archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-17 14:38:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
103071 commits 526 branches 1434 tags 869 MiB
Commit graph

151 commits

Author SHA1 Message Date
Sammy Kaye Powers
1e3624290a Resolve conflict 2017-01-03 08:01:05 -06:00
Joe Watkins
0788f3ed3c
Merge branch 'pull-request/2163' 
* pull-request/2163:
  import explicit_bzero + strlc* functions update since 1999 algorithms have changed and register k/w not necessary anymore.
 2017-01-03 06:48:40 +00:00
Sammy Kaye Powers
9e29f841ce Update copyright headers to 2017 2017-01-02 09:30:12 -06:00
Sara Golemon
6f3945a9f1 Use new param API in standard 2016-12-30 12:56:21 -08:00
David Carlier
1ece764114 let s use the macro instead 2016-10-15 17:55:44 +01:00
David Carlier
2464dbd5f3 import explicit_bzero + strlc* functions update 
since 1999 algorithms have changed and register k/w
not necessary anymore.
 2016-10-15 14:53:38 +01:00
Anatol Belski
435048935e Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Bug #73058 crypt broken when salt is 'too' long
 2016-09-10 02:49:30 +02:00
Anatol Belski
e539ea439b Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Bug #73058 crypt broken when salt is 'too' long
 2016-09-10 02:44:21 +02:00
Anatol Belski
669fda00b7 Bug #73058 crypt broken when salt is 'too' long 2016-09-10 02:39:28 +02:00
Anatol Belski
22a825db85 Merge branch 'PHP-7.0' into PHP-7.1 
* PHP-7.0:
  Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify
 2016-08-29 20:34:44 +02:00
Anatol Belski
946335ba70 Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify
 2016-08-29 20:32:55 +02:00
Anatol Belski
295303b590 Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify 2016-08-29 20:25:34 +02:00
Xinchen Hui
82ba5b59d9 Fixed warning: "operation on ‘s’ may be undefined" 2016-08-02 20:28:42 +08:00
Leigh
be3640150c Fix crypt salt not being converted to b64 2016-07-07 15:32:38 +01:00
Leigh
b21de28bb7 Fix some insecure usages of php_rand 2016-07-05 16:02:34 +01:00
Nikita Popov
d3ed75b9eb Remove HAVE_CRYPT checks 
We always provide a crypt implementation. HAVE_CRYPT is only
relevant as to whether the crypt() C function exists.
 2016-03-25 21:09:47 +01:00
Nikita Popov
786effaff6 Remove PHP_*_CRYPT constants 
They are always 1.
 2016-03-25 20:48:34 +01:00
Nikita Popov
bd90f5507f Merge branch 'PHP-5.6' into PHP-7.0 
Conflicts:
	ext/standard/crypt.c
 2016-03-25 20:23:04 +01:00
Nikita Popov
54da966883 Fixed bug #67512 2016-03-25 20:18:46 +01:00
Lior Kaplan
ed35de784f Merge branch 'PHP-5.6' into PHP-7.0 
* PHP-5.6:
  Happy new year (Update copyright to 2016)
 2016-01-01 19:48:25 +02:00
Lior Kaplan
49493a2dcf Happy new year (Update copyright to 2016) 2016-01-01 19:21:47 +02:00
Anthony Ferrara
ed4052f1d5 Fixed bug #69686 password_verify reports back error on PHP7 will null string. 
The deprecation of DES salts created a warning when trying to verify them with password_hash. This bug fix adds a quiet mode to php_crypt() which is used by password_verify.
 2015-05-21 17:12:51 -04:00
Stanislav Malyshev
c408c80886 Merge branch 'pull-request/989' 
* pull-request/989:
  Fix a few tests and remove error/warning for *0
  Fix spaces -> tabs
  Add deprecated notice to invalid DES salts.
 2015-01-31 22:04:39 -08:00
Xinchen Hui
fc33f52d8c bump year 2015-01-15 23:27:30 +08:00
Xinchen Hui
0579e8278d bump year 2015-01-15 23:26:37 +08:00
Anthony Ferrara
4a2fe3d0ab Fix a few tests and remove error/warning for *0 2015-01-13 11:49:09 -05:00
Stanislav Malyshev
b7a7b1a624 trailing whitespace removal 2015-01-10 15:07:38 -08:00
Anthony Ferrara
9cc9887224 Fix spaces -> tabs 2015-01-09 11:23:06 -05:00
Anthony Ferrara
462fef794f Add deprecated notice to invalid DES salts. 
This will cause an error in the case where invalid salts are provided for other algorithms. Currently, these invalid salts will silently fall back to STD_DES which is extremely weak. By detecting invalid DES salts, we can alert the user that there is a bug in their code.

