Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:80308 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 93240 invoked from network); 9 Jan 2015 16:45:08 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 9 Jan 2015 16:45:08 -0000 Authentication-Results: pb1.pair.com smtp.mail=ircmaxell@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=ircmaxell@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.215.46 as permitted sender) X-PHP-List-Original-Sender: ircmaxell@gmail.com X-Host-Fingerprint: 209.85.215.46 mail-la0-f46.google.com Received: from [209.85.215.46] ([209.85.215.46:65428] helo=mail-la0-f46.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 2F/E6-39109-29500B45 for ; Fri, 09 Jan 2015 11:45:07 -0500 Received: by mail-la0-f46.google.com with SMTP id q1so15492287lam.5 for ; Fri, 09 Jan 2015 08:45:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=J3bULhRRyW54OTIXaE1k6bSyyyikB6QMB9XOImhOEYk=; b=nekUW9dgNuNXHXfn04npnKPkzkBA5iKJQ6sjohI5v3oRqElxIh04TAW8bckRFg+SBq BLy9Dluz3MTxdlbCixO3pBUq6FFQzG18INHZzSuZh1FsAYVR42+bBjJUSxcGu/A3Xwyp uOZQ3xbtWp4FQ4vfqv7FHW5RegVhk6QZbNnbEDhM9fCpXC7poL4r2EoucF2Wb76Heh4z vGv3QHyNL8jeQdyo/r1VzzCV0miLEpzQVTNLGvrIGt6HUYAyuQAEHrO3ID/PF8jT/LuC fetEFckygIEcwtCNnUeudZGIH9ZtHvVKsxHMzPTMIDnIDnAuSHigDrKmDhTk7sZuainj d/sA== MIME-Version: 1.0 X-Received: by 10.112.154.70 with SMTP id vm6mr22719920lbb.18.1420821904115; Fri, 09 Jan 2015 08:45:04 -0800 (PST) Received: by 10.25.1.145 with HTTP; Fri, 9 Jan 2015 08:45:04 -0800 (PST) Date: Fri, 9 Jan 2015 11:45:04 -0500 Message-ID: To: "internals@lists.php.net" Content-Type: text/plain; charset=UTF-8 Subject: Crypt Warnings (was PHP 5.5.21RC1 is ready for testing) From: ircmaxell@gmail.com (Anthony Ferrara) All, As identified in the previous thread, there is an issue when providing invalid salts to crypt() where it will silently fall back to STD_DES. This was evidenced by a fix to crypt() when upgrading blowfish to 1.3. Causing a failing test for Horde_Auth: $ php -r 'var_dump(crypt("foobar", "*0OayF9ttbxIs"));' string(13) "*0OayF9ttbxIs" With 5.4.36 / 5.5.21RC1 (with) $ php55 -r 'var_dump(crypt("foobar", "*0OayF9ttbxIs"));' string(2) "*1" The new behavior is absolutely correct due to *0 and *1 being error conditions, so any salt with *0 should immediately fail with *1 (to prevent one equaling the other). Previously it was used as a salt for STD_DES. This raises another issue though. Currently, an invalid bcrypt salt such as $2$10$... would actually result in a DES hash: string(13) "$2rcByx51ejoM" Which is completely incorrect. This not only hides errors, but it falls back to an absurdly insecure format while hiding them. It's worth noting that this case will cause HHVM to fail with *0. Changing this fallback behavior to the correct error should happen. However, this will likely break a number of live systems which are currently relying on the incorrect behavior (likely without knowing it). It's worth nothing that failing is the currently documented behavior: http://php.net/crypt Therefore, I'm suggesting we add an E_DEPRECATED error when we detect an invalid STD_DES salt but still execute the fallback: https://github.com/php/php-src/pull/989 Then in a future version (7.1, 8, whatever) remove the fallback and keep the error along with returning a failure indication (*0). I'm open to tweaking the error message, and possibly changing to E_WARNING if people think it's worth it. Thoughts? Anthony