Changeset 29761
- Timestamp:
- 09/23/2014 06:12:28 PM (10 years ago)
- Location:
- branches/4.0
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.0
-
branches/4.0/src/wp-includes/pluggable.php
r29635 r29761 670 670 671 671 $key = wp_hash( $username . '|' . $pass_frag . '|' . $expiration . '|' . $token, $scheme ); 672 $hash = hash_hmac( 'sha256', $username . '|' . $expiration . '|' . $token, $key ); 672 673 // If ext/hash is not present, compat.php's hash_hmac() does not support sha256. 674 $algo = function_exists( 'hash' ) ? 'sha256' : 'sha1'; 675 $hash = hash_hmac( $algo, $username . '|' . $expiration . '|' . $token, $key ); 673 676 674 677 if ( ! hash_equals( $hash, $hmac ) ) { … … 735 738 736 739 $key = wp_hash( $user->user_login . '|' . $pass_frag . '|' . $expiration . '|' . $token, $scheme ); 737 $hash = hash_hmac( 'sha256', $user->user_login . '|' . $expiration . '|' . $token, $key ); 740 741 // If ext/hash is not present, compat.php's hash_hmac() does not support sha256. 742 $algo = function_exists( 'hash' ) ? 'sha256' : 'sha1'; 743 $hash = hash_hmac( $algo, $user->user_login . '|' . $expiration . '|' . $token, $key ); 738 744 739 745 $cookie = $user->user_login . '|' . $expiration . '|' . $token . '|' . $hash; -
branches/4.0/src/wp-includes/session.php
r29635 r29761 62 62 */ 63 63 final private function hash_token( $token ) { 64 return hash( 'sha256', $token ); 64 // If ext/hash is not present, use sha1() instead. 65 if ( function_exists( 'hash' ) ) { 66 return hash( 'sha256', $token ); 67 } else { 68 return sha1( $token ); 69 } 65 70 } 66 71
Note: See TracChangeset
for help on using the changeset viewer.