It's been a bit of a pain to figure out where the error is occuring, and
I may be totally wrong still, but it *appears* to be in OpenSSL at this
point.
Basically, when using PHP's crypt() function, it's returning a DES crypt
result even when using an MD5 salt, and thus, should be returning an MD5
result.
This only occurs when Apache 2.0.43 (and .42, at least) is compiled with
'--enable-ssl' as a configuration parameter. Settings in PHP's compile
make no difference, and the code for this in PHP is quite simple. I'm
fairly sure it's not PHP's issue, at this point. PHP stand-alone works
correctly, and PHP as a DSO in Apache as long as '--enable-ssl' isn't
used also works correctly. I'm not totally sure it's not an Apache
issue, but I'm looking now.
Some more details:
Script: <? echo crypt('test', '$1$asjdflajksdf'); ?>
Result without '--enable-ssl' compiled in:
$1$asjdflaj$eeNJDlzzc57uXXPg2lOqu/
Result with '--enable-ssl': $19JEJTylB1.M
Am I barking up the wrong tree?
Thanks,
Don
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
