ID: 10822
Updated by: sniper
Reported By: [EMAIL PROTECTED]
Old Status: Open
Status: Closed
Bug Type: *Encryption and hash functions
Operating System: Linux 2.4.4
PHP Version: 4.0.5
New Comment:

Fixed in CVS.

--Jani


Previous Comments:
------------------------------------------------------------------------

[2001-05-11 18:54:00] [EMAIL PROTECTED]

Against the documentation, at least on Linux systems the const CRYPT_SALT_LENGTH is 2 
even when the system is capable of encrypting MD5.
Most likely, this is related to bug #9177.
As stated there, I compiled php (after a make clean; rm config.cache) without openssl 
support, but 
<?php
printf("%d", CRYPT_SALT_LENGTH);
?>
still emits 2 (but MD5 encryption works fine).
It gets pretty complicated to maintain compatibility with former versions of PHP. This 
bug also causes compatibility probs when porting DBs with crypt() encrypted passwords 
from Linux to BSD and vice versa (MD5 ist std on most (all?) BSD platforms.
I'd like to propose the following:
CRYPT_SALT_LENGTH should be set to the longest salt the system is capable of (like it 
is staded in the docs).
The 4 different consts specifying the salt of a requested encryprion (eg. CRYPT_MD5) 
should be set to 0 (==not available) or the salt length for this kind/flavour of 
encryption.


------------------------------------------------------------------------



Edit this bug report at http://bugs.php.net/?id=10822&edit=1


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to