diff options
Diffstat (limited to 'system')
-rwxr-xr-x | system/core/Security.php | 3 | ||||
-rw-r--r-- | system/core/compat/password.php | 4 |
2 files changed, 5 insertions, 2 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index b97df4647..15a66430a 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -573,7 +573,8 @@ class CI_Security { if (is_readable('/dev/urandom') && ($fp = fopen('/dev/urandom', 'rb')) !== FALSE) { - stream_set_chunk_size($fp, $length); + // Try not to waste entropy ... + is_php('5.4') && stream_set_chunk_size($fp, $length); $output = fread($fp, $length); fclose($fp); if ($output !== FALSE) diff --git a/system/core/compat/password.php b/system/core/compat/password.php index 60aa578db..1f67a5269 100644 --- a/system/core/compat/password.php +++ b/system/core/compat/password.php @@ -121,7 +121,9 @@ if ( ! function_exists('password_hash')) return FALSE; } - stream_set_chunk_size($fp, 16); + // Try not to waste entropy ... + is_php('5.4') && stream_set_chunk_size($fp, 16); + $options['salt'] = ''; for ($read = 0; $read < 16; $read = ($func_override) ? mb_strlen($options['salt'], '8bit') : strlen($options['salt'])) { |