the-djmaze/snappymail
1
1
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2024-09-20 15:45:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

improve error handling for salt generation

Browse source
This commit is contained in:
Peter Linss 2019-11-20 09:20:40 -08:00
parent a7f03d101c
commit a54d40f2a2
No known key found for this signature in database
GPG key ID: 0ED32B6657FA9FE0
1 changed files with 11 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
rainloop/v/0.0.0/include.php
View file

@ -124,17 +124,23 @@
unset($sCheckName, $sCheckFilePath, $sCheckFolder, $sTest);
}
if (false === $sSalt)
{
if (false === $sSalt) {
if (function_exists('random_bytes'))
{ // secure random salt
$sSalt = bin2hex(random_bytes(48));
try
{
$sSalt = bin2hex(random_bytes(48));
}
catch (\Exception $oException)
{
$sSalt = false;
}
}
elseif (function_exists('openssl_random_pseudo_bytes'))
if ((false === $sSalt) && (function_exists('openssl_random_pseudo_bytes')))
{ // not-quite as secure random salt
$sSalt = bin2hex(openssl_random_pseudo_bytes(48));
}
else
if (false === $sSalt)
{ // pseudo-random salt
$sSalt = md5(microtime(true).rand(1000, 5000))
.md5(microtime(true).rand(5000, 9999))