Update random_compat to v2.0.4

This commit is contained in:
rugk 2016-11-08 16:52:43 +01:00
parent bd30ae419a
commit 3b1eb64386
No known key found for this signature in database
GPG Key ID: 05D40A636AFAB34D
1 changed files with 24 additions and 6 deletions

View File

@ -3,8 +3,8 @@
* Random_* Compatibility Library * Random_* Compatibility Library
* for using the new PHP 7 random_* API in PHP 5 projects * for using the new PHP 7 random_* API in PHP 5 projects
* *
* @version 2.0.2 * @version 2.0.4
* @released 2016-04-03 * @released 2016-11-07
* *
* The MIT License (MIT) * The MIT License (MIT)
* *
@ -41,8 +41,10 @@ if (!defined('PHP_VERSION_ID')) {
$RandomCompatversion = null; $RandomCompatversion = null;
} }
/**
* PHP 7.0.0 and newer have these functions natively.
*/
if (PHP_VERSION_ID < 70000) { if (PHP_VERSION_ID < 70000) {
if (!defined('RANDOM_COMPAT_READ_BUFFER')) { if (!defined('RANDOM_COMPAT_READ_BUFFER')) {
define('RANDOM_COMPAT_READ_BUFFER', 8); define('RANDOM_COMPAT_READ_BUFFER', 8);
} }
@ -67,7 +69,7 @@ if (PHP_VERSION_ID < 70000) {
* 4. COM('CAPICOM.Utilities.1')->GetRandom() * 4. COM('CAPICOM.Utilities.1')->GetRandom()
* 5. openssl_random_pseudo_bytes() (absolute last resort) * 5. openssl_random_pseudo_bytes() (absolute last resort)
* *
* See ERRATA.md for our reasoning behind this particular order * See RATIONALE.md for our reasoning behind this particular order
*/ */
if (extension_loaded('libsodium')) { if (extension_loaded('libsodium')) {
// See random_bytes_libsodium.php // See random_bytes_libsodium.php
@ -123,6 +125,20 @@ if (PHP_VERSION_ID < 70000) {
/** /**
* mcrypt_create_iv() * mcrypt_create_iv()
*
* We only want to use mcypt_create_iv() if:
*
* - random_bytes() hasn't already been defined
* - PHP >= 5.3.7
* - the mcrypt extensions is loaded
* - One of these two conditions is true:
* - We're on Windows (DIRECTORY_SEPARATOR !== '/')
* - We're not on Windows and /dev/urandom is readabale
* (i.e. we're not in a chroot jail)
* - Special case:
* - If we're not on Windows, but the PHP version is between
* 5.6.10 and 5.6.12, we don't want to use mcrypt. It will
* hang indefinitely. This is bad.
*/ */
if ( if (
!is_callable('random_bytes') !is_callable('random_bytes')
@ -130,8 +146,6 @@ if (PHP_VERSION_ID < 70000) {
PHP_VERSION_ID >= 50307 PHP_VERSION_ID >= 50307
&& &&
extension_loaded('mcrypt') extension_loaded('mcrypt')
&&
(DIRECTORY_SEPARATOR !== '/' || $RandomCompatUrandom)
) { ) {
// Prevent this code from hanging indefinitely on non-Windows; // Prevent this code from hanging indefinitely on non-Windows;
// see https://bugs.php.net/bug.php?id=69833 // see https://bugs.php.net/bug.php?id=69833
@ -145,6 +159,10 @@ if (PHP_VERSION_ID < 70000) {
} }
$RandomCompatUrandom = null; $RandomCompatUrandom = null;
/**
* This is a Windows-specific fallback, for when the mcrypt extension
* isn't loaded.
*/
if ( if (
!is_callable('random_bytes') !is_callable('random_bytes')
&& &&