Replace salt function with a more modern, cryptographically secure pseudo-random method
Set minimum PHP version to 7.0.0 for random_bytes
This commit is contained in:
parent
fe3798f8ec
commit
24ce5d5833
@ -5,7 +5,7 @@ For install instructions in non-English languages, see the wiki:
|
|||||||
|
|
||||||
phpLDAPadmin requires the following:
|
phpLDAPadmin requires the following:
|
||||||
a. A web server (Apache, IIS, etc).
|
a. A web server (Apache, IIS, etc).
|
||||||
b. PHP 5.5.0 or newer (with LDAP support)
|
b. PHP 7.0.0 or newer (with LDAP support)
|
||||||
|
|
||||||
* To install
|
* To install
|
||||||
|
|
||||||
|
@ -8,7 +8,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/** The minimum version of PHP required to run phpLDAPadmin. */
|
/** The minimum version of PHP required to run phpLDAPadmin. */
|
||||||
define('REQUIRED_PHP_VERSION','5.5.0');
|
define('REQUIRED_PHP_VERSION','7.0.0');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The config class contains all our configuration settings for a session.
|
* The config class contains all our configuration settings for a session.
|
||||||
|
@ -1828,15 +1828,9 @@ function random_salt($length) {
|
|||||||
if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
|
if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
|
||||||
debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
|
debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
|
||||||
|
|
||||||
$possible = '0123456789'.
|
$str = bin2hex(random_bytes(ceil($length/2)));
|
||||||
'abcdefghijklmnopqrstuvwxyz'.
|
if ($length % 2 == 1)
|
||||||
'ABCDEFGHIJKLMNOPQRSTUVWXYZ'.
|
return substr($str, 0, -1);
|
||||||
'./';
|
|
||||||
$str = '';
|
|
||||||
mt_srand((double)microtime() * 1000000);
|
|
||||||
|
|
||||||
while (strlen($str) < $length)
|
|
||||||
$str .= substr($possible,(rand()%strlen($possible)),1);
|
|
||||||
|
|
||||||
return $str;
|
return $str;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user