Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:54818
Return-Path: <pierre.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 72748 invoked from network); 23 Aug 2011 07:56:41 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 23 Aug 2011 07:56:41 -0000
Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.213.42 as permitted sender)
X-PHP-List-Original-Sender: pierre.php@gmail.com
X-Host-Fingerprint: 209.85.213.42 mail-yw0-f42.google.com  
Received: from [209.85.213.42] ([209.85.213.42:42726] helo=mail-yw0-f42.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id B1/05-34091-73D535E4 for <internals@lists.php.net>; Tue, 23 Aug 2011 03:56:40 -0400
Received: by ywb3 with SMTP id 3so5256528ywb.29
        for <internals@lists.php.net>; Tue, 23 Aug 2011 00:56:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type:content-transfer-encoding;
        bh=r3BNH/GRPfhyESjL1fsB/C2YpeNayrcBdICOL700NtI=;
        b=U7tGyr6myYDC3COWoPd3vo3WAcp3/BSqeshPFPE9KG6PNrKQQzNKnE3M5Sdrioce2D
         +m+IXNpstyUolIjqLdYor3s7rlmSWBrbEeJ0sn0Yi0XualkAW90Xo03PueZnrZLsPgbl
         8hNU2HzeSzvdRo6+Ma/sVTRq7xj80wo6F4xDY=
MIME-Version: 1.0
Received: by 10.236.153.33 with SMTP id e21mr20932162yhk.22.1314086195702;
 Tue, 23 Aug 2011 00:56:35 -0700 (PDT)
Received: by 10.147.168.5 with HTTP; Tue, 23 Aug 2011 00:56:35 -0700 (PDT)
In-Reply-To: <CALjhHG-frookUUrEjJQwitWZZvA+406QVNneO7uFTe0qd9xwDA@mail.gmail.com>
References: <CALjhHG-WyQFarFK7pWW=nMfpwMA2yn3=_C_B2NMZzDRRBMOHdQ@mail.gmail.com>
	<CAEZPtU6hHSY_ZWki6V9ptiJ4WJGMR=u0H6mcvTH0REWA4eRYMQ@mail.gmail.com>
	<CALjhHG-frookUUrEjJQwitWZZvA+406QVNneO7uFTe0qd9xwDA@mail.gmail.com>
Date: Tue, 23 Aug 2011 09:56:35 +0200
Message-ID: <CAEZPtU4uMcW743FdXK4pwT6c629B4Xe7XQpuqdhFRRoaLFoLKQ@mail.gmail.com>
To: =?UTF-8?B?T25kxZllaiBTdXLDvQ==?= <ondrej@sury.org>
Cc: PHP internals <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] Use system crypt() when possible
From: pierre.php@gmail.com (Pierre Joye)

On Tue, Aug 23, 2011 at 9:16 AM, Ond=C5=99ej Sur=C3=BD <ondrej@sury.org> wr=
ote:

> Cool, that was the response I was hoping for :). I can do some basic
> testing myself and I will speak with other maintainers and porters for
> help on the esoteric systems (Windows, VMS, etc... :))

Windows will always use the builting versions, so will VMS I think,
have to check with Klaus, or if you can do it :)

I was more thinking about some non compatible BSD versions and
similar, which create non portable hashes or implementation (php side
that is).

>> Then main problem here is about systems doing weird or non
>> standard things. Debian does or did that for a couple of things,
>
> I understand your reasoning (doesn't mean I agree :-) and I propose
> to add tests for hash results to config.m4, so if there is a weird thing
> in the system crypt() it will not be used.
>
>> I prefer true portability.
>
> On the other hand, one might argue that using the system crypt
> allows on-system compatibility, so you might use the saved passwords
> with other languages and system tools.
>
> So I will probably go the way I have outlined in the bug - the user
> will have the choice between system,internal,mixed with mixed
> as the default option.

Right, that sounds good but it will be a pain to maintain :)

Cheers,
--=20
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org