diff options
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | UPGRADING | 4 | ||||
| -rw-r--r-- | ext/standard/password.c | 2 | ||||
| -rw-r--r-- | ext/standard/tests/password/password_default.phpt | 9 |
4 files changed, 13 insertions, 3 deletions
@@ -43,6 +43,7 @@ PHP NEWS - Standard: . Fixed bug #78902 (Memory leak when using stream_filter_append). (liudaixiao) + . Fixed bug #78969 (PASSWORD_DEFAULT should match PASSWORD_BCRYPT instead of being null). (kocsismate) - Zip: . Add ZipArchive::CM_LZMA2 constant (since libzip 1.6.0). (remi) @@ -150,7 +150,7 @@ PHP 7.4 UPGRADE NOTES . Password hashing algorithm identifiers are now nullable strings rather than integers. - * PASSWORD_DEFAULT was int 1; now is null + * PASSWORD_DEFAULT was int 1; now is null in PHP <7.4.3 and string '2y' afterwards * PASSWORD_BCRYPT was int 1; now is string '2y' * PASSWORD_ARGON2I was int 2; now is string 'argon2i' * PASSWORD_ARGON2ID was int 3; now is string 'argon2id' @@ -726,7 +726,7 @@ PHP 7.4 UPGRADE NOTES the INI directive opcache.cache_id. All processes with the same cache ID and user share an OPcache instance. -- The OpenSSL default config path has been changed to +- The OpenSSL default config path has been changed to "C:\Program Files\Common Files\SSL\openssl.cnf" and "C:\Program Files (x86)\Common Files\SSL\openssl.cnf", respectively. diff --git a/ext/standard/password.c b/ext/standard/password.c index a12590c0e0..9fe7fb1a42 100644 --- a/ext/standard/password.c +++ b/ext/standard/password.c @@ -496,7 +496,7 @@ const php_password_algo php_password_algo_argon2id = { PHP_MINIT_FUNCTION(password) /* {{{ */ { zend_hash_init(&php_password_algos, 4, NULL, ZVAL_PTR_DTOR, 1); - REGISTER_NULL_CONSTANT("PASSWORD_DEFAULT", CONST_CS | CONST_PERSISTENT); + REGISTER_STRING_CONSTANT("PASSWORD_DEFAULT", "2y", CONST_CS | CONST_PERSISTENT); if (FAILURE == php_password_algo_register("2y", &php_password_algo_bcrypt)) { return FAILURE; diff --git a/ext/standard/tests/password/password_default.phpt b/ext/standard/tests/password/password_default.phpt new file mode 100644 index 0000000000..9736f2309c --- /dev/null +++ b/ext/standard/tests/password/password_default.phpt @@ -0,0 +1,9 @@ +--TEST-- +Test that the value of PASSWORD_DEFAULT matches PASSWORD_BCRYPT +--FILE-- +<?php +echo PASSWORD_DEFAULT . "\n"; +echo PASSWORD_BCRYPT . "\n"; +--EXPECT-- +2y +2y |