Description of problem: There is fallback code that uses crypt() in DES mode when it fails to work with another hashing algorithm via the $x$ salt argument passing. In fips mode when MD5 is not allowed using a salt of $1$ (for MD5) results in crypt() returning NULL, and the fallback using the even worse then MD5 algo of single DES.
Created attachment 581954 [details] patch disabling MD5 fallback
Slight correction, the fallback is to MD5 not DES, and it happens when the FIPS check fails for sha256/sha512.