Commit: 707c9073b595a75447fbc25e01e7804293fad9b7 Author: Anthony Ferrara <ircmax...@php.net> Wed, 11 Jul 2012 22:15:56 -0400 Parents: 99b7956ad58395853f7950ae01a43139413d348d Branches: master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=707c9073b595a75447fbc25e01e7804293fad9b7 Log: Switch second parameter to password_make_salt to be a flag Changed paths: M ext/standard/password.c M ext/standard/php_password.h M ext/standard/tests/password/password_make_salt.phpt M ext/standard/tests/password/password_make_salt_error.phpt Diff: diff --git a/ext/standard/password.c b/ext/standard/password.c index 2f1ebb5..2e5d62a 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -39,6 +39,10 @@ PHP_MINIT_FUNCTION(password) /* {{{ */ { REGISTER_LONG_CONSTANT("PASSWORD_DEFAULT", PHP_PASSWORD_DEFAULT, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT("PASSWORD_BCRYPT", PHP_PASSWORD_BCRYPT, CONST_CS | CONST_PERSISTENT); + + REGISTER_LONG_CONSTANT("PASSWORD_SALT_RAW", PHP_PASSWORD_SALT_RAW, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("PASSWORD_SALT_BCRYPT", PHP_PASSWORD_SALT_BCRYPT, CONST_CS | CONST_PERSISTENT); + return SUCCESS; } /* }}} */ @@ -55,15 +59,18 @@ static long php_password_determine_algo(const char *hash, const int len) return 0; } -static int php_password_salt_is_alphabet(const char *str, const int len) /* {{{ */ +static int php_password_salt_is_alphabet(const char *str, const int len, const int salt_type) /* {{{ */ { int i = 0; - for (i = 0; i < len; i++) { - if (!((str[i] >= 'A' && str[i] <= 'Z') || (str[i] >= 'a' && str[i] <= 'z') || (str[i] >= '0' && str[i] <= '9') || str[i] == '.' || str[i] == '/')) { - return 0; + if (salt_type == PHP_PASSWORD_SALT_BCRYPT) { + for (i = 0; i < len; i++) { + if (!((str[i] >= 'A' && str[i] <= 'Z') || (str[i] >= 'a' && str[i] <= 'z') || (str[i] >= '0' && str[i] <= '9') || str[i] == '.' || str[i] == '/')) { + return 0; + } } } + return 1; } /* }}} */ @@ -90,20 +97,23 @@ static int php_password_salt_to64(const char *str, const int str_len, const int #define PHP_PASSWORD_FUNCTION_EXISTS(func, func_len) (zend_hash_find(EG(function_table), (func), (func_len) + 1, (void **) &func_ptr) == SUCCESS && func_ptr->type == ZEND_INTERNAL_FUNCTION && func_ptr->internal_function.handler != zif_display_disabled_function) -static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* {{{ */ +static int php_password_make_salt(long length, int salt_type, char *ret TSRMLS_DC) /* {{{ */ { int buffer_valid = 0; long i, raw_length; char *buffer; - if (raw) { + if (salt_type == PHP_PASSWORD_SALT_RAW) { raw_length = length; - } else { + } else if (salt_type == PHP_PASSWORD_SALT_BCRYPT) { if (length > (LONG_MAX / 3)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Length is too large to safely generate"); return FAILURE; } raw_length = length * 3 / 4 + 1; + } else { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown salt type paramter"); + return FAILURE; } buffer = (char *) safe_emalloc(raw_length, 1, 1); @@ -140,9 +150,7 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* } } - if (raw) { - memcpy(ret, buffer, length); - } else { + if (salt_type == PHP_PASSWORD_SALT_BCRYPT) { char *result; result = safe_emalloc(length, 1, 1); if (php_password_salt_to64(buffer, raw_length, length, result) == FAILURE) { @@ -154,6 +162,9 @@ static int php_password_make_salt(long length, int raw, char *ret TSRMLS_DC) /* memcpy(ret, result, length); efree(result); } + } else { + /* PHP_PASSWORD_SALT_RAW */ + memcpy(ret, buffer, length); } efree(buffer); ret[length] = 0; @@ -266,14 +277,13 @@ PHP_FUNCTION(password_verify) } /* }}} */ -/* {{{ proto string password_make_salt(int length, boolean raw_output = false) +/* {{{ proto string password_make_salt(int length, int salt_type = PASSWORD_SALT_BCRYPT) Make a new random salt */ PHP_FUNCTION(password_make_salt) { char *salt; - long length = 0; - zend_bool raw_output = 0; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l|b", &length, &raw_output) == FAILURE) { + long length = 0, salt_type = 0; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l|l", &length, &salt_type) == FAILURE) { RETURN_NULL(); } if (length <= 0) { @@ -284,8 +294,11 @@ PHP_FUNCTION(password_make_salt) RETURN_NULL(); } + if (!salt_type) { + salt_type = PHP_PASSWORD_SALT_BCRYPT; + } salt = safe_emalloc(length, 1, 1); - if (php_password_make_salt(length, (int) raw_output, salt TSRMLS_CC) == FAILURE) { + if (php_password_make_salt(length, (int) salt_type, salt TSRMLS_CC) == FAILURE) { efree(salt); RETURN_FALSE; } @@ -363,7 +376,7 @@ PHP_FUNCTION(password_hash) zval_ptr_dtor(option_buffer); php_error_docref(NULL TSRMLS_CC, E_WARNING, "Provided salt is too short: %d expecting %d", buffer_len, required_salt_len); RETURN_NULL(); - } else if (0 == php_password_salt_is_alphabet(buffer, buffer_len)) { + } else if (0 == php_password_salt_is_alphabet(buffer, buffer_len, PHP_PASSWORD_SALT_BCRYPT)) { salt = emalloc(required_salt_len + 1); if (php_password_salt_to64(buffer, buffer_len, required_salt_len, salt) == FAILURE) { efree(hash_format); @@ -381,7 +394,7 @@ PHP_FUNCTION(password_hash) zval_ptr_dtor(option_buffer); } else { salt = emalloc(required_salt_len + 1); - if (php_password_make_salt((long) required_salt_len, 0, salt TSRMLS_CC) == FAILURE) { + if (php_password_make_salt((long) required_salt_len, PHP_PASSWORD_SALT_BCRYPT, salt TSRMLS_CC) == FAILURE) { efree(hash_format); efree(salt); RETURN_FALSE; diff --git a/ext/standard/php_password.h b/ext/standard/php_password.h index 90e4d89..8211ae1 100644 --- a/ext/standard/php_password.h +++ b/ext/standard/php_password.h @@ -32,6 +32,9 @@ PHP_MINIT_FUNCTION(password); #define PHP_PASSWORD_DEFAULT 1 #define PHP_PASSWORD_BCRYPT 1 +#define PHP_PASSWORD_SALT_RAW 1 +#define PHP_PASSWORD_SALT_BCRYPT 2 + #define PHP_PASSWORD_BCRYPT_COST 10 #endif diff --git a/ext/standard/tests/password/password_make_salt.phpt b/ext/standard/tests/password/password_make_salt.phpt index 63b56f8..c7aa514 100644 --- a/ext/standard/tests/password/password_make_salt.phpt +++ b/ext/standard/tests/password/password_make_salt.phpt @@ -7,14 +7,14 @@ echo strlen(password_make_salt(1)) . "\n"; echo strlen(password_make_salt(2)) . "\n"; echo strlen(password_make_salt(3)) . "\n"; echo strlen(password_make_salt(4)) . "\n"; -echo strlen(password_make_salt(5)) . "\n"; +echo strlen(password_make_salt(5, PASSWORD_SALT_BCRYPT)) . "\n"; echo "\n"; -echo strlen(password_make_salt(1, true)) . "\n"; -echo strlen(password_make_salt(2, true)) . "\n"; -echo strlen(password_make_salt(3, true)) . "\n"; -echo strlen(password_make_salt(4, true)) . "\n"; -echo strlen(password_make_salt(5, true)) . "\n"; +echo strlen(password_make_salt(1, PASSWORD_SALT_RAW)) . "\n"; +echo strlen(password_make_salt(2, PASSWORD_SALT_RAW)) . "\n"; +echo strlen(password_make_salt(3, PASSWORD_SALT_RAW)) . "\n"; +echo strlen(password_make_salt(4, PASSWORD_SALT_RAW)) . "\n"; +echo strlen(password_make_salt(5, PASSWORD_SALT_RAW)) . "\n"; echo "\n"; $a = password_make_salt(32); diff --git a/ext/standard/tests/password/password_make_salt_error.phpt b/ext/standard/tests/password/password_make_salt_error.phpt index 4a1d5e2..92df53a 100644 --- a/ext/standard/tests/password/password_make_salt_error.phpt +++ b/ext/standard/tests/password/password_make_salt_error.phpt @@ -14,6 +14,8 @@ var_dump(password_make_salt(PHP_INT_MAX)); var_dump(password_make_salt(floor(PHP_INT_MAX / 2.9))); +var_dump(password_make_salt(5, 999)); + ?> --EXPECTF-- Warning: password_make_salt() expects at least 1 parameter, 0 given in %s on line %d @@ -31,3 +33,5 @@ NULL Warning: password_make_salt(): Length is too large to safely generate in %s on line %d NULL +Warning: password_make_salt(): Unknown salt type paramter in %s on line %d +bool(false) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php