$state .= rand() . uniqid( mt_rand(), true );
// Include some information about the filesystem's current state in the random state
- $files = array();
+ $files = [];
// We know this file is here so grab some info about ourselves
$files[] = __FILE__;
}
if ( strlen( $buffer ) < $bytes ) {
- // If available make use of openssl's random_pseudo_bytes method to
- // attempt to generate randomness. However don't do this on Windows
- // with PHP < 5.3.4 due to a bug:
- // http://stackoverflow.com/questions/1940168/openssl-random-pseudo-bytes-is-slow-php
- // http://git.php.net/?p=php-src.git;a=commitdiff;h=cd62a70863c261b07f6dadedad9464f7e213cad5
- if ( function_exists( 'openssl_random_pseudo_bytes' )
- && ( !wfIsWindows() || version_compare( PHP_VERSION, '5.3.4', '>=' ) )
- ) {
+ if ( function_exists( 'openssl_random_pseudo_bytes' ) ) {
$rem = $bytes - strlen( $buffer );
$openssl_bytes = openssl_random_pseudo_bytes( $rem, $openssl_strong );
if ( $openssl_bytes === false ) {
": Falling back to using a pseudo random state to generate randomness.\n" );
}
while ( strlen( $buffer ) < $bytes ) {
- $buffer .= MWCryptHash::hmac( $this->randomState(), mt_rand() );
+ $buffer .= MWCryptHash::hmac( $this->randomState(), strval( mt_rand() ) );
// This code is never really cryptographically strong, if we use it
// at all, then set strong to false.
$this->strong = false;