1 : /*
2 : +----------------------------------------------------------------------+
3 : | PHP Version 5 |
4 : +----------------------------------------------------------------------+
5 : | Copyright (c) 1997-2007 The PHP Group |
6 : +----------------------------------------------------------------------+
7 : | This source file is subject to version 3.01 of the PHP license, |
8 : | that is bundled with this package in the file LICENSE, and is |
9 : | available through the world-wide-web at the following url: |
10 : | http://www.php.net/license/3_01.txt |
11 : | If you did not receive a copy of the PHP license and are unable to |
12 : | obtain it through the world-wide-web, please send a note to |
13 : | license@php.net so we can mail you a copy immediately. |
14 : +----------------------------------------------------------------------+
15 : | Authors: Stig Bakken <ssb@php.net> |
16 : | Zeev Suraski <zeev@zend.com> |
17 : | Rasmus Lerdorf <rasmus@php.net> |
18 : +----------------------------------------------------------------------+
19 : */
20 : /* $Id: crypt.c,v 1.62.2.1.2.6 2007/01/01 09:36:08 sebastian Exp $ */
21 : #include <stdlib.h>
22 :
23 : #include "php.h"
24 :
25 : #if HAVE_CRYPT
26 :
27 : #if HAVE_UNISTD_H
28 : #include <unistd.h>
29 : #endif
30 : #if HAVE_CRYPT_H
31 : #if defined(CRYPT_R_GNU_SOURCE) && !defined(_GNU_SOURCE)
32 : #define _GNU_SOURCE
33 : #endif
34 : #include <crypt.h>
35 : #endif
36 : #if TM_IN_SYS_TIME
37 : #include <sys/time.h>
38 : #else
39 : #include <time.h>
40 : #endif
41 : #if HAVE_STRING_H
42 : #include <string.h>
43 : #else
44 : #include <strings.h>
45 : #endif
46 :
47 : #ifdef PHP_WIN32
48 : #include <process.h>
49 : extern char *crypt(char *__key, char *__salt);
50 : #endif
51 :
52 : #include "php_lcg.h"
53 : #include "php_crypt.h"
54 : #include "php_rand.h"
55 :
56 : /*
57 : The capabilities of the crypt() function is determined by the test programs
58 : run by configure from aclocal.m4. They will set PHP_STD_DES_CRYPT,
59 : PHP_EXT_DES_CRYPT, PHP_MD5_CRYPT and PHP_BLOWFISH_CRYPT as appropriate
60 : for the target platform
61 : */
62 : #if PHP_STD_DES_CRYPT
63 : #define PHP_MAX_SALT_LEN 2
64 : #endif
65 :
66 : #if PHP_EXT_DES_CRYPT
67 : #undef PHP_MAX_SALT_LEN
68 : #define PHP_MAX_SALT_LEN 9
69 : #endif
70 :
71 : #if PHP_MD5_CRYPT
72 : #undef PHP_MAX_SALT_LEN
73 : #define PHP_MAX_SALT_LEN 12
74 : #endif
75 :
76 : #if PHP_BLOWFISH_CRYPT
77 : #undef PHP_MAX_SALT_LEN
78 : #define PHP_MAX_SALT_LEN 60
79 : #endif
80 :
81 : /*
82 : * If the configure-time checks fail, we provide DES.
83 : * XXX: This is a hack. Fix the real problem
84 : */
85 :
86 : #ifndef PHP_MAX_SALT_LEN
87 : #define PHP_MAX_SALT_LEN 2
88 : #undef PHP_STD_DES_CRYPT
89 : #define PHP_STD_DES_CRYPT 1
90 : #endif
91 :
92 :
93 : #define PHP_CRYPT_RAND php_rand(TSRMLS_C)
94 :
95 : PHP_MINIT_FUNCTION(crypt)
96 220 : {
97 220 : REGISTER_LONG_CONSTANT("CRYPT_SALT_LENGTH", PHP_MAX_SALT_LEN, CONST_CS | CONST_PERSISTENT);
98 220 : REGISTER_LONG_CONSTANT("CRYPT_STD_DES", PHP_STD_DES_CRYPT, CONST_CS | CONST_PERSISTENT);
99 220 : REGISTER_LONG_CONSTANT("CRYPT_EXT_DES", PHP_EXT_DES_CRYPT, CONST_CS | CONST_PERSISTENT);
100 220 : REGISTER_LONG_CONSTANT("CRYPT_MD5", PHP_MD5_CRYPT, CONST_CS | CONST_PERSISTENT);
101 220 : REGISTER_LONG_CONSTANT("CRYPT_BLOWFISH", PHP_BLOWFISH_CRYPT, CONST_CS | CONST_PERSISTENT);
102 :
103 220 : return SUCCESS;
104 : }
105 :
106 :
107 : static unsigned char itoa64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
108 :
109 : static void php_to64(char *s, long v, int n)
110 0 : {
111 0 : while (--n >= 0) {
112 0 : *s++ = itoa64[v&0x3f];
113 0 : v >>= 6;
114 : }
115 0 : }
116 :
117 : /* {{{ proto string crypt(string str [, string salt])
118 : Encrypt a string */
119 : PHP_FUNCTION(crypt)
120 0 : {
121 : char salt[PHP_MAX_SALT_LEN+1];
122 0 : char *str, *salt_in = NULL;
123 : int str_len, salt_in_len;
124 :
125 0 : salt[0]=salt[PHP_MAX_SALT_LEN]='\0';
126 : /* This will produce suitable results if people depend on DES-encryption
127 : available (passing always 2-character salt). At least for glibc6.1 */
128 0 : memset(&salt[1], '$', PHP_MAX_SALT_LEN-1);
129 :
130 0 : if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|s", &str, &str_len,
131 : &salt_in, &salt_in_len) == FAILURE) {
132 0 : return;
133 : }
134 :
135 0 : if (salt_in) {
136 0 : memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len));
137 : }
138 :
139 : /* The automatic salt generation only covers standard DES and md5-crypt */
140 0 : if(!*salt) {
141 : #if PHP_MD5_CRYPT
142 0 : strcpy(salt, "$1$");
143 0 : php_to64(&salt[3], PHP_CRYPT_RAND, 4);
144 0 : php_to64(&salt[7], PHP_CRYPT_RAND, 4);
145 0 : strcpy(&salt[11], "$");
146 : #elif PHP_STD_DES_CRYPT
147 : php_to64(&salt[0], PHP_CRYPT_RAND, 2);
148 : salt[2] = '\0';
149 : #endif
150 : }
151 : #if defined(HAVE_CRYPT_R) && (defined(_REENTRANT) || defined(_THREAD_SAFE))
152 : {
153 : #if defined(CRYPT_R_STRUCT_CRYPT_DATA)
154 : struct crypt_data buffer;
155 : memset(&buffer, 0, sizeof(buffer));
156 : #elif defined(CRYPT_R_CRYPTD)
157 : CRYPTD buffer;
158 : #else
159 : #error Data struct used by crypt_r() is unknown. Please report.
160 : #endif
161 :
162 : RETURN_STRING(crypt_r(str, salt, &buffer), 1);
163 : }
164 : #else
165 0 : RETURN_STRING(crypt(str, salt), 1);
166 : #endif
167 : }
168 : /* }}} */
169 : #endif
170 :
171 : /*
172 : * Local variables:
173 : * tab-width: 4
174 : * c-basic-offset: 4
175 : * End:
176 : * vim600: sw=4 ts=4 fdm=marker
177 : * vim<600: sw=4 ts=4
178 : */
|
