/usr/bin/make -f
+
+CFLAGS = -Wall -g
+
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
+	CFLAGS += -O0
+else
+	CFLAGS += -O2
+endif
+ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
+	INSTALL_PROGRAM += -s
+endif
+
+configure: configure-stamp
+configure-stamp:
+	dh_testdir
+	
+ifneq "$(wildcard /usr/share/misc/config.sub)" ""
+	cp -f /usr/share/misc/config.sub config.sub
+endif
+ifneq "$(wildcard /usr/share/misc/config.guess)" ""
+	cp -f /usr/share/misc/config.guess config.guess
+endif
+	
+	chmod +x configure
+	./configure --prefix=/usr --infodir=/usr/share/info \
+		--mandir=/usr/share/man --sbindir=/usr/sbin
+
+	touch configure-stamp
+
+
+build: build-stamp
+
+build-stamp: configure-stamp 
+	dh_testdir
+	
+	$(MAKE)
+	
+ifeq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE))
+	$(MAKE) check
+else
+	@echo Cross build, not running the testsuite.
+endif
+	
+	touch build-stamp
+
+clean:
+	dh_testdir
+	dh_testroot
+	rm -f build-stamp configure-stamp
+	[ ! -f Makefile ] || $(MAKE) distclean
+	rm -f config.sub config.guess
+	dh_clean 
+
+install: build
+	dh_testdir
+	dh_testroot
+	dh_clean -k 
+	dh_installdirs
+
+	# Add here commands to install the package into debian/hashalot.
+	$(MAKE) install DESTDIR=$(CURDIR)/debian/hashalot
+
+
+# Build architecture-independent files here.
+binary-indep: build install
+# We have nothing to do by default.
+
+# Build architecture-dependent files here.
+binary-arch: build install
+	dh_testdir
+	dh_testroot
+	dh_installchangelogs 
+	dh_installdocs -n
+	dh_installman
+	dh_link
+	dh_strip
+	dh_compress
+	dh_fixperms
+	dh_installdeb
+	dh_shlibdeps
+	dh_gencontrol
+	dh_md5sums
+	dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install configure
--- hashalot-0.3.orig/debian/hashalot.manpages
+++ hashalot-0.3/debian/hashalot.manpages
@@ -0,0 +1,4 @@
+debian/sha512.1
+debian/sha256.1
+debian/sha384.1
+debian/rmd160.1
--- hashalot-0.3.orig/debian/rmd160.1
+++ hashalot-0.3/debian/rmd160.1
@@ -0,0 +1 @@
+.so man1/hashalot.1
--- hashalot-0.3.orig/debian/copyright
+++ hashalot-0.3/debian/copyright
@@ -0,0 +1,33 @@
+This is hashalot, packaged and maintained by Matthias Urlichs
+<smurf@debian.org> since Tue, 09 Mar 2004; and then by Adam Borowski
+<kilobyte@angband.pl> since Wed, 31 May 2006.
+
+Hashalot was originally downloaded from
+http://www.stwing.org/~sluskyb/util-linux/ and is now located at
+http://www.paranoiacs.org/~sluskyb/hacks/hashalot/.
+Its original author is Ben Slusky <sluskyb@paranoiacs.org>,
+who states in the README file:
+ 
+  Most of the code was cribbed from the kerneli.org patch to util-linux,
+  by Marc Mutz <Marc@Mutz.com>. Most of what wasn't, was cribbed from GnuPG,
+  v.1.0.3 (http://www.gnupg.org/).
+
+COPYING states:
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free Software Foundation; either version 2 of the License, or
+  (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License
+  along with this package; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+  02110-1301 USA.
+
+On Debian systems, the complete text of the GNU General
+Public License can be found in `/usr/share/common-licenses/GPL'.
--- hashalot-0.3.orig/hashalot.c
+++ hashalot-0.3/hashalot.c
@@ -28,25 +28,28 @@
 #include "rmd160.h"
 #include "sha512.h"
 
-#define PASSWDBUFFLEN 130
-
 typedef int (*phash_func_t)(char dest[], size_t dest_len, const char src[], size_t src_len);
 
+static void *
+xmalloc (size_t size);
+
 static int
 phash_rmd160(char dest[], size_t dest_len, const char src[], size_t src_len)
 {
-	char tmp[PASSWDBUFFLEN] = { 'A', 0, };
 	char key[RMD160_HASH_SIZE * 2] = { 0, };
+        char *tmp = xmalloc(src_len + 2);
+        tmp[0] = 'A';
+        tmp[1] = '\0';
 
-	strncpy(tmp + 1, src, PASSWDBUFFLEN - 1);
-	tmp[PASSWDBUFFLEN - 1] = '\0';
+	strncpy(tmp + 1, src, src_len);
+	tmp[src_len + 1] = '\0';
   
 	rmd160_hash_buffer(key, src, src_len);
-	rmd160_hash_buffer(key + RMD160_HASH_SIZE, tmp, src_len + 1 /* dangerous! */);
+	rmd160_hash_buffer(key + RMD160_HASH_SIZE, tmp, src_len + 1);
 
 	memcpy(dest, key, dest_len);
 
-	memset (tmp, 0, PASSWDBUFFLEN);        /* paranoia */
+	memset (tmp, 0, src_len + 2);        /* paranoia */
 	memset (key, 0, RMD160_HASH_SIZE * 2); /* paranoia */
 
 	return dest_len;
@@ -182,7 +185,7 @@
 /* function to append a "salt" to the passphrase, to better resist
  * dictionary attacks */
 static char *
-salt_passphrase(char *pass, char *salt) {
+salt_passphrase(char *pass, const char *salt) {
 	char *buf = xmalloc(strlen(pass) + strlen(salt) + 1);
 	sprintf(buf, "%s%s", pass, salt);
 
@@ -213,8 +216,9 @@
 	size_t hashlen = 0;
 	phash_func_t func;
 	int hex_output = 0, c;
+	int quiet = 0;
 
-	while ((c = getopt(argc, argv, "n:s:x")) != -1) {
+	while ((c = getopt(argc, argv, "n:s:qx")) != -1) {
 		switch (c) {
 		case 'n':
 			hashlen = strtoul(optarg, &p, 0);
@@ -229,6 +233,9 @@
                 case 's':
                         salt = optarg;
                         break;
+		case 'q':
+			quiet++;
+			break;
 		case 'x':
 			hex_output++;
 			break;
@@ -257,7 +264,7 @@
 	passhash = xmalloc(2*hashlen + 2);
 
 	/* try to lock memory so it doesn't get swapped out for sure */
-	if (mlockall(MCL_CURRENT | MCL_FUTURE) == -1) {
+	if (mlockall(MCL_CURRENT | MCL_FUTURE) == -1 && !quiet) {
 		perror("mlockall");
 		fputs("Warning: couldn't lock memory, are you root?\n", stderr);
 	}