--- hashalot-0.3.orig/hashalot.1
+++ hashalot-0.3/hashalot.1
@@ -2,15 +2,19 @@
 .SH NAME
 hashalot \- read a passphrase and print a hash
 .SH SYNOPSIS
-.B  hashalot [ \-s SALT ] [ \-x ] [ \-n #BYTES ] HASHTYPE
+.B  hashalot [ \-s SALT ] [ \-x ] [ \-n #BYTES ] [ -q ] [ HASHTYPE ]
 .br
-.B  HASHTYPE [ \-s SALT ] [ \-x ] [ \-n #BYTES ]
+.B  HASHTYPE [ \-s SALT ] [ \-x ] [ \-n #BYTES ] [ -q ]
 .SH DESCRIPTION
 .PP
 \fIhashalot\fP is a small tool that reads a passphrase from standard
 input, hashes it using the given hash type, and prints the result to
 standard output.
 .PP
+\fBWarning\fP: If you do not use the \fB\-x\fP option, the hash is
+printed in binary. This may wedge your terminal settings, or even force
+you to log out.
+.PP
 Supported values for \fIHASHTYPE\fP:
 .br
 .RS 8
@@ -36,6 +40,12 @@
 default is as appropriate for the specified hash algorithm: 20 bytes for
 RIPEMD160, 32 bytes for SHA256, etc. The default for the "rmd160compat"
 hash is 16 bytes, for compatibility with the old kerneli.org utilities.
+.PP
+The
+.B \-q
+option causes
+.B hashalot
+to be more quiet and not print some warnings which may be superfluous.
 .SH AUTHOR
 Ben Slusky <sluskyb@paranoiacs.org>
 .PP
--- hashalot-0.3.orig/hashalot.c
+++ hashalot-0.3/hashalot.c
@@ -28,25 +28,28 @@
 #include "rmd160.h"
 #include "sha512.h"
 
-#define PASSWDBUFFLEN 130
-
 typedef int (*phash_func_t)(char dest[], size_t dest_len, const char src[], size_t src_len);
 
+static void *
+xmalloc (size_t size);
+
 static int
 phash_rmd160(char dest[], size_t dest_len, const char src[], size_t src_len)
 {
-	char tmp[PASSWDBUFFLEN] = { 'A', 0, };
 	char key[RMD160_HASH_SIZE * 2] = { 0, };
+        char *tmp = xmalloc(src_len + 2);
+        tmp[0] = 'A';
+        tmp[1] = '\0';
 
-	strncpy(tmp + 1, src, PASSWDBUFFLEN - 1);
-	tmp[PASSWDBUFFLEN - 1] = '\0';
+	strncpy(tmp + 1, src, src_len);
+	tmp[src_len + 1] = '\0';
   
 	rmd160_hash_buffer(key, src, src_len);
-	rmd160_hash_buffer(key + RMD160_HASH_SIZE, tmp, src_len + 1 /* dangerous! */);
+	rmd160_hash_buffer(key + RMD160_HASH_SIZE, tmp, src_len + 1);
 
 	memcpy(dest, key, dest_len);
 
-	memset (tmp, 0, PASSWDBUFFLEN);        /* paranoia */
+	memset (tmp, 0, src_len + 2);        /* paranoia */
 	memset (key, 0, RMD160_HASH_SIZE * 2); /* paranoia */
 
 	return dest_len;
@@ -182,7 +185,7 @@
 /* function to append a "salt" to the passphrase, to better resist
  * dictionary attacks */
 static char *
-salt_passphrase(char *pass, char *salt) {
+salt_passphrase(char *pass, const char *salt) {
 	char *buf = xmalloc(strlen(pass) + strlen(salt) + 1);
 	sprintf(buf, "%s%s", pass, salt);
 
@@ -213,8 +216,9 @@
 	size_t hashlen = 0;
 	phash_func_t func;
 	int hex_output = 0, c;
+	int quiet = 0;
 
-	while ((c = getopt(argc, argv, "n:s:x")) != -1) {
+	while ((c = getopt(argc, argv, "n:s:qx")) != -1) {
 		switch (c) {
 		case 'n':
 			hashlen = strtoul(optarg, &p, 0);
@@ -229,6 +233,9 @@
                 case 's':
                         salt = optarg;
                         break;
+		case 'q':
+			quiet++;
+			break;
 		case 'x':
 			hex_output++;
 			break;
@@ -257,7 +264,7 @@
 	passhash = xmalloc(2*hashlen + 2);
 
 	/* try to lock memory so it doesn't get swapped out for sure */
-	if (mlockall(MCL_CURRENT | MCL_FUTURE) == -1) {
+	if (mlockall(MCL_CURRENT | MCL_FUTURE) == -1 && !quiet) {
 		perror("mlockall");
 		fputs("Warning: couldn't lock memory, are you root?\n", stderr);
 	}