Re[2]: [Mailman-Developers] Big checkins a'comin'!

[John Morton]

On Thu, 15 Feb 2001 15:12:49 +1100 Andrew McNamara <andrewm@connect.com.au>=
 wrote:

> >    JM> Might as well add code to convert the password from the
> >    JM> depreciated form to the current default if one of the fallback
> >    JM> methods succeeds, then set the fallbacks to cascade over
> >    JM> crypt, MD5 and plaintext. This way, you can quitely change to
> >    JM> a more trusted hash should your current default eventually be
> >    JM> broken.
> >
> >No can do.  crypt()'s a one-way hash and Mailman doesn't store the
> >cleartext password (for the list), so there's no way to recover it in
> >order to convert.
>=20
> You could convert on the fly: when the user validates correctly, you
> temporarily have the clear-text password, and could convert it from
> crypt to md5 at this point.

That's what I meant :-) Not my day for clarity, it seems.

John