[PHP-CVS] com php-src: Merging in Password Hashing API into master: NEWS
Commit:9aacdf6e892fe46526e1e60a3b3fea1b1c350699 Author:Anthony Ferrara ircmax...@gmail.com Tue, 16 Oct 2012 04:11:37 -0400 Parents: ccf749e38d1c05ab50d30781b47e55786d571585 0bc9ca39ced4128c3b9fb1ba2ac797d342e7eef2 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=9aacdf6e892fe46526e1e60a3b3fea1b1c350699 Log: Merging in Password Hashing API into master This implements the accepted RFC password_hash https://wiki.php.net/rfc/password_hash Changed paths: MM NEWS Diff: diff --cc NEWS index 41ab1bb,08045fc..2ad1fa7 --- a/NEWS +++ b/NEWS @@@ -3,8 -3,8 +3,10 @@@ PH ?? ??? 201?, PHP 5.5.0 - General improvements: + . Add simplified password hashing API + (https://wiki.php.net/rfc/password_hash). (Anthony Ferrara) + . Add generators and coroutines (https://wiki.php.net/rfc/generators). +(Nikita Popov) . Support list in foreach (https://wiki.php.net/rfc/foreachlist). (Laruence) . Implemented 'finally' keyword (https://wiki.php.net/rfc/finally). (Laruence) . Drop Windows XP and 2003 support. (Pierre) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Refactor to using a stack based zval instead of dynamic allocation: ext/standard/password.c
Commit:0bc9ca39ced4128c3b9fb1ba2ac797d342e7eef2 Author:Anthony Ferrara ircmax...@gmail.com Sun, 7 Oct 2012 05:42:08 -0400 Parents: 37b2207f66ac1cebdc3ff3f7f88ec319ee893292 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=0bc9ca39ced4128c3b9fb1ba2ac797d342e7eef2 Log: Refactor to using a stack based zval instead of dynamic allocation Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 3507183..266ad0a 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -245,12 +245,11 @@ PHP_FUNCTION(password_needs_rehash) if (options zend_symtable_find(options, cost, sizeof(cost), (void **) option_buffer) == SUCCESS) { if (Z_TYPE_PP(option_buffer) != IS_LONG) { - zval *cast_option_buffer; - ALLOC_ZVAL(cast_option_buffer); - MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); - convert_to_long(cast_option_buffer); - new_cost = Z_LVAL_P(cast_option_buffer); - zval_ptr_dtor(cast_option_buffer); + zval cast_option_buffer; + MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); + convert_to_long(cast_option_buffer); + new_cost = Z_LVAL(cast_option_buffer); + zval_dtor(cast_option_buffer); } else { new_cost = Z_LVAL_PP(option_buffer); } @@ -326,12 +325,11 @@ PHP_FUNCTION(password_hash) if (options zend_symtable_find(options, cost, 5, (void **) option_buffer) == SUCCESS) { if (Z_TYPE_PP(option_buffer) != IS_LONG) { - zval *cast_option_buffer; - ALLOC_ZVAL(cast_option_buffer); - MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); - convert_to_long(cast_option_buffer); - cost = Z_LVAL_P(cast_option_buffer); - zval_ptr_dtor(cast_option_buffer); + zval cast_option_buffer; + MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); + convert_to_long(cast_option_buffer); + cost = Z_LVAL(cast_option_buffer); + zval_dtor(cast_option_buffer); } else { cost = Z_LVAL_PP(option_buffer); } @@ -366,17 +364,16 @@ PHP_FUNCTION(password_hash) case IS_LONG: case IS_DOUBLE: case IS_OBJECT: { - zval *cast_option_buffer; - ALLOC_ZVAL(cast_option_buffer); - MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); - convert_to_string(cast_option_buffer); - if (Z_TYPE_P(cast_option_buffer) == IS_STRING) { - buffer = estrndup(Z_STRVAL_P(cast_option_buffer), Z_STRLEN_P(cast_option_buffer)); - buffer_len_int = Z_STRLEN_P(cast_option_buffer); - zval_ptr_dtor(cast_option_buffer); + zval cast_option_buffer; + MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); + convert_to_string(cast_option_buffer); + if (Z_TYPE(cast_option_buffer) == IS_STRING) { + buffer = estrndup(Z_STRVAL(cast_option_buffer), Z_STRLEN(cast_option_buffer)); + buffer_len_int = Z_STRLEN(cast_option_buffer); + zval_dtor(cast_option_buffer); break; } - zval_ptr_dtor(cast_option_buffer); + zval_dtor(cast_option_buffer); } case IS_BOOL: case IS_NULL: -- PHP CVS Mailing List
[PHP-CVS] com php-src: Clean up unreported memory leak by switching to zval_ptr_dtor: ext/standard/password.c
Commit:37b2207f66ac1cebdc3ff3f7f88ec319ee893292 Author:Anthony Ferrara ircmax...@gmail.com Sun, 7 Oct 2012 05:12:02 -0400 Parents: 76e83f769ff5929b45cf0ac666335ce68ada166f Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=37b2207f66ac1cebdc3ff3f7f88ec319ee893292 Log: Clean up unreported memory leak by switching to zval_ptr_dtor Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 70004a9..3507183 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -250,7 +250,7 @@ PHP_FUNCTION(password_needs_rehash) MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); convert_to_long(cast_option_buffer); new_cost = Z_LVAL_P(cast_option_buffer); - zval_dtor(cast_option_buffer); + zval_ptr_dtor(cast_option_buffer); } else { new_cost = Z_LVAL_PP(option_buffer); } @@ -331,7 +331,7 @@ PHP_FUNCTION(password_hash) MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); convert_to_long(cast_option_buffer); cost = Z_LVAL_P(cast_option_buffer); - zval_dtor(cast_option_buffer); + zval_ptr_dtor(cast_option_buffer); } else { cost = Z_LVAL_PP(option_buffer); } @@ -373,10 +373,10 @@ PHP_FUNCTION(password_hash) if (Z_TYPE_P(cast_option_buffer) == IS_STRING) { buffer = estrndup(Z_STRVAL_P(cast_option_buffer), Z_STRLEN_P(cast_option_buffer)); buffer_len_int = Z_STRLEN_P(cast_option_buffer); - zval_dtor(cast_option_buffer); + zval_ptr_dtor(cast_option_buffer); break; } - zval_dtor(cast_option_buffer); + zval_ptr_dtor(cast_option_buffer); } case IS_BOOL: case IS_NULL: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Really fix leaks, add test cases to prove it...: ext/standard/password.c ext/standard/tests/password/password_bcrypt_errors.phpt ext/standard/tests/password/password_hash_error.
Commit:1751d5fabeff466f08da560caa6f9ade5a82 Author:Anthony Ferrara ircmax...@gmail.com Sat, 6 Oct 2012 10:38:41 -0400 Parents: 25b2d364e995fc070ae16ee34f60d25148413769 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=1751d5fabeff466f08da560caa6f9ade5a82 Log: Really fix leaks, add test cases to prove it... Changed paths: M ext/standard/password.c M ext/standard/tests/password/password_bcrypt_errors.phpt M ext/standard/tests/password/password_hash_error.phpt M ext/standard/tests/password/password_needs_rehash.phpt Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index af42a6f..9667fdc 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -245,9 +245,12 @@ PHP_FUNCTION(password_needs_rehash) if (options zend_symtable_find(options, cost, sizeof(cost), (void **) option_buffer) == SUCCESS) { if (Z_TYPE_PP(option_buffer) != IS_LONG) { - convert_to_long_ex(option_buffer); - new_cost = Z_LVAL_PP(option_buffer); - zval_ptr_dtor(option_buffer); + zval *cast_option_buffer; + ALLOC_ZVAL(cast_option_buffer); + INIT_PZVAL_COPY(cast_option_buffer, *option_buffer); + convert_to_long(cast_option_buffer); + new_cost = Z_LVAL_P(cast_option_buffer); + zval_dtor(cast_option_buffer); } else { new_cost = Z_LVAL_PP(option_buffer); } @@ -323,9 +326,12 @@ PHP_FUNCTION(password_hash) if (options zend_symtable_find(options, cost, 5, (void **) option_buffer) == SUCCESS) { if (Z_TYPE_PP(option_buffer) != IS_LONG) { - convert_to_long_ex(option_buffer); - cost = Z_LVAL_PP(option_buffer); - zval_ptr_dtor(option_buffer); + zval *cast_option_buffer; + ALLOC_ZVAL(cast_option_buffer); + INIT_PZVAL_COPY(cast_option_buffer, *option_buffer); + convert_to_long(cast_option_buffer); + cost = Z_LVAL_P(cast_option_buffer); + zval_dtor(cast_option_buffer); } else { cost = Z_LVAL_PP(option_buffer); } @@ -353,27 +359,27 @@ PHP_FUNCTION(password_hash) int buffer_len_int = 0; size_t buffer_len; switch (Z_TYPE_PP(option_buffer)) { - case IS_NULL: case IS_STRING: + buffer = estrndup(Z_STRVAL_PP(option_buffer), Z_STRLEN_PP(option_buffer)); + buffer_len_int = Z_STRLEN_PP(option_buffer); + break; case IS_LONG: case IS_DOUBLE: - case IS_BOOL: - case IS_OBJECT: - if (Z_TYPE_PP(option_buffer) == IS_STRING) { - buffer = Z_STRVAL_PP(option_buffer); - buffer_len_int = Z_STRLEN_PP(option_buffer); + case IS_OBJECT: { + zval *cast_option_buffer; + ALLOC_ZVAL(cast_option_buffer); + INIT_PZVAL_COPY(cast_option_buffer, *option_buffer); + convert_to_string(cast_option_buffer); + if (Z_TYPE_P(cast_option_buffer) == IS_STRING) { + buffer = estrndup(Z_STRVAL_P(cast_option_buffer), Z_STRLEN_P(cast_option_buffer)); + buffer_len_int = Z_STRLEN_P(cast_option_buffer); + zval_dtor(cast_option_buffer); break; - } else { - SEPARATE_ZVAL(option_buffer); - convert_to_string_ex(option_buffer); - if (Z_TYPE_PP(option_buffer) == IS_STRING) { -
[PHP-CVS] com php-src: fix allocation and copy issue: ext/standard/password.c
Commit:76e83f769ff5929b45cf0ac666335ce68ada166f Author:Anthony Ferrara ircmax...@gmail.com Sat, 6 Oct 2012 12:33:48 -0400 Parents: 1751d5fabeff466f08da560caa6f9ade5a82 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=76e83f769ff5929b45cf0ac666335ce68ada166f Log: fix allocation and copy issue Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 9667fdc..70004a9 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -247,7 +247,7 @@ PHP_FUNCTION(password_needs_rehash) if (Z_TYPE_PP(option_buffer) != IS_LONG) { zval *cast_option_buffer; ALLOC_ZVAL(cast_option_buffer); - INIT_PZVAL_COPY(cast_option_buffer, *option_buffer); + MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); convert_to_long(cast_option_buffer); new_cost = Z_LVAL_P(cast_option_buffer); zval_dtor(cast_option_buffer); @@ -328,7 +328,7 @@ PHP_FUNCTION(password_hash) if (Z_TYPE_PP(option_buffer) != IS_LONG) { zval *cast_option_buffer; ALLOC_ZVAL(cast_option_buffer); - INIT_PZVAL_COPY(cast_option_buffer, *option_buffer); + MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); convert_to_long(cast_option_buffer); cost = Z_LVAL_P(cast_option_buffer); zval_dtor(cast_option_buffer); @@ -368,7 +368,7 @@ PHP_FUNCTION(password_hash) case IS_OBJECT: { zval *cast_option_buffer; ALLOC_ZVAL(cast_option_buffer); - INIT_PZVAL_COPY(cast_option_buffer, *option_buffer); + MAKE_COPY_ZVAL(option_buffer, cast_option_buffer); convert_to_string(cast_option_buffer); if (Z_TYPE_P(cast_option_buffer) == IS_STRING) { buffer = estrndup(Z_STRVAL_P(cast_option_buffer), Z_STRLEN_P(cast_option_buffer)); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix issue with possible memory leak: ext/standard/password.c
Commit:25b2d364e995fc070ae16ee34f60d25148413769 Author:Anthony Ferrara ircmax...@gmail.com Fri, 5 Oct 2012 15:53:40 -0400 Parents: 4a7d18c79ef956022090cf7e8159ca6d50ae2339 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=25b2d364e995fc070ae16ee34f60d25148413769 Log: Fix issue with possible memory leak Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 87fc2c2..af42a6f 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -350,7 +350,7 @@ PHP_FUNCTION(password_hash) if (options zend_symtable_find(options, salt, 5, (void**) option_buffer) == SUCCESS) { char *buffer; - int buffer_len_int; + int buffer_len_int = 0; size_t buffer_len; switch (Z_TYPE_PP(option_buffer)) { case IS_NULL: @@ -359,17 +359,20 @@ PHP_FUNCTION(password_hash) case IS_DOUBLE: case IS_BOOL: case IS_OBJECT: - convert_to_string_ex(option_buffer); if (Z_TYPE_PP(option_buffer) == IS_STRING) { buffer = Z_STRVAL_PP(option_buffer); buffer_len_int = Z_STRLEN_PP(option_buffer); - if (buffer_len_int 0) { + break; + } else { + SEPARATE_ZVAL(option_buffer); + convert_to_string_ex(option_buffer); + if (Z_TYPE_PP(option_buffer) == IS_STRING) { + buffer = Z_STRVAL_PP(option_buffer); + buffer_len_int = Z_STRLEN_PP(option_buffer); zval_ptr_dtor(option_buffer); - efree(hash_format); - php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied salt is too long); + break; } - buffer_len = (size_t) buffer_len_int; - break; + zval_ptr_dtor(option_buffer); } case IS_RESOURCE: case IS_ARRAY: @@ -378,6 +381,11 @@ PHP_FUNCTION(password_hash) php_error_docref(NULL TSRMLS_CC, E_WARNING, Non-string salt parameter supplied); RETURN_NULL(); } + if (buffer_len_int 0) { + efree(hash_format); + php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied salt is too long); + } + buffer_len = (size_t) buffer_len_int; if (buffer_len required_salt_len) { efree(hash_format); php_error_docref(NULL TSRMLS_CC, E_WARNING, Provided salt is too short: %lu expecting %lu, (unsigned long) buffer_len, (unsigned long) required_salt_len); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix some double free issues, and more cleanup work: ext/standard/password.c
Commit:4a7d18c79ef956022090cf7e8159ca6d50ae2339 Author:Anthony Ferrara ircmax...@gmail.com Fri, 5 Oct 2012 15:31:58 -0400 Parents: 8bd79d180716fc521a3f5cae4bbfa96eb6397925 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=4a7d18c79ef956022090cf7e8159ca6d50ae2339 Log: Fix some double free issues, and more cleanup work Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index e876269..87fc2c2 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -79,7 +79,7 @@ static zend_bool php_password_salt_is_alphabet(const char *str, const size_t len } /* }}} */ -static int php_password_salt_to64(const char *str, const size_t str_len, const size_t out_len, char *ret) /* {{{ */ +static zend_bool php_password_salt_to64(const char *str, const size_t str_len, const size_t out_len, char *ret) /* {{{ */ { size_t pos = 0; size_t ret_len = 0; @@ -108,7 +108,7 @@ static int php_password_salt_to64(const char *str, const size_t str_len, const s } /* }}} */ -static int php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */ +static zend_bool php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */ { int buffer_valid = 0; size_t i, raw_length; @@ -163,9 +163,8 @@ static int php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */ efree(buffer); efree(result); return FAILURE; - } else { - memcpy(ret, result, (int) length); } + memcpy(ret, result, (int) length); efree(result); efree(buffer); ret[length] = 0; @@ -245,9 +244,13 @@ PHP_FUNCTION(password_needs_rehash) long new_cost = PHP_PASSWORD_BCRYPT_COST, cost = 0; if (options zend_symtable_find(options, cost, sizeof(cost), (void **) option_buffer) == SUCCESS) { - convert_to_long_ex(option_buffer); - new_cost = Z_LVAL_PP(option_buffer); - zval_ptr_dtor(option_buffer); + if (Z_TYPE_PP(option_buffer) != IS_LONG) { + convert_to_long_ex(option_buffer); + new_cost = Z_LVAL_PP(option_buffer); + zval_ptr_dtor(option_buffer); + } else { + new_cost = Z_LVAL_PP(option_buffer); + } } sscanf(hash, $2y$%ld$, cost); @@ -319,9 +322,13 @@ PHP_FUNCTION(password_hash) long cost = PHP_PASSWORD_BCRYPT_COST; if (options zend_symtable_find(options, cost, 5, (void **) option_buffer) == SUCCESS) { - convert_to_long_ex(option_buffer); - cost = Z_LVAL_PP(option_buffer); - zval_ptr_dtor(option_buffer); + if (Z_TYPE_PP(option_buffer) != IS_LONG) { + convert_to_long_ex(option_buffer); + cost = Z_LVAL_PP(option_buffer); + zval_ptr_dtor(option_buffer); + } else { + cost = Z_LVAL_PP(option_buffer); + } } if (cost 4 || cost 31) { @@ -367,14 +374,12 @@ PHP_FUNCTION(password_hash) case IS_RESOURCE: case IS_ARRAY: default: - zval_ptr_dtor(option_buffer); efree(hash_format); php_error_docref(NULL TSRMLS_CC, E_WARNING, Non-string salt parameter supplied); RETURN_NULL(); } if (buffer_len required_salt_len) { efree(hash_format); - zval_ptr_dtor(option_buffer); php_error_docref(NULL TSRMLS_CC, E_WARNING, Provided salt is too short: %lu expecting %lu, (unsigned long) buffer_len, (unsigned long) required_salt_len); RETURN_NULL(); } else if (0 == php_password_salt_is_alphabet(buffer, buffer_len)) { @@ -382,7 +387,6 @@ PHP_FUNCTION(password_hash) if (php_password_salt_to64(buffer, buffer_len, required_salt_len, salt) == FAILURE) { efree(hash_format); efree(salt); -
[PHP-CVS] com php-src: Fix arg info for required params passed to needs_rehash: ext/standard/basic_functions.c
Commit:6fd5ba5c8d70ecbd80175a488160f57380d8afee Author:Anthony Ferrara ircmax...@gmail.com Mon, 17 Sep 2012 11:10:59 -0400 Parents: 44c2624f8c7d6bc00f46bc69c77791c2a334cc9a Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=6fd5ba5c8d70ecbd80175a488160f57380d8afee Log: Fix arg info for required params passed to needs_rehash Changed paths: M ext/standard/basic_functions.c Diff: diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index cf2266c..a30579e 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1863,7 +1863,7 @@ ZEND_END_ARG_INFO() ZEND_BEGIN_ARG_INFO_EX(arginfo_password_get_info, 0, 0, 1) ZEND_ARG_INFO(0, hash) ZEND_END_ARG_INFO() -ZEND_BEGIN_ARG_INFO_EX(arginfo_password_needs_rehash, 0, 0, 1) +ZEND_BEGIN_ARG_INFO_EX(arginfo_password_needs_rehash, 0, 0, 2) ZEND_ARG_INFO(0, hash) ZEND_ARG_INFO(0, algo) ZEND_ARG_INFO(0, options) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Refactor slightly to enable cleaner readability: ext/standard/password.c
Commit:8bd79d180716fc521a3f5cae4bbfa96eb6397925 Author:Anthony Ferrara ircmax...@gmail.com Mon, 17 Sep 2012 11:43:47 -0400 Parents: 6fd5ba5c8d70ecbd80175a488160f57380d8afee Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=8bd79d180716fc521a3f5cae4bbfa96eb6397925 Log: Refactor slightly to enable cleaner readability Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 8e9d894..e876269 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -242,16 +242,16 @@ PHP_FUNCTION(password_needs_rehash) switch (algo) { case PHP_PASSWORD_BCRYPT: { - int newCost = PHP_PASSWORD_BCRYPT_COST, cost = 0; + long new_cost = PHP_PASSWORD_BCRYPT_COST, cost = 0; - if (options zend_symtable_find(options, cost, 5, (void **) option_buffer) == SUCCESS) { + if (options zend_symtable_find(options, cost, sizeof(cost), (void **) option_buffer) == SUCCESS) { convert_to_long_ex(option_buffer); - newCost = Z_LVAL_PP(option_buffer); + new_cost = Z_LVAL_PP(option_buffer); zval_ptr_dtor(option_buffer); } - sscanf(hash, $2y$%d$, cost); - if (cost != newCost) { + sscanf(hash, $2y$%ld$, cost); + if (cost != new_cost) { RETURN_TRUE; } } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix ucwords error casing: ext/standard/password.c
Commit:44c2624f8c7d6bc00f46bc69c77791c2a334cc9a Author:Anthony Ferrara ircmax...@gmail.com Mon, 17 Sep 2012 10:59:51 -0400 Parents: e034a46bdc36fb82957f5e503fa730776dfbba11 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=44c2624f8c7d6bc00f46bc69c77791c2a334cc9a Log: Fix ucwords error casing Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 6c2a9af..8e9d894 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -185,7 +185,7 @@ PHP_FUNCTION(password_get_info) } if (hash_len 0 || (size_t) hash_len 0) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied Password Hash Too Long To Safely Identify); + php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied password hash too long to safely identify); RETURN_FALSE; } @@ -229,7 +229,7 @@ PHP_FUNCTION(password_needs_rehash) } if (hash_len 0) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied Password Hash Too Long To Safely Identify); + php_error_docref(NULL TSRMLS_CC, E_WARNING, Supplied password hash too long to safely identify); RETURN_FALSE; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: A bunch of naming convention fixes. No functionality changes: ext/standard/password.c ext/standard/php_password.h
Commit:e034a46bdc36fb82957f5e503fa730776dfbba11 Author:Anthony Ferrara ircmax...@gmail.com Mon, 17 Sep 2012 10:52:07 -0400 Parents: 83cfff4593bd3bd7791f32795e9b5bda446cd8e2 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e034a46bdc36fb82957f5e503fa730776dfbba11 Log: A bunch of naming convention fixes. No functionality changes Changed paths: M ext/standard/password.c M ext/standard/php_password.h Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 0dd8fed..6c2a9af 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -38,7 +38,7 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ { REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT, CONST_CS | CONST_PERSISTENT); - REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT_DEFAULT_COST, PHP_PASSWORD_BCRYPT_COST, CONST_CS | CONST_PERSISTENT); @@ -46,23 +46,24 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ } /* }}} */ -static char* php_password_get_algo_name(const php_password_algos algo) +static char* php_password_get_algo_name(const php_password_algo algo) { switch (algo) { - case PASSWORD_BCRYPT: + case PHP_PASSWORD_BCRYPT: return bcrypt; + case PHP_PASSWORD_UNKNOWN: default: return unknown; } } -static php_password_algos php_password_determine_algo(const char *hash, const size_t len) +static php_password_algo php_password_determine_algo(const char *hash, const size_t len) { if (len 3 hash[0] == '$' hash[1] == '2' hash[2] == 'y' len == 60) { - return PASSWORD_BCRYPT; + return PHP_PASSWORD_BCRYPT; } - return PASSWORD_UNKNOWN; + return PHP_PASSWORD_UNKNOWN; } static zend_bool php_password_salt_is_alphabet(const char *str, const size_t len) /* {{{ */ @@ -174,13 +175,13 @@ static int php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */ PHP_FUNCTION(password_get_info) { - php_password_algos algo; + php_password_algo algo; int hash_len; - char *hash, *algoName; + char *hash, *algo_name; zval *options; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, hash, hash_len) == FAILURE) { - RETURN_NULL(); + return; } if (hash_len 0 || (size_t) hash_len 0) { @@ -192,17 +193,17 @@ PHP_FUNCTION(password_get_info) array_init(options); algo = php_password_determine_algo(hash, (size_t) hash_len); - algoName = php_password_get_algo_name(algo); + algo_name = php_password_get_algo_name(algo); switch (algo) { - case PASSWORD_BCRYPT: + case PHP_PASSWORD_BCRYPT: { long cost = PHP_PASSWORD_BCRYPT_COST; sscanf(hash, $2y$%ld$, cost); add_assoc_long(options, cost, cost); } break; - case PASSWORD_UNKNOWN: + case PHP_PASSWORD_UNKNOWN: default: break; } @@ -210,21 +211,21 @@ PHP_FUNCTION(password_get_info) array_init(return_value); add_assoc_long(return_value, algo, algo); - add_assoc_string(return_value, algoName, algoName, 1); + add_assoc_string(return_value, algoName, algo_name, 1); add_assoc_zval(return_value, options, options); } PHP_FUNCTION(password_needs_rehash) { long new_algo = 0; - php_password_algos algo; + php_password_algo algo; int hash_len; char *hash; HashTable *options = 0; zval **option_buffer; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, sl|H, hash, hash_len, new_algo, options) == FAILURE) { - RETURN_NULL(); + return; } if (hash_len 0) { @@ -239,7 +240,7 @@ PHP_FUNCTION(password_needs_rehash) } switch (algo) { - case PASSWORD_BCRYPT: + case PHP_PASSWORD_BCRYPT: { int newCost = PHP_PASSWORD_BCRYPT_COST, cost = 0; @@ -255,7 +256,7 @@ PHP_FUNCTION(password_needs_rehash) } } break; - case PASSWORD_UNKNOWN: + case PHP_PASSWORD_UNKNOWN: default: break; } @@ -309,11 +310,11 @@ PHP_FUNCTION(password_hash) zval **option_buffer; if (zend_parse_parameters(ZEND_NUM_ARGS()
[PHP-CVS] com php-src: Switch to using an ENUM for algorithms instead of a constant: ext/standard/password.c ext/standard/php_password.h
Commit:83cfff4593bd3bd7791f32795e9b5bda446cd8e2 Author:Anthony Ferrara ircmax...@gmail.com Thu, 13 Sep 2012 10:32:54 -0400 Parents: 7ec80e1a139ca7f43c02728f3fe2424cef0138b6 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=83cfff4593bd3bd7791f32795e9b5bda446cd8e2 Log: Switch to using an ENUM for algorithms instead of a constant Changed paths: M ext/standard/password.c M ext/standard/php_password.h Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 9b1bb8c..0dd8fed 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -38,7 +38,7 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ { REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT, CONST_CS | CONST_PERSISTENT); - REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT_DEFAULT_COST, PHP_PASSWORD_BCRYPT_COST, CONST_CS | CONST_PERSISTENT); @@ -46,29 +46,26 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ } /* }}} */ -static char* php_password_get_algo_name(const int algo) +static char* php_password_get_algo_name(const php_password_algos algo) { switch (algo) { - case PHP_PASSWORD_BCRYPT: + case PASSWORD_BCRYPT: return bcrypt; default: return unknown; } } -static int php_password_determine_algo(const char *hash, const size_t len) +static php_password_algos php_password_determine_algo(const char *hash, const size_t len) { - if (len 3) { - return 0; - } - if (hash[0] == '$' hash[1] == '2' hash[2] == 'y' len == 60) { - return PHP_PASSWORD_BCRYPT; + if (len 3 hash[0] == '$' hash[1] == '2' hash[2] == 'y' len == 60) { + return PASSWORD_BCRYPT; } - return 0; + return PASSWORD_UNKNOWN; } -static int php_password_salt_is_alphabet(const char *str, const size_t len) /* {{{ */ +static zend_bool php_password_salt_is_alphabet(const char *str, const size_t len) /* {{{ */ { size_t i = 0; @@ -177,7 +174,7 @@ static int php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */ PHP_FUNCTION(password_get_info) { - long algo; + php_password_algos algo; int hash_len; char *hash, *algoName; zval *options; @@ -198,13 +195,16 @@ PHP_FUNCTION(password_get_info) algoName = php_password_get_algo_name(algo); switch (algo) { - case PHP_PASSWORD_BCRYPT: + case PASSWORD_BCRYPT: { long cost = PHP_PASSWORD_BCRYPT_COST; sscanf(hash, $2y$%ld$, cost); add_assoc_long(options, cost, cost); } - break; + break; + case PASSWORD_UNKNOWN: + default: + break; } array_init(return_value); @@ -216,7 +216,8 @@ PHP_FUNCTION(password_get_info) PHP_FUNCTION(password_needs_rehash) { - long new_algo = 0, algo = 0; + long new_algo = 0; + php_password_algos algo; int hash_len; char *hash; HashTable *options = 0; @@ -238,7 +239,7 @@ PHP_FUNCTION(password_needs_rehash) } switch (algo) { - case PHP_PASSWORD_BCRYPT: + case PASSWORD_BCRYPT: { int newCost = PHP_PASSWORD_BCRYPT_COST, cost = 0; @@ -254,6 +255,9 @@ PHP_FUNCTION(password_needs_rehash) } } break; + case PASSWORD_UNKNOWN: + default: + break; } RETURN_FALSE; } @@ -309,7 +313,7 @@ PHP_FUNCTION(password_hash) } switch (algo) { - case PHP_PASSWORD_BCRYPT: + case PASSWORD_BCRYPT: { long cost = PHP_PASSWORD_BCRYPT_COST; diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h index db7747a..c812e2c 100644 --- a/ext/standard/php_password.h +++ b/ext/standard/php_password.h @@ -28,11 +28,15 @@ PHP_FUNCTION(password_get_info); PHP_MINIT_FUNCTION(password); -#define PHP_PASSWORD_DEFAULT 1 -#define PHP_PASSWORD_BCRYPT1 +#define PHP_PASSWORD_DEFAULT PASSWORD_BCRYPT #define PHP_PASSWORD_BCRYPT_COST 10 +typedef enum { + PASSWORD_UNKNOWN, + PASSWORD_BCRYPT +} php_password_algos; + #endif -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Add news entry for password API: NEWS
Commit:7161c3d2cfde54ce218f20d03684f2a58e1c7627 Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012 11:56:12 -0400 Parents: 3e383dc0d5d7eb957f6639ab38dd566e16bca92b Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=7161c3d2cfde54ce218f20d03684f2a58e1c7627 Log: Add news entry for password API Changed paths: M NEWS Diff: diff --git a/NEWS b/NEWS index 1ee9779..08045fc 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,8 @@ PHP NEWS ?? ??? 201?, PHP 5.5.0 - General improvements: + . Add simplified password hashing API +(https://wiki.php.net/rfc/password_hash). (Anthony Ferrara) . Support list in foreach (https://wiki.php.net/rfc/foreachlist). (Laruence) . Implemented 'finally' keyword (https://wiki.php.net/rfc/finally). (Laruence) . Drop Windows XP and 2003 support. (Pierre) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Remove bcrypt_cost ini entry from declaration: main/main.c
Commit:ebe0bd5dee07bebd8444d9e7c28864ba17efeef8 Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012 11:44:03 -0400 Parents: e9a7bde829b3e43e2c61455752801e31ea88974f Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=ebe0bd5dee07bebd8444d9e7c28864ba17efeef8 Log: Remove bcrypt_cost ini entry from declaration Changed paths: M main/main.c Diff: diff --git a/main/main.c b/main/main.c index 2f40dc9..5eb9947 100644 --- a/main/main.c +++ b/main/main.c @@ -539,8 +539,6 @@ PHP_INI_BEGIN() STD_PHP_INI_ENTRY(error_append_string,NULL, PHP_INI_ALL,OnUpdateString, error_append_string, php_core_globals, core_globals) STD_PHP_INI_ENTRY(error_prepend_string, NULL, PHP_INI_ALL,OnUpdateString, error_prepend_string, php_core_globals, core_globals) - PHP_INI_ENTRY(password.bcrypt_cost, 11, PHP_INI_ALL,NULL) - PHP_INI_ENTRY(SMTP, localhost,PHP_INI_ALL,NULL) PHP_INI_ENTRY(smtp_port, 25, PHP_INI_ALL,NULL) STD_PHP_INI_BOOLEAN(mail.add_x_header,0, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, mail_x_header, php_core_globals, core_globals) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Expose PASSWORD_BCRYPT_DEFAULT_COST constant and update test to use it: ext/standard/password.c ext/standard/tests/password/password_needs_rehash.phpt
Commit:76f3295cdfd6a3106297352e73b9691084582211 Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012 11:47:50 -0400 Parents: ebe0bd5dee07bebd8444d9e7c28864ba17efeef8 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=76f3295cdfd6a3106297352e73b9691084582211 Log: Expose PASSWORD_BCRYPT_DEFAULT_COST constant and update test to use it Changed paths: M ext/standard/password.c M ext/standard/tests/password/password_needs_rehash.phpt Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index d3dc457..9b1bb8c 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -40,6 +40,8 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT_DEFAULT_COST, PHP_PASSWORD_BCRYPT_COST, CONST_CS | CONST_PERSISTENT); + return SUCCESS; } /* }}} */ diff --git a/ext/standard/tests/password/password_needs_rehash.phpt b/ext/standard/tests/password/password_needs_rehash.phpt index 0c03d88..2fc3983 100644 --- a/ext/standard/tests/password/password_needs_rehash.phpt +++ b/ext/standard/tests/password/password_needs_rehash.phpt @@ -22,9 +22,9 @@ var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9H // Invalid, different (higher) cost var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT, array('cost' = 11))); -// Valid with cost the default (may need to be updated as the default cost increases) -var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT)); - +// Valid with cost the default +$cost = str_pad(PASSWORD_BCRYPT_DEFAULT_COST, 2, '0', STR_PAD_LEFT); +var_dump(password_needs_rehash('$2y$'.$cost.'$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT)); echo OK!; ? -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Switch test to using strict comparison for crypt fallback: ext/standard/tests/password/password_hash.phpt
Commit:e9a7bde829b3e43e2c61455752801e31ea88974f Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012 11:37:56 -0400 Parents: e8b7f5b35da46a2bc414c922e8e1a7093d963899 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e9a7bde829b3e43e2c61455752801e31ea88974f Log: Switch test to using strict comparison for crypt fallback Changed paths: M ext/standard/tests/password/password_hash.phpt Diff: diff --git a/ext/standard/tests/password/password_hash.phpt b/ext/standard/tests/password/password_hash.phpt index ff48b29..f59d3d5 100644 --- a/ext/standard/tests/password/password_hash.phpt +++ b/ext/standard/tests/password/password_hash.phpt @@ -8,7 +8,7 @@ var_dump(strlen(password_hash(foo, PASSWORD_BCRYPT))); $hash = password_hash(foo, PASSWORD_BCRYPT); -var_dump($hash == crypt(foo, $hash)); +var_dump($hash === crypt(foo, $hash)); var_dump(password_hash(rasmuslerdorf, PASSWORD_BCRYPT, array(cost = 7, salt = usesomesillystringforsalt))); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Add tests for password_get_info and password_needs_rehash: ext/standard/tests/password/password_get_info.phpt ext/standard/tests/password/password_get_info_error.phpt ext/standa
Commit:e8b7f5b35da46a2bc414c922e8e1a7093d963899 Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012 11:21:08 -0400 Parents: db41f9fe60d863041fb53a273c2f64b6925f5ad0 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e8b7f5b35da46a2bc414c922e8e1a7093d963899 Log: Add tests for password_get_info and password_needs_rehash Changed paths: A ext/standard/tests/password/password_get_info.phpt A ext/standard/tests/password/password_get_info_error.phpt A ext/standard/tests/password/password_needs_rehash.phpt A ext/standard/tests/password/password_needs_rehash_error.phpt Diff: diff --git a/ext/standard/tests/password/password_get_info.phpt b/ext/standard/tests/password/password_get_info.phpt new file mode 100644 index 000..4c8dc04 --- /dev/null +++ b/ext/standard/tests/password/password_get_info.phpt @@ -0,0 +1,58 @@ +--TEST-- +Test normal operation of password_get_info() +--FILE-- +?php +//-=-=-=- +// Test Bcrypt +var_dump(password_get_info('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y')); +// Test Bcrypt Cost +var_dump(password_get_info('$2y$11$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y')); +// Test Bcrypt Invalid Length +var_dump(password_get_info('$2y$11$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100')); +// Test Non-Bcrypt +var_dump(password_get_info('$1$rasmusle$rISCgZzpwk3UhDidwXvin0')); + +echo OK!; +? +--EXPECT-- +array(3) { + [algo]= + int(1) + [algoName]= + string(6) bcrypt + [options]= + array(1) { +[cost]= +int(10) + } +} +array(3) { + [algo]= + int(1) + [algoName]= + string(6) bcrypt + [options]= + array(1) { +[cost]= +int(11) + } +} +array(3) { + [algo]= + int(0) + [algoName]= + string(7) unknown + [options]= + array(0) { + } +} +array(3) { + [algo]= + int(0) + [algoName]= + string(7) unknown + [options]= + array(0) { + } +} +OK! diff --git a/ext/standard/tests/password/password_get_info_error.phpt b/ext/standard/tests/password/password_get_info_error.phpt new file mode 100644 index 000..af67674 --- /dev/null +++ b/ext/standard/tests/password/password_get_info_error.phpt @@ -0,0 +1,17 @@ +--TEST-- +Test error operation of password_get_info() +--FILE-- +?php +//-=-=-=- +var_dump(password_get_info()); +var_dump(password_get_info(array())); + +echo OK!; +? +--EXPECTF-- +Warning: password_get_info() expects exactly 1 parameter, 0 given in %s on line %d +NULL + +Warning: password_get_info() expects parameter 1 to be string, array given in %s on line %d +NULL +OK! diff --git a/ext/standard/tests/password/password_needs_rehash.phpt b/ext/standard/tests/password/password_needs_rehash.phpt new file mode 100644 index 000..0c03d88 --- /dev/null +++ b/ext/standard/tests/password/password_needs_rehash.phpt @@ -0,0 +1,39 @@ +--TEST-- +Test normal operation of password_needs_rehash() +--FILE-- +?php +//-=-=-=- + +// Invalid Hash, always rehash +var_dump(password_needs_rehash('', PASSWORD_BCRYPT)); + +// Valid, as it's an unknown algorithm +var_dump(password_needs_rehash('', 0)); + +// Valid with cost the same +var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT, array('cost' = 10))); + +// Valid with cost the same, additional params +var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT, array('cost' = 10, 'foo' = 3))); + +// Invalid, different (lower) cost +var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT, array('cost' = 09))); + +// Invalid, different (higher) cost +var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT, array('cost' = 11))); + +// Valid with cost the default (may need to be updated as the default cost increases) +var_dump(password_needs_rehash('$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y', PASSWORD_BCRYPT)); + + +echo OK!; +? +--EXPECT-- +bool(true) +bool(false) +bool(false) +bool(false) +bool(true) +bool(true) +bool(false) +OK! diff --git a/ext/standard/tests/password/password_needs_rehash_error.phpt b/ext/standard/tests/password/password_needs_rehash_error.phpt new file mode 100644 index 000..e25ef8d --- /dev/null +++ b/ext/standard/tests/password/password_needs_rehash_error.phpt @@ -0,0 +1,33 @@ +--TEST-- +Test error operation of password_needs_rehash() +--FILE-- +?php +//-=-=-=- +var_dump(password_needs_rehash()); + +var_dump(password_needs_rehash('')); + +var_dump(password_needs_rehash('', foo)); + +var_dump(password_needs_rehash(array(), 1)); + +var_dump(password_needs_rehash(, 1, foo)); + +echo OK!; +? +--EXPECTF-- +Warning: password_needs_rehash() expects at least 2 parameters, 0 given in %s on line %d +NULL + +Warning: password_needs_rehash() expects at least 2 parameters, 1 given in %s on line %d +NULL + +Warning: password_needs_rehash() expects parameter 2 to be
[PHP-CVS] com php-src: Fix incorrect arg info required param count for password_hash: ext/standard/basic_functions.c
Commit:7ec80e1a139ca7f43c02728f3fe2424cef0138b6 Author:Anthony Ferrara ircmax...@gmail.com Wed, 12 Sep 2012 12:15:33 -0400 Parents: 7161c3d2cfde54ce218f20d03684f2a58e1c7627 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=7ec80e1a139ca7f43c02728f3fe2424cef0138b6 Log: Fix incorrect arg info required param count for password_hash Changed paths: M ext/standard/basic_functions.c Diff: diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index ece64f3..cf2266c 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1855,7 +1855,7 @@ ZEND_BEGIN_ARG_INFO(arginfo_getlastmod, 0) ZEND_END_ARG_INFO() /* }}} */ /* {{{ password.c */ -ZEND_BEGIN_ARG_INFO_EX(arginfo_password_hash, 0, 0, 1) +ZEND_BEGIN_ARG_INFO_EX(arginfo_password_hash, 0, 0, 2) ZEND_ARG_INFO(0, password) ZEND_ARG_INFO(0, algo) ZEND_ARG_INFO(0, options) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Refactoring to use size_t instead of int most places: ext/standard/password.c ext/standard/php_password.h
Commit:db41f9fe60d863041fb53a273c2f64b6925f5ad0 Author:Anthony Ferrara ircmax...@gmail.com Tue, 4 Sep 2012 11:34:00 -0400 Parents: 824f1f45818096eff0e022ba2a1cbc2071343c9a Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=db41f9fe60d863041fb53a273c2f64b6925f5ad0 Log: Refactoring to use size_t instead of int most places Changed paths: M ext/standard/password.c M ext/standard/php_password.h diff --git a/ext/standard/password.c b/ext/standard/password.c index 4f8ef5d..d3dc457 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -44,7 +44,17 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ } /* }}} */ -static long php_password_determine_algo(const char *hash, const int len) +static char* php_password_get_algo_name(const int algo) +{ + switch (algo) { + case PHP_PASSWORD_BCRYPT: + return bcrypt; + default: + return unknown; + } +} + +static int php_password_determine_algo(const char *hash, const size_t len) { if (len 3) { return 0; @@ -56,27 +66,33 @@ static long php_password_determine_algo(const char *hash, const int len) return 0; } -static int php_password_salt_is_alphabet(const char *str, const int len, const int salt_type) /* {{{ */ +static int php_password_salt_is_alphabet(const char *str, const size_t len) /* {{{ */ { - int i = 0; + size_t i = 0; - if (salt_type == PHP_PASSWORD_SALT_BCRYPT) { - for (i = 0; i len; i++) { - if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a' str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i] == '/')) { - return 0; - } + for (i = 0; i len; i++) { + if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a' str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i] == '/')) { + return 0; } } - return 1; } /* }}} */ -static int php_password_salt_to64(const char *str, const int str_len, const int out_len, char *ret) /* {{{ */ +static int php_password_salt_to64(const char *str, const size_t str_len, const size_t out_len, char *ret) /* {{{ */ { - int pos = 0; + size_t pos = 0; + size_t ret_len = 0; unsigned char *buffer; - buffer = php_base64_encode((unsigned char*) str, str_len, NULL); + if ((int) str_len 0) { + return FAILURE; + } + buffer = php_base64_encode((unsigned char*) str, (int) str_len, (int*) ret_len); + if (ret_len out_len) { + /* Too short of an encoded string generated */ + efree(buffer); + return FAILURE; + } for (pos = 0; pos out_len; pos++) { if (buffer[pos] == '+') { ret[pos] = '.'; @@ -92,30 +108,26 @@ static int php_password_salt_to64(const char *str, const int str_len, const int } /* }}} */ -static int php_password_make_salt(long length, int salt_type, char *ret TSRMLS_DC) /* {{{ */ +static int php_password_make_salt(size_t length, char *ret TSRMLS_DC) /* {{{ */ { int buffer_valid = 0; - long i, raw_length; + size_t i, raw_length; char *buffer; + char *result; - if (salt_type == PHP_PASSWORD_SALT_RAW) { - raw_length = length; - } else if (salt_type == PHP_PASSWORD_SALT_BCRYPT) { - if (length (LONG_MAX / 3)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too large to safely generate); - return FAILURE; - } - raw_length = length * 3 / 4 + 1; - } else { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown salt type paramter); + if (length (INT_MAX / 3)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too large to safely generate); return FAILURE; } + + raw_length = length * 3 / 4 + 1; + buffer = (char *) safe_emalloc(raw_length, 1, 1); #if PHP_WIN32 { BYTE *iv_b = (BYTE *) buffer; - if (php_win32_get_random_bytes(iv_b, (size_t) raw_length) == SUCCESS) { + if (php_win32_get_random_bytes(iv_b, raw_length) == SUCCESS) { buffer_valid = 1; } } @@ -130,11 +142,11 @@ static int php_password_make_salt(long length, int salt_type, char *ret TSRMLS_D if (n 0) { break; } - read_bytes += n; + read_bytes += (size_t) n; } close(fd); } - if (read_bytes == raw_length) { + if
[PHP-CVS] com php-src: Merge remote branch 'upstream/master' into hash_password: ext/standard/basic_functions.c main/main.c
Commit:824f1f45818096eff0e022ba2a1cbc2071343c9a Author:Anthony Ferrara ircmax...@gmail.com Tue, 4 Sep 2012 10:29:22 -0400 Parents: e05413ca594ff10fd93d40429cb598c2e109edf4 4b206126aca2ad9181abe65d70367680a4bc4c03 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=824f1f45818096eff0e022ba2a1cbc2071343c9a Log: Merge remote branch 'upstream/master' into hash_password * upstream/master: (393 commits) forked two tests for windows Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice) Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice) Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice) Bug #49510: Boolean validation fails with FILTER_NULL_ON_FAILURE with empty string or false Implemented ReflectionFunction::isGenerator() Allow null as a default value for length in mb_substr() and mb_strcut() Allow null as a default value for length in mb_substr() and mb_strcut() folder Initializing optional argument description in assert() Initializing optional argument description in assert() Fix test failed due to new Token T_YIELD fix NEWS Fix leak when yielding array as key Drop obsolete test Remove extra blank in notice message, should act as same as vm Fixed bug #62987 (Assigning to ArrayObject[null][something] overrides all undefined variables) assert() user message ... Bugs: https://bugs.php.net/50997 https://bugs.php.net/49510 https://bugs.php.net/62987 Changed paths: MM ext/standard/basic_functions.c MM main/main.c Diff: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Remove password_make_salt() from the implementation: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h ext/standard/tests/password/password_make
Commit:e05413ca594ff10fd93d40429cb598c2e109edf4 Author:Anthony Ferrara ircmax...@gmail.com Tue, 28 Aug 2012 11:24:33 -0400 Parents: 707c9073b595a75447fbc25e01e7804293fad9b7 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e05413ca594ff10fd93d40429cb598c2e109edf4 Log: Remove password_make_salt() from the implementation Changed paths: M ext/standard/basic_functions.c M ext/standard/password.c M ext/standard/php_password.h D ext/standard/tests/password/password_make_salt.phpt D ext/standard/tests/password/password_make_salt_error.phpt Diff: diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index e6b1559..1f1b3d3 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1884,10 +1884,6 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_password_verify, 0, 0, 2) ZEND_ARG_INFO(0, password) ZEND_ARG_INFO(0, hash) ZEND_END_ARG_INFO() -ZEND_BEGIN_ARG_INFO_EX(arginfo_password_make_salt, 0, 0, 1) - ZEND_ARG_INFO(0, length) - ZEND_ARG_INFO(0, raw_output) -ZEND_END_ARG_INFO() /* }}} */ /* {{{ proc_open.c */ #ifdef PHP_CAN_SUPPORT_PROC_OPEN @@ -2907,8 +2903,6 @@ const zend_function_entry basic_functions[] = { /* {{{ */ PHP_FE(password_get_info, arginfo_password_get_info) PHP_FE(password_needs_rehash, arginfo_password_needs_rehash) PHP_FE(password_verify, arginfo_password_verify) - PHP_FE(password_make_salt, arginfo_password_make_salt) - PHP_FE(convert_uuencode, arginfo_convert_uuencode) PHP_FE(convert_uudecode, arginfo_convert_uudecode) diff --git a/ext/standard/password.c b/ext/standard/password.c index 2e5d62a..4f8ef5d 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -40,9 +40,6 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); - REGISTER_LONG_CONSTANT(PASSWORD_SALT_RAW, PHP_PASSWORD_SALT_RAW, CONST_CS | CONST_PERSISTENT); - REGISTER_LONG_CONSTANT(PASSWORD_SALT_BCRYPT, PHP_PASSWORD_SALT_BCRYPT, CONST_CS | CONST_PERSISTENT); - return SUCCESS; } /* }}} */ @@ -95,8 +92,6 @@ static int php_password_salt_to64(const char *str, const int str_len, const int } /* }}} */ -#define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len) (zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **) func_ptr) == SUCCESS func_ptr-type == ZEND_INTERNAL_FUNCTION func_ptr-internal_function.handler != zif_display_disabled_function) - static int php_password_make_salt(long length, int salt_type, char *ret TSRMLS_DC) /* {{{ */ { int buffer_valid = 0; @@ -277,35 +272,6 @@ PHP_FUNCTION(password_verify) } /* }}} */ -/* {{{ proto string password_make_salt(int length, int salt_type = PASSWORD_SALT_BCRYPT) -Make a new random salt */ -PHP_FUNCTION(password_make_salt) -{ - char *salt; - long length = 0, salt_type = 0; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|l, length, salt_type) == FAILURE) { - RETURN_NULL(); - } - if (length = 0) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Length cannot be less than or equal zero: %ld, length); - RETURN_NULL(); - } else if (length (LONG_MAX / 3)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too large to safely generate); - RETURN_NULL(); - } - - if (!salt_type) { - salt_type = PHP_PASSWORD_SALT_BCRYPT; - } - salt = safe_emalloc(length, 1, 1); - if (php_password_make_salt(length, (int) salt_type, salt TSRMLS_CC) == FAILURE) { - efree(salt); - RETURN_FALSE; - } - RETURN_STRINGL(salt, length, 0); -} -/* }}} */ - /* {{{ proto string password_hash(string password, int algo, array options = array()) Hash a password */ PHP_FUNCTION(password_hash) diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h index 8211ae1..d99c061 100644 --- a/ext/standard/php_password.h +++ b/ext/standard/php_password.h @@ -23,7 +23,6 @@ PHP_FUNCTION(password_hash); PHP_FUNCTION(password_verify); -PHP_FUNCTION(password_make_salt); PHP_FUNCTION(password_needs_rehash); PHP_FUNCTION(password_get_info);
[PHP-CVS] com php-src: Switch second parameter to password_make_salt to be a flag: ext/standard/password.c ext/standard/php_password.h ext/standard/tests/password/password_make_salt.phpt ext/standard/
Commit:707c9073b595a75447fbc25e01e7804293fad9b7 Author:Anthony Ferrara ircmax...@php.net Wed, 11 Jul 2012 22:15:56 -0400 Parents: 99b7956ad58395853f7950ae01a43139413d348d Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=707c9073b595a75447fbc25e01e7804293fad9b7 Log: Switch second parameter to password_make_salt to be a flag Changed paths: M ext/standard/password.c M ext/standard/php_password.h M ext/standard/tests/password/password_make_salt.phpt M ext/standard/tests/password/password_make_salt_error.phpt Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 2f1ebb5..2e5d62a 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -39,6 +39,10 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ { REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); + + REGISTER_LONG_CONSTANT(PASSWORD_SALT_RAW, PHP_PASSWORD_SALT_RAW, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(PASSWORD_SALT_BCRYPT, PHP_PASSWORD_SALT_BCRYPT, CONST_CS | CONST_PERSISTENT); + return SUCCESS; } /* }}} */ @@ -55,15 +59,18 @@ static long php_password_determine_algo(const char *hash, const int len) return 0; } -static int php_password_salt_is_alphabet(const char *str, const int len) /* {{{ */ +static int php_password_salt_is_alphabet(const char *str, const int len, const int salt_type) /* {{{ */ { int i = 0; - for (i = 0; i len; i++) { - if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a' str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i] == '/')) { - return 0; + if (salt_type == PHP_PASSWORD_SALT_BCRYPT) { + for (i = 0; i len; i++) { + if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a' str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i] == '/')) { + return 0; + } } } + return 1; } /* }}} */ @@ -90,20 +97,23 @@ static int php_password_salt_to64(const char *str, const int str_len, const int #define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len) (zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **) func_ptr) == SUCCESS func_ptr-type == ZEND_INTERNAL_FUNCTION func_ptr-internal_function.handler != zif_display_disabled_function) -static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* {{{ */ +static int php_password_make_salt(long length, int salt_type, char *ret TSRMLS_DC) /* {{{ */ { int buffer_valid = 0; long i, raw_length; char *buffer; - if (raw) { + if (salt_type == PHP_PASSWORD_SALT_RAW) { raw_length = length; - } else { + } else if (salt_type == PHP_PASSWORD_SALT_BCRYPT) { if (length (LONG_MAX / 3)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too large to safely generate); return FAILURE; } raw_length = length * 3 / 4 + 1; + } else { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown salt type paramter); + return FAILURE; } buffer = (char *) safe_emalloc(raw_length, 1, 1); @@ -140,9 +150,7 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* } } - if (raw) { - memcpy(ret, buffer, length); - } else { + if (salt_type == PHP_PASSWORD_SALT_BCRYPT) { char *result; result = safe_emalloc(length, 1, 1); if (php_password_salt_to64(buffer, raw_length, length, result) == FAILURE) { @@ -154,6 +162,9 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* memcpy(ret, result, length); efree(result); } + } else { + /* PHP_PASSWORD_SALT_RAW */ + memcpy(ret, buffer, length); } efree(buffer); ret[length] = 0; @@ -266,14 +277,13 @@ PHP_FUNCTION(password_verify) } /* }}} */ -/* {{{ proto string password_make_salt(int length, boolean raw_output = false) +/* {{{ proto string password_make_salt(int length, int salt_type = PASSWORD_SALT_BCRYPT) Make a new random salt */ PHP_FUNCTION(password_make_salt) { char *salt; - long length = 0; - zend_bool raw_output = 0; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|b, length, raw_output) == FAILURE) { + long length = 0, salt_type = 0; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|l, length, salt_type) == FAILURE) { RETURN_NULL(); } if (length = 0) { @@
