Date: Thu, 25 Sep 1997 00:35:38 +0000 (GMT) From: Terry Lambert <tlambert@primenet.com> To: brandon@roguetrader.com (Brandon Gillespie) Cc: tlambert@primenet.com, freebsd-hackers@FreeBSD.ORG Subject: Re: crypt() returning an error... Message-ID: <199709250035.RAA04922@usr03.primenet.com> In-Reply-To: <Pine.BSF.3.96.970924181516.7506A-100000@roguetrader.com> from "Brandon Gillespie" at Sep 24, 97 06:25:42 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > You should wrapper this; I don't know if "crypt" is enough of a wrapper. > > hrm, wrapper for what purpose? The code I have now crypt is actually > simply a wrapper for whichever algorithm is used.. it looks at the initial > token and calls another function specific to that algorithm, so all of the > following are valid results: It's valid to MD5 hash a zer length string; if you make the MD5 hash unusable for that purpose with the change, then it's broken. The wrapper is the code that leaves the MD5 code otherwise usable for zero lenth strings. I'm not sure that I'd disallow hashing zero lenth passwords to non-NULL password values. It seems like a feture, to me, actually, so crypt() might not be where you want the wrapper. Certainly, you don't want the wrapper at the MD5 code in either case... that's all I meant to say. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199709250035.RAA04922>