Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-17090

eZUser::createHash() with PASSWORD_HASH_CRYPT behaves differently across PHP versions

    XMLWordPrintable

Details

    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: Medium Medium
    • 4.5.0alpha
    • 4.1.4, 4.2.0, 4.3.0, 4.4.0alpha4, 4.4.0alpha5
    • Misc, Upgrading
    • None

    Description

      Upgrading PHP from 5.2 to 5.3 (both with standard configuration), eZUser::createHash() will create different hashes when using eZUser::PASSWORD_HASH_CRYPT as 4th parameter of the function.

      This is enlightened by the //eZUserAuthenticationTest::testCreateHash// test:
      {{
      $ php tests/runtests.php --db-per-test --dsn mysql://root:thob1c0r@127.0.0.1/ezptest -f eZUserAuthenticationTest::testCreateHash
      PHPUnit 3.4.13 by Sebastian Bergmann.

      ........FF

      Time: 0 seconds, Memory: 17.50Mb

      There were 2 failures:

      1) eZUserAuthenticationTest::testCreateHash with data set #8 ('admin', 'password', 'ez.no', 6, '_J9..eZSy', '_JL7mbBlf6rYs')
      — Expected
      +++ Actual
      @@ @@
      -_JL7mbBlf6rYs
      +_J9..eZSycJPQweA2TGI

      2) eZUserAuthenticationTest::testCreateHash with data set #9 ('AVeryLongUsername', 'wîŧħAQuiteßécurePasswörð', 'ez.no', 6, '_J9..eZSy', '_JW.wOSTIP/Ow')
      — Expected
      +++ Actual
      @@ @@
      -_JW.wOSTIP/Ow
      +_J9..eZSy87emjM/dexI
      }}

      *This might prevent authentication while upgrading PHP.*

      Attachments

        Activity

          People

            oms Ole Marius Smestad
            patrick.allaert patrick.allaert
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated: