I tend to agree and that's how I would write a new API today, but this is what we have had for years. I am guessing the behavior came from the C implementation (FreeBSD).
Mark, any further thoughts? We do not have a concensus atm. Gary On Sat, Aug 12, 2023, 4:09 PM Elliotte Rusty Harold <elh...@ibiblio.org> wrote: > I still think the input byte array should not be cleared, period. > Clearing is a separate operation that should be performed by the > caller. > > On Sat, Aug 12, 2023 at 12:52 PM Gary Gregory <garydgreg...@gmail.com> > wrote: > > > > Coming back around to this now that Mark fixed the mailing list noise. > > > > Git master now documents the existing clearing behavior as suggested by > > Mark in https://lists.apache.org/thread/cyrpgsqx4lnjlsf3frqwfo5pvbmpcycr > > > > Next, is how to document or change Crypt.crypt(byte[], String): The > method > > clears the input byte array for all input types _except_ when calling > > UnixCrypt [1]. > > > > I could: > > (1) Document the inconsistency (right now, I left it unsaid) > > (2) Make UnixCrypt.crypt() clear its input password for consistency. > > > > WDYT? > > > > Gary > > > > On Wed, Aug 9, 2023, 6:24 PM Gary Gregory <garydgreg...@gmail.com> > wrote: > > > > > FYI, I created https://issues.apache.org/jira/browse/INFRA-24876 > > > > > > Gary > > > > > > On Wed, Aug 9, 2023, 6:16 PM GitLab <supp...@cons3rt.com> wrote: > > > > > >> Unfortunately, your email message to GitLab could not be processed. > > >> > > >> We couldn't figure out what the email is for. Please create your > issue or > > >> comment through the web interface. > > >> > > > > > > > -- > Elliotte Rusty Harold > elh...@ibiblio.org > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > >
