Am Donnerstag, dem 03.04.2025 um 20:39 +0200 schrieb Alvaro Herrera: > > > Maybe, in case of empty salts, we should issue a WARNING instead of > > erroring out and put additional documentation on how to use it > > right. > > I don't know, that doesn't seem ideal to me, because it's very easy > to > run stuff and never see the warnings. If we find that people are > desperate to use empty salts, we can relax that later (turn the error > to > a warning), but I'd rather not have it in the first cut. >
That's a good idea, Let's go with that. Thanks again for working on this. > > Hmm, i didn't understand that passlib does decode them first, i > > thought > > they use it encoded... at least, in our current form we're pretty > > much > > compatible with Drepper, passlib and OpenSSL, as far as i tested: > > I am ready to believe that I misinterpreted what I read. > I hope i didn't parse it wrong either. But i didn't see forcing something like this according in either passlib and Drepper's code. Maybe we need have to look closer again ... [...] > > > I can offer a few cosmetic changes. 0001 is a pgindent run, and 0002 > is > some manual adjustments after that. There are only two nontrivial > changes > > 1. the calculation for rounds was using type long, which is confusing > because the range is different according to the platform. Since it's > limited by the macro definitions to no more than 999999999, we can > make > it an int32 instead. So we use strtoint() instead of strtoul() to > parse > the value, and remove the "l" suffixes from the macros that define > the > limits and default, which were bugging me a bit when used in the > gen_list struct. +1 -- Bernd Helmle Blücherstrasse 17 41061 Mönchengladbach Tel.: +49 172 726 99 66