[Python-Dev] Deprecate crypt module and revert PR 3854
Christian Heimes
christian at python.org
Fri Feb 2 10:23:20 EST 2018
Hi,
in PR 3854 [1] Serhiy added blowfish, extended DES and NT-Hash to
Python's crypt mdodule. I vetoed against addition of the APIs because
all these hashing algorithms are not state of the art. Their quality
ranges from old to horribly, horriblye broken beyond any repair.
Shortly after the PR has landed, I was made aware that glibc has
deprecated crypt(3) API [2] and favor of an external library called
libxcrypt [3] from OpenWall Linux. I have patched Python 3.7 [4] to
support libxcrypt.
In light of deprecation of crypt(3) glibc function and bad quality of
hashing algorithms, I'd like to raise the motion to revert 3854 and
deprecate the crypt module. The whole module should be rather moved into
3rd party library that wraps xcrypt.
Regards,
Christian
[1] https://github.com/python/cpython/pull/3854
[2]
https://www.phoronix.com/scan.php?page=news_item&px=Fedora-28-libxcrypt-Plans
[3] https://github.com/besser82/libxcrypt
[4] https://bugs.python.org/issue32635
More information about the Python-Dev
mailing list