[Pkg-php-commits] [php/debian-sid] Generate SHA512 salt string when provided salt is null
Ondřej Surý
ondrej at sury.org
Thu Mar 17 16:38:40 UTC 2011
---
debian/patches/php_crypt_revamped.patch | 47 ++++++++++++++++---------------
1 files changed, 24 insertions(+), 23 deletions(-)
diff --git a/debian/patches/php_crypt_revamped.patch b/debian/patches/php_crypt_revamped.patch
index 99f3114..f4f2951 100644
--- a/debian/patches/php_crypt_revamped.patch
+++ b/debian/patches/php_crypt_revamped.patch
@@ -194,13 +194,17 @@
-#if PHP_EXT_DES_CRYPT
-#undef PHP_MAX_SALT_LEN
-#define PHP_MAX_SALT_LEN 9
--#endif
--
++#if defined(HAVE_CRYPT_R) && (defined(_REENTRANT) || defined(_THREAD_SAFE))
++# define PHP_USE_SYSTEM_CRYPT_R
+ #endif
+
-#if PHP_MD5_CRYPT
-#undef PHP_MAX_SALT_LEN
-#define PHP_MAX_SALT_LEN 12
-#endif
--
++#define PHP_MAX_STD_DES_SALT_LEN 2
++#define PHP_MAX_STD_DES_HASH_LEN 11
+
-#if PHP_BLOWFISH_CRYPT
-#undef PHP_MAX_SALT_LEN
-#define PHP_MAX_SALT_LEN 60
@@ -209,13 +213,9 @@
-#if PHP_SHA512_CRYPT
-#undef PHP_MAX_SALT_LEN
-#define PHP_MAX_SALT_LEN 123
-+#if defined(HAVE_CRYPT_R) && (defined(_REENTRANT) || defined(_THREAD_SAFE))
-+# define PHP_USE_SYSTEM_CRYPT_R
- #endif
-
-+#define PHP_MAX_STD_DES_SALT_LEN 2
-+#define PHP_MAX_STD_DES_HASH_LEN 11
-
+-#endif
+-
+-
-/* If the configure-time checks fail, we provide DES.
- * XXX: This is a hack. Fix the real problem! */
-
@@ -289,7 +289,7 @@
static unsigned char itoa64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-@@ -150,158 +143,171 @@ static void php_to64(char *s, long v, in
+@@ -150,158 +143,166 @@ static void php_to64(char *s, long v, in
PHP_FUNCTION(crypt)
{
char salt[PHP_MAX_SALT_LEN + 1];
@@ -322,30 +322,31 @@
return;
}
- if (salt_in) {
+- if (salt_in) {
- memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len));
- }
-
- /* The automatic salt generation covers standard DES, md5-crypt and Blowfish (simple) */
- if (!*salt) {
+-#if PHP_MD5_CRYPT
+- strcpy(salt, "$1$");
++ if (salt_in && (salt_in_len > 0)) {
+ salt_len = MIN(PHP_MAX_SALT_LEN, salt_in_len);
+ memcpy(salt, salt_in, salt_len);
+ salt[salt_len] = '\0';
+ } else {
- #if PHP_MD5_CRYPT
-- strcpy(salt, "$1$");
-+ salt[0] = '$'; salt[1] = '1'; salt[2] = '$';
++ /* Use SHA512 as default algorithm */
++ salt[0] = '$'; salt[1] = '6'; salt[2] = '$';
php_to64(&salt[3], PHP_CRYPT_RAND, 4);
php_to64(&salt[7], PHP_CRYPT_RAND, 4);
- strcpy(&salt[11], "$");
-+ salt[11] = '$'; salt[12] = '\0';
-+ salt_len = PHP_MAX_MD5_SALT_LEN;
- #elif PHP_STD_DES_CRYPT
- php_to64(&salt[0], PHP_CRYPT_RAND, 2);
- salt[2] = '\0';
-+ salt_len = PHP_MAX_STD_DES_SALT_LEN;
- #endif
+-#elif PHP_STD_DES_CRYPT
+- php_to64(&salt[0], PHP_CRYPT_RAND, 2);
+- salt[2] = '\0';
+-#endif
- salt_in_len = strlen(salt);
++ salt[11] = '$'; salt[12] = '\0';
++ salt_len = 12;
}
/* Windows (win32/crypt) has a stripped down version of libxcrypt and
@@ -370,8 +371,8 @@
- RETURN_STRING(php_md5_crypt_r(str, salt, output), 1);
+ /* CRYPT_MD5 */
+#if PHP_MD5_CRYPT
-+# warning Using system MD5 crypt function, which is OK on Debian system
+# if PHP_USE_SYSTEM_CRYPT_R
++# warning Using system MD5 crypt function, which is OK on Debian system
+ crypt_res = crypt_r(str, salt, &buffer);
+# else
+ crypt_res = crypt(str, salt);
--
1.7.1
More information about the Pkg-php-commits
mailing list