[nSLUG] Crypt in Perl

Daniel Morrison draker at gmail.com
Wed Jan 7 13:24:49 AST 2009

2009/1/7 D G Teed <donald.teed at gmail.com>:

> But with a salt of a single letter, say "X", things are different:
> old FreeBSD:
> $ perl -e 'print crypt("cow","X") . "\n";'
> XXI4zfZAWwgt6
> modern Linux:
> $ perl -e 'print crypt("cow","X") . "\n";'
> Our legacy web app has a single letter for the salt, so this is
> why the problem is happening.

Ouch!  That behaviour is probably 'undefined'.  I imagine one of them
is using a null, and the other a blank, or a newline.

Wait, the encrypted password shows that both substitute in a second 'X'.

And yet the actual encrypted password with a salt of 'XX' is
XXkTtHeIuQWzE, which doesn't match either of the two.

Yes, perplexing.  Must be undefinied.  Use two characters.  :)


More information about the nSLUG mailing list