Edit report at http://bugs.php.net/bug.php?id=54721&edit=1
ID: 54721 Updated by: tony2...@php.net Reported by: os at irj dot ru Summary: crypt function Status: Assigned Type: Bug Package: *Encryption and hash functions Operating System: Windows 7 x64 PHP Version: 5.3.6 Assigned To: pajoye Block user comment: N Private report: N New Comment: Pierre, could you test the proposed fix, please? Thanks in advance. Previous Comments: ------------------------------------------------------------------------ [2011-05-16 17:18:12] paj...@php.net Please note that as this code may or should produce similar results on all platforms or builds, it is not correct. MD5 salt is max. 12 characters as described in the manual and how the extra characters are treated are implementation specific. Use blowfish or other stronger algorithm if you like to use a bigger salt. ------------------------------------------------------------------------ [2011-05-16 16:46:03] paj...@php.net Confirmed. Seems to be only happening in the TS API. ------------------------------------------------------------------------ [2011-05-13 06:16:20] os at irj dot ru At Windows XP Expected result: $1$dW0.is5.$em49ePD07X75OTvpVod410 Actual result: C:\tmp>php test.php $1$dW0.is5.$UW7SlpXxFDXZ9zHcYQy.l/ C:\tmp>php test.php $1$dW0.is5.$RS2jtU/Pp9KpSl.upfU3B. C:\tmp>php test.php $1$dW0.is5.$RS2jtU/Pp9KpSl.upfU3B. C:\tmp>php test.php $1$dW0.is5.$RS2jtU/Pp9KpSl.upfU3B. C:\tmp>php test.php C:\tmp>php -v PHP 5.3.6 (cli) (built: Mar 17 2011 10:37:07) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies ------------------------------------------------------------------------ [2011-05-13 06:06:23] os at irj dot ru >From download page I downloaded VC9 x86 Thread Safe (2011-Mar-22 13:27:32) as ZIP arhive, unzip it and run test script at office using cli interface on Microsoft Windows 7 x86, bug too. Expected result: $1$dW0.is5.$em49ePD07X75OTvpVod410 Actual result: D:\tmp>php test.php <pre> $1$dW0.is5.$EkFno5M.sWHzVKG.KcE4g. D:\tmp>php test.php <pre> $1$dW0.is5.$C08LtG..f5qYCBEqaEaeV. D:\tmp>php test.php <pre> $1$dW0.is5.$U.zA4AF2/AvLMpxAdd57x1 D:\tmp>php test.php <pre> $1$dW0.is5.$FO6NpJOzWGbHX3Al2BRcU1 D:\tmp>php test.php <pre> $1$dW0.is5.$OoBfHS6yulKgQHVDZ8XLx/ D:\tmp>php -v PHP 5.3.6 (cli) (built: Mar 17 2011 10:37:07) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies D:\tmp> ------------------------------------------------------------------------ [2011-05-12 18:58:23] os at irj dot ru Sorry, in cli mode bug too (in previos command I use a old CLI php) This is a correct log D:\Web\var\avers.localhost>D:\Web\php53\php.exe D:\Web\var\avers.localhost\test. php <pre> $1$dW0.is5.$.O4MUs7rYRmlSuPIA16Jt. D:\Web\var\avers.localhost>D:\Web\php53\php.exe D:\Web\var\avers.localhost\test. php <pre> $1$dW0.is5.$sVRmxDm7.B8xcTu1HZKf6/ D:\Web\var\avers.localhost>D:\Web\php53\php.exe D:\Web\var\avers.localhost\test. php <pre> $1$dW0.is5.$zI8c4NaU.KzK2y5u.W4Ax. D:\Web\var\avers.localhost>D:\Web\php53\php.exe -v PHP 5.3.6 (cli) (built: Mar 17 2011 10:37:07) Copyright (c) 1997-2011 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies D:\Web\var\avers.localhost>D:\curl\curl.exe http://avers.localhost/test.php <pre> $1$dW0.is5.$PD4o/IBVjS2AVWa1.Rpdi/ D:\Web\var\avers.localhost>D:\curl\curl.exe http://avers.localhost/test.php <pre> $1$dW0.is5.$PD4o/IBVjS2AVWa1.Rpdi/ D:\Web\var\avers.localhost>..\..\apache22\bin\httpd.exe -k restart httpd.exe: Could not reliably determine the server's fully qualified domain name , using 192.168.0.240 for ServerName D:\Web\var\avers.localhost>D:\curl\curl.exe http://avers.localhost/test.php <pre> $1$dW0.is5.$.y5yjTLPgypzeHv0FU7zW0 D:\Web\var\avers.localhost>D:\Web\php53\php.exe D:\Web\var\avers.localhost\test .php <pre> $1$dW0.is5.$m.YjcIs.joLsQHQGZ0bxn/ D:\Web\var\avers.localhost> ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/bug.php?id=54721 -- Edit this bug report at http://bugs.php.net/bug.php?id=54721&edit=1
