[PHP-DEV] Re: Bug #12745: problem with the randomic generation of salt when a use crypt(pass)

2001-08-15 Thread Marcus Vinicius 

der

I supose that is must not work but works, did you tested ?

- Original Message -
From: PHP Bug Database [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, August 14, 2001 8:40 PM
Subject: Bug #12745: problem with the randomic generation of salt when a use
crypt(pass)


 From: [EMAIL PROTECTED]
 Operating system: Linux Slackware 7.1
 PHP version:  4.0.6
 PHP Bug Type: *Encryption and hash functions
 Bug description:  problem with the randomic generation of salt when a use
crypt(pass)

 problem with the randomic generation of salt when a use $string =
 crypt(11lei11lao11) it allways generates a salt ( the first 2 chars from
 encrypted string ) that if use crypt(11lei11lao11blablabla) would work,
 and also crypt(11lei11lao11anythingwouldworkhere).

 the code is

 $cryptedpass = crypt(11lei11lao11);
 if (crypt ( 11lei11lao11anythingwouldworkhere, substr ( $cryptedpass, 0,
 2)) == $cryptedpass) {
   echo this is extremely strange for me;
 }

 and this works with this pass but not whit others!
 --
 Edit bug report at: http://bugs.php.net/?id=12745edit=1



-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP-DEV] Re: Bug #12745: problem with the randomic generation of salt when a use crypt(pass)

2001-08-15 Thread Sander Roobol 

Not a bug in PHP. Verified with htpasswd (couldn't get a simple
crypt-demonstration-script working :-)
$ ./htpasswd -d -nb test 11lei11lao11
returned test:Au7LW/UPElj0c
$ ./htpasswd -d -nb test 11lei11lao11whatever
returned test:Au7LW/UPElj0c

I guess it's a bug (or an undocumented behaviour) of the crypt()-algoritm.
The problem is not the random salt. The problem seems to be that crypt (at
least, in this case) only uses the first 12 characters (or less).

Sander

- Original Message -
From: Marcus Vinicius [EMAIL PROTECTED]
To: PHP Bug Database [EMAIL PROTECTED]
Sent: Wednesday, August 15, 2001 2:31 PM
Subject: [PHP-DEV] Re: Bug #12745: problem with the randomic generation of
salt when a use crypt(pass)


 der

 I supose that is must not work but works, did you tested ?

 - Original Message -
 From: PHP Bug Database [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Sent: Tuesday, August 14, 2001 8:40 PM
 Subject: Bug #12745: problem with the randomic generation of salt when a
use
 crypt(pass)


  From: [EMAIL PROTECTED]
  Operating system: Linux Slackware 7.1
  PHP version:  4.0.6
  PHP Bug Type: *Encryption and hash functions
  Bug description:  problem with the randomic generation of salt when a
use
 crypt(pass)
 
  problem with the randomic generation of salt when a use $string =
  crypt(11lei11lao11) it allways generates a salt ( the first 2 chars
from
  encrypted string ) that if use crypt(11lei11lao11blablabla) would
work,
  and also crypt(11lei11lao11anythingwouldworkhere).
 
  the code is
 
  $cryptedpass = crypt(11lei11lao11);
  if (crypt ( 11lei11lao11anythingwouldworkhere, substr ( $cryptedpass,
0,
  2)) == $cryptedpass) {
echo this is extremely strange for me;
  }
 
  and this works with this pass but not whit others!
  --
  Edit bug report at: http://bugs.php.net/?id=12745edit=1
 


 --
 PHP Development Mailing List http://www.php.net/
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 To contact the list administrators, e-mail: [EMAIL PROTECTED]



-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]