| msg279186 - (view) |
Author: Ed Schouten (EdSchouten) * |
Date: 2016-10-22 07:52 |
| The '_crypt' module provides a binding to the C crypt(3) function. It is used by the crypt.crypt() function. Looking at the C code, there are a couple of things we can improve: - Because crypt() only depends on primitive C types, we currently get away with calling it without it being declared. Ensure that we include <unistd.h>, which is the POSIX header file declaring this. - The disadvantage of crypt() is that it's thread-unsafe. Systems like Linux and recent versions of FreeBSD nowadays provide crypt_r() as a replacement. This function allows you to pass in a 'crypt_data' object that will hold the resulting string for you. Extend the code to use this function when available. This patch is actually needed to make this module build on CloudABI (https://mail.python.org/pipermail/python-dev/2016-July/145708.html). CloudABI's C library doesn't provide any thread-unsafe functions, meaning that crypt_r() is the only way you can crypt passwords. |
|
|
| msg304943 - (view) |
Author: Serhiy Storchaka (serhiy.storchaka) *  |
Date: 2017-10-24 20:53 |
| What is the performance of crypt_r() in comparison with crypt()? |
|
|
| msg304965 - (view) |
Author: Antoine Pitrou (pitrou) * |
Date: 2017-10-25 07:23 |
| I'm not sure performance matters. Modern crypt() algorithms should actually be slow enough (using a large number of rounds) to make brute-force attacks impractical... |
|
|
| msg304966 - (view) |
Author: Ed Schouten (EdSchouten) * |
Date: 2017-10-25 08:07 |
| Having looked at various implementations of crypt() and crypt_r(), I can't think of a reason why there would be any significant difference in performance. On systems like FreeBSD, crypt() is just a simple wrapper around crypt_r(): https://svnweb.freebsd.org/base/head/lib/libcrypt/crypt.c?view=markup#l134 If there would be any difference in performance, it would also be astronomically small compared to the computation time spent by the cryptographic hash functions themselves. |
|
|
| msg305026 - (view) |
Author: Benjamin Peterson (benjamin.peterson) * |
Date: 2017-10-26 06:20 |
| This sgtm. Can you send a PR? |
|
|
| msg307525 - (view) |
Author: Ed Schouten (EdSchouten) * |
Date: 2017-12-03 21:16 |
| Ah, you folks switched to Git + Github in the mean time. Nice! I've just sent this pull request: https://github.com/python/cpython/pull/4691 |
|
|
| msg332774 - (view) |
Author: Gregory P. Smith (gregory.p.smith) * |
Date: 2018-12-30 23:42 |
| New changeset 387512c7ecde6446f2e29408af2e16b9fc043807 by Gregory P. Smith in branch 'master': bpo-28503: Use crypt_r() when available instead of crypt() (GH-11373) https://github.com/python/cpython/commit/387512c7ecde6446f2e29408af2e16b9fc043807 |
|
|
| msg332775 - (view) |
Author: Gregory P. Smith (gregory.p.smith) * |
Date: 2018-12-30 23:56 |
| As this is internal only rather than a feature, i'll bring this into 3.7 as well. |
|
|
| msg332785 - (view) |
Author: Gregory P. Smith (gregory.p.smith) * |
Date: 2018-12-31 01:59 |
| New changeset a144feeb7ec501aaf30072d50e70d54b200e5ef0 by Gregory P. Smith (Miss Islington (bot)) in branch '3.7': bpo-28503: Use crypt_r() when available instead of crypt() (GH-11373) (GH-11376) https://github.com/python/cpython/commit/a144feeb7ec501aaf30072d50e70d54b200e5ef0 |
|
|
| msg332786 - (view) |
Author: Gregory P. Smith (gregory.p.smith) * |
Date: 2018-12-31 02:01 |
| I'm going to close this as 3.7 and 3.8 are good now, but if someone wants to see the same thing done in 2.7 it should be possible for them make a PR. This is primarily just a configure.ac change. |
|
|