New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Patch] '_crypt' module: fix implicit declaration of crypt(), use crypt_r() where available #72689
Comments
The '_crypt' module provides a binding to the C crypt(3) function. It is used by the crypt.crypt() function. Looking at the C code, there are a couple of things we can improve:
This patch is actually needed to make this module build on CloudABI (https://mail.python.org/pipermail/python-dev/2016-July/145708.html). CloudABI's C library doesn't provide any thread-unsafe functions, meaning that crypt_r() is the only way you can crypt passwords. |
What is the performance of crypt_r() in comparison with crypt()? |
I'm not sure performance matters. Modern crypt() algorithms should actually be slow enough (using a large number of rounds) to make brute-force attacks impractical... |
Having looked at various implementations of crypt() and crypt_r(), I can't think of a reason why there would be any significant difference in performance. On systems like FreeBSD, crypt() is just a simple wrapper around crypt_r(): https://svnweb.freebsd.org/base/head/lib/libcrypt/crypt.c?view=markup#l134 If there would be any difference in performance, it would also be astronomically small compared to the computation time spent by the cryptographic hash functions themselves. |
This sgtm. Can you send a PR? |
Ah, you folks switched to Git + Github in the mean time. Nice! I've just sent this pull request: #4691 |
As this is internal only rather than a feature, i'll bring this into 3.7 as well. |
I'm going to close this as 3.7 and 3.8 are good now, but if someone wants to see the same thing done in 2.7 it should be possible for them make a PR. This is primarily just a configure.ac change. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: