summaryrefslogtreecommitdiffstats
path: root/system/core/compat
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2017-03-24 10:04:53 +0100
committerAndrey Andreev <narf@devilix.net>2017-03-24 10:04:53 +0100
commitc7c0bdf4f7af7c4e71b073ee87ddb792087bdfac (patch)
tree5cfb825e1e0d67f30d4c8a91428cd52eb580695a /system/core/compat
parent1d9aaee34ea77fdb68d79d7add37f26dd2649c00 (diff)
parent0eb38af2eaf1127b9b82261b7ec3bf4d4b847318 (diff)
Merge branch '3.1-stable' into develop
Conflicts resolved: system/core/CodeIgniter.php system/core/Common.php system/core/Input.php system/helpers/cookie_helper.php tests/codeigniter/helpers/html_helper_test.php user_guide_src/source/changelog.rst user_guide_src/source/conf.py user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst user_guide_src/source/libraries/input.rst
Diffstat (limited to 'system/core/compat')
-rw-r--r--system/core/compat/hash.php17
-rw-r--r--system/core/compat/password.php8
2 files changed, 17 insertions, 8 deletions
diff --git a/system/core/compat/hash.php b/system/core/compat/hash.php
index c0eab4909..fc319028d 100644
--- a/system/core/compat/hash.php
+++ b/system/core/compat/hash.php
@@ -173,7 +173,9 @@ if ( ! function_exists('hash_pbkdf2'))
return FALSE;
}
- $hash_length = strlen(hash($algo, NULL, TRUE));
+ $hash_length = defined('MB_OVERLOAD_STRING')
+ ? mb_strlen(hash($algo, NULL, TRUE), '8bit')
+ : strlen(hash($algo, NULL, TRUE));
empty($length) && $length = $hash_length;
// Pre-hash password inputs longer than the algorithm's block size
@@ -219,14 +221,14 @@ if ( ! function_exists('hash_pbkdf2'))
'whirlpool' => 64
);
- if (isset($block_sizes[$algo]) && strlen($password) > $block_sizes[$algo])
+ if (isset($block_sizes[$algo], $password[$block_sizes[$algo]]))
{
$password = hash($algo, $password, TRUE);
}
$hash = '';
// Note: Blocks are NOT 0-indexed
- for ($bc = ceil($length / $hash_length), $bi = 1; $bi <= $bc; $bi++)
+ for ($bc = (int) ceil($length / $hash_length), $bi = 1; $bi <= $bc; $bi++)
{
$key = $derived_key = hash_hmac($algo, $salt.pack('N', $bi), $password, TRUE);
for ($i = 1; $i < $iterations; $i++)
@@ -238,6 +240,13 @@ if ( ! function_exists('hash_pbkdf2'))
}
// This is not RFC-compatible, but we're aiming for natural PHP compatibility
- return substr($raw_output ? $hash : bin2hex($hash), 0, $length);
+ if ( ! $raw_output)
+ {
+ $hash = bin2hex($hash);
+ }
+
+ return defined('MB_OVERLOAD_STRING')
+ ? mb_substr($hash, 0, $length, '8bit')
+ : substr($hash, 0, $length);
}
}
diff --git a/system/core/compat/password.php b/system/core/compat/password.php
index 84be66738..fa28f5492 100644
--- a/system/core/compat/password.php
+++ b/system/core/compat/password.php
@@ -94,8 +94,8 @@ if ( ! function_exists('password_hash'))
*/
function password_hash($password, $algo, array $options = array())
{
- static $func_override;
- isset($func_override) OR $func_override = (extension_loaded('mbstring') && ini_get('mbstring.func_override'));
+ static $func_overload;
+ isset($func_overload) OR $func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload'));
if ($algo !== 1)
{
@@ -109,7 +109,7 @@ if ( ! function_exists('password_hash'))
return NULL;
}
- if (isset($options['salt']) && ($saltlen = ($func_override ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))) < 22)
+ if (isset($options['salt']) && ($saltlen = ($func_overload ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))) < 22)
{
trigger_error('password_hash(): Provided salt is too short: '.$saltlen.' expecting 22', E_USER_WARNING);
return NULL;
@@ -144,7 +144,7 @@ if ( ! function_exists('password_hash'))
stream_set_chunk_size($fp, 16);
$options['salt'] = '';
- for ($read = 0; $read < 16; $read = ($func_override) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))
+ for ($read = 0; $read < 16; $read = ($func_overload) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt']))
{
if (($read = fread($fp, 16 - $read)) === FALSE)
{