diff -Naur ucarp-1.2/src/carp.c ucarp-1.2-pa/src/carp.c
--- ucarp-1.2/src/carp.c	2006-02-19 00:06:17.000000000 +0100
+++ ucarp-1.2-pa/src/carp.c	2007-10-05 14:54:19.000000000 +0200
@@ -639,6 +639,7 @@
     struct pollfd pfds[1];
     int nfds;
     char errbuf[PCAP_ERRBUF_SIZE];
+    SHA1_CTX pw_sha1_ctx;
 
     sc.sc_vhid = vhid;
     sc.sc_advbase = advbase;
@@ -648,15 +649,9 @@
     sc.sc_im6o.im6o_multicast_hlim = CARP_DFLTTL;
 #endif /* INET6 */
     carp_set_state(&sc, INIT);
-    {
-        const size_t passlen = strlen(pass) + (size_t) 1U;
-        
-        if (passlen > sizeof sc.sc_key) {
-            logfile(LOG_ERR, _("Password too long"));
-            return -1;
-        }
-        memcpy(sc.sc_key, pass, passlen);
-    }
+    SHA1Init(&pw_sha1_ctx);
+    SHA1Update(&pw_sha1_ctx, pass, strlen(pass));
+    SHA1Final(sc.sc_key, &pw_sha1_ctx);
     sc.sc_ad_tmo.tv_sec = 0;
     sc.sc_ad_tmo.tv_usec = 0;    
     sc.sc_md_tmo.tv_sec = 0;
diff -Naur ucarp-1.2/src/ucarp.c ucarp-1.2-pa/src/ucarp.c
--- ucarp-1.2/src/ucarp.c	2006-02-21 00:06:08.000000000 +0100
+++ ucarp-1.2-pa/src/ucarp.c	2007-10-05 14:54:19.000000000 +0200
@@ -27,6 +27,7 @@
 	    "--srcip=<ip> (-s <ip>): source (real) IP address of that host\n"
 	    "--vhid=<id> (-v <id>): virtual IP identifier (1-255)\n"
 	    "--pass=<pass> (-p <pass>): password\n"
+	    "--passfile=<file> (-F <pass>): read password from file\n"
 	    "--preempt (-P): becomes a master as soon as possible\n"
 	    "--neutral (-n): don't run downscript at start if backup\n"
 	    "--addr=<ip> (-a <ip>): virtual shared IP address\n"
@@ -190,7 +191,31 @@
                 logfile(LOG_ERR, _("Unknown syslog facility: [%s]"), optarg);
             }
             break;
-        }            
+        }
+	case 'F': {
+	    FILE *file;
+	    char buf[1000];
+	    int i;
+
+	    if(! (file = fopen(optarg, "r"))) {
+                logfile(LOG_ERR, _("Failed to open password file [%s]: %s"),
+		  optarg, strerror(errno));
+		return 1;
+	    }
+	    if(! fgets(buf, sizeof(buf), file)) {
+                logfile(LOG_ERR, _("Failed to read from password file"));
+		fclose(file);
+		return 1;
+	    }
+	    fclose(file);
+	    i = strlen(buf);
+	    while((i > 0) && (buf[i - 1] < 32)) buf[--i] = 0;
+            free(pass);
+            if ((pass = strdup(optarg)) == NULL) {
+                die_mem();
+            }
+	    break;
+	}
         default: {
             usage();
         }
diff -Naur ucarp-1.2/src/ucarp_p.h ucarp-1.2-pa/src/ucarp_p.h
--- ucarp-1.2/src/ucarp_p.h	2006-02-18 23:36:33.000000000 +0100
+++ ucarp-1.2-pa/src/ucarp_p.h	2007-10-05 14:54:19.000000000 +0200
@@ -1,13 +1,14 @@
 #ifndef __CARP_P_H__
 #define __CARP_P_H__ 1
 
-static const char *GETOPT_OPTIONS = "i:s:v:p:Pa:hb:k:u:d:r:zf:B";
+static const char *GETOPT_OPTIONS = "i:s:v:p:F:Pa:hb:k:u:d:r:zf:B";
 
 static struct option long_options[] = {
     { "interface", 1, NULL, 'i' },
     { "srcip", 1, NULL, 's' },
     { "vhid", 1, NULL, 'v' },
     { "pass", 1, NULL, 'p' },
+    { "passfile", 1, NULL, 'F' },
     { "preempt", 0, NULL, 'P' },
     { "neutral", 0, NULL, 'n' },
     { "addr", 1, NULL, 'a' },