$ctx = stream_context_create(['http' => ['protocol_version' => '1.0']]);
echo file_get_contents('http://example.org', false, $ctx);
+ . Calling crypt() without an explicit salt is no longer supported. If you
+ would like to produce a strong hash with an auto-generated salt, use
+ password_hash() instead.
- Sysvmsg:
. msg_get_queue() will now return an SysvMessageQueue object rather than a
/* This is a generated file, edit the .stub.php file instead.
- * Stub hash: 010a6e0dee6d5e419e66eeefadd4dfabbbddfaca */
+ * Stub hash: 28da5d6df91403aad82b5872453053dc41076a6a */
ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_set_time_limit, 0, 1, _IS_BOOL, 0)
ZEND_ARG_TYPE_INFO(0, seconds, IS_LONG, 0)
ZEND_ARG_TYPE_INFO(0, str, IS_STRING, 0)
ZEND_END_ARG_INFO()
-ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_crypt, 0, 1, IS_STRING, 0)
+ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_crypt, 0, 2, IS_STRING, 0)
ZEND_ARG_TYPE_INFO(0, str, IS_STRING, 0)
ZEND_ARG_TYPE_INFO(0, salt, IS_STRING, 0)
ZEND_END_ARG_INFO()
}
/* }}} */
-static unsigned char itoa64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
-/* Encode a string of bytes as Base64 */
-static void php_to64(char *s, int n) /* {{{ */
-{
- while (--n >= 0) {
- *s = itoa64[*s & 0x3f];
- s++;
- }
-}
-/* }}} */
-
PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const char *salt, int salt_len, zend_bool quiet)
{
char *crypt_res;
size_t str_len, salt_in_len = 0;
zend_string *result;
- ZEND_PARSE_PARAMETERS_START(1, 2)
+ ZEND_PARSE_PARAMETERS_START(2, 2)
Z_PARAM_STRING(str, str_len)
- Z_PARAM_OPTIONAL
Z_PARAM_STRING(salt_in, salt_in_len)
ZEND_PARSE_PARAMETERS_END();
/* This will produce suitable results if people depend on DES-encryption
* available (passing always 2-character salt). At least for glibc6.1 */
memset(&salt[1], '$', PHP_MAX_SALT_LEN - 1);
+ memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len));
- if (salt_in) {
- memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len));
- } else {
- php_error_docref(NULL, E_NOTICE, "No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash.");
- }
-
- /* The automatic salt generation covers standard DES, md5-crypt and Blowfish (simple) */
- if (!*salt) {
- memcpy(salt, "$1$", 3);
- php_random_bytes_throw(&salt[3], 8);
- php_to64(&salt[3], 8);
- strncpy(&salt[11], "$", PHP_MAX_SALT_LEN - 11);
- salt_in_len = strlen(salt);
- } else {
- salt_in_len = MIN(PHP_MAX_SALT_LEN, salt_in_len);
- }
+ salt_in_len = MIN(PHP_MAX_SALT_LEN, salt_in_len);
salt[salt_in_len] = '\0';
if ((result = php_crypt(str, (int)str_len, salt, (int)salt_in_len, 0)) == NULL) {
echo (CRYPT_MD5) ? ((crypt($str, $salt3) === $res_3) ? 'MD5' : 'MD5 - ERROR') : 'MD5', "\n";
echo (CRYPT_BLOWFISH) ? ((crypt($str, $salt4) === $res_4) ? 'BLO' : 'BLO - ERROR') : 'BLO', "\n";
-var_dump(crypt($str));
+try {
+ var_dump(crypt($str));
+} catch (ArgumentCountError $e) {
+ echo $e->getMessage(), "\n";
+}
?>
---EXPECTF--
+--EXPECT--
STD
EXT
MD5
BLO
-
-Notice: crypt(): No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash. in %s on line %d
-string(%d) "%s"
+crypt() expects exactly 2 parameters, 1 given
projects / php / commitdiff