Update Random_Compat to the latest version (1.1.6).
See #35665 git-svn-id: https://develop.svn.wordpress.org/trunk@36421 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
fdd7d91162
commit
3964f0ef33
@ -50,7 +50,7 @@ if (PHP_VERSION_ID < 70000) {
|
||||
* In order of preference:
|
||||
* 1. Use libsodium if available.
|
||||
* 2. fread() /dev/urandom if available (never on Windows)
|
||||
* 3. mcrypt_create_iv($bytes, MCRYPT_CREATE_IV)
|
||||
* 3. mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)
|
||||
* 4. COM('CAPICOM.Utilities.1')->GetRandom()
|
||||
* 5. openssl_random_pseudo_bytes() (absolute last resort)
|
||||
*
|
||||
@ -64,23 +64,47 @@ if (PHP_VERSION_ID < 70000) {
|
||||
require_once $RandomCompatDIR.'/random_bytes_libsodium_legacy.php';
|
||||
}
|
||||
}
|
||||
if (
|
||||
!function_exists('random_bytes') &&
|
||||
DIRECTORY_SEPARATOR === '/' &&
|
||||
@is_readable('/dev/urandom')
|
||||
) {
|
||||
/**
|
||||
* Reading directly from /dev/urandom:
|
||||
*/
|
||||
if (DIRECTORY_SEPARATOR === '/') {
|
||||
// DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast
|
||||
// way to exclude Windows.
|
||||
//
|
||||
// Error suppression on is_readable() in case of an open_basedir or
|
||||
// safe_mode failure. All we care about is whether or not we can
|
||||
// read it at this point. If the PHP environment is going to panic
|
||||
// over trying to see if the file can be read in the first place,
|
||||
// that is not helpful to us here.
|
||||
|
||||
// See random_bytes_dev_urandom.php
|
||||
$RandomCompatUrandom = true;
|
||||
$RandomCompat_basedir = ini_get('open_basedir');
|
||||
if (!empty($RandomCompat_basedir)) {
|
||||
$RandomCompat_open_basedir = explode(
|
||||
PATH_SEPARATOR,
|
||||
strtolower($RandomCompat_basedir)
|
||||
);
|
||||
$RandomCompatUrandom = in_array(
|
||||
'/dev',
|
||||
$RandomCompat_open_basedir
|
||||
);
|
||||
$RandomCompat_open_basedir = null;
|
||||
}
|
||||
if (
|
||||
!function_exists('random_bytes') &&
|
||||
$RandomCompatUrandom &&
|
||||
@is_readable('/dev/urandom')
|
||||
) {
|
||||
// Error suppression on is_readable() in case of an open_basedir
|
||||
// or safe_mode failure. All we care about is whether or not we
|
||||
// can read it at this point. If the PHP environment is going to
|
||||
// panic over trying to see if the file can be read in the first
|
||||
// place, that is not helpful to us here.
|
||||
|
||||
// See random_bytes_dev_urandom.php
|
||||
require_once $RandomCompatDIR.'/random_bytes_dev_urandom.php';
|
||||
}
|
||||
// Unset variables after use
|
||||
$RandomCompatUrandom = null;
|
||||
$RandomCompat_basedir = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* mcrypt_create_iv()
|
||||
*/
|
||||
if (
|
||||
!function_exists('random_bytes') &&
|
||||
PHP_VERSION_ID >= 50307 &&
|
||||
@ -113,6 +137,10 @@ if (PHP_VERSION_ID < 70000) {
|
||||
$RandomCompat_disabled_classes = null;
|
||||
$RandomCompatCOMtest = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* openssl_random_pseudo_bytes()
|
||||
*/
|
||||
if (
|
||||
!function_exists('random_bytes') &&
|
||||
extension_loaded('openssl') &&
|
||||
@ -129,12 +157,16 @@ if (PHP_VERSION_ID < 70000) {
|
||||
// See random_bytes_openssl.php
|
||||
require_once $RandomCompatDIR.'/random_bytes_openssl.php';
|
||||
}
|
||||
|
||||
/**
|
||||
* throw new Exception
|
||||
*/
|
||||
if (!function_exists('random_bytes')) {
|
||||
/**
|
||||
* We don't have any more options, so let's throw an exception right now
|
||||
* and hope the developer won't let it fail silently.
|
||||
*/
|
||||
function random_bytes()
|
||||
function random_bytes($length)
|
||||
{
|
||||
throw new Exception(
|
||||
'There is no suitable CSPRNG installed on your system'
|
||||
|
Loading…
Reference in New Issue
Block a user