The error is currently E_DEPRECATED as this has potential to break currently working (yet insecure) code. In the future it should be changed to an E_WARNING and return *0
 2015-01-09 11:18:33 -05:00
Anatol Belski
bdeb220f48 first shot remove TSRMLS_* things 2014-12-13 23:06:14 +01:00
Stanislav Malyshev
bfc8d297be Merge branch 'PHP-5.6' 
* PHP-5.6:
  update news
  update news
  update NEWS
  Apply error-code-salt fix to Windows too
  Bug fixes in light of failing bcrypt tests
  Add tests from 1.3. Add missing tests.
  Upgrade crypt_blowfish to version 1.3
  Apply error-code-salt fix to Windows too
  Bug fixes in light of failing bcrypt tests
  Add tests from 1.3. Add missing tests.
  Upgrade crypt_blowfish to version 1.3

Conflicts:
	ext/standard/crypt.c
 2014-11-30 21:47:40 -08:00
Stanislav Malyshev
720ba67948 Merge branch 'PHP-5.5' into PHP-5.6 
* PHP-5.5:
  update news
  update news
  update NEWS
  Apply error-code-salt fix to Windows too
  Bug fixes in light of failing bcrypt tests
  Add tests from 1.3. Add missing tests.
  Upgrade crypt_blowfish to version 1.3
  Apply error-code-salt fix to Windows too
  Bug fixes in light of failing bcrypt tests
  Add tests from 1.3. Add missing tests.
  Upgrade crypt_blowfish to version 1.3
 2014-11-30 21:39:49 -08:00
Anatol Belski
f58edcd996 fix datatype warnings 2014-10-22 17:56:28 +02:00
Leigh
f66013df94 Apply error-code-salt fix to Windows too 2014-10-07 13:12:38 +01:00
Leigh
4e8c876120 Bug fixes in light of failing bcrypt tests 2014-10-07 12:27:57 +01:00
Johannes Schlüter
d0cb715373 s/PHP 5/PHP 7/ 2014-09-19 18:33:14 +02:00
Anatol Belski
c45f4f5461 generalized the case with secure memory zeroing 2014-09-19 01:46:14 +02:00
Anatol Belski
2b77a57d88 zero sensitive data more secure way 2014-09-19 00:06:34 +02:00
Anatol Belski
3234480827 first show to make 's' work with size_t 2014-08-27 20:49:31 +02:00
Anatol Belski
c3e3c98ec6 master renames phase 1 2014-08-25 19:24:55 +02:00
Anatol Belski
745a71be33 yet more fixes to zpp 2014-08-20 14:46:14 +02:00
Anatol Belski
cb25136f4e fix macros in the 5 basic extensions 2014-08-16 11:37:14 +02:00
Dmitry Stogov
b4c2bd2277 Fixed compilation on Windows 2014-07-15 15:50:42 +04:00
Xinchen Hui
2ed1f00869 Refactor php_crypt to returning zend_string 2014-02-25 12:46:51 +08:00
Dmitry Stogov
40e053e7f3 Use better data structures (incomplete) 2014-02-13 17:54:23 +04:00
Xinchen Hui
c081ce628f Bump year 2014-01-03 11:08:10 +08:00
Xinchen Hui
47c9027772 Bump year 2014-01-03 11:06:16 +08:00
Nikita Popov
82eca388d2 Fix ZTS build 2013-10-29 20:01:37 +01:00
Yasuo Ohgaki
416f8fce5c Implemented Change crypt() behavior w/o salt RFC 2013-10-29 18:53:45 +09:00
Xinchen Hui
a666285bc2 Happy New Year 2013-01-01 16:37:09 +08:00