[php-maint] Bug#572601: Bug#572561: php5: crypt() output inconsistency between version 5.2 and 5.3

fonsinchen ulfonk_mennhar at gmx.de
Tue Mar 9 13:27:30 UTC 2010


Ondřej Surý wrote:
> I just checked ext/standard/config.m4 in 5.3.2 and it contains this code:
[...]

We're definitely talking about standard DES in both versions. Giving a 2
character salt should make it use standard DES. Also the length and format of
the output hints at that. The output from php 5.2 should be the same as the
output from php 5.3, at least for valid salts. If it isn't there should at least
be an explanation for that behaviour somewhere and possibly a workaround. Mind
that the crypt() function is frequently used for validating passwords.






More information about the pkg-php-maint mailing list