dash2 has asked for the wisdom of the Perl Monks concerning the following question:

OK, very briefly:

on my computer, and (I thought) any rational computer:

print crypt "landar","i3";

gives

i3Jc2SGK8Xe5E

but on this one computer... using Perl 5.00503, FreeBSD and the Zeus webserver... the same command gives

$1$i3$xy57qZRR.9cd4S54L/2860

which is obviously much longer.

what's going on?? any clues?? update: OK, I've figured out it is some weirdo crypt (c) library, right? that sucks? how am I supposed to do password checking if crypt won't work the same on this platform? crypted passwords are downloaded from our server to different computers... now I can't even compare them... argh!

xxx

dave

Replies are listed 'Best First'.
Re: crypt strangeness
by echo (Pilgrim) on Sep 19, 2001 at 14:11 UTC
    FreeBSD's crypt can use different algorithms, such as DES and MD5. Check out man 3 crypt on your FreeBSD box for more info. One technique you could use for cross-platform passwords is to use Digest::MD5 instead of crypt.
[reply]
[d/l]
Re: crypt strangeness
by mugwumpjism (Hermit) on Sep 19, 2001 at 15:55 UTC

    Under the version of Linux I'm running, crypt("hello", "he") returns "heFw0NKyvGSTg", but crypt("hello", "\$1\$foo") returns $1$foo$.NqwPL8dJlpNqGUbqbE2N/. My guess is that the C library is automatically detecting the digest format from the salt.

    Also check Crypt::DES, remember that the password is the key, and the ciphertext is all nulls IIRC.

    Of course, if you have the option of choosing whatever digest format you want, go for Digest::SHA1.

[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom