Anthony Ferrara
Anthony Ferrara
Generic `crypt` compatibility is not a documented feature of either this project or php.net/password_verify. You can use it, but it's not a supported use-case in either. The final condition here...
@adaddinsane there is 100% a way of configuring which sources to use. Simply construct the object yourself instead of using the factory. If you know your runtime environment and needs...
I'd argue it's Debian's fault for not backporting a serious security fix... Also, 5.4 and 5.3 are both End-of-life. Suggest upgrading to 5.5 if possible.
@sneakyimp check out #10 which details why that's not possible...
Yup. This is why I recommend people never use Distribution-provided PHP...
Totally okay adding ignores for ones that are logically no-ops. Example: ident, we aren't generating binaries from these headers, so if we encounter it we can safely ignore it. However...
I've hit that in the past. It's because it's assuming there's a built in type `gwchar_t` somewhere in the OS standard lib. Can you provide which OS/libc version you're using?
I know it's a bit late, but one thing that jumped out to me is using Expr as a base for the attribute. Expressions have a return value. It also...
Looks great, thanks for the contribution!
No, ANSI X9.31 has other requirements that are quite specific. http://www.untruth.org/~josh/security/ansi931rng.PDF