On 25 Sep 2008, at 22:59, Cristian Rodríguez <[EMAIL PROTECTED]>
wrote:
Scott MacVicar escribió:
Hi All,
Attached and uploaded [1] is a patch to add the OpenSSL random pseudo
byte function, at the moment it will return FALSE if the bytes aren't
considered cryptographically strong, I am however considering making
this parameter controlled.
Any objections to me applying this to 5.3?
Scott
--
[1] - http://whisky.macvicar.net/patches/openssl_prg.patch.txt
What is the status of this ? I see nothing that can break with this
patch, but I would suggest the function to take the second argument by
value instead of by reference, valid code like
<?php
$activation_code = md5(openssl_random_pseudo_bytes(128, true));
?>
causes a Fatal error: Only variables can be passed by
The second parameter indicates if the resultant data was strong random
data. It's not an option.
By default it is strong, if it runs out of data it will be weak.
If you don't care don't pass a parameter.
Scott
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
