[Catalyst] Outcome of the "Security issue with hashed passwords in C:P:A:Password"?

J. Shirley jshirley at gmail.com
Fri Apr 9 15:20:37 GMT 2010

On Fri, Apr 9, 2010 at 12:53 AM, Tomas Doran <bobtfish at bobtfish.net> wrote:
> On 9 Apr 2010, at 03:05, Evan Carroll wrote:
>> http://github.com/EvanCarroll/Catalyst-Plugin-Authentication
>> Anyway, that's the repo -- Find the commits here:
>> http://github.com/EvanCarroll/Catalyst-Plugin-Authentication/commits/master
> This is actually a very unhelpful way to supply patches, as it makes the
> maintainer have to do a whole chunk of work to get as your patch. As such,
> given limited time, I haven't looked..
> The repository URI is in the repository metadata - could you supply a patch
> (or patches) against the actual repository?
> Thanks in advance
> t0m

Without any unnecessary commentary, here is the implementation of the
password_(pre|post)_salt_field, without other features that should be
patched separately.


I have a commit bit to C::P::A, just want peer review from the owners.

I do not have a test in there yet, just wanted something quickly and
I'll add some tests in shortly.


More information about the Catalyst mailing list