On Fri, Jun 04, 2010 at 11:10:07PM +0200, Petko Yotov wrote: > Md5() seems to work fine so in the past I was thinking that we could have our > function (_crypt?) test for the bug, and if crypt() appears to be broken, > automatically use the md5 hash (even if it is less secure). I never had the > time to work on this.
Or even: ... if crypt() appears to be broken on the password being encrypted/authenticated, add a constant string to it and try again. Pm _______________________________________________ pmwiki-devel mailing list pmwiki-devel@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-devel
