diff options
| author | Andrey Andreev <narf@devilix.net> | 2016-07-26 20:03:12 +0200 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2016-07-26 20:03:12 +0200 |
| commit | 77266bc6a01668b2106b9974da02e2a7ceaf2fe6 (patch) | |
| tree | 955346c3278c03a2ff4174b9d078e9416a298ee9 /system/core/compat/password.php | |
| parent | a9874a638970ef826f835718e58b197ff3672566 (diff) | |
| parent | 0b9540209499fbd0515e13fdc66e85dea4b6baad (diff) | |
Merge branch '3.1-stable' into develop
Conflicts resolved:
.travis.yml
system/core/CodeIgniter.php
system/database/drivers/oci8/oci8_forge.php
system/database/drivers/pdo/subdrivers/pdo_oci_forge.php
system/helpers/path_helper.php
system/libraries/Email.php
user_guide_src/source/changelog.rst
user_guide_src/source/conf.py
user_guide_src/source/contributing/index.rst
user_guide_src/source/general/requirements.rst
user_guide_src/source/general/styleguide.rst
user_guide_src/source/installation/downloads.rst
user_guide_src/source/installation/upgrade_310.rst
user_guide_src/source/installation/upgrading.rst
Diffstat (limited to 'system/core/compat/password.php')
| -rw-r--r-- | system/core/compat/password.php | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/system/core/compat/password.php b/system/core/compat/password.php index f0c22c780..76dd2cf0a 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -116,13 +116,21 @@ if ( ! function_exists('password_hash')) } elseif ( ! isset($options['salt'])) { - if (defined('MCRYPT_DEV_URANDOM')) + if (function_exists('random_bytes')) { - $options['salt'] = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); + try + { + $options['salt'] = random_bytes(16); + } + catch (Exception $e) + { + log_message('error', 'compat/password: Error while trying to use random_bytes(): '.$e->getMessage()); + return FALSE; + } } - elseif (function_exists('openssl_random_pseudo_bytes')) + elseif (defined('MCRYPT_DEV_URANDOM')) { - $options['salt'] = openssl_random_pseudo_bytes(16); + $options['salt'] = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); } elseif (DIRECTORY_SEPARATOR === '/' && (is_readable($dev = '/dev/arandom') OR is_readable($dev = '/dev/urandom'))) { @@ -148,6 +156,16 @@ if ( ! function_exists('password_hash')) fclose($fp); } + elseif (function_exists('openssl_random_pseudo_bytes')) + { + $is_secure = NULL; + $options['salt'] = openssl_random_pseudo_bytes(16, $is_secure); + if ($is_secure !== TRUE) + { + log_message('error', 'compat/password: openssl_random_pseudo_bytes() set the $cryto_strong flag to FALSE'); + return FALSE; + } + } else { log_message('error', 'compat/password: No CSPRNG available.'); |