Incorrect crypt() function behavior

Bug #1046330 reported by Sergei Morozov on 2012-09-05
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
php5 (Debian)
Fix Released
Unknown
php5 (Ubuntu)
High
Unassigned

Bug Description

The CRYPT_EXT_DES algorithm seems to be enabled but not used for encryption.

The test is:
php -r "echo 'CRYPT_EXT_DES: ', CRYPT_EXT_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;"

Expected output (depending on whether CRYPT_EXT_DES is enabled):
> CRYPT_EXT_DES: 1
> _.012saltIO.319ikKPU
OR
> CRYPT_EXT_DES: 0
> _.msUWmoj85W6

Actual output:
> CRYPT_EXT_DES: 1
> _.msUWmoj85W6

…which correstponds to standard DES encryption:
php -r "echo 'CRYPT_STD_DES: ', CRYPT_STD_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;"
> CRYPT_STD_DES: 1
> _.msUWmoj85W6

lsb_release -rd
Description: Ubuntu 12.04.1 LTS
Release: 12.04

$ apt-cache policy php5
php5:
  Installed: 5.3.10-1ubuntu3.2
  Candidate: 5.3.10-1ubuntu3.2
  Version table:
 *** 5.3.10-1ubuntu3.2 0
        500 http://by.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages
        100 /var/lib/dpkg/status
     5.3.10-1ubuntu3 0
        500 http://by.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages

Clint Byrum (clint-fewbar) wrote :

Can confirm that Ubuntu/Debian's behavior is different from CentOS 6:

$ php --version
PHP 5.3.3 (cli) (built: Jul 3 2012 16:53:21)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
$ php -r "echo 'CRYPT_EXT_DES: ', CRYPT_EXT_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;"
CRYPT_EXT_DES: 1
_.012saltIO.319ikKPU

**
precise

# php --version
PHP 5.3.10-1ubuntu3.2 with Suhosin-Patch (cli) (built: Jun 13 2012 17:20:55)
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies
# php -r "echo 'CRYPT_EXT_DES: ', CRYPT_EXT_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;"
CRYPT_EXT_DES: 1
_.msUWmoj85W6

**

However, this is not a regression for Ubuntu.
I tested this all the way back to hardy, which seemed to not have CRYPT_EXT_DES:

**

# php --version
PHP 5.2.4-2ubuntu5.25 with Suhosin-Patch 0.9.6.2 (cli) (built: Jun 13 2012 18:36:37)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
 php -r "echo 'CRYPT_EXT_DES: ', CRYPT_EXT_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;"
CRYPT_EXT_DES: 0
_.msUWmoj85W6

Sergei Morozov (sergeimorozov) wrote :

The regression is not the absence of CRYPT_EXT_DES algorithm but the fact that it's declared available (CRYPT_EXT_DES = 1) but not used (result = _.msUWmoj85W6).

Clint Byrum (clint-fewbar) wrote :

Sergei, I agree, my comments were misleading. My point is that this has been broken since at least 10.04, and its not even necessarily a regression from one release of Ubuntu to another.

I just tested this on Debian squeeze and wheezy and it is present there as well.I believe this was introduced by this change:

php5 (5.3.2-1) unstable; urgency=high
...
  [ Ondřej Surý ]
...
  * New debian patch always_use_system_crypt.patch (Closes: #572601)
  * New debian patch php_crypt_revamped.patch (Closes: #572601)

 -- Raphael Geissert <email address hidden> Sat, 13 Mar 2010 15:11:48 -0600

I'm building test packages w/o those patches to see if the problem is resolved that way.

Changed in php5 (Ubuntu):
status: New → Confirmed
importance: Undecided → Medium
importance: Medium → High
Clint Byrum (clint-fewbar) wrote :

Setting to 'High' as this very quietly and subtly reduces the security of the system.

Clint Byrum (clint-fewbar) wrote :

Have tested with those patches dropped and the upstream behavior is in fact restored. I've forwarded this on to Debian, though I would consider carrying this as part of Ubuntu's delta if the Debian maintainers decide not to revert the patches, as this seems fairly serious to me.

Changed in php5 (Ubuntu):
status: Confirmed → Triaged
Ondřej Surý (ondrej) wrote :

As a temporary workaround, you can just strip salt to 9 characters. The fix is fairly simple, and I'll prepare a patch later today.

Changed in php5 (Debian):
status: Unknown → New
Changed in php5 (Debian):
status: New → Fix Released
Robie Basak (racb) wrote :

I have run Clint's test case (from the Debian bug) of:

php -r "echo 'CRYPT_EXT_DES: ', CRYPT_EXT_DES, PHP_EOL, crypt(md5('my passw0rd'), '_.012saltIO.319ikKPU'), PHP_EOL;"

on Trusty (php5-cli 5.5.3+dfsg-1ubuntu3).

It returned:

CRYPT_EXT_DES: 1
_.012saltIO.319ikKPU

So I presume this issue is now been fixed in Ubuntu.

Changed in php5 (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.