History log of /PHP-8.0/ext/standard/password.c (Results 51 – 75 of 137)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
Revision tags: php-7.1.1, php-5.6.29, php-7.0.14, php-7.1.0, php-5.6.29RC1, php-7.0.14RC1, php-7.1.0RC6, php-5.6.28, php-7.0.13, php-5.6.28RC1, php-7.1.0RC5, php-7.0.13RC1, php-7.1.0RC4, php-5.6.27, php-7.0.12, php-7.1.0RC3, php-5.6.27RC1, php-7.0.12RC1
# 1a94b24c 16-Sep-2016 Nikita Popov

Use zend_string_free instead of efree

Fingers crossed I didn't break the build.


Revision tags: php-5.6.26, php-7.1.0RC2, php-7.0.11, php-5.6.26RC1, php-7.1.0RC1, php-7.0.11RC1, php-7.1.0beta3, php-5.6.25, php-7.0.10, php-7.1.0beta2
# 0e3b3b03 05-Aug-2016 Charles R. Portwood II

Changing m_cost and t_cost to memory_cost and time_cost
- Updating tests
- Adjusting cost factors:
- memory_cost = 1 MiB
- time_cost = 2
- threads = 2


Revision tags: php-5.6.25RC1, php-7.0.10RC1
# 0d4d8eab 01-Aug-2016 Charles R. Portwood II

Removing Argon2d, changing config arg to --with-password-argon2

Argon2d is not suitable for password_hashing. To ensure best practices
within password_*, Argon2d was removed.

--

Removing Argon2d, changing config arg to --with-password-argon2

Argon2d is not suitable for password_hashing. To ensure best practices
within password_*, Argon2d was removed.

--with-argon2 implies the full feature set of Argon2, whereas this
feature only implements Argon2i within password_*. Consequently
the feature flag was renamed to --with-password-argon2

show more ...


Revision tags: php-7.1.0beta1, php-5.6.24, php-7.0.9, php-5.5.38
# ab837a6a 18-Jul-2016 Charles R. Portwood II

Fixing potential memory leak with encoded in password_hash
Using zend_string_alloc instead of char* for out and encoded
variables


# bcfccdd9 11-Jul-2016 Charles R. Portwood II

Removing argon2 library files in favor of --with-argon2[=DIR]

- Configure flag now accepts --with-argon2 for dynamic linking with
libargon2. Argon2 will be enabled in password_* only i

Removing argon2 library files in favor of --with-argon2[=DIR]

- Configure flag now accepts --with-argon2 for dynamic linking with
libargon2. Argon2 will be enabled in password_* only if this
flag is passed.
- --with-argon2 config flag allows user passed directory for linking
- Added Argon2 specific tests to ensure existing tests do not fail
when argon2 is disable

show more ...


# 1bc38184 10-Jul-2016 Charles R. Portwood II

Reverting PASSWORD_DEFAULT to PASSWORD_BCRYPT

Indicating constants as defaults
Minor coding standards change


# 0a1274f2 09-Jul-2016 Charles R. Portwood II

Adding test cases for Argon2i and Argon2d

Added Windows config.w32 changes
Updated constants in php_password.h


# c2551a74 09-Jul-2016 Charles R. Portwood II

Working implementation with password_hash, password_verify


# 3c7fb71a 08-Jul-2016 Charles R. Portwood II

Introducing Argon2 memory, time, and lanes constants

PASSWORD_ARGON2_MEMORY_COST
PASSWORD_ARGON2_TIME_COST
PASSWORD_ARGON2_LANES


# de85c2e5 08-Jul-2016 Charles R. Portwood II

Implementing password_verify and password_get_info for Argon2


Revision tags: php-5.6.24RC1, php-7.1.0alpha3, php-7.0.9RC1
# adc95c51 23-Jun-2016 Dmitry Stogov

Fixed compilation warnings


Revision tags: php-7.1.0alpha2, php-7.0.8, php-5.6.23, php-5.5.37, php-5.6.23RC1, php-7.0.8RC1, php-7.1.0alpha1, php-5.6.22, php-5.5.36, php-7.0.7, php-5.6.22RC1, php-7.0.7RC1, php-7.0.6, php-5.6.21, php-5.5.35, php-5.6.21RC1, php-7.0.6RC1, php-5.6.20, php-5.5.34, php-7.0.5
# d3ed75b9 25-Mar-2016 Nikita Popov

Remove HAVE_CRYPT checks

We always provide a crypt implementation. HAVE_CRYPT is only
relevant as to whether the crypt() C function exists.


