ID: 22806 Updated by: [EMAIL PROTECTED] Reported By: anj at aps dot anl dot gov Status: Feedback Bug Type: *Encryption and hash functions Operating System: Solaris 8 PHP Version: 4.3.1 New Comment:
And please check the line with HAVE_RAND_R in main/php_config.h, is it defined to 1 ? Previous Comments: ------------------------------------------------------------------------ [2003-03-24 03:35:00] [EMAIL PROTECTED] Set to 'Open' when you really give the feedback of whether the snapshot works or not. ------------------------------------------------------------------------ [2003-03-23 11:29:25] [EMAIL PROTECTED] I cannot reproduce this. And: the nsapi module has nothing to do with crypt. The only difference is that PHP is always reinitialized when running as cgi. Could be that it always uses same crypt salt since restarting the webserver. ------------------------------------------------------------------------ [2003-03-21 17:20:28] anj at aps dot anl dot gov After further testing I note that I can only see this problem when using the NSAPI interface; when run through the CGI (command-line) version it doesn't occur. I guess that indicates the problem is with NSAPI, so I've changed the bug category to "iPlanet related". As I said before I'm not the sysadmin for our webserver, but I am trying to get the php4-STABLE-200303202230 version installed to test - I'll report back if I succeed. The configure line on the 4.3.1 install that definitely exhibits the problem is reported by phpinfo() as this: './configure' '--prefix=/opt/local/php' '--with-mysql=/usr/local/mysql' '--with-nsapi=/usr/local/iplanet/server4' '--with-config-file-path=/etc' '--enable-libgcc' ------------------------------------------------------------------------ [2003-03-20 17:27:57] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-STABLE-latest.zip I can not reproduce this. If this happens with the latest stable snapshot, please add your configure line here. ------------------------------------------------------------------------ [2003-03-20 11:36:35] anj at aps dot anl dot gov Ever since we upgraded to from PHP 4.1.2 to 4.3.1 (we're using Sun's iPlanet server and the nsapi BTW), the autogenerated crypt salt being returned by new accounts in our password-protected area has been "..". Using this test script: <html><body> <?php echo crypt("1234567890"); ?> </body></html> I find that although not always the case, very often (and especially if I wait for some time before reloading) the result returned from the above is ..EXlUiP8mHCU. I have inserted a workaround to my PHP code now, and as I don't build PHP here it would be tricky for me to test any fix, but I thought the developers ought to know about this. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=22806&edit=1
