From owner-freebsd-hackers Wed Sep 24 21:37:11 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id VAA24120 for hackers-outgoing; Wed, 24 Sep 1997 21:37:11 -0700 (PDT) Received: from roguetrader.com (brandon@cold.org [206.81.134.103]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id VAA24115 for ; Wed, 24 Sep 1997 21:37:09 -0700 (PDT) Received: from localhost (brandon@localhost) by roguetrader.com (8.8.5/8.8.5) with SMTP id WAA08465; Wed, 24 Sep 1997 22:38:06 -0600 (MDT) Date: Wed, 24 Sep 1997 22:38:05 -0600 (MDT) From: Brandon Gillespie To: Terry Lambert cc: freebsd-hackers@FreeBSD.ORG Subject: Re: crypt() returning an error... In-Reply-To: <199709250035.RAA04922@usr03.primenet.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Thu, 25 Sep 1997, Terry Lambert wrote: > > > > hrm, wrapper for what purpose? The code I have now crypt is actually > > simply a wrapper for whichever algorithm is used.. it looks at the initial > > token and calls another function specific to that algorithm, so all of the > > following are valid results: > > It's valid to MD5 hash a zer length string; if you make the MD5 hash > unusable for that purpose with the change, then it's broken. The > wrapper is the code that leaves the MD5 code otherwise usable for > zero lenth strings. Er, sorry, my example was bad--I was actually saying what would you do with a zero-length salt, not password... > I'm not sure that I'd disallow hashing zero lenth passwords to non-NULL > password values. It seems like a feture, to me, actually, so crypt() > might not be where you want the wrapper. Certainly, you don't want the > wrapper at the MD5 code in either case... that's all I meant to say. Ahh :) -Brandon