- Timestamp:
- 02/16/2022 09:17:04 PM (3 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/random_compat/random_bytes_dev_urandom.php
r46586 r52742 1 1 <?php 2 2 /** 3 * Random_* Compatibility Library 3 * Random_* Compatibility Library 4 4 * for using the new PHP 7 random_* API in PHP 5 projects 5 * 5 * 6 6 * The MIT License (MIT) 7 7 * 8 * Copyright (c) 2015 - 201 7Paragon Initiative Enterprises9 * 8 * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises 9 * 10 10 * Permission is hereby granted, free of charge, to any person obtaining a copy 11 11 * of this software and associated documentation files (the "Software"), to deal … … 14 14 * copies of the Software, and to permit persons to whom the Software is 15 15 * furnished to do so, subject to the following conditions: 16 * 16 * 17 17 * The above copyright notice and this permission notice shall be included in 18 18 * all copies or substantial portions of the Software. 19 * 19 * 20 20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 21 21 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, … … 37 37 * 38 38 * Why we use /dev/urandom and not /dev/random 39 * @ref https://www.2uo.de/myths-about-urandom 39 40 * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers 40 41 * … … 47 48 function random_bytes($bytes) 48 49 { 50 /** @var resource $fp */ 49 51 static $fp = null; 52 50 53 /** 51 54 * This block should only be run once … … 53 56 if (empty($fp)) { 54 57 /** 55 * We use /dev/urandom if it is a char device. 56 * We never fall back to /dev/random 58 * We don't want to ever read C:\dev\random, only /dev/urandom on 59 * Unix-like operating systems. While we guard against this 60 * condition in random.php, it doesn't hurt to be defensive in depth 61 * here. 62 * 63 * To that end, we only try to open /dev/urandom if we're on a Unix- 64 * like operating system (which means the directory separator is set 65 * to "/" not "\". 57 66 */ 58 $fp = fopen('/dev/urandom', 'rb'); 59 if (!empty($fp)) { 60 $st = fstat($fp); 61 if (($st['mode'] & 0170000) !== 020000) { 62 fclose($fp); 63 $fp = false; 67 if (DIRECTORY_SEPARATOR === '/') { 68 if (!is_readable('/dev/urandom')) { 69 throw new Exception( 70 'Environment misconfiguration: ' . 71 '/dev/urandom cannot be read.' 72 ); 73 } 74 /** 75 * We use /dev/urandom if it is a char device. 76 * We never fall back to /dev/random 77 */ 78 /** @var resource|bool $fp */ 79 $fp = fopen('/dev/urandom', 'rb'); 80 if (is_resource($fp)) { 81 /** @var array<string, int> $st */ 82 $st = fstat($fp); 83 if (($st['mode'] & 0170000) !== 020000) { 84 fclose($fp); 85 $fp = false; 86 } 64 87 } 65 88 } 66 89 67 if ( !empty($fp)) {90 if (is_resource($fp)) { 68 91 /** 69 92 * stream_set_read_buffer() does not exist in HHVM … … 84 107 85 108 try { 109 /** @var int $bytes */ 86 110 $bytes = RandomCompat_intval($bytes); 87 111 } catch (TypeError $ex) { … … 104 128 * page load. 105 129 */ 106 if ( !empty($fp)) {130 if (is_resource($fp)) { 107 131 /** 108 132 * @var int … … 124 148 $read = fread($fp, $remaining); 125 149 if (!is_string($read)) { 126 if ($read === false) { 127 /** 128 * We cannot safely read from the file. Exit the 129 * do-while loop and trigger the exception condition 130 * 131 * @var string|bool 132 */ 133 $buf = false; 134 break; 135 } 150 /** 151 * We cannot safely read from the file. Exit the 152 * do-while loop and trigger the exception condition 153 * 154 * @var string|bool 155 */ 156 $buf = false; 157 break; 136 158 } 137 159 /** … … 140 162 $remaining -= RandomCompat_strlen($read); 141 163 /** 142 * @var string |bool164 * @var string $buf 143 165 */ 144 $buf = $buf .$read;166 $buf .= $read; 145 167 } while ($remaining > 0); 146 168 147 169 /** 148 170 * Is our result valid? 171 * @var string|bool $buf 149 172 */ 150 173 if (is_string($buf)) {
Note: See TracChangeset
for help on using the changeset viewer.