Public bug reported: The CRYPT_EXT_DES algorithm seems to be enabled but not used for encryption.
The test is: php -r "echo 'CRYPT_EXT_DES: ', CRYPT_EXT_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;" Expected output (depending on whether CRYPT_EXT_DES is enabled): > CRYPT_EXT_DES: 1 > _.012saltIO.319ikKPU OR > CRYPT_EXT_DES: 0 > _.msUWmoj85W6 Actual output: > CRYPT_EXT_DES: 1 > _.msUWmoj85W6 …which correstponds to standard DES encryption: php -r "echo 'CRYPT_STD_DES: ', CRYPT_STD_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;" > CRYPT_STD_DES: 1 > _.msUWmoj85W6 lsb_release -rd Description: Ubuntu 12.04.1 LTS Release: 12.04 $ apt-cache policy php5 php5: Installed: 5.3.10-1ubuntu3.2 Candidate: 5.3.10-1ubuntu3.2 Version table: *** 5.3.10-1ubuntu3.2 0 500 http://by.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages 100 /var/lib/dpkg/status 5.3.10-1ubuntu3 0 500 http://by.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages ** Affects: php5 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in Ubuntu. https://bugs.launchpad.net/bugs/1046330 Title: Incorrect crypt() function behavior To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1046330/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs