Revision tags: php-7.1.1, php-5.6.29, php-7.0.14, php-7.1.0, php-5.6.29RC1, php-7.0.14RC1, php-7.1.0RC6, php-5.6.28, php-7.0.13, php-5.6.28RC1, php-7.1.0RC5, php-7.0.13RC1, php-7.1.0RC4, php-5.6.27, php-7.0.12, php-7.1.0RC3, php-5.6.27RC1, php-7.0.12RC1 |
|
#
1a94b24c |
| 16-Sep-2016 |
Nikita Popov |
Use zend_string_free instead of efree Fingers crossed I didn't break the build.
|
Revision tags: php-5.6.26, php-7.1.0RC2, php-7.0.11, php-5.6.26RC1, php-7.1.0RC1, php-7.0.11RC1, php-7.1.0beta3, php-5.6.25, php-7.0.10, php-7.1.0beta2 |
|
#
0e3b3b03 |
| 05-Aug-2016 |
Charles R. Portwood II |
Changing m_cost and t_cost to memory_cost and time_cost - Updating tests - Adjusting cost factors: - memory_cost = 1 MiB - time_cost = 2 - threads = 2
|
Revision tags: php-5.6.25RC1, php-7.0.10RC1 |
|
#
0d4d8eab |
| 01-Aug-2016 |
Charles R. Portwood II |
Removing Argon2d, changing config arg to --with-password-argon2 Argon2d is not suitable for password_hashing. To ensure best practices within password_*, Argon2d was removed. --
Removing Argon2d, changing config arg to --with-password-argon2 Argon2d is not suitable for password_hashing. To ensure best practices within password_*, Argon2d was removed. --with-argon2 implies the full feature set of Argon2, whereas this feature only implements Argon2i within password_*. Consequently the feature flag was renamed to --with-password-argon2
show more ...
|
Revision tags: php-7.1.0beta1, php-5.6.24, php-7.0.9, php-5.5.38 |
|
#
ab837a6a |
| 18-Jul-2016 |
Charles R. Portwood II |
Fixing potential memory leak with encoded in password_hash Using zend_string_alloc instead of char* for out and encoded variables
|
#
bcfccdd9 |
| 11-Jul-2016 |
Charles R. Portwood II |
Removing argon2 library files in favor of --with-argon2[=DIR] - Configure flag now accepts --with-argon2 for dynamic linking with libargon2. Argon2 will be enabled in password_* only i
Removing argon2 library files in favor of --with-argon2[=DIR] - Configure flag now accepts --with-argon2 for dynamic linking with libargon2. Argon2 will be enabled in password_* only if this flag is passed. - --with-argon2 config flag allows user passed directory for linking - Added Argon2 specific tests to ensure existing tests do not fail when argon2 is disable
show more ...
|
#
1bc38184 |
| 10-Jul-2016 |
Charles R. Portwood II |
Reverting PASSWORD_DEFAULT to PASSWORD_BCRYPT Indicating constants as defaults Minor coding standards change
|
#
0a1274f2 |
| 09-Jul-2016 |
Charles R. Portwood II |
Adding test cases for Argon2i and Argon2d Added Windows config.w32 changes Updated constants in php_password.h
|
#
c2551a74 |
| 09-Jul-2016 |
Charles R. Portwood II |
Working implementation with password_hash, password_verify
|
#
3c7fb71a |
| 08-Jul-2016 |
Charles R. Portwood II |
Introducing Argon2 memory, time, and lanes constants PASSWORD_ARGON2_MEMORY_COST PASSWORD_ARGON2_TIME_COST PASSWORD_ARGON2_LANES
|
#
de85c2e5 |
| 08-Jul-2016 |
Charles R. Portwood II |
Implementing password_verify and password_get_info for Argon2
|
Revision tags: php-5.6.24RC1, php-7.1.0alpha3, php-7.0.9RC1 |
|
#
adc95c51 |
| 23-Jun-2016 |
Dmitry Stogov |
Fixed compilation warnings
|
Revision tags: php-7.1.0alpha2, php-7.0.8, php-5.6.23, php-5.5.37, php-5.6.23RC1, php-7.0.8RC1, php-7.1.0alpha1, php-5.6.22, php-5.5.36, php-7.0.7, php-5.6.22RC1, php-7.0.7RC1, php-7.0.6, php-5.6.21, php-5.5.35, php-5.6.21RC1, php-7.0.6RC1, php-5.6.20, php-5.5.34, php-7.0.5 |
|
#
d3ed75b9 |
| 25-Mar-2016 |
Nikita Popov |
Remove HAVE_CRYPT checks We always provide a crypt implementation. HAVE_CRYPT is only relevant as to whether the crypt() C function exists.
|
Revision tags: php-5.6.20RC1, php-7.0.5RC1, php-5.6.19, php-5.5.33, php-7.0.4, php-5.6.19RC1, php-7.0.4RC1, php-5.6.18, php-7.0.3, php-5.5.32, php-5.6.18RC1, php-7.0.3RC1, php-5.6.17, php-5.5.31, php-7.0.2 |
|
#
ef4dc158 |
| 04-Jan-2016 |
Julien Pauli |
Moved buffer from heap to stack
|
#
86f48881 |
| 04-Jan-2016 |
Julien Pauli |
Removed unecessary string dup
|
#
810452f6 |
| 04-Jan-2016 |
Julien Pauli |
Moved buffer from heap to stack
|
#
49493a2d |
| 01-Jan-2016 |
Lior Kaplan |
Happy new year (Update copyright to 2016)
|
Revision tags: php-7.0.2RC1 |
|
#
3d3782c3 |
| 14-Dec-2015 |
Xinchen Hui |
Unused vars
|
Revision tags: php-5.6.17RC1, php-7.0.1RC1, php-7.0.0, php-5.6.16, php-7.0.0RC8, php-7.0.0RC7, php-5.6.16RC1, php-5.6.15, php-7.0.0RC6, php-7.0.1 |
|
#
02e85045 |
| 18-Oct-2015 |
Anthony Ferrara |
Refactor password_hash to use random_bytes internally to generate salts
|
Revision tags: php-5.6.15RC1, php-7.0.0RC5, php-5.5.30, php-5.6.14, php-7.0.0RC4, php-5.6.14RC1, php-7.0.0RC3, php-5.6.13, php-7.0.0RC2, php-5.5.29, php-5.4.45, php-5.6.13RC1, php-7.0.0RC1, php-5.6.12, php-5.5.28, php-7.0.0beta3, php-5.4.44, php-5.6.12RC1, php-7.0.0beta2, php-7.0.0beta1, php-5.6.11, php-5.5.27, php-5.4.43 |
|
#
4a2e40bb |
| 30-Jun-2015 |
Dmitry Stogov |
Use ZSTR_ API to access zend_string elements (this is just renaming without semantick changes).
|
Revision tags: php-5.6.11RC1, php-5.5.27RC1, php-7.0.0alpha2 |
|
#
5d3cf577 |
| 11-Jun-2015 |
Nikita Popov |
Make convert_to_* safe with rc>1 This only involves switching zval_dtor to zval_ptr_dtor for arrays and making the convert_to_object for arrays a bit more generic. All the other
Make convert_to_* safe with rc>1 This only involves switching zval_dtor to zval_ptr_dtor for arrays and making the convert_to_object for arrays a bit more generic. All the other changes outside zend_operators.c just make use of this new ability (use COPY instead of DUP). What's still missing: Proper references handling. I've seen many convert_to* calls that will break when a reference is used. Also fixes bug #69788.
show more ...
|
Revision tags: php-5.5.26, php-7.0.0alpha1, php-5.6.10, php-5.4.42, POST_PHP7_NSAPI_REMOVAL, PRE_PHP7_NSAPI_REMOVAL, php-5.6.10RC1, php-5.5.26RC1 |
|
#
ed4052f1 |
| 21-May-2015 |
Anthony Ferrara |
Fixed bug #69686 password_verify reports back error on PHP7 will null string. The deprecation of DES salts created a warning when trying to verify them with password_hash. This bug fix adds
Fixed bug #69686 password_verify reports back error on PHP7 will null string. The deprecation of DES salts created a warning when trying to verify them with password_hash. This bug fix adds a quiet mode to php_crypt() which is used by password_verify.
show more ...
|
Revision tags: php-5.5.25, php-5.6.9, php-5.4.41, php-5.6.9RC1, php-5.5.25RC1 |
|
#
40e465e3 |
| 25-Apr-2015 |
Nikita Popov |
Clean up some type conversions While at it also fix some type checks in iconv and drop dead and unported code in standard/filters.
|
Revision tags: php-5.6.8, php-5.5.24, php-5.4.40 |
|
#
94e222c1 |
| 09-Apr-2015 |
Anthony Ferrara |
Deprecate password_hash salt option
|
Revision tags: php-5.6.8RC1, php-5.5.24RC1, php-5.6.7, php-5.5.23, php-5.4.39, php-5.6.7RC1, php-5.5.23RC1, POST_PHP7_EREG_MYSQL_REMOVALS, PRE_PHP7_EREG_MYSQL_REMOVALS, php-5.6.6, php-5.5.22, php-5.4.38, POST_PHP7_REMOVALS, PRE_PHP7_REMOVALS, php-5.6.6RC1, php-5.5.22RC1, php-5.5.21, php-5.6.5, php-5.4.37 |
|
#
fc33f52d |
| 15-Jan-2015 |
Xinchen Hui |
bump year
|
#
0579e827 |
| 15-Jan-2015 |
Xinchen Hui |
bump year
|