02.02.18 18:18, Guido van Rossum пише: > I'm all for nudging people in the direction of xcrypt. I assume we can't > just switch the C-level crypt with xcrypt and leave the Python API > unchanged? > > However until a usable solution exist (either in the stdlib or as 3rd > party) I don't think we should deprecate anything (deprecating things > before the replacement is ready is stressful for everyone involved). > > I'm also not sure I agree with removing support for old hashes. By all > means put in the docs that they are unsafe. But if someone has a > database full of old hashes it would be nice to be able to at least > read/verify it, right? > > Was a release already made with blowfish, extended DES and NT-Hash? (And > what's so bad with blowfish? It's mentioned in the heading of the xcrypt > project too.) To clarify, extended DES and NT-Hash were not added. They were removed from my PR after Christians request. Only the Blowfish method was added, and it is so strong as SHA-2 methods. It is the only method supported on OpenBSD. This PR is not a single enhancement made in the crypt module recently. I also extended tests and added support for configuring SHA-2 methods. There is an open PR (not merged before 3.7b1 unfortunately) for using crypt_r() instead of crypt(): https://bugs.python.org/issue28503. If deprecate the crypt module, should modules pwd, grp and spwd be deprecated too? The crypt module is needed for checking password hashes provided by spwd.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4