WordPress.org

Make WordPress Core

Ticket #35327: 35327.44-branch.diff

File 35327.44-branch.diff, 1.9 KB (added by dd32, 5 years ago)
  • src/wp-includes/random_compat/random.php

    if (PHP_VERSION_ID < 70000) { 
    4444        /**
    4545         * PHP 5.2.0 - 5.6.x way to implement random_bytes()
    4646         *
    4747         * We use conditional statements here to define the function in accordance
    4848         * to the operating environment. It's a micro-optimization.
    4949         *
    5050         * In order of preference:
    5151         *   1. Use libsodium if available.
    5252         *   2. fread() /dev/urandom if available (never on Windows)
    5353         *   3. mcrypt_create_iv($bytes, MCRYPT_CREATE_IV)
    5454         *   4. COM('CAPICOM.Utilities.1')->GetRandom()
    5555         *   5. openssl_random_pseudo_bytes() (absolute last resort)
    5656         *
    5757         * See ERRATA.md for our reasoning behind this particular order
    5858         */
    59         if (extension_loaded('libsodium')) {
     59        if (PHP_VERSION_ID >= 50300 && extension_loaded('libsodium') && function_exists('\\Sodium\\randombytes_buf')) {
    6060            // See random_bytes_libsodium.php
    6161            require_once $RandomCompatDIR.'/random_bytes_libsodium.php';
    6262        }
    6363        if (
    6464            !function_exists('random_bytes') &&
    6565            DIRECTORY_SEPARATOR === '/' &&
    6666            @is_readable('/dev/urandom')
    6767        ) {
    6868            // DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast
    6969            // way to exclude Windows.
    7070            //
    7171            // Error suppression on is_readable() in case of an open_basedir or
    7272            // safe_mode failure. All we care about is whether or not we can
    7373            // read it at this point. If the PHP environment is going to panic
    7474            // over trying to see if the file can be read in the first place,