|
function create_hash($password, $force_compat = false) |
|
{ |
|
// Generate the salt. |
|
|
|
if (function_exists('mcrypt_create_iv') && version_compare( PHP_VERSION, '7.2' , '<' ) ) { |
|
$salt = base64_encode(mcrypt_create_iv(PBKDF2_COMPAT_SALT_BYTES, MCRYPT_DEV_URANDOM)); |
|
} elseif (@file_exists('/dev/urandom') && $fp = @fopen('/dev/urandom', 'r')) { |
|
$salt = base64_encode(fread($fp, PBKDF2_COMPAT_SALT_BYTES)); |
|
} else { |
|
$salt = ''; |
|
for ($i = 0; $i < PBKDF2_COMPAT_SALT_BYTES; $i += 2) { |
|
$salt .= pack('S', mt_rand(0, 65535)); |
|
} |
|
$salt = base64_encode(substr($salt, 0, PBKDF2_COMPAT_SALT_BYTES)); |
|
} |
|
|
|
// Determine the best supported algorithm and iteration count. |
|
|
|
$algo = strtolower(PBKDF2_COMPAT_HASH_ALGORITHM); |
|
$iterations = PBKDF2_COMPAT_ITERATIONS; |
|
if ($force_compat || !function_exists('hash_algos') || !in_array($algo, hash_algos())) { |
|
$algo = false; // This flag will be detected by pbkdf2_default() |
|
$iterations = round($iterations / 5); // PHP 4 is very slow. Don't cause too much server load. |
|
} |
|
|
|
// Return format: algorithm:iterations:salt:hash |
|
|
|
$pbkdf2 = pbkdf2_default($algo, $password, $salt, $iterations, PBKDF2_COMPAT_HASH_BYTES); |
|
$prefix = $algo ? $algo : 'sha1'; |
|
return $prefix . ':' . $iterations . ':' . $salt . ':' . base64_encode($pbkdf2); |
|
} |
Line 51에서 $fp = @fopen('/dev/urandom', 'r') 후 fclose($fp)를 실행하지 않습니다.
gnuboard5/lib/pbkdf2.compat.php
Lines 45 to 75 in 920a6c9
Line 51에서
$fp = @fopen('/dev/urandom', 'r')후fclose($fp)를 실행하지 않습니다.