Heikki Linnakangas wrote:
> I think it would better to add an explicit "isencrypted" parameter to
> the check_password_hook function, rather than require the module to do
> isMD5 on the password. Any imaginable check hook will need to know if
> the password is in MD5 format, and the backend already knows it (because
> it already did that check), it seems good to let the hook function know.
> Besides, if we introduce explicit syntax for saying that the supplied
> password is plaintext or md5 one day, calling isMD5 in the module will
> no longer be appropriate.
I agree on the second point, and I changed the patch accordingly.
Here's the latest version.
Yours,
Laurenz Albe
