apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <...@rkbloom.net>
Subject Re: apr_password_validate on win32 silently mishandles crypted hashes
Date Thu, 27 May 2004 12:41:42 GMT

On Wed, 26 May 2004, William A. Rowe, Jr. wrote:

> At 09:05 PM 5/26/2004, Stas Bekman wrote:
> >I've posted the following wording:
> >
> >/**
> > * Validate hashes created by APR-supported algorithms: md5 and base64.
> > * hashes created by crypt are supported only on platforms that provide
> > * crypt(3), so don't rely on that function unless you know that your
> > * application will be run only on platforms that support it.
> > * @param passwd The password to validate
> > * @param hash The password to validate against
> > */
> >
> >Is that good enough?
> _Please_ use @bug to document any platform specific, unpredictable,
> or wildly incorrect behavior.  The days of /* XXX: */ should be long gone
> now that doxygen will tabulate all our problems for us :)

One more time now, this isn't a bug.  Labeling platform specific behaviour
a bug isn't correct.  Especially not in this case, where the code works,
it just doesn't accept all possible data on some platforms.  This wording
looks fine to me.  I'll try to apply it tonight (no promises at all,
between a wife who is due today and house guests, coding time is probably
shot to hell for a while, so somebody else should try to beat me to this).


View raw message