I happened to notice two errors in one very small sub that I was testing out in Perl. I should note that I made these two very small errors while rewriting a custom Perl security module. Let’s take a look at the function before I spotted the errors:
# excerpt from Security3.pm
sub _cust_crypt {
my ($password) = @_;
# Show the lack of crypted password:
print(" pass is " . crypt($password, "@Kry0N4uT!"));
return crypt($password, "@Kry0N4uT!");
}
I was trying to figure out why I was getting a crypted password that was blank whenever I was using the function above when I realized my first mistake: I hadn’t listed $self as one of the function’s inputs.
Crypt Returns A Blank String
My second issue was that the Perl crypt function will only generate an encrypted string when the salt characters come from the set [./0-9A-Za-z]. If you look at my initial salt string of “@Kry0N4ut!” you can see that it contains two characters, not in the supported set.
So here is my corrected code after finding my $self, and correcting my salt:
sub _cust_crypt {
my ($self, $password) = @_;
return crypt($password, "0Kry0N4uT");
}