MDL-55272 lib: Allow random_bytes() to return large values.

PHP has a recursion limit and random_bytes on PHP5.6 without openssl
will error if sent a large value.  Using a loop has lower overhead than
recursion as well.
This commit is contained in:
Russell Smith
2016-08-16 12:12:11 +10:00
parent d418f42040
commit ffd94de398
2 changed files with 9 additions and 6 deletions
+6 -6
View File
@@ -7637,12 +7637,12 @@ function random_bytes_emulate($length) {
}
// Bad luck, there is no reliable random generator, let's just hash some unique stuff that is hard to guess.
$hash = sha1(serialize($CFG) . serialize($_SERVER) . microtime(true) . uniqid('', true), true);
// NOTE: the last param in sha1() is true, this means we are getting 20 bytes, not 40 chars as usual.
if ($length <= 20) {
return substr($hash, 0, $length);
}
return $hash . random_bytes_emulate($length - 20);
$staticdata = serialize($CFG) . serialize($_SERVER);
$hash = '';
do {
$hash .= sha1($staticdata . microtime(true) . uniqid('', true), true);
} while (strlen($hash) < $length);
return substr($hash, 0, $length);
}
/**
+3
View File
@@ -2930,6 +2930,9 @@ class core_moodlelib_testcase extends advanced_testcase {
$result = random_bytes_emulate(666);
$this->assertSame(666, strlen($result));
$result = random_bytes_emulate(40);
$this->assertSame(40, strlen($result));
$this->assertDebuggingNotCalled();
$result = random_bytes_emulate(0);