Re: [PHP-DEV] Re: Bug #12745: problem with the randomic generation of salt when a use crypt("pass")

Wed, 15 Aug 2001 07:36:02 -0700 

Not a bug in PHP. Verified with htpasswd (couldn't get a simple
crypt-demonstration-script working :-)
$ ./htpasswd -d -nb test 11lei11lao11
returned test:Au7LW/UPElj0c
$ ./htpasswd -d -nb test 11lei11lao11whatever
returned test:Au7LW/UPElj0c

I guess it's a bug (or an undocumented behaviour) of the crypt()-algoritm.
The problem is not the random salt. The problem seems to be that crypt (at
least, in this case) only uses the first 12 characters (or less).

Sander

----- Original Message -----
From: "Marcus Vinicius" <[EMAIL PROTECTED]>
To: "PHP Bug Database" <[EMAIL PROTECTED]>
Sent: Wednesday, August 15, 2001 2:31 PM
Subject: [PHP-DEV] Re: Bug #12745: problem with the randomic generation of
salt when a use crypt("pass")


> der....
>
> I supose that is must not work.... but works, did you tested ?
>
> ----- Original Message -----
> From: "PHP Bug Database" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, August 14, 2001 8:40 PM
> Subject: Bug #12745: problem with the randomic generation of salt when a
use
> crypt("pass")
>
>
> > From:             [EMAIL PROTECTED]
> > Operating system: Linux Slackware 7.1
> > PHP version:      4.0.6
> > PHP Bug Type:     *Encryption and hash functions
> > Bug description:  problem with the randomic generation of salt when a
use
> crypt("pass")
> >
> > problem with the randomic generation of salt when a use $string =
> > crypt("11lei11lao11") it allways generates a salt ( the first 2 chars
from
> > encrypted string ) that if use crypt("11lei11lao11blablabla") would
work,
> > and also crypt("11lei11lao11anythingwouldworkhere").
> >
> > the code is
> >
> > $cryptedpass = crypt("11lei11lao11");
> > if (crypt ( "11lei11lao11anythingwouldworkhere", substr ( $cryptedpass,
0,
> > 2)) == $cryptedpass) {
> >   echo "this is extremely strange for me";
> > }
> >
> > and this works with this pass but not whit others!!!!!!!!!!!!!!!!!
> > --
> > Edit bug report at: http://bugs.php.net/?id=12745&edit=1
> >
>
>
> --
> PHP Development Mailing List <http://www.php.net/>
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to