equal
deleted
inserted
replaced
1 <?php |
1 <?php |
2 /** |
2 /** |
3 * Portable PHP password hashing framework. |
3 * Portable PHP password hashing framework. |
4 * @package phpass |
4 * @package phpass |
5 * @since 2.5 |
5 * @since 2.5 |
6 * @version 0.1 |
6 * @version 0.3 / WordPress |
7 * @link http://www.openwall.com/phpass/ |
7 * @link http://www.openwall.com/phpass/ |
8 */ |
8 */ |
9 |
9 |
10 # |
10 # |
11 # Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in |
11 # Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in |
12 # the public domain. |
12 # the public domain. Revised in subsequent years, still public domain. |
13 # |
13 # |
14 # There's absolutely no warranty. |
14 # There's absolutely no warranty. |
15 # |
15 # |
16 # Please be sure to update the Version line if you edit this file in any way. |
16 # Please be sure to update the Version line if you edit this file in any way. |
17 # It is suggested that you leave the main version number intact, but indicate |
17 # It is suggested that you leave the main version number intact, but indicate |
27 |
27 |
28 /** |
28 /** |
29 * Portable PHP password hashing framework. |
29 * Portable PHP password hashing framework. |
30 * |
30 * |
31 * @package phpass |
31 * @package phpass |
32 * @version 0.1 / genuine |
32 * @version 0.3 / WordPress |
33 * @link http://www.openwall.com/phpass/ |
33 * @link http://www.openwall.com/phpass/ |
34 * @since 2.5 |
34 * @since 2.5 |
35 */ |
35 */ |
36 class PasswordHash { |
36 class PasswordHash { |
37 var $itoa64; |
37 var $itoa64; |
47 $iteration_count_log2 = 8; |
47 $iteration_count_log2 = 8; |
48 $this->iteration_count_log2 = $iteration_count_log2; |
48 $this->iteration_count_log2 = $iteration_count_log2; |
49 |
49 |
50 $this->portable_hashes = $portable_hashes; |
50 $this->portable_hashes = $portable_hashes; |
51 |
51 |
52 $this->random_state = microtime() . (function_exists('getmypid') ? getmypid() : '') . uniqid(rand(), TRUE); |
52 $this->random_state = microtime() . uniqid(rand(), TRUE); // removed getmypid() for compatibility reasons |
53 |
|
54 } |
53 } |
55 |
54 |
56 function get_random_bytes($count) |
55 function get_random_bytes($count) |
57 { |
56 { |
58 $output = ''; |
57 $output = ''; |
59 if (($fh = @fopen('/dev/urandom', 'rb'))) { |
58 if ( @is_readable('/dev/urandom') && |
|
59 ($fh = @fopen('/dev/urandom', 'rb'))) { |
60 $output = fread($fh, $count); |
60 $output = fread($fh, $count); |
61 fclose($fh); |
61 fclose($fh); |
62 } |
62 } |
63 |
63 |
64 if (strlen($output) < $count) { |
64 if (strlen($output) < $count) { |
112 { |
112 { |
113 $output = '*0'; |
113 $output = '*0'; |
114 if (substr($setting, 0, 2) == $output) |
114 if (substr($setting, 0, 2) == $output) |
115 $output = '*1'; |
115 $output = '*1'; |
116 |
116 |
117 if (substr($setting, 0, 3) != '$P$') |
117 $id = substr($setting, 0, 3); |
|
118 # We use "$P$", phpBB3 uses "$H$" for the same thing |
|
119 if ($id != '$P$' && $id != '$H$') |
118 return $output; |
120 return $output; |
119 |
121 |
120 $count_log2 = strpos($this->itoa64, $setting[3]); |
122 $count_log2 = strpos($this->itoa64, $setting[3]); |
121 if ($count_log2 < 7 || $count_log2 > 30) |
123 if ($count_log2 < 7 || $count_log2 > 30) |
122 return $output; |
124 return $output; |