-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Le 08/01/2015 18:30, Julien Pauli a écrit : > PHP 5.5.21 RC1 is available for testing.
I notice Horde_Auth test suite start to fail. Seems related to . Upgraded crypt_blowfish to version 1.3. (Leigh) http://git.php.net/?p=php-src.git;a=commitdiff;h=84be568366e50f76818abfbd49ca623ead809606 With 5.6.4 (without this change) $ php -r 'var_dump(crypt("foobar", "*0OayF9ttbxIs"));' string(13) "*0OayF9ttbxIs" With 5.4.36 / 5.5.21RC1 (with) $ php55 -r 'var_dump(crypt("foobar", "*0OayF9ttbxIs"));' string(2) "*1" Is this expected ? Notice the diff between (see attachement) : - - 5.4.35 and 5.4.36 show 5 changes, - - 5.5.20 and 5.521RC1 show only 2 - - 5.6.4 and 5.6.5RC1 show only 2 Remi P.S. going to send a mail to horde ML about this -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlSuy1IACgkQYUppBSnxahjnjwCgoKcpwa7Fm2QbBQ811tNS2aac SbcAn0kdF9FeBC+VDyOP8dG/XytadSiF =YeQO -----END PGP SIGNATURE-----
--- php-5.4.35/ext/standard/crypt.c 2014-11-12 01:29:14.000000000 +0100 +++ php-5.4.36/ext/standard/crypt.c 2014-12-16 19:41:23.000000000 +0100 @@ -204,7 +204,7 @@ salt[salt_in_len] = '\0'; crypt_res = php_sha512_crypt_r(str, salt, output, needed); - if (!crypt_res) { + if (!crypt_res || (salt[0]=='*' && salt[1]=='0')) { if (salt[0]=='*' && salt[1]=='0') { RETVAL_STRING("*1", 1); } else { @@ -227,7 +227,7 @@ salt[salt_in_len] = '\0'; crypt_res = php_sha256_crypt_r(str, salt, output, needed); - if (!crypt_res) { + if (!crypt_res || (salt[0]=='*' && salt[1]=='0')) { if (salt[0]=='*' && salt[1]=='0') { RETVAL_STRING("*1", 1); } else { @@ -242,7 +242,6 @@ } else if ( salt[0] == '$' && salt[1] == '2' && - salt[2] >= 'a' && salt[2] <= 'z' && salt[3] == '$' && salt[4] >= '0' && salt[4] <= '3' && salt[5] >= '0' && salt[5] <= '9' && @@ -252,7 +251,7 @@ memset(output, 0, PHP_MAX_SALT_LEN + 1); crypt_res = php_crypt_blowfish_rn(str, salt, output, sizeof(output)); - if (!crypt_res) { + if (!crypt_res || (salt[0]=='*' && salt[1]=='0')) { if (salt[0]=='*' && salt[1]=='0') { RETVAL_STRING("*1", 1); } else { @@ -268,7 +267,7 @@ _crypt_extended_init_r(); crypt_res = _crypt_extended_r(str, salt, &buffer); - if (!crypt_res) { + if (!crypt_res || (salt[0]=='*' && salt[1]=='0')) { if (salt[0]=='*' && salt[1]=='0') { RETURN_STRING("*1", 1); } else { @@ -292,7 +291,7 @@ # error Data struct used by crypt_r() is unknown. Please report. # endif crypt_res = crypt_r(str, salt, &buffer); - if (!crypt_res) { + if (!crypt_res || (salt[0]=='*' && salt[1]=='0')) { if (salt[0]=='*' && salt[1]=='0') { RETURN_STRING("*1", 1); } else {
--- php-5.5.19/ext/standard/crypt.c 2014-11-12 10:38:46.000000000 +0100 +++ /home/rpmbuild/SPECS/remirepo/scl-php55/php/php-5.5.21RC1/ext/standard/crypt.c 2015-01-07 10:38:49.000000000 +0100 @@ -196,7 +196,6 @@ } else if ( salt[0] == '$' && salt[1] == '2' && - salt[2] >= 'a' && salt[2] <= 'z' && salt[3] == '$' && salt[4] >= '0' && salt[4] <= '3' && salt[5] >= '0' && salt[5] <= '9' && @@ -219,7 +218,7 @@ _crypt_extended_init_r(); crypt_res = _crypt_extended_r(password, salt, &buffer); - if (!crypt_res) { + if (!crypt_res || (salt[0] == '*' && salt[1] == '0')) { return FAILURE; } else { *result = estrdup(crypt_res); @@ -240,7 +239,7 @@ # error Data struct used by crypt_r() is unknown. Please report. # endif crypt_res = crypt_r(password, salt, &buffer); - if (!crypt_res) { + if (!crypt_res || (salt[0] == '*' && salt[1] == '0')) { return FAILURE; } else { *result = estrdup(crypt_res);
--- php-5.6.4/ext/standard/crypt.c 2014-12-17 02:25:00.000000000 +0100 +++ /home/rpmbuild/SPECS/remirepo/scl-php56/php/php-5.6.5RC1/ext/standard/crypt.c 2015-01-06 23:01:03.000000000 +0100 @@ -196,7 +196,6 @@ } else if ( salt[0] == '$' && salt[1] == '2' && - salt[2] >= 'a' && salt[2] <= 'z' && salt[3] == '$' && salt[4] >= '0' && salt[4] <= '3' && salt[5] >= '0' && salt[5] <= '9' && @@ -219,7 +218,7 @@ _crypt_extended_init_r(); crypt_res = _crypt_extended_r(password, salt, &buffer); - if (!crypt_res) { + if (!crypt_res || (salt[0] == '*' && salt[1] == '0')) { return FAILURE; } else { *result = estrdup(crypt_res); @@ -240,7 +239,7 @@ # error Data struct used by crypt_r() is unknown. Please report. # endif crypt_res = crypt_r(password, salt, &buffer); - if (!crypt_res) { + if (!crypt_res || (salt[0] == '*' && salt[1] == '0')) { return FAILURE; } else { *result = estrdup(crypt_res);
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php