}
/* }}} */
-PHPAPI int php_crypt(const char *password, const int pass_len, const char *salt, int salt_len, char **result)
+PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const char *salt, int salt_len)
{
char *crypt_res;
+ zend_string *result;
/* Windows (win32/crypt) has a stripped down version of libxcrypt and
a CryptoApi md5_crypt implementation */
#if PHP_USE_PHP_CRYPT_R
out = php_md5_crypt_r(password, salt, output);
if (out) {
- *result = estrdup(out);
- return SUCCESS;
+ return STR_INIT(out, strlen(out), 0);
}
- return FAILURE;
+ return NULL;
} else if (salt[0]=='$' && salt[1]=='6' && salt[2]=='$') {
char *output;
output = emalloc(PHP_MAX_SALT_LEN);
if (!crypt_res) {
memset(output, 0, PHP_MAX_SALT_LEN);
efree(output);
- return FAILURE;
+ return NULL;
} else {
- *result = estrdup(output);
+ result = STR_INIT(output, strlen(output), 0);
memset(output, 0, PHP_MAX_SALT_LEN);
efree(output);
- return SUCCESS;
+ return result;
}
} else if (salt[0]=='$' && salt[1]=='5' && salt[2]=='$') {
char *output;
if (!crypt_res) {
memset(output, 0, PHP_MAX_SALT_LEN);
efree(output);
- return FAILURE;
+ return NULL;
} else {
- *result = estrdup(output);
+ result = STR_INIT(output, strlen(output), 0);
memset(output, 0, PHP_MAX_SALT_LEN);
efree(output);
- return SUCCESS;
+ return result;
}
} else if (
salt[0] == '$' &&
crypt_res = php_crypt_blowfish_rn(password, salt, output, sizeof(output));
if (!crypt_res) {
memset(output, 0, PHP_MAX_SALT_LEN + 1);
- return FAILURE;
+ return NULL;
} else {
- *result = estrdup(output);
+ result = STR_INIT(output, strlen(output), 0);
memset(output, 0, PHP_MAX_SALT_LEN + 1);
- return SUCCESS;
+ return result;
}
} else {
memset(&buffer, 0, sizeof(buffer));
crypt_res = _crypt_extended_r(password, salt, &buffer);
if (!crypt_res) {
- return FAILURE;
+ return NULL;
} else {
- *result = estrdup(crypt_res);
- return SUCCESS;
+ result = STR_INIT(crypt_res, strlen(crypt_res), 0);
+ return result;
}
}
}
if (!crypt_res) {
return FAILURE;
} else {
- *result = estrdup(crypt_res);
- return SUCCESS;
+ result = STR_INIT(crypt_res, strlen(crypt_res), 0);
+ return result;
}
}
# endif
PHP_FUNCTION(crypt)
{
char salt[PHP_MAX_SALT_LEN + 1];
- char *str, *salt_in = NULL, *result = NULL;
+ char *str, *salt_in = NULL;
int str_len, salt_in_len = 0;
salt[0] = salt[PHP_MAX_SALT_LEN] = '\0';
+ zend_string *result;
/* This will produce suitable results if people depend on DES-encryption
* available (passing always 2-character salt). At least for glibc6.1 */
}
salt[salt_in_len] = '\0';
- if (php_crypt(str, str_len, salt, salt_in_len, &result) == FAILURE) {
+ if ((result = php_crypt(str, str_len, salt, salt_in_len)) == NULL) {
if (salt[0] == '*' && salt[1] == '0') {
RETURN_STRING("*1");
} else {
RETURN_STRING("*0");
}
}
-//??? RETURN_STRING(result, 0);
- RETURN_STRING(result);
+ RETURN_STR(result);
}
/* }}} */
#endif
{
int status = 0, i;
int password_len, hash_len;
- char *ret, *password, *hash;
+ char *password, *hash;
+ zend_string *ret;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &password, &password_len, &hash, &hash_len) == FAILURE) {
RETURN_FALSE;
}
- if (php_crypt(password, password_len, hash, hash_len, &ret) == FAILURE) {
+ if ((ret = php_crypt(password, password_len, hash, hash_len)) == NULL) {
RETURN_FALSE;
}
- if (strlen(ret) != hash_len || hash_len < 13) {
- efree(ret);
+ if (ret->len != hash_len || hash_len < 13) {
+ STR_FREE(ret);
RETURN_FALSE;
}
* equality check that will always check every byte of both
* values. */
for (i = 0; i < hash_len; i++) {
- status |= (ret[i] ^ hash[i]);
+ status |= (ret->val[i] ^ hash[i]);
}
- efree(ret);
+ STR_FREE(ret);
RETURN_BOOL(status == 0);
Hash a password */
PHP_FUNCTION(password_hash)
{
- char *hash_format, *hash, *salt, *password, *result;
+ char *hash_format, *hash, *salt, *password;
long algo = 0;
int password_len = 0, hash_len;
size_t salt_len = 0, required_salt_len = 0, hash_format_len;
HashTable *options = 0;
zval *option_buffer;
+ zend_string *result;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl|H", &password, &password_len, &algo, &options) == FAILURE) {
return;
/* This cast is safe, since both values are defined here in code and cannot overflow */
hash_len = (int) (hash_format_len + salt_len);
- if (php_crypt(password, password_len, hash, hash_len, &result) == FAILURE) {
+ if ((result = php_crypt(password, password_len, hash, hash_len)) == NULL) {
efree(hash);
RETURN_FALSE;
}
efree(hash);
- if (strlen(result) < 13) {
- efree(result);
+ if (result->len < 13) {
+ STR_FREE(result);
RETURN_FALSE;
}
-//??? RETURN_STRING(result, 0);
- RETURN_STRING(result);
+ RETURN_STR(result);
}
/* }}} */
projects / php / commitdiff