The $Id$ keywords were used in Subversion where they can be substituted
with filename, last revision number change, last changed date, and last
user who changed it.
In Git this functionality is different and can be done with Git attribute
ident. These need to be defined manually for each file in the
.gitattributes file and are afterwards replaced with 40-character
hexadecimal blob object name which is based only on the particular file
contents.
This patch simplifies handling of $Id$ keywords by removing them since
they are not used anymore.
- m4 and Windows configure scripts now forces Argon2 reference library version >= 20161029
- Implementation tested against 20161029 and 20171227 for Argon2id support
- Updates Argon2 ext/standard/password/tests to run tests for both Argon2i and Argon2id
Apparently, `argon2_encodedlen()` also counts the terminating NUL byte;
that doesn't appear to be documented somewhere, but from looking at the
implementation[1] it is pretty obvious. Therefore, the respective
`zend_string` has to be one byte shorter.
[1] <https://github.com/P-H-C/phc-winner-argon2/blob/20161029/src/argon2.c#L431-L436>
Pull salt generation out to a helper.
Merge options/hash into single switch.
Restore php_error->php_error_docref from last diff. (Error messages matter)
libargon2 20161029 introduces the `type` parameter to the argon2_encodedlen
function that is not present in 20160821. This change ensures the Argon2
functionality introduced in RFC `argon2_password_hash` is compatible with
both versions, as the library version that package maintainers package may
differ.
Argon2d is not suitable for password_hashing. To ensure best practices
within password_*, Argon2d was removed.
--with-argon2 implies the full feature set of Argon2, whereas this
feature only implements Argon2i within password_*. Consequently
the feature flag was renamed to --with-password-argon2
- Configure flag now accepts --with-argon2 for dynamic linking with
libargon2. Argon2 will be enabled in password_* only if this
flag is passed.
- --with-argon2 config flag allows user passed directory for linking
- Added Argon2 specific tests to ensure existing tests do not fail
when argon2 is disable
This only involves switching zval_dtor to zval_ptr_dtor for arrays
and making the convert_to_object for arrays a bit more generic.
All the other changes outside zend_operators.c just make use of
this new ability (use COPY instead of DUP).
What's still missing: Proper references handling. I've seen many
convert_to* calls that will break when a reference is used.
Also fixes bug #69788.
The deprecation of DES salts created a warning when trying to verify them with password_hash. This bug fix adds a quiet mode to php_crypt() which is used by password_verify.