[MediaWiki-commits] [Gerrit] mediawiki/core[REL1_29]: CryptRand: only use random_bytes on php 7 and HHVM

Mon, 12 Jun 2017 13:11:40 -0700 

jenkins-bot has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/358302 )

Change subject: CryptRand: only use random_bytes on php 7 and HHVM
......................................................................


CryptRand: only use random_bytes on php 7 and HHVM

This avoids random_bytes polyfills used on older versions of PHP or
HHVM. HHVM has had random_bytes longer than PHP so treat it separately.

Bug: T143788
Change-Id: Ic9e511ccc043d50e0a9051cdfe069c27e4f4c339
(cherry picked from commit 9272d7717d8b526e966928e851451a257a26b0a5)
---
M includes/libs/CryptRand.php
1 file changed, 4 insertions(+), 1 deletion(-)

Approvals:
  Chad: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/includes/libs/CryptRand.php b/includes/libs/CryptRand.php
index 0d3613a..4b4a913 100644
--- a/includes/libs/CryptRand.php
+++ b/includes/libs/CryptRand.php
@@ -247,8 +247,11 @@
                        // On Linux, getrandom syscall will be used if 
available.
                        // On Windows CryptGenRandom will always be used
                        // On other platforms, /dev/urandom will be used.
+                       // Avoids polyfills from before php 7.0
                        // All error situations will throw Exceptions and or 
Errors
-                       if ( function_exists( 'random_bytes' ) ) {
+                       if ( PHP_VERSION_ID >= 70000
+                               || ( defined( 'HHVM_VERSION_ID' ) && 
HHVM_VERSION_ID >= 31101 )
+                       ) {
                                $rem = $bytes - strlen( $buffer );
                                $buffer .= random_bytes( $rem );
                        }

-- 
To view, visit https://gerrit.wikimedia.org/r/358302
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ic9e511ccc043d50e0a9051cdfe069c27e4f4c339
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: REL1_29
Gerrit-Owner: Paladox <thomasmulhall...@yahoo.com>
Gerrit-Reviewer: Bartosz DziewoƄski <matma....@gmail.com>
Gerrit-Reviewer: Chad <ch...@wikimedia.org>
Gerrit-Reviewer: Jforrester <jforres...@wikimedia.org>
Gerrit-Reviewer: Krinkle <krinklem...@gmail.com>
Gerrit-Reviewer: Legoktm <lego...@member.fsf.org>
Gerrit-Reviewer: Paladox <thomasmulhall...@yahoo.com>
Gerrit-Reviewer: Reedy <re...@wikimedia.org>
Gerrit-Reviewer: TheDJ <hartman.w...@gmail.com>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to