Details
-
Bug
-
Resolution: Obsolete
-
Medium
-
4.1.4, 4.2.0, 4.3.0, 4.4.0alpha4, 4.4.0alpha5
-
None
Description
Upgrading PHP from 5.2 to 5.3 (both with standard configuration), eZUser::createHash() will create different hashes when using eZUser::PASSWORD_HASH_CRYPT as 4th parameter of the function.
This is enlightened by the //eZUserAuthenticationTest::testCreateHash// test:
{{
$ php tests/runtests.php --db-per-test --dsn mysql://root:thob1c0r@127.0.0.1/ezptest -f eZUserAuthenticationTest::testCreateHash
PHPUnit 3.4.13 by Sebastian Bergmann.
........FF
Time: 0 seconds, Memory: 17.50Mb
There were 2 failures:
1) eZUserAuthenticationTest::testCreateHash with data set #8 ('admin', 'password', 'ez.no', 6, '_J9..eZSy', '_JL7mbBlf6rYs')
— Expected
+++ Actual
@@ @@
-_JL7mbBlf6rYs
+_J9..eZSycJPQweA2TGI
2) eZUserAuthenticationTest::testCreateHash with data set #9 ('AVeryLongUsername', 'wîŧħAQuiteßécurePasswörð', 'ez.no', 6, '_J9..eZSy', '_JW.wOSTIP/Ow')
— Expected
+++ Actual
@@ @@
-_JW.wOSTIP/Ow
+_J9..eZSy87emjM/dexI
}}
*This might prevent authentication while upgrading PHP.*