 |
 |
 |
 |
|
|
Date: 04/05/01
- Next message: tom <email protected>: "[PHP-DEV] PHP 4.0 Bug #10193 Updated: Gargbage characters returned."
- Previous message: Alexander Feldman: "Re: [PHP-DEV] Request for new feature: $HTTP_SESSION_VARS when register_globals = on"
- Maybe in reply to: muhlig <email protected>: "[PHP-DEV] PHP 4.0 Bug #8834 Updated: crypt() starts from not random salt"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I too have seen this, but I assumed it you had to
put a random salt key in. I picked the system
mseconds and put that in a random seed to get a
random salt key. I was also on Solaris 2.6.
Simple work around if its not supposed to work
that way.
On 5 Apr 2001 18:57:45 -0000, sniper <email protected> wrote:
>ID: 8834
>Updated by: sniper
>Reported By: muhlig <email protected>
>Old-Status: Open
>Status: Feedback
>Bug Type: Strings related
>Assigned To:
>Comments:
>
>This is most likely a Solaris specific issue as I can't
>reproduce this on Linux.
>Can you please include the output of this command in both
>Solaris 2.4 and 2.6 (in php4):
>
># grep RAND main/php_config.h
>
>It might be that in both of those system the seed generator
>found is srand() which isn't so good as srandom() is.
>
>But I also found (with google :) that srandom() might not be
>that good either (in Solaris) so that leaves us with a problem.
>
>One solution might be that we run php_srand() in RINIT instead of MINIT when Solaris is used.
>
>--Jani
>
>
>Previous Comments:
>---------------------------------------------------------------------------
>
>[2001-01-22 06:05:34] muhlig <email protected>
>PHP compiled as Apache module. Look like crypt() starts from not random salt. In case of my Solaris 2.4, first
crypt() call always generates string starting from "IH". In case of Solaris 2.6 it always starts from "C.".
>
>Looks like in every instantiation of new Apache process PHP starts crypt from the same salt value.
>
>In the same process next crypt() calls look like they generate random strings, though. But next process restarts
with the same value.
>
>---------------------------------------------------------------------------
>
>
>
>ATTENTION! Do NOT reply to this email!
>To reply, use the web interface found at http://bugs.php.net/?id=8834&edit=2
>
>
>--
>PHP Development Mailing List <http://www.php.net/>
>To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
>For additional commands, e-mail: php-dev-help <email protected>
>To contact the list administrators, e-mail: php-list-admin <email protected>
>
-- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: php-dev-unsubscribe <email protected> For additional commands, e-mail: php-dev-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: tom <email protected>: "[PHP-DEV] PHP 4.0 Bug #10193 Updated: Gargbage characters returned."
- Previous message: Alexander Feldman: "Re: [PHP-DEV] Request for new feature: $HTTP_SESSION_VARS when register_globals = on"
- Maybe in reply to: muhlig <email protected>: "[PHP-DEV] PHP 4.0 Bug #8834 Updated: crypt() starts from not random salt"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]