[PHP-CVS] com php-src: Merge remote branch 'upstream/master' into hash_password: ext/standard/basic_functions.c
Commit:99b7956ad58395853f7950ae01a43139413d348d Author:Anthony Ferrara ircmax...@gmail.com Tue, 10 Jul 2012 10:33:51 -0400 Parents: 9d3630b5dc8fa066dc4212ead2fffc8635f5bc0a b210766084cbd00b0e479d2800e1920271a3faba Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=99b7956ad58395853f7950ae01a43139413d348d Log: Merge remote branch 'upstream/master' into hash_password * upstream/master: (34 commits) Fixed Bug #62500 (Segfault in DateInterval class when extended) Fixed test bug #62312 (warnings changed one more time) fix valgrind warning fix valgrind warning fixed #62433 test for win update NEWS Fixed bug #62499 (curl_setopt($ch, CURLOPT_COOKIEFILE, ) returns false) appease MSVC (doesnt like unary minus of unsigned ints) appease MSVC (doesnt like unary minus of unsigned ints) appease MSVC (doesnt like unary minus of unsigned ints) - Fixed bug #62507 (['REQUEST_TIME'] under mod_php5 returns miliseconds instead of seconds) Fixed Bug #62500 (Segfault in DateInterval class when extended) Added in NEWS and UPGRADING for feature 55218 Fix two issues with run-tests.php Fix potential integer overflow in nl2br Fix potential integer overflow in bin2hex This wil be PHP 5.3.16 Revert change 3f3ad30c50: There shouldn't be new features in 5.3, especially not if they aren't in 5.4, too. fix (signed) integer overflow (part of bug #52550 fix (signed) integer overflow (part of bug #52550 ... Bugs: https://bugs.php.net/62500 https://bugs.php.net/62312 https://bugs.php.net/62433 https://bugs.php.net/62499 https://bugs.php.net/62507 https://bugs.php.net/52550 Changed paths: MM ext/standard/basic_functions.c Diff: -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Cleanup whitespace issues: ext/standard/password.c
Commit:9d3630b5dc8fa066dc4212ead2fffc8635f5bc0a Author:Anthony Ferrara ircmax...@gmail.com Thu, 5 Jul 2012 17:58:19 -0400 Parents: ee7e7998410c8fd5bd2183b1af375622f0ca8e02 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=9d3630b5dc8fa066dc4212ead2fffc8635f5bc0a Log: Cleanup whitespace issues Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 9be6f8c..2f1ebb5 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -168,9 +168,9 @@ PHP_FUNCTION(password_get_info) char *hash; zval *options; -if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, hash, hash_len) == FAILURE) { -RETURN_NULL(); -} + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, hash, hash_len) == FAILURE) { + RETURN_NULL(); + } ALLOC_INIT_ZVAL(options); array_init(options); @@ -202,8 +202,8 @@ PHP_FUNCTION(password_needs_rehash) zval **option_buffer; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, sl|H, hash, hash_len, new_algo, options) == FAILURE) { -RETURN_NULL(); -} + RETURN_NULL(); + } algo = php_password_determine_algo(hash, hash_len); if (algo != new_algo) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Implement password_get_info() function: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h
Commit:ee7e7998410c8fd5bd2183b1af375622f0ca8e02 Author:Anthony Ferrara ircmax...@gmail.com Thu, 5 Jul 2012 17:46:33 -0400 Parents: db86d54446c461eab518225645889abc509db034 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=ee7e7998410c8fd5bd2183b1af375622f0ca8e02 Log: Implement password_get_info() function Changed paths: M ext/standard/basic_functions.c M ext/standard/password.c M ext/standard/php_password.h Diff: diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index bf6f9b0..e6500dd 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1872,6 +1872,9 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_password_hash, 0, 0, 1) ZEND_ARG_INFO(0, algo) ZEND_ARG_INFO(0, options) ZEND_END_ARG_INFO() +ZEND_BEGIN_ARG_INFO_EX(arginfo_password_get_info, 0, 0, 1) + ZEND_ARG_INFO(0, hash) +ZEND_END_ARG_INFO() ZEND_BEGIN_ARG_INFO_EX(arginfo_password_needs_rehash, 0, 0, 1) ZEND_ARG_INFO(0, hash) ZEND_ARG_INFO(0, algo) @@ -2901,6 +2904,7 @@ const zend_function_entry basic_functions[] = { /* {{{ */ PHP_FE(base64_encode, arginfo_base64_encode) PHP_FE(password_hash, arginfo_password_hash) + PHP_FE(password_get_info, arginfo_password_get_info) PHP_FE(password_needs_rehash, arginfo_password_needs_rehash) PHP_FE(password_verify, arginfo_password_verify) PHP_FE(password_make_salt, arginfo_password_make_salt) diff --git a/ext/standard/password.c b/ext/standard/password.c index 6da656c..9be6f8c 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -161,6 +161,38 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* } /* }}} */ +PHP_FUNCTION(password_get_info) +{ + long algo; + int hash_len; + char *hash; + zval *options; + +if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s, hash, hash_len) == FAILURE) { +RETURN_NULL(); +} + + ALLOC_INIT_ZVAL(options); + array_init(options); + + algo = php_password_determine_algo(hash, hash_len); + + switch (algo) { + case PHP_PASSWORD_BCRYPT: + { + long cost = PHP_PASSWORD_BCRYPT_COST; + sscanf(hash, $2y$%ld$, cost); + add_assoc_long(options, cost, cost); + } + break; + } + + array_init(return_value); + + add_assoc_long(return_value, algo, algo); + add_assoc_zval(return_value, options, options); +} + PHP_FUNCTION(password_needs_rehash) { long new_algo = 0, algo = 0; diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h index 45e6849..90e4d89 100644 --- a/ext/standard/php_password.h +++ b/ext/standard/php_password.h @@ -25,6 +25,7 @@ PHP_FUNCTION(password_hash); PHP_FUNCTION(password_verify); PHP_FUNCTION(password_make_salt); PHP_FUNCTION(password_needs_rehash); +PHP_FUNCTION(password_get_info); PHP_MINIT_FUNCTION(password); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Implement password_needs_rehash() function: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h
Commit:5160dc11cd9d0e97eb59138f4639e5af0584f370 Author:Anthony Ferrara ircmax...@gmail.com Thu, 5 Jul 2012 16:22:49 -0400 Parents: 886527de56ecdd412a80a2901b8a0e3b622f037c Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=5160dc11cd9d0e97eb59138f4639e5af0584f370 Log: Implement password_needs_rehash() function Changed paths: M ext/standard/basic_functions.c M ext/standard/password.c M ext/standard/php_password.h Diff: diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 9e35a5e..bf6f9b0 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1872,6 +1872,11 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_password_hash, 0, 0, 1) ZEND_ARG_INFO(0, algo) ZEND_ARG_INFO(0, options) ZEND_END_ARG_INFO() +ZEND_BEGIN_ARG_INFO_EX(arginfo_password_needs_rehash, 0, 0, 1) + ZEND_ARG_INFO(0, hash) + ZEND_ARG_INFO(0, algo) + ZEND_ARG_INFO(0, options) +ZEND_END_ARG_INFO() ZEND_BEGIN_ARG_INFO_EX(arginfo_password_verify, 0, 0, 2) ZEND_ARG_INFO(0, password) ZEND_ARG_INFO(0, hash) @@ -2896,6 +2901,7 @@ const zend_function_entry basic_functions[] = { /* {{{ */ PHP_FE(base64_encode, arginfo_base64_encode) PHP_FE(password_hash, arginfo_password_hash) + PHP_FE(password_needs_rehash, arginfo_password_needs_rehash) PHP_FE(password_verify, arginfo_password_verify) PHP_FE(password_make_salt, arginfo_password_make_salt) diff --git a/ext/standard/password.c b/ext/standard/password.c index eb4abd2..9bfb023 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -43,6 +43,18 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ } /* }}} */ +static long php_password_determine_algo(const char *hash, const int len) +{ + if (len 3) { + return 0; + } + if (hash[0] == '$' hash[1] == '2' hash[2] == 'y' len == 60) { + return PHP_PASSWORD_BCRYPT; + } + + return 0; +} + static int php_password_salt_is_alphabet(const char *str, const int len) /* {{{ */ { int i = 0; @@ -149,6 +161,44 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* } /* }}} */ +PHP_FUNCTION(password_needs_rehash) +{ + long new_algo = 0, algo = 0; + int hash_len; + char *hash; + HashTable *options = 0; + zval **option_buffer; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, sl|H, hash, hash_len, new_algo, options) == FAILURE) { +RETURN_NULL(); +} + algo = php_password_determine_algo(hash, hash_len); + + if (algo != new_algo) { + RETURN_TRUE; + } + + switch (algo) { + case PHP_PASSWORD_BCRYPT: + { + int newCost = PHP_PASSWORD_BCRYPT_COST, cost = 0; + + if (options zend_symtable_find(options, cost, 5, (void **) option_buffer) == SUCCESS) { + convert_to_long_ex(option_buffer); + newCost = Z_LVAL_PP(option_buffer); + zval_ptr_dtor(option_buffer); + } + + sscanf(hash, $2y$%d$, cost); + if (cost != newCost) { + RETURN_TRUE; + } + } + break; + } + RETURN_FALSE; +} + /* {{{ proto boolean password_make_salt(string password, string hash) Verify a hash created using crypt() or password_hash() */ PHP_FUNCTION(password_verify) diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h index 57c6b88..45e6849 100644 --- a/ext/standard/php_password.h +++ b/ext/standard/php_password.h @@ -24,6 +24,7 @@ PHP_FUNCTION(password_hash); PHP_FUNCTION(password_verify); PHP_FUNCTION(password_make_salt); +PHP_FUNCTION(password_needs_rehash); PHP_MINIT_FUNCTION(password); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix issue with int vs long parameter: ext/standard/password.c
Commit:db86d54446c461eab518225645889abc509db034 Author:Anthony Ferrara ircmax...@gmail.com Thu, 5 Jul 2012 17:31:40 -0400 Parents: 5160dc11cd9d0e97eb59138f4639e5af0584f370 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=db86d54446c461eab518225645889abc509db034 Log: Fix issue with int vs long parameter Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 9bfb023..6da656c 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -266,7 +266,8 @@ Hash a password */ PHP_FUNCTION(password_hash) { char *hash_format, *hash, *salt, *password, *result; - int algo = 0, salt_len = 0, required_salt_len = 0, hash_format_len, password_len; + long algo = 0; + int salt_len = 0, required_salt_len = 0, hash_format_len, password_len; HashTable *options = 0; zval **option_buffer; @@ -297,7 +298,7 @@ PHP_FUNCTION(password_hash) } break; default: - php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown password hashing algorithm: %d, algo); + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown password hashing algorithm: %ld, algo); RETURN_NULL(); } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Update signature info for changing algo to an ordinal: ext/standard/password.c
Commit:886527de56ecdd412a80a2901b8a0e3b622f037c Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 3 Jul 2012 08:26:50 -0400 Parents: 6943f2ab7f729d26281f9358dba27890d07dd24d Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=886527de56ecdd412a80a2901b8a0e3b622f037c Log: Update signature info for changing algo to an ordinal Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 6de8120..eb4abd2 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -211,7 +211,7 @@ PHP_FUNCTION(password_make_salt) } /* }}} */ -/* {{{ proto string password_hash(string password, string algo, array options = array()) +/* {{{ proto string password_hash(string password, int algo, array options = array()) Hash a password */ PHP_FUNCTION(password_hash) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Some more refactoring, make algo no longer optional: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h ext/standard/tests/password/password_hash
Commit:6943f2ab7f729d26281f9358dba27890d07dd24d Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 3 Jul 2012 08:24:31 -0400 Parents: 6cc3c65fbf06da075934c89e470fa776d4d968fa Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=6943f2ab7f729d26281f9358dba27890d07dd24d Log: Some more refactoring, make algo no longer optional Changed paths: M ext/standard/basic_functions.c M ext/standard/password.c M ext/standard/php_password.h M ext/standard/tests/password/password_hash.phpt M ext/standard/tests/password/password_hash_error.phpt Diff: diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 5dc86ab..9e35a5e 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -3846,7 +3846,6 @@ PHP_MINFO_FUNCTION(basic) /* {{{ */ php_info_print_table_start(); BASIC_MINFO_SUBMODULE(dl) BASIC_MINFO_SUBMODULE(mail) - BASIC_MINFO_SUBMODULE(password) php_info_print_table_end(); BASIC_MINFO_SUBMODULE(assert) } diff --git a/ext/standard/password.c b/ext/standard/password.c index 9c03152..6de8120 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -37,8 +37,8 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ { - REGISTER_STRING_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT, CONST_CS | CONST_PERSISTENT); - REGISTER_STRING_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); return SUCCESS; } /* }}} */ @@ -211,45 +211,44 @@ PHP_FUNCTION(password_make_salt) } /* }}} */ -/* {{{ proto string password_hash(string password, string algo = PASSWORD_DEFAULT, array options = array()) +/* {{{ proto string password_hash(string password, string algo, array options = array()) Hash a password */ PHP_FUNCTION(password_hash) { - char *algo = 0, *hash_format, *hash, *salt, *password, *result; - int algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len, password_len; + char *hash_format, *hash, *salt, *password, *result; + int algo = 0, salt_len = 0, required_salt_len = 0, hash_format_len, password_len; HashTable *options = 0; zval **option_buffer; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|sH, password, password_len, algo, algo_len, options) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, sl|H, password, password_len, algo, options) == FAILURE) { RETURN_NULL(); } - if (algo_len == 0) { - algo = PHP_PASSWORD_DEFAULT; - algo_len = strlen(PHP_PASSWORD_DEFAULT); - } - - if (strcmp(algo, PHP_PASSWORD_BCRYPT) == 0) { - int cost = PHP_PASSWORD_BCRYPT_COST; - - if (options zend_symtable_find(options, cost, 5, (void **) option_buffer) == SUCCESS) { - convert_to_long_ex(option_buffer); - cost = Z_LVAL_PP(option_buffer); - zval_ptr_dtor(option_buffer); + switch (algo) { + case PHP_PASSWORD_BCRYPT: + { + int cost = PHP_PASSWORD_BCRYPT_COST; + + if (options zend_symtable_find(options, cost, 5, (void **) option_buffer) == SUCCESS) { + convert_to_long_ex(option_buffer); + cost = Z_LVAL_PP(option_buffer); + zval_ptr_dtor(option_buffer); + } + + if (cost 4 || cost 31) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Invalid bcrypt cost parameter specified: %d, cost); + RETURN_NULL(); + } + + required_salt_len = 22; + hash_format = emalloc(8); + sprintf(hash_format, $2y$%02d$, cost); + hash_format_len = 7; } - - if (cost 4 || cost 31) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Invalid bcrypt cost parameter specified: %d, cost); + break; + default: + php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown password hashing algorithm: %d, algo); RETURN_NULL(); - } - - required_salt_len = 22; - hash_format = emalloc(8); - sprintf(hash_format, $2y$%02d$, cost); - hash_format_len = 7; - } else { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Unknown password hashing algorithm: %s, algo); - RETURN_NULL();
[PHP-CVS] com php-src: Remove php.ini setting for default bcrypt cost: ext/standard/password.c ext/standard/php_password.h ext/standard/tests/password/password_hash.phpt php.ini-development php.ini-pr
