adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 03:18:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Change Security::randomBytes() to fallback to mcrypt_create_iv()

Browse source
This commit is contained in:
chinpei215 2018-01-19 23:50:14 +09:00
parent d7ed0339b1
commit 5289aae64e
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
lib/Cake/Utility/Security.php
View file

@ -191,9 +191,12 @@ class Security {
if (function_exists('openssl_random_pseudo_bytes')) { if (function_exists('openssl_random_pseudo_bytes')) {
return openssl_random_pseudo_bytes($length); return openssl_random_pseudo_bytes($length);
} }
if (function_exists('mcrypt_create_iv')) {
return mcrypt_create_iv($length);
}
trigger_error( trigger_error(
'You do not have a safe source of random data available. ' . 'You do not have a safe source of random data available. ' .
'Install either the openssl extension, or paragonie/random_compat. ' . 'Install either the openssl extension, the mcrypt extension, or paragonie/random_compat. ' .
'Falling back to an insecure random source.', 'Falling back to an insecure random source.',
E_USER_WARNING E_USER_WARNING
); );