On 30/05/13 06:38, Daniel Friesen wrote: > The current documentation on the setting is also complete and totally > false. It says "For compatibility with old installations set to > false.", but at this point this has absolutely nothing to do with > compatibility.
I'm pretty sure it is still true, with the code as it stands. There's a difference between "completely and totally false" and "should probably be false in the future". > Frankly even if we do have any sort of remaining incompatibility I'd > bet it would be fairly trivial to actually solve (eg: For ancient > password hashes just try both ancient algorithms instead of just one). Feel free to change User::comparePasswords() to do that, and then deprecate $wgPasswordSalt. If there are authentication plugins that depend on it, it would be polite to allow for a deprecation period rather than just removing it. -- Tim Starling _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