Commit:6cc3c65fbf06da075934c89e470fa776d4d968fa Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 3 Jul 2012 07:33:55 -0400 Parents: f53112fdcf746ef73660059e72f8798d0108acac Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=6cc3c65fbf06da075934c89e470fa776d4d968fa Log: Remove php.ini setting for default bcrypt cost Changed paths: M ext/standard/password.c M ext/standard/php_password.h M ext/standard/tests/password/password_hash.phpt M php.ini-development M php.ini-production Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 558cf24..9c03152 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -43,12 +43,6 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ } /* }}} */ -PHP_MINFO_FUNCTION(password) /* {{{ */ -{ - php_info_print_table_row(2, Default Password BCrypt Cost, INI_STR(password.bcrypt_cost)); -} -/* }}} */ - static int php_password_salt_is_alphabet(const char *str, const int len) /* {{{ */ { int i = 0; @@ -236,8 +230,7 @@ PHP_FUNCTION(password_hash) } if (strcmp(algo, PHP_PASSWORD_BCRYPT) == 0) { - int cost = 0; - cost = (int) INI_INT(password.bcrypt_cost); + int cost = PHP_PASSWORD_BCRYPT_COST; if (options zend_symtable_find(options, cost, 5, (void **) option_buffer) == SUCCESS) { convert_to_long_ex(option_buffer); diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h index 81fe41f..338665e 100644 --- a/ext/standard/php_password.h +++ b/ext/standard/php_password.h @@ -26,11 +26,12 @@ PHP_FUNCTION(password_verify); PHP_FUNCTION(password_make_salt); PHP_MINIT_FUNCTION(password); -PHP_MINFO_FUNCTION(password); #define PHP_PASSWORD_DEFAULT 2y #define PHP_PASSWORD_BCRYPT2y +#define PHP_PASSWORD_BCRYPT_COST 10 + #endif diff --git a/ext/standard/tests/password/password_hash.phpt b/ext/standard/tests/password/password_hash.phpt index 2fca8b7..3b6fc09 100644 --- a/ext/standard/tests/password/password_hash.phpt +++ b/ext/standard/tests/password/password_hash.phpt @@ -4,9 +4,6 @@ Test normal operation of password_hash() ?php //-=-=-=- -// Set the cost low so the test is fast -ini_set('password.bcrypt_cost', '4'); - var_dump(strlen(password_hash(foo))); $hash = password_hash(foo); @@ -17,17 +14,12 @@ var_dump(password_hash(rasmuslerdorf, PASSWORD_BCRYPT, array(cost = 7, sal var_dump(password_hash(test, PASSWORD_BCRYPT, array(salt = 123456789012345678901 . chr(0; -// test ini parameter to ensure that it updates -ini_set('password.bcrypt_cost', '5'); -var_dump(password_hash(test, PASSWORD_BCRYPT, array(salt = 123456789012345678901 . chr(0; - - echo OK!; ? --EXPECT-- int(60) bool(true) string(60) $2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi -string(60) $2y$04$MTIzNDU2Nzg5MDEyMzQ1NekACxf2CF7ipfk/b9FllU9Fs8RcUm5UG -string(60) $2y$05$MTIzNDU2Nzg5MDEyMzQ1NeVt1jFvl6ZQVujUMmcYvue.Mr5oZVQa2 +string(60) $2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y OK! + diff --git a/php.ini-development b/php.ini-development index 5f1205e..a5a7a4a 100644 --- a/php.ini-development +++ b/php.ini-development @@ -1359,15 +1359,6 @@ bcmath.scale = 0 ; http://php.net/browscap ;browscap = extra/browscap.ini -[password] -; The default cost of a bcrypt hash created using password_hash() -; Note that this is only the default, and can be overriden by the -; options argument to password_hash(). Additionally, it only affects -; newly created hashes. A higher value will make the generated -; hash more resistent to brute forcing, but will also use more CPU -; Default: 11 -; password.bcrypt_cost = 11 - [Session] ; Handler used to store/retrieve data. ; http://php.net/session.save-handler diff --git a/php.ini-production b/php.ini-production index 927f305..5d8f26e 100644 --- a/php.ini-production +++ b/php.ini-production @@ -1359,15 +1359,6 @@ bcmath.scale = 0 ; http://php.net/browscap ;browscap = extra/browscap.ini -[password] -; The default cost of a bcrypt hash created using password_hash() -; Note that this is only the default, and can be overriden by the -; options argument to password_hash(). Additionally, it only affects -; newly created hashes. A higher value will make the generated -; hash more resistent to brute forcing, but will also use more CPU -; Default: 11 -; password.bcrypt_cost = 11 - [Session] ; Handler used to store/retrieve data. ; http://php.net/session.save-handler -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Update password.c to use safe_emalloc in sensitive places: ext/standard/password.c
Commit:f53112fdcf746ef73660059e72f8798d0108acac Author:Anthony Ferrara ircmax...@gmail.com Fri, 29 Jun 2012 11:37:39 -0400 Parents: 9c1445c6bcee99dbe1eeb9eb8eb6cd626ca72a9c Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=f53112fdcf746ef73660059e72f8798d0108acac Log: Update password.c to use safe_emalloc in sensitive places Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 982ae7d..558cf24 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -99,7 +99,7 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* } raw_length = length * 3 / 4 + 1; } - buffer = (char *) emalloc(raw_length + 1); + buffer = (char *) safe_emalloc(raw_length, 1, 1); #if PHP_WIN32 { @@ -138,7 +138,7 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* memcpy(ret, buffer, length); } else { char *result; - result = emalloc(length + 1); + result = safe_emalloc(length, 1, 1); if (php_password_salt_to64(buffer, raw_length, length, result) == FAILURE) { php_error_docref(NULL TSRMLS_CC, E_WARNING, Generated salt too short); efree(buffer); @@ -208,7 +208,7 @@ PHP_FUNCTION(password_make_salt) RETURN_NULL(); } - salt = emalloc(length + 1); + salt = safe_emalloc(length, 1, 1); if (php_password_make_salt(length, (int) raw_output, salt TSRMLS_CC) == FAILURE) { efree(salt); RETURN_FALSE; @@ -316,7 +316,7 @@ PHP_FUNCTION(password_hash) salt[salt_len] = 0; - hash = emalloc(salt_len + hash_format_len + 1); + hash = safe_emalloc(salt_len + hash_format_len, 1, 1); sprintf(hash, %s%s, hash_format, salt); hash[hash_format_len + salt_len] = 0; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: More refactoring of crypt into php_crypt, and fixing memory allocation: ext/standard/crypt.c ext/standard/password.c ext/standard/php_crypt.h
Commit:9c1445c6bcee99dbe1eeb9eb8eb6cd626ca72a9c Author:Anthony Ferrara ircmax...@gmail.com Fri, 29 Jun 2012 11:32:25 -0400 Parents: 9e18e578f0e7f30c2d73ae38620b5fd228ac21eb Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=9c1445c6bcee99dbe1eeb9eb8eb6cd626ca72a9c Log: More refactoring of crypt into php_crypt, and fixing memory allocation Changed paths: M ext/standard/crypt.c M ext/standard/password.c M ext/standard/php_crypt.h Diff: diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index 25f5ec0..3b443fc 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -145,7 +145,7 @@ static void php_to64(char *s, long v, int n) /* {{{ */ } /* }}} */ -PHPAPI int crypt_execute(const char *password, const int pass_len, const char *salt, int salt_len, char **result) +PHPAPI int php_crypt(const char *password, const int pass_len, const char *salt, int salt_len, char **result) { char *crypt_res; /* Windows (win32/crypt) has a stripped down version of libxcrypt and @@ -159,46 +159,38 @@ PHPAPI int crypt_execute(const char *password, const int pass_len, const char *s out = php_md5_crypt_r(password, salt, output); if (out) { - *result = (char *) emalloc(MD5_HASH_MAX_LEN + 1); - memcpy(*result, out, MD5_HASH_MAX_LEN); - *result[MD5_HASH_MAX_LEN] = 0; + *result = estrdup(out); return SUCCESS; } return FAILURE; } else if (salt[0]=='$' salt[1]=='6' salt[2]=='$') { - const char sha512_salt_prefix[] = $6$; - const char sha512_rounds_prefix[] = rounds=; char *output; - int needed = (sizeof(sha512_salt_prefix) - 1 - + sizeof(sha512_rounds_prefix) + 9 + 1 - + salt_in_len + 1 + 86 + 1); - output = emalloc(needed); + output = emalloc(PHP_MAX_SALT_LEN); - crypt_res = php_sha512_crypt_r(password, salt, output, needed); + crypt_res = php_sha512_crypt_r(password, salt, output, PHP_MAX_SALT_LEN); if (!crypt_res) { - memset(output, 0, needed); + memset(output, 0, PHP_MAX_SALT_LEN); efree(output); return FAILURE; } else { - *result = output; + *result = estrdup(output); + memset(output, 0, PHP_MAX_SALT_LEN); + efree(output); return SUCCESS; } } else if (salt[0]=='$' salt[1]=='5' salt[2]=='$') { - const char sha256_salt_prefix[] = $5$; - const char sha256_rounds_prefix[] = rounds=; char *output; - int needed = (sizeof(sha256_salt_prefix) - 1 - + sizeof(sha256_rounds_prefix) + 9 + 1 - + salt_in_len + 1 + 43 + 1); - output = emalloc(needed); + output = emalloc(PHP_MAX_SALT_LEN); - crypt_res = php_sha256_crypt_r(password, salt, output, needed); + crypt_res = php_sha256_crypt_r(password, salt, output, PHP_MAX_SALT_LEN); if (!crypt_res) { - memset(output, 0, needed); + memset(output, 0, PHP_MAX_SALT_LEN); efree(output); return FAILURE; } else { - *result = output; + *result = estrdup(output); + memset(output, 0, PHP_MAX_SALT_LEN); + efree(output); return SUCCESS; } } else if ( @@ -218,11 +210,7 @@ PHPAPI int crypt_execute(const char *password, const int pass_len, const char *s memset(output, 0, PHP_MAX_SALT_LEN + 1); return FAILURE; } else { - int result_len; - result_len = strlen(output); - *result = emalloc(result_len + 1); - memcpy(*result, output, result_len); - (*result)[result_len] = 0; +
[PHP-CVS] com php-src: Refactor password.c a bit, add different error checking: ext/standard/password.c ext/standard/tests/password/password_bcrypt_errors.phpt ext/standard/tests/password/password_has
Commit:da3d8bf514e61a486065b0bf335b4657f20e6b66 Author:Anthony Ferrara ircmax...@gmail.com Thu, 28 Jun 2012 15:29:40 -0400 Parents: 6bb3865a235d437d91df1940b0caad6995b69d4c Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=da3d8bf514e61a486065b0bf335b4657f20e6b66 Log: Refactor password.c a bit, add different error checking Changed paths: M ext/standard/password.c M ext/standard/tests/password/password_bcrypt_errors.phpt M ext/standard/tests/password/password_hash_error.phpt M ext/standard/tests/password/password_make_salt_error.phpt diff --git a/ext/standard/password.c b/ext/standard/password.c index e0e260a..dfe624d 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -21,10 +21,12 @@ #include stdlib.h #include php.h +#if HAVE_CRYPT #include fcntl.h #include php_password.h #include php_rand.h +#include php_crypt.h #include base64.h #include zend_interfaces.h #include info.h @@ -157,28 +159,19 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* Verify a hash created using crypt() or password_hash() */ PHP_FUNCTION(password_verify) { - zval *password, *hash, *ret; int status = 0, i; - zend_function *func_ptr; - - if (!PHP_PASSWORD_FUNCTION_EXISTS(crypt, 5)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Crypt must be loaded for password_verify to function); - RETURN_FALSE; - } - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz, password, hash) == FAILURE) { + int password_len, hash_len; + char *ret, *password, *hash; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, ss, password, password_len, hash, hash_len) == FAILURE) { RETURN_FALSE; } - - zend_call_method_with_2_params(NULL, NULL, NULL, crypt, ret, password, hash); - - if (Z_TYPE_P(ret) != IS_STRING) { - zval_ptr_dtor(ret); + if (crypt_execute(password, password_len, hash, hash_len, ret) == FAILURE) { RETURN_FALSE; } - if (Z_STRLEN_P(ret) != Z_STRLEN_P(hash)) { - zval_ptr_dtor(ret); + if (strlen(ret) != hash_len) { + efree(ret); RETURN_FALSE; } @@ -186,11 +179,11 @@ PHP_FUNCTION(password_verify) * resistence towards timing attacks. This is a constant time * equality check that will always check every byte of both * values. */ - for (i = 0; i Z_STRLEN_P(ret); i++) { - status |= (Z_STRVAL_P(ret)[i] ^ Z_STRVAL_P(hash)[i]); + for (i = 0; i hash_len; i++) { + status |= (ret[i] ^ hash[i]); } - zval_ptr_dtor(ret); + efree(ret); RETURN_BOOL(status == 0); @@ -205,14 +198,14 @@ PHP_FUNCTION(password_make_salt) long length = 0; zend_bool raw_output = 0; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|b, length, raw_output) == FAILURE) { - RETURN_FALSE; + RETURN_NULL(); } if (length = 0) { php_error_docref(NULL TSRMLS_CC, E_WARNING, Length cannot be less than or equal zero: %ld, length); - RETURN_FALSE; + RETURN_NULL(); } else if (length (LONG_MAX / 3)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too large to safely generate); - RETURN_FALSE; + RETURN_NULL(); } salt = emalloc(length + 1); @@ -228,24 +221,13 @@ PHP_FUNCTION(password_make_salt) Hash a password */ PHP_FUNCTION(password_hash) { - char *algo = 0, *hash_format, *hash, *salt; - int algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len; + char *algo = 0, *hash_format, *hash, *salt, *password, *result; + int algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len, password_len; HashTable *options = 0; - zval **option_buffer, *ret, *password, *hash_zval; - zend_function *func_ptr; - - if (!PHP_PASSWORD_FUNCTION_EXISTS(crypt, 5)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Crypt must be loaded for password_hash to function); - RETURN_FALSE; - } - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|sH, password, algo, algo_len, options) == FAILURE) { - RETURN_FALSE; - } + zval **option_buffer; - if (Z_TYPE_P(password) != IS_STRING) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Password must be a string); - RETURN_FALSE; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|sH, password, password_len, algo, algo_len, options) == FAILURE) { + RETURN_NULL(); } if (algo_len == 0) { @@ -265,7 +247,7 @@ PHP_FUNCTION(password_hash) if (cost 4 || cost 31) {
[PHP-CVS] com php-src: Refactor crypt to use an external working function: ext/standard/crypt.c ext/standard/php_crypt.h
Commit:6bb3865a235d437d91df1940b0caad6995b69d4c Author:Anthony Ferrara ircmax...@gmail.com Thu, 28 Jun 2012 14:44:04 -0400 Parents: 0dd2f16b148f4054d65645b9cf971fe08824d78d Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=6bb3865a235d437d91df1940b0caad6995b69d4c Log: Refactor crypt to use an external working function Changed paths: M ext/standard/crypt.c M ext/standard/php_crypt.h Diff: diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index 9a1fcf1..a592a4b 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -145,44 +145,9 @@ static void php_to64(char *s, long v, int n) /* {{{ */ } /* }}} */ -/* {{{ proto string crypt(string str [, string salt]) - Hash a string */ -PHP_FUNCTION(crypt) +PHPAPI int crypt_execute(const char *password, const int pass_len, const char *salt, int salt_len, char **result) { - char salt[PHP_MAX_SALT_LEN + 1]; - char *str, *salt_in = NULL; - int str_len, salt_in_len = 0; char *crypt_res; - salt[0] = salt[PHP_MAX_SALT_LEN] = '\0'; - - /* This will produce suitable results if people depend on DES-encryption -* available (passing always 2-character salt). At least for glibc6.1 */ - memset(salt[1], '$', PHP_MAX_SALT_LEN - 1); - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|s, str, str_len, salt_in, salt_in_len) == FAILURE) { - return; - } - - if (salt_in) { - memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len)); - } - - /* The automatic salt generation covers standard DES, md5-crypt and Blowfish (simple) */ - if (!*salt) { -#if PHP_MD5_CRYPT - strncpy(salt, $1$, PHP_MAX_SALT_LEN); - php_to64(salt[3], PHP_CRYPT_RAND, 4); - php_to64(salt[7], PHP_CRYPT_RAND, 4); - strncpy(salt[11], $, PHP_MAX_SALT_LEN - 11); -#elif PHP_STD_DES_CRYPT - php_to64(salt[0], PHP_CRYPT_RAND, 2); - salt[2] = '\0'; -#endif - salt_in_len = strlen(salt); - } else { - salt_in_len = MIN(PHP_MAX_SALT_LEN, salt_in_len); - } - /* Windows (win32/crypt) has a stripped down version of libxcrypt and a CryptoApi md5_crypt implementation */ #if PHP_USE_PHP_CRYPT_R @@ -190,55 +155,52 @@ PHP_FUNCTION(crypt) struct php_crypt_extended_data buffer; if (salt[0]=='$' salt[1]=='1' salt[2]=='$') { - char output[MD5_HASH_MAX_LEN]; - - RETURN_STRING(php_md5_crypt_r(str, salt, output), 1); + char output[MD5_HASH_MAX_LEN], *out; + + out = php_md5_crypt_r(password, salt, output); + if (out) { + *result = (char *) emalloc(MD5_HASH_MAX_LEN + 1); + memcpy(*result, out, MD5_HASH_MAX_LEN); + *result[MD5_HASH_MAX_LEN] = 0; + return SUCCESS; + } + return FAILURE; } else if (salt[0]=='$' salt[1]=='6' salt[2]=='$') { const char sha512_salt_prefix[] = $6$; const char sha512_rounds_prefix[] = rounds=; char *output; int needed = (sizeof(sha512_salt_prefix) - 1 + sizeof(sha512_rounds_prefix) + 9 + 1 - + strlen(salt) + 1 + 43 + 1); + + PHP_MAX_SALT_LEN + 43 + 1); output = emalloc(needed); - salt[salt_in_len] = '\0'; - crypt_res = php_sha512_crypt_r(str, salt, output, needed); + crypt_res = php_sha512_crypt_r(password, salt, output, needed); if (!crypt_res) { - if (salt[0]=='*' salt[1]=='0') { - RETVAL_STRING(*1, 1); - } else { - RETVAL_STRING(*0, 1); - } + memset(output, 0, needed); + efree(output); + return FAILURE; } else { - RETVAL_STRING(output, 1); + *result = output; + return SUCCESS; } - - memset(output, 0, PHP_MAX_SALT_LEN + 1); - efree(output); } else if (salt[0]=='$' salt[1]=='5' salt[2]=='$') { const char sha256_salt_prefix[] = $5$; const char sha256_rounds_prefix[] = rounds=; char *output;
[PHP-CVS] com php-src: Fix formatting issues in password.c: ext/standard/password.c
