1cfabed96df952c480c3bb17b93bdf53f0672326.patch - pfSense - pfSense bugtracker

Todo #12556 » 1cfabed96df952c480c3bb17b93bdf53f0672326.patch

Jim Pingle, 02/28/2022 02:19 PM

      * limitations under the License.
      */
     	function crypt_data($val, $pass, $opt, $legacy = false) {
     define('PFS_OPENSSL_DEFAULT_ITERATIONS', '500000');
     	function crypt_data($val, $pass, $opt, $legacy = false, $iterations = PFS_OPENSSL_DEFAULT_ITERATIONS) {
     		$file = tempnam("/tmp", "php-encrypt");
     		/* Ensure the files do not already exist */
     		unlink_if_exists($file);
-...
     		 *  unless we need to read old data encrypted without it. */
     		$keyder = ($legacy) ? "" : "-pbkdf2";
     		$md = ($legacy) ? "md5" : "sha256";
     		$iter = ($legacy) ? '' : ' -iter ' . escapeshellarg($iterations);
     		$output = "";
     		$exitcode = "";
     		exec("/usr/bin/openssl enc {$opt} -aes-256-cbc -in {$file}.dec -out {$file}.enc -pass pass:" . escapeshellarg($pass) . " -salt -md ${md} {$keyder} 2> /dev/null", $output, $exitcode);
     		exec("/usr/bin/openssl enc {$opt} -aes-256-cbc -in {$file}.dec -out {$file}.enc -pass pass:" . escapeshellarg($pass) . " -salt -md ${md} {$keyder} {$iter} 2> /dev/null", $output, $exitcode);
     		if (($exitcode == 0) && file_exists("{$file}.enc") && (filesize("{$file}.enc") > 0)) {
     			$result = file_get_contents("{$file}.enc");
     		} elseif ($iterations == PFS_OPENSSL_DEFAULT_ITERATIONS) {
     			/* If it failed with the current default iterations,
     			 * next try with previous default number of iterations. */
     			$result = crypt_data($val, $pass, $opt, false, '10000');
     		} elseif ($legacy === false) {
     			/* Operation failed without new options, try old. */
     			$result = crypt_data($val, $pass, $opt, true);

(1-1/1)

Project

General

Profile

pfSense

Todo #12556 » 1cfabed96df952c480c3bb17b93bdf53f0672326.patch