summaryrefslogtreecommitdiff
path: root/ext/standard/crypt.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/standard/crypt.c')
-rw-r--r--ext/standard/crypt.c88
1 files changed, 18 insertions, 70 deletions
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c
index 66b37eb79e..f2f778e764 100644
--- a/ext/standard/crypt.c
+++ b/ext/standard/crypt.c
@@ -24,7 +24,6 @@
#include <stdlib.h>
#include "php.h"
-#if HAVE_CRYPT
#if HAVE_UNISTD_H
#include <unistd.h>
@@ -55,50 +54,11 @@
#include <process.h>
#endif
-#include "php_lcg.h"
#include "php_crypt.h"
-#include "php_rand.h"
+#include "php_random.h"
-/* The capabilities of the crypt() function is determined by the test programs
- * run by configure from aclocal.m4. They will set PHP_STD_DES_CRYPT,
- * PHP_EXT_DES_CRYPT, PHP_MD5_CRYPT and PHP_BLOWFISH_CRYPT as appropriate
- * for the target platform. */
-
-#if PHP_STD_DES_CRYPT
-#define PHP_MAX_SALT_LEN 2
-#endif
-
-#if PHP_EXT_DES_CRYPT
-#undef PHP_MAX_SALT_LEN
-#define PHP_MAX_SALT_LEN 9
-#endif
-
-#if PHP_MD5_CRYPT
-#undef PHP_MAX_SALT_LEN
-#define PHP_MAX_SALT_LEN 12
-#endif
-
-#if PHP_BLOWFISH_CRYPT
-#undef PHP_MAX_SALT_LEN
-#define PHP_MAX_SALT_LEN 60
-#endif
-
-#if PHP_SHA512_CRYPT
-#undef PHP_MAX_SALT_LEN
+/* sha512 crypt has the maximal salt length of 123 characters */
#define PHP_MAX_SALT_LEN 123
-#endif
-
-
-/* If the configure-time checks fail, we provide DES.
- * XXX: This is a hack. Fix the real problem! */
-
-#ifndef PHP_MAX_SALT_LEN
-#define PHP_MAX_SALT_LEN 2
-#undef PHP_STD_DES_CRYPT
-#define PHP_STD_DES_CRYPT 1
-#endif
-
-#define PHP_CRYPT_RAND php_rand()
/* Used to check DES salts to ensure that they contain only valid characters */
#define IS_VALID_SALT_CHARACTER(c) (((c) >= '.' && (c) <= '9') || ((c) >= 'A' && (c) <= 'Z') || ((c) >= 'a' && (c) <= 'z'))
@@ -109,18 +69,12 @@
PHP_MINIT_FUNCTION(crypt) /* {{{ */
{
REGISTER_LONG_CONSTANT("CRYPT_SALT_LENGTH", PHP_MAX_SALT_LEN, CONST_CS | CONST_PERSISTENT);
- REGISTER_LONG_CONSTANT("CRYPT_STD_DES", PHP_STD_DES_CRYPT, CONST_CS | CONST_PERSISTENT);
- REGISTER_LONG_CONSTANT("CRYPT_EXT_DES", PHP_EXT_DES_CRYPT, CONST_CS | CONST_PERSISTENT);
- REGISTER_LONG_CONSTANT("CRYPT_MD5", PHP_MD5_CRYPT, CONST_CS | CONST_PERSISTENT);
- REGISTER_LONG_CONSTANT("CRYPT_BLOWFISH", PHP_BLOWFISH_CRYPT, CONST_CS | CONST_PERSISTENT);
-
-#ifdef PHP_SHA256_CRYPT
- REGISTER_LONG_CONSTANT("CRYPT_SHA256", PHP_SHA256_CRYPT, CONST_CS | CONST_PERSISTENT);
-#endif
-
-#ifdef PHP_SHA512_CRYPT
- REGISTER_LONG_CONSTANT("CRYPT_SHA512", PHP_SHA512_CRYPT, CONST_CS | CONST_PERSISTENT);
-#endif
+ REGISTER_LONG_CONSTANT("CRYPT_STD_DES", 1, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("CRYPT_EXT_DES", 1, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("CRYPT_MD5", 1, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("CRYPT_BLOWFISH", 1, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("CRYPT_SHA256", 1, CONST_CS | CONST_PERSISTENT);
+ REGISTER_LONG_CONSTANT("CRYPT_SHA512", 1, CONST_CS | CONST_PERSISTENT);
#if PHP_USE_PHP_CRYPT_R
php_init_crypt_r();
@@ -142,11 +96,11 @@ PHP_MSHUTDOWN_FUNCTION(crypt) /* {{{ */
static unsigned char itoa64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-static void php_to64(char *s, zend_long v, int n) /* {{{ */
+static void php_to64(char *s, int n) /* {{{ */
{
while (--n >= 0) {
- *s++ = itoa64[v&0x3f];
- v >>= 6;
+ *s = itoa64[*s & 0x3f];
+ s++;
}
}
/* }}} */
@@ -291,16 +245,16 @@ PHP_FUNCTION(crypt)
size_t str_len, salt_in_len = 0;
zend_string *result;
+ if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|s", &str, &str_len, &salt_in, &salt_in_len) == FAILURE) {
+ return;
+ }
+
salt[0] = salt[PHP_MAX_SALT_LEN] = '\0';
/* This will produce suitable results if people depend on DES-encryption
* available (passing always 2-character salt). At least for glibc6.1 */
memset(&salt[1], '$', PHP_MAX_SALT_LEN - 1);
- if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|s", &str, &str_len, &salt_in, &salt_in_len) == FAILURE) {
- return;
- }
-
if (salt_in) {
memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len));
} else {
@@ -309,15 +263,10 @@ PHP_FUNCTION(crypt)
/* The automatic salt generation covers standard DES, md5-crypt and Blowfish (simple) */
if (!*salt) {
-#if PHP_MD5_CRYPT
- strncpy(salt, "$1$", PHP_MAX_SALT_LEN);
- php_to64(&salt[3], PHP_CRYPT_RAND, 4);
- php_to64(&salt[7], PHP_CRYPT_RAND, 4);
+ strncpy(salt, "$1$", 3);
+ php_random_bytes_throw(&salt[3], 8);
+ php_to64(&salt[3], 8);
strncpy(&salt[11], "$", PHP_MAX_SALT_LEN - 11);
-#elif PHP_STD_DES_CRYPT
- php_to64(&salt[0], PHP_CRYPT_RAND, 2);
- salt[2] = '\0';
-#endif
salt_in_len = strlen(salt);
} else {
salt_in_len = MIN(PHP_MAX_SALT_LEN, salt_in_len);
@@ -334,7 +283,6 @@ PHP_FUNCTION(crypt)
RETURN_STR(result);
}
/* }}} */
-#endif
/*
* Local variables:
View Lorry Controller Status