Commit:0dd2f16b148f4054d65645b9cf971fe08824d78d Author:Anthony Ferrara ircmax...@gmail.com Wed, 27 Jun 2012 11:04:41 -0400 Parents: 5f44be03af7733c2618d980e77426572fb0148df Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=0dd2f16b148f4054d65645b9cf971fe08824d78d Log: Fix formatting issues in password.c Changed paths: M ext/standard/password.c diff --git a/ext/standard/password.c b/ext/standard/password.c index ab115af..e0e260a 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -33,8 +33,6 @@ #include win32/winutil.h #endif - - PHP_MINIT_FUNCTION(password) /* {{{ */ { REGISTER_STRING_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT, CONST_CS | CONST_PERSISTENT); @@ -49,40 +47,42 @@ PHP_MINFO_FUNCTION(password) /* {{{ */ } /* }}} */ -static int php_password_salt_is_alphabet(const char *str, const int len) +static int php_password_salt_is_alphabet(const char *str, const int len) /* {{{ */ { -int i = 0; - -for (i = 0; i len; i++) { -if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a' str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i] == '/')) { -return 0; -} -} -return 1; + int i = 0; + + for (i = 0; i len; i++) { + if (!((str[i] = 'A' str[i] = 'Z') || (str[i] = 'a' str[i] = 'z') || (str[i] = '0' str[i] = '9') || str[i] == '.' || str[i] == '/')) { + return 0; + } + } + return 1; } +/* }}} */ -static int php_password_salt_to64(const char *str, const int str_len, const int out_len, char *ret) +static int php_password_salt_to64(const char *str, const int str_len, const int out_len, char *ret) /* {{{ */ { -int pos = 0; + int pos = 0; unsigned char *buffer; -buffer = php_base64_encode((unsigned char*) str, str_len, NULL); -for (pos = 0; pos out_len; pos++) { -if (buffer[pos] == '+') { -ret[pos] = '.'; + buffer = php_base64_encode((unsigned char*) str, str_len, NULL); + for (pos = 0; pos out_len; pos++) { + if (buffer[pos] == '+') { + ret[pos] = '.'; } else if (buffer[pos] == '=') { efree(buffer); return FAILURE; -} else { + } else { ret[pos] = buffer[pos]; } -} + } efree(buffer); return SUCCESS; } +/* }}} */ #define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len) (zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **) func_ptr) == SUCCESS func_ptr-type == ZEND_INTERNAL_FUNCTION func_ptr-internal_function.handler != zif_display_disabled_function) -static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) +static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* {{{ */ { int buffer_valid = 0; long i, raw_length; @@ -131,7 +131,6 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) buffer[i] ^= (char) (255.0 * php_rand(TSRMLS_C) / RAND_MAX); } } - /* /Temp Placeholder */ if (raw) { memcpy(ret, buffer, length); @@ -151,8 +150,11 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) efree(buffer); ret[length] = 0; return SUCCESS; -} +} +/* }}} */ +/* {{{ proto boolean password_make_salt(string password, string hash) +Verify a hash created using crypt() or password_hash() */ PHP_FUNCTION(password_verify) { zval *password, *hash, *ret; @@ -165,8 +167,8 @@ PHP_FUNCTION(password_verify) } if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz, password, hash) == FAILURE) { -RETURN_FALSE; -} + RETURN_FALSE; + } zend_call_method_with_2_params(NULL, NULL, NULL, crypt, ret, password, hash); @@ -193,15 +195,18 @@ PHP_FUNCTION(password_verify) RETURN_BOOL(status == 0); } +/* }}} */ +/* {{{ proto string password_make_salt(int length, boolean raw_output = false) +Make a new random salt */ PHP_FUNCTION(password_make_salt) { char *salt; long length = 0; zend_bool raw_output = 0; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|b, length, raw_output) == FAILURE) { -RETURN_FALSE; -} + RETURN_FALSE; + } if (length = 0) { php_error_docref(NULL TSRMLS_CC, E_WARNING, Length cannot be less than or equal zero: %ld, length); RETURN_FALSE; @@ -217,16 +222,16 @@ PHP_FUNCTION(password_make_salt) } RETURN_STRINGL(salt, length, 0); } - +/* }}} */ /* {{{ proto string
[PHP-CVS] com php-src: Update tests to check ini setting: ext/standard/tests/password/password_hash.phpt
Commit:2b9591f11f2573f8d9032477b7ad49c6cf92988c Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 26 Jun 2012 22:13:51 -0400 Parents: e505316aeba0fbb52cd21ff84af784a9d3e2b49a Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=2b9591f11f2573f8d9032477b7ad49c6cf92988c Log: Update tests to check ini setting Changed paths: M ext/standard/tests/password/password_hash.phpt Diff: diff --git a/ext/standard/tests/password/password_hash.phpt b/ext/standard/tests/password/password_hash.phpt index ecefa10..2fca8b7 100644 --- a/ext/standard/tests/password/password_hash.phpt +++ b/ext/standard/tests/password/password_hash.phpt @@ -17,6 +17,11 @@ var_dump(password_hash(rasmuslerdorf, PASSWORD_BCRYPT, array(cost = 7, sal var_dump(password_hash(test, PASSWORD_BCRYPT, array(salt = 123456789012345678901 . chr(0; +// test ini parameter to ensure that it updates +ini_set('password.bcrypt_cost', '5'); +var_dump(password_hash(test, PASSWORD_BCRYPT, array(salt = 123456789012345678901 . chr(0; + + echo OK!; ? --EXPECT-- @@ -24,4 +29,5 @@ int(60) bool(true) string(60) $2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi string(60) $2y$04$MTIzNDU2Nzg5MDEyMzQ1NekACxf2CF7ipfk/b9FllU9Fs8RcUm5UG +string(60) $2y$05$MTIzNDU2Nzg5MDEyMzQ1NeVt1jFvl6ZQVujUMmcYvue.Mr5oZVQa2 OK! -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Add tests and error checking for large salt requested values to prevent overflow on allocation: ext/standard/password.c ext/standard/tests/password/password_make_salt_error.phpt
Commit:5f44be03af7733c2618d980e77426572fb0148df Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 26 Jun 2012 23:09:08 -0400 Parents: 2b9591f11f2573f8d9032477b7ad49c6cf92988c Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=5f44be03af7733c2618d980e77426572fb0148df Log: Add tests and error checking for large salt requested values to prevent overflow on allocation Changed paths: M ext/standard/password.c M ext/standard/tests/password/password_make_salt_error.phpt Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 94aa4dc..ab115af 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -82,14 +82,19 @@ static int php_password_salt_to64(const char *str, const int str_len, const int #define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len) (zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **) func_ptr) == SUCCESS func_ptr-type == ZEND_INTERNAL_FUNCTION func_ptr-internal_function.handler != zif_display_disabled_function) -static int php_password_make_salt(int length, int raw, char *ret TSRMLS_DC) +static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) { - int i, raw_length, buffer_valid = 0; + int buffer_valid = 0; + long i, raw_length; char *buffer; if (raw) { raw_length = length; } else { + if (length (LONG_MAX / 3)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too large to safely generate); + return FAILURE; + } raw_length = length * 3 / 4 + 1; } buffer = (char *) emalloc(raw_length + 1); @@ -192,15 +197,19 @@ PHP_FUNCTION(password_verify) PHP_FUNCTION(password_make_salt) { char *salt; - int length = 0; + long length = 0; zend_bool raw_output = 0; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, l|b, length, raw_output) == FAILURE) { RETURN_FALSE; } if (length = 0) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Length cannot be less than or equal zero: %d, length); + php_error_docref(NULL TSRMLS_CC, E_WARNING, Length cannot be less than or equal zero: %ld, length); + RETURN_FALSE; + } else if (length (LONG_MAX / 3)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Length is too large to safely generate); RETURN_FALSE; } + salt = emalloc(length + 1); if (php_password_make_salt(length, (int) raw_output, salt TSRMLS_CC) == FAILURE) { efree(salt); @@ -298,7 +307,7 @@ PHP_FUNCTION(password_hash) zval_ptr_dtor(option_buffer); } else { salt = emalloc(required_salt_len + 1); - if (php_password_make_salt(required_salt_len, 0, salt TSRMLS_CC) == FAILURE) { + if (php_password_make_salt((long) required_salt_len, 0, salt TSRMLS_CC) == FAILURE) { efree(hash_format); efree(salt); RETURN_FALSE; diff --git a/ext/standard/tests/password/password_make_salt_error.phpt b/ext/standard/tests/password/password_make_salt_error.phpt index 7d79713..8078582 100644 --- a/ext/standard/tests/password/password_make_salt_error.phpt +++ b/ext/standard/tests/password/password_make_salt_error.phpt @@ -10,6 +10,10 @@ var_dump(password_make_salt(foo)); var_dump(password_make_salt(-1)); +var_dump(password_make_salt(PHP_INT_MAX)); + +var_dump(password_make_salt(floor(PHP_INT_MAX / 2.9))); + ? --EXPECTF-- Warning: password_make_salt() expects at least 1 parameter, 0 given in %s on line %d @@ -21,3 +25,9 @@ bool(false) Warning: password_make_salt(): Length cannot be less than or equal zero: -1 in %s on line %d bool(false) +Warning: password_make_salt(): Length is too large to safely generate in %s on line %d +bool(false) + +Warning: password_make_salt(): Length is too large to safely generate in %s on line %d +bool(false) + -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Implement php.ini setting password.bcrypt_cost: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h main/main.c php.ini-development php.ini-produc
Commit:232da90388de2a3ba4ad430d281469498e88aca2 Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 26 Jun 2012 21:15:56 -0400 Parents: 2d4b7cb653efc3f52ca907f48b1c828632df5e41 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=232da90388de2a3ba4ad430d281469498e88aca2 Log: Implement php.ini setting password.bcrypt_cost Changed paths: M ext/standard/basic_functions.c M ext/standard/password.c M ext/standard/php_password.h M main/main.c M php.ini-development M php.ini-production Diff: diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 9e35a5e..5dc86ab 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -3846,6 +3846,7 @@ PHP_MINFO_FUNCTION(basic) /* {{{ */ php_info_print_table_start(); BASIC_MINFO_SUBMODULE(dl) BASIC_MINFO_SUBMODULE(mail) + BASIC_MINFO_SUBMODULE(password) php_info_print_table_end(); BASIC_MINFO_SUBMODULE(assert) } diff --git a/ext/standard/password.c b/ext/standard/password.c index f049fbc..94aa4dc 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -43,6 +43,11 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ } /* }}} */ +PHP_MINFO_FUNCTION(password) /* {{{ */ +{ + php_info_print_table_row(2, Default Password BCrypt Cost, INI_STR(password.bcrypt_cost)); +} +/* }}} */ static int php_password_salt_is_alphabet(const char *str, const int len) { @@ -169,7 +174,11 @@ PHP_FUNCTION(password_verify) zval_ptr_dtor(ret); RETURN_FALSE; } - + + /* We're using this method instead of == in order to provide +* resistence towards timing attacks. This is a constant time +* equality check that will always check every byte of both +* values. */ for (i = 0; i Z_STRLEN_P(ret); i++) { status |= (Z_STRVAL_P(ret)[i] ^ Z_STRVAL_P(hash)[i]); } @@ -231,16 +240,20 @@ PHP_FUNCTION(password_hash) } if (strcmp(algo, PHP_PASSWORD_BCRYPT) == 0) { - int cost = PHP_PASSWORD_BCRYPT_DEFAULT_COST; + int cost = 0; + cost = (int) INI_INT(password.bcrypt_cost); + if (options zend_symtable_find(options, cost, 5, (void **) option_buffer) == SUCCESS) { convert_to_long_ex(option_buffer); cost = Z_LVAL_PP(option_buffer); zval_ptr_dtor(option_buffer); - if (cost 4 || cost 31) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, Invalid bcrypt cost parameter specified: %d, cost); - RETURN_FALSE; - } } + + if (cost 4 || cost 31) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Invalid bcrypt cost parameter specified: %d, cost); + RETURN_FALSE; + } + required_salt_len = 22; hash_format = emalloc(8); sprintf(hash_format, $2y$%02d$, cost); diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h index 830d31c..81fe41f 100644 --- a/ext/standard/php_password.h +++ b/ext/standard/php_password.h @@ -26,13 +26,11 @@ PHP_FUNCTION(password_verify); PHP_FUNCTION(password_make_salt); PHP_MINIT_FUNCTION(password); +PHP_MINFO_FUNCTION(password); #define PHP_PASSWORD_DEFAULT 2y #define PHP_PASSWORD_BCRYPT2y -#define PHP_PASSWORD_BCRYPT_DEFAULT_COST 12; - - #endif diff --git a/main/main.c b/main/main.c index cc04b13..e52c32c 100644 --- a/main/main.c +++ b/main/main.c @@ -540,6 +540,8 @@ PHP_INI_BEGIN() STD_PHP_INI_ENTRY(error_append_string,NULL, PHP_INI_ALL,OnUpdateString, error_append_string, php_core_globals, core_globals) STD_PHP_INI_ENTRY(error_prepend_string, NULL, PHP_INI_ALL,OnUpdateString, error_prepend_string, php_core_globals, core_globals) + PHP_INI_ENTRY(password.bcrypt_cost, 11, PHP_INI_ALL,NULL) + PHP_INI_ENTRY(SMTP, localhost,PHP_INI_ALL,NULL) PHP_INI_ENTRY(smtp_port, 25, PHP_INI_ALL,NULL) STD_PHP_INI_BOOLEAN(mail.add_x_header,0, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, mail_x_header, php_core_globals, core_globals) diff --git a/php.ini-development b/php.ini-development index a5a7a4a..5f1205e 100644 --- a/php.ini-development +++ b/php.ini-development @@ -1359,6 +1359,15 @@ bcmath.scale = 0 ; http://php.net/browscap ;browscap = extra/browscap.ini +[password] +; The default cost of
[PHP-CVS] com php-src: Add tests for password hashing: ext/standard/tests/password/password_bcrypt_errors.phpt ext/standard/tests/password/password_hash.phpt ext/standard/tests/password/password_hash_
Commit:e505316aeba0fbb52cd21ff84af784a9d3e2b49a Author:Anthony Ferrara ircmax...@ircmaxell.com Tue, 26 Jun 2012 22:05:25 -0400 Parents: 232da90388de2a3ba4ad430d281469498e88aca2 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e505316aeba0fbb52cd21ff84af784a9d3e2b49a Log: Add tests for password hashing Changed paths: A ext/standard/tests/password/password_bcrypt_errors.phpt A ext/standard/tests/password/password_hash.phpt A ext/standard/tests/password/password_hash_error.phpt A ext/standard/tests/password/password_make_salt.phpt A ext/standard/tests/password/password_make_salt_error.phpt A ext/standard/tests/password/password_verify.phpt A ext/standard/tests/password/password_verify_error.phpt Diff: diff --git a/ext/standard/tests/password/password_bcrypt_errors.phpt b/ext/standard/tests/password/password_bcrypt_errors.phpt new file mode 100644 index 000..4223817 --- /dev/null +++ b/ext/standard/tests/password/password_bcrypt_errors.phpt @@ -0,0 +1,28 @@ +--TEST-- +Test error operation of password_hash() with bcrypt hashing +--FILE-- +?php +//-=-=-=- + +var_dump(password_hash(foo, PASSWORD_BCRYPT, array(cost = 3))); + +var_dump(password_hash(foo, PASSWORD_BCRYPT, array(cost = 32))); + +var_dump(password_hash(foo, PASSWORD_BCRYPT, array(salt = foo))); + +var_dump(password_hash(foo, PASSWORD_BCRYPT, array(salt = 123456789012345678901))); + +? +--EXPECTF-- +Warning: password_hash(): Invalid bcrypt cost parameter specified: 3 in %s on line %d +bool(false) + +Warning: password_hash(): Invalid bcrypt cost parameter specified: 32 in %s on line %d +bool(false) + +Warning: password_hash(): Provided salt is too short: 3 expecting 22 in %s on line %d +bool(false) + +Warning: password_hash(): Provided salt is too short: 21 expecting 22 in %s on line %d +bool(false) + diff --git a/ext/standard/tests/password/password_hash.phpt b/ext/standard/tests/password/password_hash.phpt new file mode 100644 index 000..ecefa10 --- /dev/null +++ b/ext/standard/tests/password/password_hash.phpt @@ -0,0 +1,27 @@ +--TEST-- +Test normal operation of password_hash() +--FILE-- +?php +//-=-=-=- + +// Set the cost low so the test is fast +ini_set('password.bcrypt_cost', '4'); + +var_dump(strlen(password_hash(foo))); + +$hash = password_hash(foo); + +var_dump($hash == crypt(foo, $hash)); + +var_dump(password_hash(rasmuslerdorf, PASSWORD_BCRYPT, array(cost = 7, salt = usesomesillystringforsalt))); + +var_dump(password_hash(test, PASSWORD_BCRYPT, array(salt = 123456789012345678901 . chr(0; + +echo OK!; +? +--EXPECT-- +int(60) +bool(true) +string(60) $2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi +string(60) $2y$04$MTIzNDU2Nzg5MDEyMzQ1NekACxf2CF7ipfk/b9FllU9Fs8RcUm5UG +OK! diff --git a/ext/standard/tests/password/password_hash_error.phpt b/ext/standard/tests/password/password_hash_error.phpt new file mode 100644 index 000..dfbb094 --- /dev/null +++ b/ext/standard/tests/password/password_hash_error.phpt @@ -0,0 +1,38 @@ +--TEST-- +Test error operation of password_hash() +--FILE-- +?php +//-=-=-=- + +var_dump(password_hash()); + +var_dump(password_hash(foo, array())); + +var_dump(password_hash(foo, bar, new StdClass)); + +var_dump(password_hash(foo, bar, baz)); + +var_dump(password_hash(123)); + +var_dump(password_hash(123, PASSWORD_BCRYPT, array(salt = 13))); + +? +--EXPECTF-- +Warning: password_hash() expects at least 1 parameter, 0 given in %s on line %d +bool(false) + +Warning: password_hash() expects parameter 2 to be string, array given in %s on line %d +bool(false) + +Warning: password_hash(): Unknown password hashing algorithm: bar in %s on line %d +bool(false) + +Warning: password_hash() expects parameter 3 to be array, string given in %s on line %d +bool(false) + +Warning: password_hash(): Password must be a string in %s on line %d +bool(false) + +Warning: password_hash(): Non-string salt parameter supplied in %s on line %d +bool(false) + diff --git a/ext/standard/tests/password/password_make_salt.phpt b/ext/standard/tests/password/password_make_salt.phpt new file mode 100644 index 000..63b56f8 --- /dev/null +++ b/ext/standard/tests/password/password_make_salt.phpt @@ -0,0 +1,40 @@ +--TEST-- +Test normal operation of password_make_salt() +--FILE-- +?php +//-=-=-=- +echo strlen(password_make_salt(1)) . \n; +echo strlen(password_make_salt(2)) . \n; +echo strlen(password_make_salt(3)) . \n; +echo strlen(password_make_salt(4)) . \n; +echo strlen(password_make_salt(5)) . \n; +echo \n; + +echo strlen(password_make_salt(1, true)) . \n; +echo strlen(password_make_salt(2, true)) . \n; +echo strlen(password_make_salt(3, true)) . \n; +echo strlen(password_make_salt(4, true)) . \n; +echo strlen(password_make_salt(5, true)) . \n; +echo \n; + +$a = password_make_salt(32); +$b = password_make_salt(32); + +var_dump($a != $b); +echo OK!; +? +--EXPECT-- +1 +2 +3 +4 +5 + +1 +2 +3 +4 +5 + +bool(true) +OK! diff --git