Revision tags: php-5.6.20RC1, php-7.0.5RC1, php-5.6.19, php-5.5.33, php-7.0.4, php-5.6.19RC1, php-7.0.4RC1, php-5.6.18, php-7.0.3, php-5.5.32, php-5.6.18RC1, php-7.0.3RC1, php-5.6.17, php-5.5.31, php-7.0.2
# ef4dc158 04-Jan-2016 Julien Pauli

Moved buffer from heap to stack


# 86f48881 04-Jan-2016 Julien Pauli

Removed unecessary string dup


# 810452f6 04-Jan-2016 Julien Pauli

Moved buffer from heap to stack


# 49493a2d 01-Jan-2016 Lior Kaplan

Happy new year (Update copyright to 2016)


Revision tags: php-7.0.2RC1
# 3d3782c3 14-Dec-2015 Xinchen Hui

Unused vars


Revision tags: php-5.6.17RC1, php-7.0.1RC1, php-7.0.0, php-5.6.16, php-7.0.0RC8, php-7.0.0RC7, php-5.6.16RC1, php-5.6.15, php-7.0.0RC6, php-7.0.1
# 02e85045 18-Oct-2015 Anthony Ferrara

Refactor password_hash to use random_bytes internally to generate salts


Revision tags: php-5.6.15RC1, php-7.0.0RC5, php-5.5.30, php-5.6.14, php-7.0.0RC4, php-5.6.14RC1, php-7.0.0RC3, php-5.6.13, php-7.0.0RC2, php-5.5.29, php-5.4.45, php-5.6.13RC1, php-7.0.0RC1, php-5.6.12, php-5.5.28, php-7.0.0beta3, php-5.4.44, php-5.6.12RC1, php-7.0.0beta2, php-7.0.0beta1, php-5.6.11, php-5.5.27, php-5.4.43
# 4a2e40bb 30-Jun-2015 Dmitry Stogov

Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes).


Revision tags: php-5.6.11RC1, php-5.5.27RC1, php-7.0.0alpha2
# 5d3cf577 11-Jun-2015 Nikita Popov

Make convert_to_* safe with rc>1

This only involves switching zval_dtor to zval_ptr_dtor for arrays
and making the convert_to_object for arrays a bit more generic.

All the other

Make convert_to_* safe with rc>1

This only involves switching zval_dtor to zval_ptr_dtor for arrays
and making the convert_to_object for arrays a bit more generic.

All the other changes outside zend_operators.c just make use of
this new ability (use COPY instead of DUP).

What's still missing: Proper references handling. I've seen many
convert_to* calls that will break when a reference is used.

Also fixes bug #69788.

show more ...


Revision tags: php-5.5.26, php-7.0.0alpha1, php-5.6.10, php-5.4.42, POST_PHP7_NSAPI_REMOVAL, PRE_PHP7_NSAPI_REMOVAL, php-5.6.10RC1, php-5.5.26RC1
# ed4052f1 21-May-2015 Anthony Ferrara

Fixed bug #69686 password_verify reports back error on PHP7 will null string.

The deprecation of DES salts created a warning when trying to verify them with password_hash. This bug fix adds

Fixed bug #69686 password_verify reports back error on PHP7 will null string.

The deprecation of DES salts created a warning when trying to verify them with password_hash. This bug fix adds a quiet mode to php_crypt() which is used by password_verify.

show more ...


Revision tags: php-5.5.25, php-5.6.9, php-5.4.41, php-5.6.9RC1, php-5.5.25RC1
# 40e465e3 25-Apr-2015 Nikita Popov

Clean up some type conversions

While at it also fix some type checks in iconv and drop dead and
unported code in standard/filters.


Revision tags: php-5.6.8, php-5.5.24, php-5.4.40
# 94e222c1 09-Apr-2015 Anthony Ferrara

Deprecate password_hash salt option


Revision tags: php-5.6.8RC1, php-5.5.24RC1, php-5.6.7, php-5.5.23, php-5.4.39, php-5.6.7RC1, php-5.5.23RC1, POST_PHP7_EREG_MYSQL_REMOVALS, PRE_PHP7_EREG_MYSQL_REMOVALS, php-5.6.6, php-5.5.22, php-5.4.38, POST_PHP7_REMOVALS, PRE_PHP7_REMOVALS, php-5.6.6RC1, php-5.5.22RC1, php-5.5.21, php-5.6.5, php-5.4.37
# fc33f52d 15-Jan-2015 Xinchen Hui

bump year


# 0579e827 15-Jan-2015 Xinchen Hui

bump year


123456