diff options
Diffstat (limited to 'ext/standard/crypt.c')
-rw-r--r-- | ext/standard/crypt.c | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index a5929b172f..851e034afa 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -82,6 +82,12 @@ #define PHP_MAX_SALT_LEN 60 #endif +#if PHP_SHA512_CRYPT +#undef PHP_MAX_SALT_LEN +#define PHP_MAX_SALT_LEN 123 +#endif + + /* If the configure-time checks fail, we provide DES. * XXX: This is a hack. Fix the real problem! */ @@ -163,6 +169,7 @@ PHP_FUNCTION(crypt) php_to64(&salt[0], PHP_CRYPT_RAND, 2); salt[2] = '\0'; #endif + salt_in_len = strlen(salt); } /* Windows (win32/crypt) has a stripped down version of libxcrypt and @@ -175,7 +182,36 @@ PHP_FUNCTION(crypt) char output[MD5_HASH_MAX_LEN]; RETURN_STRING(php_md5_crypt_r(str, salt, output), 1); - } else if ( + } else if (salt[0]=='$' && salt[1]=='6' && salt[2]=='$') { + const char sha512_salt_prefix[] = "$6$"; + const char sha512_rounds_prefix[] = "rounds="; + char *output; + int needed = (sizeof(sha512_salt_prefix) - 1 + + sizeof(sha512_rounds_prefix) + 9 + 1 + + strlen(salt) + 1 + 43 + 1); + output = emalloc(needed * sizeof(char *)); + salt[salt_in_len] = '\0'; + + php_sha512_crypt_r(str, salt, output, needed); + + RETVAL_STRING(output, 1); + memset(output, 0, PHP_MAX_SALT_LEN + 1); + efree(output); + } else if (salt[0]=='$' && salt[1]=='5' && salt[2]=='$') { + const char sha256_salt_prefix[] = "$5$"; + const char sha256_rounds_prefix[] = "rounds="; + char *output; + int needed = (sizeof(sha256_salt_prefix) - 1 + + sizeof(sha256_rounds_prefix) + 9 + 1 + + strlen(salt) + 1 + 43 + 1); + output = emalloc(needed * sizeof(char *)); + salt[salt_in_len] = '\0'; + php_sha256_crypt_r(str, salt, output, needed); + + RETVAL_STRING(output, 1); + memset(output, 0, PHP_MAX_SALT_LEN + 1); + efree(output); + } else if ( salt[0] == '$' && salt[1] == '2' && salt[2] == 'a' && |