[PHP-CVS] com php-src: Refactor salt generation, rename password_create to password_hash: ext/standard/basic_functions.c ext/standard/password.c ext/standard/php_password.h
Commit:2d4b7cb653efc3f52ca907f48b1c828632df5e41 Author:Anthony Ferrara ircmax...@ircmaxell.com Mon, 25 Jun 2012 21:22:16 -0400 Parents: 41d7374ea4598000fd626c0d8cd4736aec6357bf Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=2d4b7cb653efc3f52ca907f48b1c828632df5e41 Log: Refactor salt generation, rename password_create to password_hash Changed paths: M ext/standard/basic_functions.c M ext/standard/password.c M ext/standard/php_password.h Diff: diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 64025db..9e35a5e 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1867,7 +1867,7 @@ ZEND_BEGIN_ARG_INFO(arginfo_getlastmod, 0) ZEND_END_ARG_INFO() /* }}} */ /* {{{ password.c */ -ZEND_BEGIN_ARG_INFO_EX(arginfo_password_create, 0, 0, 1) +ZEND_BEGIN_ARG_INFO_EX(arginfo_password_hash, 0, 0, 1) ZEND_ARG_INFO(0, password) ZEND_ARG_INFO(0, algo) ZEND_ARG_INFO(0, options) @@ -2895,7 +2895,7 @@ const zend_function_entry basic_functions[] = { /* {{{ */ PHP_FE(base64_decode, arginfo_base64_decode) PHP_FE(base64_encode, arginfo_base64_encode) - PHP_FE(password_create, arginfo_password_create) + PHP_FE(password_hash, arginfo_password_hash) PHP_FE(password_verify, arginfo_password_verify) PHP_FE(password_make_salt, arginfo_password_make_salt) diff --git a/ext/standard/password.c b/ext/standard/password.c index f2c94fb..f049fbc 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -21,19 +21,24 @@ #include stdlib.h #include php.h -#include ext/hash/php_hash.h + +#include fcntl.h #include php_password.h #include php_rand.h #include base64.h #include zend_interfaces.h +#include info.h + +#if PHP_WIN32 +#include win32/winutil.h +#endif + + PHP_MINIT_FUNCTION(password) /* {{{ */ { REGISTER_STRING_CONSTANT(PASSWORD_DEFAULT, PHP_PASSWORD_DEFAULT, CONST_CS | CONST_PERSISTENT); REGISTER_STRING_CONSTANT(PASSWORD_BCRYPT, PHP_PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); - REGISTER_STRING_CONSTANT(PASSWORD_MD5, PHP_PASSWORD_MD5, CONST_CS | CONST_PERSISTENT); - REGISTER_STRING_CONSTANT(PASSWORD_SHA256, PHP_PASSWORD_SHA256, CONST_CS | CONST_PERSISTENT); - REGISTER_STRING_CONSTANT(PASSWORD_SHA512, PHP_PASSWORD_SHA512, CONST_CS | CONST_PERSISTENT); return SUCCESS; } /* }}} */ @@ -76,7 +81,6 @@ static int php_password_make_salt(int length, int raw, char *ret TSRMLS_DC) { int i, raw_length, buffer_valid = 0; char *buffer; - zend_function *func_ptr; if (raw) { raw_length = length; @@ -84,42 +88,37 @@ static int php_password_make_salt(int length, int raw, char *ret TSRMLS_DC) raw_length = length * 3 / 4 + 1; } buffer = (char *) emalloc(raw_length + 1); - - /* Temp Placeholder */ - if (PHP_PASSWORD_FUNCTION_EXISTS(mcrypt_create_iv, 16)) { - zval *ret, *size, *source; - ALLOC_INIT_ZVAL(size); - ZVAL_LONG(size, raw_length); - ALLOC_INIT_ZVAL(source) - ZVAL_LONG(source, 1); // MCRYPT_DEV_URANDOM - zend_call_method_with_2_params(NULL, NULL, NULL, mcrypt_create_iv, ret, size, source); - zval_ptr_dtor(size); - zval_ptr_dtor(source); - if (Z_TYPE_P(ret) == IS_STRING) { - memcpy(buffer, Z_STRVAL_P(ret), raw_length); + +#if PHP_WIN32 + { + BYTE *iv_b = (BYTE *) buffer; + if (php_win32_get_random_bytes(iv_b, (size_t) raw_length) == SUCCESS) { buffer_valid = 1; } - zval_ptr_dtor(ret); } - if (!buffer_valid PHP_PASSWORD_FUNCTION_EXISTS(openssl_random_pseudo_bytes, 27)) { - zval *ret, *size; - ALLOC_INIT_ZVAL(size); - ZVAL_LONG(size, raw_length); - zend_call_method_with_1_params(NULL, NULL, NULL, openssl_random_pseudo_bytes, ret, size); - zval_ptr_dtor(size); - if (Z_TYPE_P(ret) == IS_STRING) { - memcpy(buffer, Z_STRVAL_P(ret), raw_length); +#else + { + int fd, n; + size_t read_bytes = 0; + fd =
[PHP-CVS] com php-src: Implement openssl support for make_salt: ext/standard/password.c
Commit:41d7374ea4598000fd626c0d8cd4736aec6357bf Author:Anthony Ferrara ircmax...@gmail.com Mon, 25 Jun 2012 11:37:48 -0400 Parents: 618f2629567ca3a3d1817ca9c4c62339fb5fb886 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=41d7374ea4598000fd626c0d8cd4736aec6357bf Log: Implement openssl support for make_salt Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 013dab7..f2c94fb 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -96,11 +96,24 @@ static int php_password_make_salt(int length, int raw, char *ret TSRMLS_DC) zval_ptr_dtor(size); zval_ptr_dtor(source); if (Z_TYPE_P(ret) == IS_STRING) { - memcpy(buffer, Z_STRVAL_P(ret), Z_STRLEN_P(ret)); + memcpy(buffer, Z_STRVAL_P(ret), raw_length); buffer_valid = 1; } zval_ptr_dtor(ret); } + if (!buffer_valid PHP_PASSWORD_FUNCTION_EXISTS(openssl_random_pseudo_bytes, 27)) { + zval *ret, *size; + ALLOC_INIT_ZVAL(size); + ZVAL_LONG(size, raw_length); + zend_call_method_with_1_params(NULL, NULL, NULL, openssl_random_pseudo_bytes, ret, size); + zval_ptr_dtor(size); + if (Z_TYPE_P(ret) == IS_STRING) { + memcpy(buffer, Z_STRVAL_P(ret), raw_length); + buffer_valid = 1; + } + zval_ptr_dtor(ret); + } + if (!buffer_valid) { long number; for (i = 0; i raw_length; i++) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: More error checking, and some cleaning up for password.c: ext/standard/password.c
Commit:618f2629567ca3a3d1817ca9c4c62339fb5fb886 Author:Anthony Ferrara ircmax...@ircmaxell.com Mon, 25 Jun 2012 08:50:39 -0400 Parents: 18d3bd9481c470d241c492eb39a93bd071a77c4e Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=618f2629567ca3a3d1817ca9c4c62339fb5fb886 Log: More error checking, and some cleaning up for password.c Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index f6d8048..013dab7 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -21,10 +21,6 @@ #include stdlib.h #include php.h -#if HAVE_CRYPT -#include php_crypt.h -#endif - #include ext/hash/php_hash.h #include php_password.h #include php_rand.h @@ -121,7 +117,7 @@ static int php_password_make_salt(int length, int raw, char *ret TSRMLS_DC) char *result; result = emalloc(length + 1); if (php_password_salt_to64(buffer, raw_length, length, result) == FAILURE) { - php_error_docref(NULL, E_WARNING, Generated salt too short); + php_error_docref(NULL TSRMLS_CC, E_WARNING, Generated salt too short); efree(buffer); efree(result); return FAILURE; @@ -139,6 +135,12 @@ PHP_FUNCTION(password_verify) { zval *password, *hash, *ret; int status = 0, i; + zend_function *func_ptr; + + if (!PHP_PASSWORD_FUNCTION_EXISTS(crypt, 5)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Crypt must be loaded for password_verify to function); + RETURN_FALSE; + } if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz, password, hash) == FAILURE) { RETURN_FALSE; @@ -195,6 +197,12 @@ PHP_FUNCTION(password_create) int algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len; HashTable *options = 0; zval **option_buffer, *ret, *password, *hash_zval; + zend_function *func_ptr; + + if (!PHP_PASSWORD_FUNCTION_EXISTS(crypt, 5)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Crypt must be loaded for password_verify to function); + RETURN_FALSE; + } if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|sH, password, algo, algo_len, options) == FAILURE) { RETURN_FALSE; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Basic random generator added to make_salt: ext/standard/password.c
Commit:18d3bd9481c470d241c492eb39a93bd071a77c4e Author:Anthony Ferrara ircmax...@ircmaxell.com Mon, 25 Jun 2012 08:15:17 -0400 Parents: f7097d99ffedc6bd0965542454b4ac86e4b5c914 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=18d3bd9481c470d241c492eb39a93bd071a77c4e Log: Basic random generator added to make_salt Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 2b7e7df..f6d8048 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -25,6 +25,7 @@ #include php_crypt.h #endif +#include ext/hash/php_hash.h #include php_password.h #include php_rand.h #include base64.h @@ -73,10 +74,14 @@ static int php_password_salt_to64(const char *str, const int str_len, const int return SUCCESS; } -static int php_password_make_salt(int length, int raw, char *ret) +#define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len) (zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **) func_ptr) == SUCCESS func_ptr-type == ZEND_INTERNAL_FUNCTION func_ptr-internal_function.handler != zif_display_disabled_function) + +static int php_password_make_salt(int length, int raw, char *ret TSRMLS_DC) { - int i, raw_length; + int i, raw_length, buffer_valid = 0; char *buffer; + zend_function *func_ptr; + if (raw) { raw_length = length; } else { @@ -85,8 +90,28 @@ static int php_password_make_salt(int length, int raw, char *ret) buffer = (char *) emalloc(raw_length + 1); /* Temp Placeholder */ - for (i = 0; i raw_length; i++) { - buffer[i] = i; + if (PHP_PASSWORD_FUNCTION_EXISTS(mcrypt_create_iv, 16)) { + zval *ret, *size, *source; + ALLOC_INIT_ZVAL(size); + ZVAL_LONG(size, raw_length); + ALLOC_INIT_ZVAL(source) + ZVAL_LONG(source, 1); // MCRYPT_DEV_URANDOM + zend_call_method_with_2_params(NULL, NULL, NULL, mcrypt_create_iv, ret, size, source); + zval_ptr_dtor(size); + zval_ptr_dtor(source); + if (Z_TYPE_P(ret) == IS_STRING) { + memcpy(buffer, Z_STRVAL_P(ret), Z_STRLEN_P(ret)); + buffer_valid = 1; + } + zval_ptr_dtor(ret); + } + if (!buffer_valid) { + long number; + for (i = 0; i raw_length; i++) { + number = php_rand(TSRMLS_C); + RAND_RANGE(number, 0, 255, PHP_RAND_MAX); + buffer[i] = (char) number; + } } /* /Temp Placeholder */ @@ -154,7 +179,7 @@ PHP_FUNCTION(password_make_salt) RETURN_FALSE; } salt = emalloc(length + 1); - if (php_password_make_salt(length, (int) raw_output, salt) == FAILURE) { + if (php_password_make_salt(length, (int) raw_output, salt TSRMLS_CC) == FAILURE) { efree(salt); RETURN_FALSE; } @@ -260,7 +285,7 @@ PHP_FUNCTION(password_create) zval_ptr_dtor(option_buffer); } else { salt = emalloc(required_salt_len + 1); - if (php_password_make_salt(required_salt_len, 0, salt) == FAILURE) { + if (php_password_make_salt(required_salt_len, 0, salt TSRMLS_CC) == FAILURE) { efree(hash_format); efree(salt); RETURN_FALSE; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix memory leak on branch: ext/standard/password.c
Commit:f7097d99ffedc6bd0965542454b4ac86e4b5c914 Author:Anthony Ferrara ircmax...@ircmaxell.com Sun, 24 Jun 2012 23:36:09 -0400 Parents: 657402832b7884f52bf07b2e6f704510395fd413 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=f7097d99ffedc6bd0965542454b4ac86e4b5c914 Log: Fix memory leak on branch Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 665e69f..2b7e7df 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -246,6 +246,7 @@ PHP_FUNCTION(password_create) salt = emalloc(required_salt_len + 1); if (php_password_salt_to64(buffer, buffer_len, required_salt_len, salt) == FAILURE) { efree(hash_format); + efree(salt); zval_ptr_dtor(option_buffer); php_error_docref(NULL TSRMLS_CC, E_WARNING, Provided salt is too short: %d, salt_len); RETURN_FALSE; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Implement password_verify: ext/standard/password.c
Commit:657402832b7884f52bf07b2e6f704510395fd413 Author:Anthony Ferrara ircmax...@ircmaxell.com Sun, 24 Jun 2012 23:35:26 -0400 Parents: 7e41980fe4972e097e178c034f92920c9c63086c Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=657402832b7884f52bf07b2e6f704510395fd413 Log: Implement password_verify Changed paths: M ext/standard/password.c Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 9201ff3..665e69f 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -112,6 +112,33 @@ static int php_password_make_salt(int length, int raw, char *ret) PHP_FUNCTION(password_verify) { + zval *password, *hash, *ret; + int status = 0, i; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, zz, password, hash) == FAILURE) { +RETURN_FALSE; +} + + zend_call_method_with_2_params(NULL, NULL, NULL, crypt, ret, password, hash); + + if (Z_TYPE_P(ret) != IS_STRING) { + zval_ptr_dtor(ret); + RETURN_FALSE; + } + + if (Z_STRLEN_P(ret) != Z_STRLEN_P(hash)) { + zval_ptr_dtor(ret); + RETURN_FALSE; + } + + for (i = 0; i Z_STRLEN_P(ret); i++) { + status |= (Z_STRVAL_P(ret)[i] ^ Z_STRVAL_P(hash)[i]); + } + + zval_ptr_dtor(ret); + + RETURN_BOOL(status == 0); + } PHP_FUNCTION(password_make_salt) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Actually complete password_create(): ext/standard/password.c ext/standard/php_password.h
Commit:7e41980fe4972e097e178c034f92920c9c63086c Author:Anthony Ferrara ircmax...@ircmaxell.com Sun, 24 Jun 2012 23:25:18 -0400 Parents: c77f2c29585f97bd9dad533b9d2bc8334de34f1b Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=7e41980fe4972e097e178c034f92920c9c63086c Log: Actually complete password_create() Changed paths: M ext/standard/password.c M ext/standard/php_password.h Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 677f132..9201ff3 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -28,7 +28,7 @@ #include php_password.h #include php_rand.h #include base64.h - +#include zend_interfaces.h PHP_MINIT_FUNCTION(password) /* {{{ */ { @@ -139,15 +139,20 @@ PHP_FUNCTION(password_make_salt) Hash a password */ PHP_FUNCTION(password_create) { -char *password, *algo = 0, *hash_format, *hash, *salt; -int password_len, algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len; +char *algo = 0, *hash_format, *hash, *salt; +int algo_len = 0, salt_len = 0, required_salt_len = 0, hash_format_len; HashTable *options = 0; -zval **option_buffer; +zval **option_buffer, *ret, *password, *hash_zval; -if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, s|sH, password, password_len, algo, algo_len, options) == FAILURE) { +if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, z|sH, password, algo, algo_len, options) == FAILURE) { RETURN_FALSE; } + if (Z_TYPE_P(password) != IS_STRING) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, Password must be a string); + RETURN_FALSE; + } + if (algo_len == 0) { algo = PHP_PASSWORD_DEFAULT; algo_len = strlen(PHP_PASSWORD_DEFAULT); @@ -240,10 +245,26 @@ PHP_FUNCTION(password_create) hash = emalloc(salt_len + hash_format_len + 1); sprintf(hash, %s%s, hash_format, salt); hash[hash_format_len + salt_len] = 0; + + ALLOC_INIT_ZVAL(hash_zval); + ZVAL_STRINGL(hash_zval, hash, hash_format_len + salt_len, 0); + efree(hash_format); efree(salt); -RETURN_STRINGL(hash, hash_format_len + salt_len, 0); + zend_call_method_with_2_params(NULL, NULL, NULL, crypt, ret, password, hash_zval); + + zval_ptr_dtor(hash_zval); + + if (Z_TYPE_P(ret) != IS_STRING) { + zval_ptr_dtor(ret); + RETURN_FALSE; + } else if(Z_STRLEN_P(ret) 13) { + zval_ptr_dtor(ret); + RETURN_FALSE; + } + + RETURN_ZVAL(ret, 0, 1); } /* }}} */ diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h index f813189..5967840 100644 --- a/ext/standard/php_password.h +++ b/ext/standard/php_password.h @@ -33,7 +33,7 @@ PHP_MINIT_FUNCTION(password); #define PHP_PASSWORD_SHA2565 #define PHP_PASSWORD_SHA5126 -#define PHP_PASSWORD_BCRYPT_DEFAULT_COST 14; +#define PHP_PASSWORD_BCRYPT_DEFAULT_COST 12; #define PHP_PASSWORD_SHA_DEFAULT_ROUNDS 5000; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Base structure for passsword_create and password_make_salt: ext/standard/basic_functions.c ext/standard/config.m4 ext/standard/config.w32 ext/standard/password.c ext/standard/ph
