diff options
Diffstat (limited to 'ext/standard/password.c')
-rw-r--r-- | ext/standard/password.c | 79 |
1 files changed, 6 insertions, 73 deletions
diff --git a/ext/standard/password.c b/ext/standard/password.c index 3f1ff6dd55..093df4fc06 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -52,19 +52,6 @@ void php_password_algo_unregister(const char *ident) { zend_hash_str_del(&php_password_algos, ident, strlen(ident)); } -static int php_password_salt_is_alphabet(const char *str, const size_t len) /* {{{ */ -{ - size_t i = 0; - - for (i = 0; i < len; i++) { - if (!((str[i] >= 'A' && str[i] <= 'Z') || (str[i] >= 'a' && str[i] <= 'z') || (str[i] >= '0' && str[i] <= '9') || str[i] == '.' || str[i] == '/')) { - return FAILURE; - } - } - return SUCCESS; -} -/* }}} */ - static int php_password_salt_to64(const char *str, const size_t str_len, const size_t out_len, char *ret) /* {{{ */ { size_t pos = 0; @@ -123,65 +110,11 @@ static zend_string* php_password_make_salt(size_t length) /* {{{ */ /* }}} */ static zend_string* php_password_get_salt(zval *unused_, size_t required_salt_len, HashTable *options) { - zend_string *buffer; - zval *option_buffer; - - if (!options || !(option_buffer = zend_hash_str_find(options, "salt", sizeof("salt") - 1))) { - return php_password_make_salt(required_salt_len); - } - - php_error_docref(NULL, E_DEPRECATED, "Use of the 'salt' option to password_hash is deprecated"); - - switch (Z_TYPE_P(option_buffer)) { - case IS_STRING: - buffer = zend_string_copy(Z_STR_P(option_buffer)); - break; - case IS_LONG: - case IS_DOUBLE: - case IS_OBJECT: - buffer = zval_get_string(option_buffer); - break; - case IS_FALSE: - case IS_TRUE: - case IS_NULL: - case IS_RESOURCE: - case IS_ARRAY: - default: - php_error_docref(NULL, E_WARNING, "Non-string salt parameter supplied"); - return NULL; - } - - /* XXX all the crypt related APIs work with int for string length. - That should be revised for size_t and then we maybe don't require - the > INT_MAX check. */ - if (ZEND_SIZE_T_INT_OVFL(ZSTR_LEN(buffer))) { - php_error_docref(NULL, E_WARNING, "Supplied salt is too long"); - zend_string_release_ex(buffer, 0); - return NULL; - } - - if (ZSTR_LEN(buffer) < required_salt_len) { - php_error_docref(NULL, E_WARNING, "Provided salt is too short: %zd expecting %zd", ZSTR_LEN(buffer), required_salt_len); - zend_string_release_ex(buffer, 0); - return NULL; + if (options && zend_hash_str_exists(options, "salt", sizeof("salt") - 1)) { + php_error_docref(NULL, E_WARNING, "The 'salt' option is no longer supported. The provided salt has been been ignored"); } - if (php_password_salt_is_alphabet(ZSTR_VAL(buffer), ZSTR_LEN(buffer)) == FAILURE) { - zend_string *salt = zend_string_alloc(required_salt_len, 0); - if (php_password_salt_to64(ZSTR_VAL(buffer), ZSTR_LEN(buffer), required_salt_len, ZSTR_VAL(salt)) == FAILURE) { - php_error_docref(NULL, E_WARNING, "Provided salt is too short: %zd", ZSTR_LEN(buffer)); - zend_string_release_ex(salt, 0); - zend_string_release_ex(buffer, 0); - return NULL; - } - zend_string_release_ex(buffer, 0); - return salt; - } else { - zend_string *salt = zend_string_alloc(required_salt_len, 0); - memcpy(ZSTR_VAL(salt), ZSTR_VAL(buffer), required_salt_len); - zend_string_release_ex(buffer, 0); - return salt; - } + return php_password_make_salt(required_salt_len); } /* bcrypt implementation */ @@ -612,7 +545,7 @@ const php_password_algo* php_password_algo_identify_ex(const zend_string* hash, return (!algo || (algo->valid && !algo->valid(hash))) ? default_algo : algo; } -/* {{{ proto array password_get_info(string $hash) +/* {{{ proto array|null password_get_info(string $hash) Retrieves information about a given hash */ PHP_FUNCTION(password_get_info) { @@ -695,14 +628,14 @@ PHP_FUNCTION(password_verify) ZEND_PARSE_PARAMETERS_START(2, 2) Z_PARAM_STR(password) Z_PARAM_STR(hash) - ZEND_PARSE_PARAMETERS_END_EX(RETURN_FALSE); + ZEND_PARSE_PARAMETERS_END(); algo = php_password_algo_identify(hash); RETURN_BOOL(algo && (!algo->verify || algo->verify(password, hash))); } /* }}} */ -/* {{{ proto string password_hash(string password, mixed algo[, array options = array()]) +/* {{{ proto string|null password_hash(string password, mixed algo[, array options = array()]) Hash a password */ PHP_FUNCTION(password_hash) { |