From owner-freebsd-hackers Wed Sep 24 17:35:48 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id RAA11080 for hackers-outgoing; Wed, 24 Sep 1997 17:35:48 -0700 (PDT) Received: from usr03.primenet.com (tlambert@usr03.primenet.com [206.165.6.203]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id RAA11075 for ; Wed, 24 Sep 1997 17:35:44 -0700 (PDT) Received: (from tlambert@localhost) by usr03.primenet.com (8.8.5/8.8.5) id RAA04922; Wed, 24 Sep 1997 17:35:39 -0700 (MST) From: Terry Lambert Message-Id: <199709250035.RAA04922@usr03.primenet.com> Subject: Re: crypt() returning an error... To: brandon@roguetrader.com (Brandon Gillespie) Date: Thu, 25 Sep 1997 00:35:38 +0000 (GMT) Cc: tlambert@primenet.com, freebsd-hackers@FreeBSD.ORG In-Reply-To: from "Brandon Gillespie" at Sep 24, 97 06:25:42 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > > You should wrapper this; I don't know if "crypt" is enough of a wrapper. > > hrm, wrapper for what purpose? The code I have now crypt is actually > simply a wrapper for whichever algorithm is used.. it looks at the initial > token and calls another function specific to that algorithm, so all of the > following are valid results: It's valid to MD5 hash a zer length string; if you make the MD5 hash unusable for that purpose with the change, then it's broken. The wrapper is the code that leaves the MD5 code otherwise usable for zero lenth strings. I'm not sure that I'd disallow hashing zero lenth passwords to non-NULL password values. It seems like a feture, to me, actually, so crypt() might not be where you want the wrapper. Certainly, you don't want the wrapper at the MD5 code in either case... that's all I meant to say. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.