Commit:c77f2c29585f97bd9dad533b9d2bc8334de34f1b Author:Anthony Ferrara ircmax...@ircmaxell.com Sun, 24 Jun 2012 22:44:43 -0400 Parents: d68b614b09b984e915db50b72430db4e4731480c Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=c77f2c29585f97bd9dad533b9d2bc8334de34f1b Log: Base structure for passsword_create and password_make_salt Changed paths: M ext/standard/basic_functions.c M ext/standard/config.m4 M ext/standard/config.w32 A ext/standard/password.c A ext/standard/php_password.h M ext/standard/php_standard.h diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c index 63d40ef..64025db 100644 --- a/ext/standard/basic_functions.c +++ b/ext/standard/basic_functions.c @@ -1866,6 +1866,21 @@ ZEND_END_ARG_INFO() ZEND_BEGIN_ARG_INFO(arginfo_getlastmod, 0) ZEND_END_ARG_INFO() /* }}} */ +/* {{{ password.c */ +ZEND_BEGIN_ARG_INFO_EX(arginfo_password_create, 0, 0, 1) + ZEND_ARG_INFO(0, password) + ZEND_ARG_INFO(0, algo) + ZEND_ARG_INFO(0, options) +ZEND_END_ARG_INFO() +ZEND_BEGIN_ARG_INFO_EX(arginfo_password_verify, 0, 0, 2) + ZEND_ARG_INFO(0, password) + ZEND_ARG_INFO(0, hash) +ZEND_END_ARG_INFO() +ZEND_BEGIN_ARG_INFO_EX(arginfo_password_make_salt, 0, 0, 1) + ZEND_ARG_INFO(0, length) + ZEND_ARG_INFO(0, raw_output) +ZEND_END_ARG_INFO() +/* }}} */ /* {{{ proc_open.c */ #ifdef PHP_CAN_SUPPORT_PROC_OPEN ZEND_BEGIN_ARG_INFO_EX(arginfo_proc_terminate, 0, 0, 1) @@ -2880,6 +2895,10 @@ const zend_function_entry basic_functions[] = { /* {{{ */ PHP_FE(base64_decode, arginfo_base64_decode) PHP_FE(base64_encode, arginfo_base64_encode) + PHP_FE(password_create, arginfo_password_create) + PHP_FE(password_verify, arginfo_password_verify) + PHP_FE(password_make_salt, arginfo_password_make_salt) + PHP_FE(convert_uuencode, arginfo_convert_uuencode) PHP_FE(convert_uudecode, arginfo_convert_uudecode) @@ -3630,6 +3649,7 @@ PHP_MINIT_FUNCTION(basic) /* {{{ */ BASIC_MINIT_SUBMODULE(browscap) BASIC_MINIT_SUBMODULE(standard_filters) BASIC_MINIT_SUBMODULE(user_filters) + BASIC_MINIT_SUBMODULE(password) #if defined(HAVE_LOCALECONV) defined(ZTS) BASIC_MINIT_SUBMODULE(localeconv) diff --git a/ext/standard/config.m4 b/ext/standard/config.m4 index c33ae1e..fba423b 100644 --- a/ext/standard/config.m4 +++ b/ext/standard/config.m4 @@ -580,7 +580,7 @@ PHP_NEW_EXTENSION(standard, array.c base64.c basic_functions.c browscap.c crc32. incomplete_class.c url_scanner_ex.c ftp_fopen_wrapper.c \ http_fopen_wrapper.c php_fopen_wrapper.c credits.c css.c \ var_unserializer.c ftok.c sha1.c user_filters.c uuencode.c \ -filters.c proc_open.c streamsfuncs.c http.c) +filters.c proc_open.c streamsfuncs.c http.c password.c) PHP_ADD_MAKEFILE_FRAGMENT PHP_INSTALL_HEADERS([ext/standard/]) diff --git a/ext/standard/config.w32 b/ext/standard/config.w32 index d14b859..5f24641b 100644 --- a/ext/standard/config.w32 +++ b/ext/standard/config.w32 @@ -19,7 +19,7 @@ EXTENSION(standard, array.c base64.c basic_functions.c browscap.c \ versioning.c assert.c strnatcmp.c levenshtein.c incomplete_class.c \ url_scanner_ex.c ftp_fopen_wrapper.c http_fopen_wrapper.c \ php_fopen_wrapper.c credits.c css.c var_unserializer.c ftok.c sha1.c \ - user_filters.c uuencode.c filters.c proc_open.c \ + user_filters.c uuencode.c filters.c proc_open.c password.c \ streamsfuncs.c http.c flock_compat.c, false /* never shared */); PHP_INSTALL_HEADERS(, ext/standard); if (PHP_MBREGEX != no) { diff --git a/ext/standard/password.c b/ext/standard/password.c new file mode 100644 index 000..677f132 --- /dev/null +++ b/ext/standard/password.c @@ -0,0 +1,257 @@ +/* + +--+ + | PHP Version 5| + +--+ + | Copyright (c) 1997-2012 The PHP Group| +
[PHP-CVS] com php-src: Fixed bug #63248 Load multiple magic files on win: NEWS ext/fileinfo/config.w32 ext/fileinfo/libmagic.patch ext/fileinfo/libmagic/apprentice.c
Commit:6d019deee206dd76396bcaff9497ae3619d279b0 Author:Anatoliy Belsky a...@php.net Tue, 16 Oct 2012 11:03:32 +0200 Parents: 13d4d8e2d037385bfa2c7775929b65ae1f73998d Branches: PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=6d019deee206dd76396bcaff9497ae3619d279b0 Log: Fixed bug #63248 Load multiple magic files on win - adapt config.w32 to not to use dirent lib anymore - prevent libmagic from opening a dir handle under win - reimplement the dir iteration functionality with streams Bugs: https://bugs.php.net/63248 Changed paths: M NEWS M ext/fileinfo/config.w32 M ext/fileinfo/libmagic.patch M ext/fileinfo/libmagic/apprentice.c diff --git a/NEWS b/NEWS index 475eec6..eca6698 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,10 @@ PHP NEWS ||| ?? ??? 2012, PHP 5.4.9 +- Fileinfo: + . Fixed bug #63248 (Load multiple magic files from a directory under Windows). +(Anatoliy) + ?? ??? 2012, PHP 5.4.8 - CLI server: diff --git a/ext/fileinfo/config.w32 b/ext/fileinfo/config.w32 index 46b87b5..873a12c 100644 --- a/ext/fileinfo/config.w32 +++ b/ext/fileinfo/config.w32 @@ -4,22 +4,16 @@ ARG_ENABLE(fileinfo, fileinfo support, no); if (PHP_FILEINFO != 'no') { - if (CHECK_HEADER_ADD_INCLUDE(dirent.h, CFLAGS_FILEINFO) - CHECK_LIB(dirent_a.lib, fileinfo, PHP_FILEINFO)) { - LIBMAGIC_SOURCES= apprentice.c apptype.c ascmagic.c \ - cdf.c cdf_time.c compress.c \ - encoding.c fsmagic.c funcs.c \ - is_tar.c magic.c print.c \ - readcdf.c readelf.c softmagic.c; + LIBMAGIC_SOURCES= apprentice.c apptype.c ascmagic.c \ + cdf.c cdf_time.c compress.c \ + encoding.c fsmagic.c funcs.c \ + is_tar.c magic.c print.c \ + readcdf.c readelf.c softmagic.c; - if (VCVERS 1500) { - ADD_FLAG('CFLAGS', '/Zm1000'); - } + if (VCVERS 1500) { + ADD_FLAG('CFLAGS', '/Zm1000'); + } - EXTENSION('fileinfo', 'fileinfo.c', true, /I + configure_module_dirname + /libmagic /I + configure_module_dirname); - ADD_SOURCES(configure_module_dirname + '\\libmagic', LIBMAGIC_SOURCES, fileinfo); - } else { - WARNING(fileinfo not enabled; libraries and headers not found); - PHP_FILEINFO = no; - } + EXTENSION('fileinfo', 'fileinfo.c', true, /I + configure_module_dirname + /libmagic /I + configure_module_dirname); + ADD_SOURCES(configure_module_dirname + '\\libmagic', LIBMAGIC_SOURCES, fileinfo); } diff --git a/ext/fileinfo/libmagic.patch b/ext/fileinfo/libmagic.patch index 15f6a6d..ecb178f 100644 --- a/ext/fileinfo/libmagic.patch +++ b/ext/fileinfo/libmagic.patch @@ -1,6 +1,6 @@ diff -u libmagic.origin/apprentice.c libmagic/apprentice.c libmagic.origin/apprentice.c 2012-09-11 11:09:26.0 +0800 -+++ libmagic/apprentice.c 2012-09-11 11:36:51.0 +0800 +--- libmagic.origin/apprentice.c Sat Dec 17 18:17:18 2011 libmagic/apprentice.c Tue Oct 16 10:21:49 2012 @@ -29,6 +29,8 @@ * apprentice - make one pass through /etc/magic, learning its secrets. */ @@ -10,7 +10,7 @@ diff -u libmagic.origin/apprentice.c libmagic/apprentice.c #include file.h #ifndef lint -@@ -36,18 +38,34 @@ +@@ -36,18 +38,31 @@ #endif/* lint */ #include magic.h @@ -43,13 +43,11 @@ diff -u libmagic.origin/apprentice.c libmagic/apprentice.c -#ifdef QUICK -#include sys/mman.h -#endif -+#ifndef PHP_WIN32 - #include dirent.h -+#endif +-#include dirent.h #define EATAB {while (isascii((unsigned char) *l) \ isspace((unsigned char) *l)) ++l;} -@@ -112,12 +130,10 @@ +@@ -112,12 +127,10 @@ private int parse_strength(struct magic_set *, struct magic_entry *, const char *); private int parse_apple(struct magic_set *, struct magic_entry *, const char *); @@ -62,7 +60,7 @@ diff -u libmagic.origin/apprentice.c libmagic/apprentice.c private struct { const char *name; size_t len; -@@ -131,38 +147,7 @@ +@@ -131,38 +144,7 @@ { NULL, 0, NULL } }; @@ -102,7 +100,7 @@ diff -u libmagic.origin/apprentice.c libmagic/apprentice.c static const struct type_tbl_s { const char name[16]; -@@ -218,6 +203,10 @@ +@@ -218,6 +200,10 @@ # undef XX_NULL }; @@ -113,7 +111,7 @@ diff -u libmagic.origin/apprentice.c libmagic/apprentice.c private int get_type(const char *l, const char **t) { -@@ -275,15 +264,17 @@ +@@ -275,15 +261,17 @@ if (rv != 0) return -1; rv =
[PHP-CVS] com php-src: updated NEWS: NEWS
Commit:7eba512b5170fc57dc3d4a6b93f98a0e0acc7721 Author:Anatoliy Belsky a...@php.net Tue, 16 Oct 2012 11:14:43 +0200 Parents: 3c89f8507f5c476135e7b3ceead4837271dff421 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=7eba512b5170fc57dc3d4a6b93f98a0e0acc7721 Log: updated NEWS Changed paths: M NEWS Diff: diff --git a/NEWS b/NEWS index 2ad1fa7..c2e3444 100644 --- a/NEWS +++ b/NEWS @@ -86,4 +86,8 @@ PHP NEWS - Zip: . Upgraded libzip to 0.10.1 (Anatoliy) +- Fileinfo: + . Fixed bug #63248 (Load multiple magic files from a directory under Windows). + (Anatoliy) + NOTE: Insert NEWS from last stable release here prior to actual release! -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: credits update: ext/standard/credits_sapi.h
Commit:7df3c767b8223c1b7b3e7c4f921519ba9d5ba2a3 Author:Stanislav Malyshev s...@php.net Tue, 16 Oct 2012 13:05:41 +0300 Parents: fc17700db0aaab11a0c05d5dc854763791a0c097 Branches: PHP-5.4.8 Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=7df3c767b8223c1b7b3e7c4f921519ba9d5ba2a3 Log: credits update Changed paths: M ext/standard/credits_sapi.h Diff: diff --git a/ext/standard/credits_sapi.h b/ext/standard/credits_sapi.h index 9cc7e6e..d147d8d 100644 --- a/ext/standard/credits_sapi.h +++ b/ext/standard/credits_sapi.h @@ -17,7 +17,7 @@ CREDIT_LINE(Apache 2.0 Filter, Sascha Schumann, Aaron Bannert); CREDIT_LINE(Apache 2.0 Handler, Ian Holsman, Justin Erenkrantz (based on Apache 2.0 Filter code)); CREDIT_LINE(Caudium / Roxen, David Hedbor); CREDIT_LINE(CGI / FastCGI, Rasmus Lerdorf, Stig Bakken, Shane Caraveo, Dmitry Stogov); -CREDIT_LINE(CLI, Edin Kadribasic, Marcus Boerger, Johannes Schlueter); +CREDIT_LINE(CLI, Edin Kadribasic, Marcus Boerger, Johannes Schlueter, Moriyoshi Koizumi, Xinchen Hui); CREDIT_LINE(Continuity, Alex Leigh (based on nsapi code)); CREDIT_LINE(Embed, Edin Kadribasic); CREDIT_LINE(FastCGI Process Manager, Andrei Nigmatulin, dreamcat4, Antony Dovgal, Jerome Loyet); -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] tag php-src: create tag php-5.4.8
Tag php-5.4.8 in php-src.git was created Tag: 52c29b272abab0e7cb51e45fb3ffd9858060e463 Tagger: Stanislav Malyshevs...@php.net Tue Oct 16 13:06:41 2012 +0300 Log: 5.4.8 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (Darwin) iF4EABEIAAYFAlB9MbUACgkQL3lWvF2gS12u7wEAiZ2YsdixgJ2X2OrF9XCAXWR6 M6xB2QNorDZW6ajwA7QA/ifW0dJzH9e22PUVf/e8GFFGjbav1zhD1KT4kofcGEu3 =WJ/u -END PGP SIGNATURE- Link: http://git.php.net/?p=php-src.git;a=tag;h=52c29b272abab0e7cb51e45fb3ffd9858060e463 Target: 7df3c767b8223c1b7b3e7c4f921519ba9d5ba2a3 Author: Stanislav Malyshev s...@php.net Tue, 16 Oct 2012 13:05:41 +0300 Parents: fc17700db0aaab11a0c05d5dc854763791a0c097 Target link: http://git.php.net/?p=php-src.git;a=commitdiff;h=7df3c767b8223c1b7b3e7c4f921519ba9d5ba2a3 Target log: credits update Changed paths: M ext/standard/credits_sapi.h -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Updating expected output in anticipation of mysqlnd_auth.c path: ext/mysqli/tests/mysqli_pam_sha256_public_key_option_invalid.phpt
Commit:917639d4631b456f8ffd959a3c523071c3e9c8b5 Author:ULF WENDEL u...@php.net Sat, 29 Sep 2012 17:42:00 +0200 Parents: 0e1df4dfe735eb038964aaf917d1e14cc7ad7de3 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=917639d4631b456f8ffd959a3c523071c3e9c8b5 Log: Updating expected output in anticipation of mysqlnd_auth.c path Changed paths: M ext/mysqli/tests/mysqli_pam_sha256_public_key_option_invalid.phpt Diff: diff --git a/ext/mysqli/tests/mysqli_pam_sha256_public_key_option_invalid.phpt b/ext/mysqli/tests/mysqli_pam_sha256_public_key_option_invalid.phpt index 960f08a..e262624 100644 --- a/ext/mysqli/tests/mysqli_pam_sha256_public_key_option_invalid.phpt +++ b/ext/mysqli/tests/mysqli_pam_sha256_public_key_option_invalid.phpt @@ -182,5 +182,7 @@ Warning: mysqli::real_connect(): (HY000/1045): %s in %s on line %d [300 + 002] [1045] %s Warning: mysqli::real_connect(%sest_sha256_wrong_%d): failed to open stream: No such file or directory in %s on line %d + +Warning: mysqli::real_connect(): (HY000/1045): %s in %s on line %d [400 + 002] [1045] %s done! \ No newline at end of file -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Cover have_ssl=NO and have_ssl=DISABLED: ext/mysqli/tests/bug51647.phpt ext/mysqli/tests/bug55283.phpt
Commit:da541ff561e0ac6ac72d2efd8b785ecfeef868dc Author:ULF WENDEL u...@php.net Sat, 29 Sep 2012 18:54:54 +0200 Parents: 20e76f4487baf60dc52b348e86bae4628026c4c2 Branches: PHP-5.3 PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=da541ff561e0ac6ac72d2efd8b785ecfeef868dc Log: Cover have_ssl=NO and have_ssl=DISABLED Changed paths: M ext/mysqli/tests/bug51647.phpt M ext/mysqli/tests/bug55283.phpt Diff: diff --git a/ext/mysqli/tests/bug51647.phpt b/ext/mysqli/tests/bug51647.phpt index b1c1e87..78540f1 100644 --- a/ext/mysqli/tests/bug51647.phpt +++ b/ext/mysqli/tests/bug51647.phpt @@ -24,12 +24,12 @@ if ($res = $link-query('SHOW VARIABLES LIKE have_ssl')) { die(sprintf(skip Failed to test for MySQL SSL support, [%d] %s, $link-errno, $link-error)); } } - + if (empty($row)) die(sprintf(skip Failed to test for MySQL SSL support, [%d] %s, $link-errno, $link-error)); -if ($row[1] == 'NO') +if (($row[1] == 'NO') || ($row[1] == 'DISABLED')) die(sprintf(skip MySQL has no SSL support, [%d] %s, $link-errno, $link-error)); $link-close(); diff --git a/ext/mysqli/tests/bug55283.phpt b/ext/mysqli/tests/bug55283.phpt index 6000fce..d03daae 100644 --- a/ext/mysqli/tests/bug55283.phpt +++ b/ext/mysqli/tests/bug55283.phpt @@ -29,7 +29,7 @@ if ($res = $link-query('SHOW VARIABLES LIKE have_ssl')) { if (empty($row)) die(sprintf(skip Failed to test for MySQL SSL support, [%d] %s, $link-errno, $link-error)); -if ($row[1] == 'NO') +if (($row[1] == 'NO') || ($row[1] == 'DISABLED')) die(sprintf(skip MySQL has no SSL support, [%d] %s, $link-errno, $link-error)); $link-close(); @@ -41,7 +41,7 @@ $link-close(); $flags = MYSQLI_CLIENT_SSL; - + $link = mysqli_init(); mysqli_ssl_set($link, null, null, null, null, RC4-MD5); if (my_mysqli_real_connect($link, 'p:' . $host, $user, $passwd, $db, $port, null, $flags)) { -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: fix newly introduced segfault: ext/mysqlnd/mysqlnd_auth.c
Commit:b0e8fb6489f7aa65aeaae6198a3dd81574f1ebcd Author:Andrey Hristov and...@php.net Tue, 16 Oct 2012 15:06:02 +0200 Parents: ccf749e38d1c05ab50d30781b47e55786d571585 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=b0e8fb6489f7aa65aeaae6198a3dd81574f1ebcd Log: fix newly introduced segfault Changed paths: M ext/mysqlnd/mysqlnd_auth.c Diff: diff --git a/ext/mysqlnd/mysqlnd_auth.c b/ext/mysqlnd/mysqlnd_auth.c index 3cae693..cdbdf6d 100644 --- a/ext/mysqlnd/mysqlnd_auth.c +++ b/ext/mysqlnd/mysqlnd_auth.c @@ -555,8 +555,8 @@ mysqlnd_sha256_get_rsa_key(MYSQLND_CONN_DATA * conn, DBG_INF_FMT(Public key:%*.s, len, key_str); efree(key_str); } + php_stream_free(stream, PHP_STREAM_FREE_CLOSE); } - php_stream_free(stream, PHP_STREAM_FREE_CLOSE); } DBG_RETURN(ret); } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] com php-src: Really fix leaks, add test cases to prove it...: ext/standard/password.c ext/standard/tests/password/password_bcrypt_errors.phpt ext/standard/tests/password/password_hash_er
Hi, + case IS_BOOL: + case IS_NULL: case IS_RESOURCE: case IS_ARRAY: default: it doesn't make sense to have those cases and the default. Please remove all those useless cases. Nuno -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-CVS] com php-src: Really fix leaks, add test cases to prove it...: ext/standard/password.c ext/standard/tests/password/password_bcrypt_errors.phpt ext/standard/tests/password/password_hash_er
Nuno, On Tue, Oct 16, 2012 at 2:14 PM, Nuno Lopes nlop...@php.net wrote: Hi, + case IS_BOOL: + case IS_NULL: case IS_RESOURCE: case IS_ARRAY: default: it doesn't make sense to have those cases and the default. Please remove all those useless cases. I see it as self-documentation to include them as it indicates without needing to think that it's intentional that they are treated as default. If the overall consensus is that they should be removed, that's fine (and I'll remove them). But I consider this more readable and easier to comprehend than without... Thoughts? Anthony
Re: [PHP-CVS] com php-src: Refactor to using a stack based zval instead of dynamic allocation: ext/standard/password.c
Hi, I gave a quick review to the overal implementation of this feature. A few comments: - php_password_make_salt() shouldn't allocate memory + do memcpy, but it should fill in 'ret' directly instead. Both mallocs can go away. - in PHP_FUNCTION(password_get_info) you assume that sscanf always succeeds. That's not the case if I pass a mis-encoded string. - in PHP_FUNCTION(password_hash) you don't need to estrndup the salt, since you're just reading it. - Similarly, no needs to emallocs and sprintf. You should write directly to the final string to avoid the copies. - The sprintf() there is probably not ok if the salt includes a \0 in the middle. In summary, there should be few or no mallocs in this file, since most buffers have a maximum (small) size that can be determined statically. Nuno -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php