| #
2464dbd5 |
| 15-Oct-2016 |
David Carlier |
import explicit_bzero + strlc* functions update
since 1999 algorithms have changed and register k/w
not necessary anymore. |
|
Revision tags: php-5.6.27, php-7.0.12, php-7.1.0RC3, php-5.6.27RC1, php-7.0.12RC1, php-5.6.26, php-7.1.0RC2, php-7.0.11 |
|
| #
43504893 |
| 10-Sep-2016 |
Anatol Belski |
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Bug #73058 crypt broken when salt is 'too' long
|
| #
e539ea43 |
| 10-Sep-2016 |
Anatol Belski |
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Bug #73058 crypt broken when salt is 'too' long
|
| #
669fda00 |
| 10-Sep-2016 |
Anatol Belski |
Bug #73058 crypt broken when salt is 'too' long |
|
Revision tags: php-5.6.26RC1, php-7.1.0RC1, php-7.0.11RC1 |
|
| #
22a825db |
| 29-Aug-2016 |
Anatol Belski |
Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify
|
| #
946335ba |
| 29-Aug-2016 |
Anatol Belski |
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify
|
| #
295303b5 |
| 29-Aug-2016 |
Anatol Belski |
Fixed bug #72703 Out of bounds global memory read in BF_crypt triggered by password_verify |
|
Revision tags: php-7.1.0beta3, php-5.6.25, php-7.0.10, php-7.1.0beta2, php-5.6.25RC1, php-7.0.10RC1 |
|
| #
82ba5b59 |
| 02-Aug-2016 |
Xinchen Hui |
Fixed warning: "operation on ‘s’ may be undefined" |
|
Revision tags: php-7.1.0beta1, php-5.6.24, php-7.0.9, php-5.5.38 |
|
| #
be364015 |
| 07-Jul-2016 |
Leigh |
Fix crypt salt not being converted to b64 |
|
Revision tags: php-5.6.24RC1, php-7.1.0alpha3 |
|
| #
b21de28b |
| 05-Jul-2016 |
Leigh |
Fix some insecure usages of php_rand |
|
Revision tags: php-7.0.9RC1, php-7.1.0alpha2, php-7.0.8, php-5.6.23, php-5.5.37, php-5.6.23RC1, php-7.0.8RC1, php-7.1.0alpha1, php-5.6.22, php-5.5.36, php-7.0.7, php-5.6.22RC1, php-7.0.7RC1, php-7.0.6, php-5.6.21, php-5.5.35, php-5.6.21RC1, php-7.0.6RC1, php-5.6.20, php-5.5.34, php-7.0.5 |
|
| #
d3ed75b9 |
| 25-Mar-2016 |
Nikita Popov |
Remove HAVE_CRYPT checks
We always provide a crypt implementation. HAVE_CRYPT is only
relevant as to whether the crypt() C function exists. |
| #
786effaf |
| 25-Mar-2016 |
Nikita Popov |
Remove PHP_*_CRYPT constants
They are always 1. |
| #
bd90f550 |
| 25-Mar-2016 |
Nikita Popov |
Merge branch 'PHP-5.6' into PHP-7.0
Conflicts:
ext/standard/crypt.c
|
| #
54da9668 |
| 25-Mar-2016 |
Nikita Popov |
Fixed bug #67512 |
|
Revision tags: php-5.6.20RC1, php-7.0.5RC1, php-5.6.19, php-5.5.33, php-7.0.4, php-5.6.19RC1, php-7.0.4RC1, php-5.6.18, php-7.0.3, php-5.5.32, php-5.6.18RC1, php-7.0.3RC1, php-5.6.17, php-5.5.31, php-7.0.2 |
|
| #
ed35de78 |
| 01-Jan-2016 |
Lior Kaplan |
Merge branch 'PHP-5.6' into PHP-7.0
* PHP-5.6:
Happy new year (Update copyright to 2016)
|
| #
49493a2d |
| 01-Jan-2016 |
Lior Kaplan |
Happy new year (Update copyright to 2016) |
|
Revision tags: php-7.0.2RC1, php-5.6.17RC1, php-7.0.1RC1, php-7.0.0, php-5.6.16, php-7.0.0RC8, php-7.0.0RC7, php-5.6.16RC1, php-5.6.15, php-7.0.0RC6, php-7.0.1, php-5.6.15RC1, php-7.0.0RC5, php-5.5.30, php-5.6.14, php-7.0.0RC4, php-5.6.14RC1, php-7.0.0RC3, php-5.6.13, php-7.0.0RC2, php-5.5.29, php-5.4.45, php-5.6.13RC1, php-7.0.0RC1, php-5.6.12, php-5.5.28, php-7.0.0beta3, php-5.4.44, php-5.6.12RC1, php-7.0.0beta2, php-7.0.0beta1, php-5.6.11, php-5.5.27, php-5.4.43, php-5.6.11RC1, php-5.5.27RC1, php-7.0.0alpha2, php-5.5.26, php-7.0.0alpha1, php-5.6.10, php-5.4.42, POST_PHP7_NSAPI_REMOVAL, PRE_PHP7_NSAPI_REMOVAL, php-5.6.10RC1, php-5.5.26RC1 |
|
| #
ed4052f1 |
| 21-May-2015 |
Anthony Ferrara |
Fixed bug #69686 password_verify reports back error on PHP7 will null string.
