Can confirm that Ubuntu/Debian's behavior is different from CentOS 6:
$ php --version PHP 5.3.3 (cli) (built: Jul 3 2012 16:53:21) Copyright (c) 1997-2010 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies $ php -r "echo 'CRYPT_EXT_DES: ', CRYPT_EXT_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;" CRYPT_EXT_DES: 1 _.012saltIO.319ikKPU ** precise # php --version PHP 5.3.10-1ubuntu3.2 with Suhosin-Patch (cli) (built: Jun 13 2012 17:20:55) Copyright (c) 1997-2012 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies # php -r "echo 'CRYPT_EXT_DES: ', CRYPT_EXT_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;" CRYPT_EXT_DES: 1 _.msUWmoj85W6 ** However, this is not a regression for Ubuntu. I tested this all the way back to hardy, which seemed to not have CRYPT_EXT_DES: ** # php --version PHP 5.2.4-2ubuntu5.25 with Suhosin-Patch 0.9.6.2 (cli) (built: Jun 13 2012 18:36:37) Copyright (c) 1997-2007 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies php -r "echo 'CRYPT_EXT_DES: ', CRYPT_EXT_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;" CRYPT_EXT_DES: 0 _.msUWmoj85W6 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1046330 Title: Incorrect crypt() function behavior To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1046330/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs