[Python-checkins] python/dist/src/Doc/lib libcrypt.tex,1.16,1.17
loewis at users.sourceforge.net
loewis at users.sourceforge.net
Mon Jul 26 14:05:19 CEST 2004
Update of /cvsroot/python/python/dist/src/Doc/lib
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23574
Modified Files:
libcrypt.tex
Log Message:
Patch #997668: Correct explanation of salts.
Will backport to 2.3.
Index: libcrypt.tex
===================================================================
RCS file: /cvsroot/python/python/dist/src/Doc/lib/libcrypt.tex,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -d -r1.16 -r1.17
*** libcrypt.tex 9 May 2001 15:50:17 -0000 1.16
--- libcrypt.tex 26 Jul 2004 12:05:16 -0000 1.17
***************
*** 18,21 ****
--- 18,25 ----
attempting to crack \UNIX{} passwords with a dictionary.
+ Notice that the behavior of this module depends on the actual implementation
+ of the \manpage{crypt}{3}\index{crypt(3)} routine in the running system.
+ Therefore, any extensions available on the current implementation will also
+ be available on this module.
\begin{funcdesc}{crypt}{word, salt}
\var{word} will usually be a user's password as typed at a prompt or
***************
*** 26,29 ****
--- 30,37 ----
string, which will be composed of characters from the same alphabet
as the salt (the first two characters represent the salt itself).
+
+ Since a few \manpage{crypt}{3}\index{crypt(3)} extensions allow different
+ values, with different sizes in the \var{salt}, it is recommended to use
+ the full crypted password as salt when checking for a password.
\end{funcdesc}
***************
*** 41,45 ****
raise "Sorry, currently no support for shadow passwords"
cleartext = getpass.getpass()
! return crypt.crypt(cleartext, cryptedpasswd[:2]) == cryptedpasswd
else:
return 1
--- 49,53 ----
raise "Sorry, currently no support for shadow passwords"
cleartext = getpass.getpass()
! return crypt.crypt(cleartext, cryptedpasswd) == cryptedpasswd
else:
return 1
More information about the Python-checkins
mailing list