The deprecation of DES salts created a warning when trying to verify them with password_hash. This bug fix adds
Fixed bug #69686 password_verify reports back error on PHP7 will null string.
The deprecation of DES salts created a warning when trying to verify them with password_hash. This bug fix adds a quiet mode to php_crypt() which is used by password_verify.
show more ...
|
|
Revision tags: php-5.5.25, php-5.6.9, php-5.4.41, php-5.6.9RC1, php-5.5.25RC1, php-5.6.8, php-5.5.24, php-5.4.40, php-5.6.8RC1, php-5.5.24RC1, php-5.6.7, php-5.5.23, php-5.4.39, php-5.6.7RC1, php-5.5.23RC1, POST_PHP7_EREG_MYSQL_REMOVALS, PRE_PHP7_EREG_MYSQL_REMOVALS, php-5.6.6, php-5.5.22, php-5.4.38, POST_PHP7_REMOVALS, PRE_PHP7_REMOVALS, php-5.6.6RC1, php-5.5.22RC1 |
|
| #
c408c808 |
| 01-Feb-2015 |
Stanislav Malyshev |
Merge branch 'pull-request/989'
* pull-request/989:
Fix a few tests and remove error/warning for *0
Fix spaces -> tabs
Add deprecated notice to invalid DES salts.
|
|
Revision tags: php-5.5.21, php-5.6.5, php-5.4.37 |
|
| #
fc33f52d |
| 15-Jan-2015 |
Xinchen Hui |
bump year |
| #
0579e827 |
| 15-Jan-2015 |
Xinchen Hui |
bump year |
| #
4a2fe3d0 |
| 13-Jan-2015 |
Anthony Ferrara |
Fix a few tests and remove error/warning for *0 |
|
Revision tags: php-5.5.21RC1, php-5.6.5RC1 |
|
| #
b7a7b1a6 |
| 03-Jan-2015 |
Stanislav Malyshev |
trailing whitespace removal |
| #
9cc98872 |
| 09-Jan-2015 |
Anthony Ferrara |
Fix spaces -> tabs |
| #
462fef79 |
| 09-Jan-2015 |
Anthony Ferrara |
Add deprecated notice to invalid DES salts.
This will cause an error in the case where invalid salts are provided for other algorithms. Currently, these invalid salts will silently fall back
Add deprecated notice to invalid DES salts.
This will cause an error in the case where invalid salts are provided for other algorithms. Currently, these invalid salts will silently fall back to STD_DES which is extremely weak. By detecting invalid DES salts, we can alert the user that there is a bug in their code.
The error is currently E_DEPRECATED as this has potential to break currently working (yet insecure) code. In the future it should be changed to an E_WARNING and return *0
show more ...
|
|
Revision tags: POST_NATIVE_TLS_MERGE, PRE_NATIVE_TLS_MERGE, php-5.5.20, php-5.4.36, php-5.6.4 |
|
| #
bdeb220f |
| 13-Dec-2014 |
Anatol Belski |
first shot remove TSRMLS_* things |
