Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:54817 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 68689 invoked from network); 23 Aug 2011 07:17:14 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 23 Aug 2011 07:17:14 -0000 Authentication-Results: pb1.pair.com header.from=ondrej@sury.org; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=ondrej@sury.org; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain sury.org designates 74.125.82.170 as permitted sender) X-PHP-List-Original-Sender: ondrej@sury.org X-Host-Fingerprint: 74.125.82.170 mail-wy0-f170.google.com Received: from [74.125.82.170] ([74.125.82.170:36677] helo=mail-wy0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id F9/74-34091-9F3535E4 for ; Tue, 23 Aug 2011 03:17:14 -0400 Received: by wyf23 with SMTP id 23so4324236wyf.29 for ; Tue, 23 Aug 2011 00:17:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sury.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=IVBNkilV/mTIdUJ44YxoqMnUoV2R6aWjk1zWGUvstHI=; b=PDt+IIINHu7EUusHaIpkWWMQxZjFwJ1WPim0klnnhDDYF0Fad0WqVLo5dCSYSUH9q9 /kAbpDwLq7PtTQQPFYOx/I/+YiAbgi5H5qu8AwGPxIctQtTd3IO+dY6RLwX4eVl/50As javCmT4VwXcX59uy65t4mehUhjMKd9pX5bueg= Received: by 10.227.5.67 with SMTP id 3mr90836wbu.17.1314083830178; Tue, 23 Aug 2011 00:17:10 -0700 (PDT) MIME-Version: 1.0 Received: by 10.227.142.71 with HTTP; Tue, 23 Aug 2011 00:16:50 -0700 (PDT) In-Reply-To: References: Date: Tue, 23 Aug 2011 09:16:50 +0200 Message-ID: To: Pierre Joye Cc: PHP internals Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [PHP-DEV] Use system crypt() when possible From: ondrej@sury.org (=?UTF-8?B?T25kxZllaiBTdXLDvQ==?=) Hi Pierre, On Mon, Aug 22, 2011 at 22:01, Pierre Joye wrote: > hi, > On Mon, Aug 22, 2011 at 9:51 PM, Ond=C5=99ej Sur=C3=BD = wrote: >> So I will (ab)use this time and ask for a feedback (again). I only >> received this from Pierre: >> >>> Not sure I agree with these changes, they are not supposed to be valid.= I don't have the time now to reply with a detailed explanation but we will= do it asap. >> >> and the detailed explanation never came. >> >> What the patch does: >> - it changes the m4 script to check for each individual cipher and if >> found it will use the system library for found ciphers, it will use >> PHP implementation for the rest (not-found) > > In 5.4+ it should be fine to apply it as long as it is well tested > (and not only on Debian pls :), MFH once 100% tested (other esoteric > systems), incl. phpt passing everywhere. Cool, that was the response I was hoping for :). I can do some basic testing myself and I will speak with other maintainers and porters for help on the esoteric systems (Windows, VMS, etc... :)) > Then main problem here is about systems doing weird or non > standard things. Debian does or did that for a couple of things, I understand your reasoning (doesn't mean I agree :-) and I propose to add tests for hash results to config.m4, so if there is a weird thing in the system crypt() it will not be used. > I prefer true portability. On the other hand, one might argue that using the system crypt allows on-system compatibility, so you might use the saved passwords with other languages and system tools. So I will probably go the way I have outlined in the bug - the user will have the choice between system,internal,mixed with mixed as the default option. O. --=20 =EF=BB=BFOnd=C5=99ej Sur=C3=BD