Implemented Change crypt() behavior w/o salt RFC

2024-09-22 02:17:32 +00:00 · 2013-10-29 18:53:45 +09:00 · 2013-10-29 18:53:45 +09:00 · 416f8fce5c
commit 416f8fce5c
parent 3cf2682083
3 changed files with 6 additions and 0 deletions
--- a/2
+++ b/2
@ -63,6 +63,8 @@ PHP                                                                        NEWS
 - Standard:
  . Implemented FR #65634 (HTTP wrapper is very slow with protocol_version
    1.1). (Adam)
+  . Implemented Change crypt() behavior w/o salt RFC. (Yasuo)
+    https://wiki.php.net/rfc/crypt_function_salt

 - XMLReader:
  . Fixed bug #55285 (XMLReader::getAttribute/No/Ns methods inconsistency). 
--- a/ext/standard/crypt.c
+++ b/ext/standard/crypt.c
@ -272,6 +272,8 @@ PHP_FUNCTION(crypt)

 	if (salt_in) {
 		memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len));
+	} else {
+		php_error_docref(NULL TSRMLS_C, E_NOTICE, "No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash.");
 	}

 	/* The automatic salt generation covers standard DES, md5-crypt and Blowfish (simple) */
--- a/ext/standard/tests/strings/crypt.phpt
+++ b/ext/standard/tests/strings/crypt.phpt
@ -34,6 +34,8 @@ STD
 EXT
 MD5
 BLO
+
+Notice: crypt(): No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash. in %s on line %d
 string(%d) "%s"

 Warning: crypt() expects at least 1 parameter, 0 given in %s on line %d