Hi Pierre, On Mon, Aug 22, 2011 at 22:01, Pierre Joye <pierre....@gmail.com> wrote: > hi, > On Mon, Aug 22, 2011 at 9:51 PM, Ondřej Surý <ond...@sury.org> wrote: >> So I will (ab)use this time and ask for a feedback (again). I only >> received this from Pierre: >> >>> Not sure I agree with these changes, they are not supposed to be valid. I >>> don't have the time now to reply with a detailed explanation but we will do >>> it asap. >> >> and the detailed explanation never came. >> >> What the patch does: >> - it changes the m4 script to check for each individual cipher and if >> found it will use the system library for found ciphers, it will use >> PHP implementation for the rest (not-found) > > In 5.4+ it should be fine to apply it as long as it is well tested > (and not only on Debian pls :), MFH once 100% tested (other esoteric > systems), incl. phpt passing everywhere.
Cool, that was the response I was hoping for :). I can do some basic testing myself and I will speak with other maintainers and porters for help on the esoteric systems (Windows, VMS, etc... :)) > Then main problem here is about systems doing weird or non > standard things. Debian does or did that for a couple of things, I understand your reasoning (doesn't mean I agree :-) and I propose to add tests for hash results to config.m4, so if there is a weird thing in the system crypt() it will not be used. > I prefer true portability. On the other hand, one might argue that using the system crypt allows on-system compatibility, so you might use the saved passwords with other languages and system tools. So I will probably go the way I have outlined in the bug - the user will have the choice between system,internal,mixed with mixed as the default option. O. -- Ondřej Surý <ond...@sury.org> -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
