>>>>> "RJ" == Ron Jarrell <[EMAIL PROTECTED]> writes:
RJ> You know, I'd seen this before, and it hadn't sunk in.. I
RJ> expect this'll be a *big* loose for many existing sites.
RJ> It might be worth considering another point release, to
RJ> include a password recovery module for migration. Once
RJ> installed, as each list admin authenticates, it checks to see
RJ> if sha is already around. If so, it either just stashes the
RJ> new format for later use in the config.db, or possibly goes
RJ> ahead and migrates to using the new format.
Actually, after I wrote this, I remember that I /did/ have some
backwards compatibility hacks in the code for falling back to crypt
and md5 if the sha password didn't match. I went back and looked and
it turns out that stuff got lost when I rewrote the authentication
mechanism. I'll add it back.
-Barry
_______________________________________________
Mailman-Developers mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-developers
