Update Random_Compat to the latest version (1.1.6).

See #35665


git-svn-id: https://develop.svn.wordpress.org/trunk@36421 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Dion Hulse 2016-01-30 00:56:07 +00:00
parent fdd7d91162
commit 3964f0ef33

View File

@ -50,7 +50,7 @@ if (PHP_VERSION_ID < 70000) {
* In order of preference:
* 1. Use libsodium if available.
* 2. fread() /dev/urandom if available (never on Windows)
* 3. mcrypt_create_iv($bytes, MCRYPT_CREATE_IV)
* 3. mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)
* 4. COM('CAPICOM.Utilities.1')->GetRandom()
* 5. openssl_random_pseudo_bytes() (absolute last resort)
*
@ -64,23 +64,47 @@ if (PHP_VERSION_ID < 70000) {
require_once $RandomCompatDIR.'/random_bytes_libsodium_legacy.php';
}
}
if (
!function_exists('random_bytes') &&
DIRECTORY_SEPARATOR === '/' &&
@is_readable('/dev/urandom')
) {
/**
* Reading directly from /dev/urandom:
*/
if (DIRECTORY_SEPARATOR === '/') {
// DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast
// way to exclude Windows.
//
// Error suppression on is_readable() in case of an open_basedir or
// safe_mode failure. All we care about is whether or not we can
// read it at this point. If the PHP environment is going to panic
// over trying to see if the file can be read in the first place,
// that is not helpful to us here.
// See random_bytes_dev_urandom.php
$RandomCompatUrandom = true;
$RandomCompat_basedir = ini_get('open_basedir');
if (!empty($RandomCompat_basedir)) {
$RandomCompat_open_basedir = explode(
PATH_SEPARATOR,
strtolower($RandomCompat_basedir)
);
$RandomCompatUrandom = in_array(
'/dev',
$RandomCompat_open_basedir
);
$RandomCompat_open_basedir = null;
}
if (
!function_exists('random_bytes') &&
$RandomCompatUrandom &&
@is_readable('/dev/urandom')
) {
// Error suppression on is_readable() in case of an open_basedir
// or safe_mode failure. All we care about is whether or not we
// can read it at this point. If the PHP environment is going to
// panic over trying to see if the file can be read in the first
// place, that is not helpful to us here.
// See random_bytes_dev_urandom.php
require_once $RandomCompatDIR.'/random_bytes_dev_urandom.php';
}
// Unset variables after use
$RandomCompatUrandom = null;
$RandomCompat_basedir = null;
}
/**
* mcrypt_create_iv()
*/
if (
!function_exists('random_bytes') &&
PHP_VERSION_ID >= 50307 &&
@ -113,6 +137,10 @@ if (PHP_VERSION_ID < 70000) {
$RandomCompat_disabled_classes = null;
$RandomCompatCOMtest = null;
}
/**
* openssl_random_pseudo_bytes()
*/
if (
!function_exists('random_bytes') &&
extension_loaded('openssl') &&
@ -129,12 +157,16 @@ if (PHP_VERSION_ID < 70000) {
// See random_bytes_openssl.php
require_once $RandomCompatDIR.'/random_bytes_openssl.php';
}
/**
* throw new Exception
*/
if (!function_exists('random_bytes')) {
/**
* We don't have any more options, so let's throw an exception right now
* and hope the developer won't let it fail silently.
*/
function random_bytes()
function random_bytes($length)
{
throw new Exception(
'There is no suitable CSPRNG installed on your system'