Permalink
Browse files

* Generate better random numbers

  • Loading branch information...
sarciszewski committed Jun 25, 2014
1 parent cc0c90e commit 22f587ea4b22ed0e4473a52832b4fbd5ecaa58c1
View
@@ -214,7 +214,7 @@ function update_option_new_admin_email( $old_value, $value ) {
if ( $value == get_option( 'admin_email' ) || !is_email( $value ) )
return;
- $hash = md5( $value. time() .mt_rand() );
+ $hash = md5( $value. time() . wp_secure_rand(16) );
$new_admin_email = array(
'hash' => $hash,
'newemail' => $value
@@ -284,7 +284,7 @@ function send_confirmation_on_profile_email() {
return;
}
- $hash = md5( $_POST['email'] . time() . mt_rand() );
+ $hash = md5( $_POST['email'] . time() . wp_secure_rand(16) );
$new_user_email = array(
'hash' => $hash,
'newemail' => $_POST['email']
@@ -991,7 +991,7 @@ function populate_network( $network_id = 1, $domain = '', $email = '', $site_nam
$vhost_ok = false;
$errstr = '';
- $hostname = substr( md5( time() ), 0, 6 ) . '.' . $domain; // Very random hostname!
+ $hostname = bin2hex( wp_secure_rand(3) ) . '.' . $domain; // Very random hostname!
$page = wp_remote_get( 'http://' . $hostname, array( 'timeout' => 5, 'httpversion' => '1.1' ) );
if ( is_wp_error( $page ) )
$errstr = $page->get_error_message();
@@ -253,7 +253,8 @@ function CheckPassword($password, $stored_hash)
if ($hash[0] == '*')
$hash = crypt($password, $stored_hash);
- return $hash === $stored_hash;
+ $nonce = wp_secure_rand(32);
+ return hash_hmac('sha256', $hash, $nonce) === hash_hmac('sha256', $stored_hash, $nonce);
}
}
@@ -1583,9 +1583,9 @@ function wp_is_writable( $path ) {
function win_is_writable( $path ) {
if ( $path[strlen( $path ) - 1] == '/' ) // if it looks like a directory, check a random file within the directory
- return win_is_writable( $path . uniqid( mt_rand() ) . '.tmp');
+ return win_is_writable( $path . uniqid( mt_rand() . wp_secure_rand(16) ) . '.tmp');
else if ( is_dir( $path ) ) // If it's a directory (and not a file) check a random file within the directory
- return win_is_writable( $path . '/' . uniqid( mt_rand() ) . '.tmp' );
+ return win_is_writable( $path . '/' . uniqid( mt_rand() . wp_secure_rand(16) ) . '.tmp' );
// check tmp file for read/write capabilities
$should_delete_tmp_file = !file_exists( $path );
@@ -725,7 +725,7 @@ function wpmu_validate_blog_signup( $blogname, $blog_title, $user = '' ) {
function wpmu_signup_blog( $domain, $path, $title, $user, $user_email, $meta = array() ) {
global $wpdb;
- $key = substr( md5( time() . rand() . $domain ), 0, 16 );
+ $key = substr( md5( time() . wp_secure_rand(8) . $domain ), 0, 16 );
$meta = serialize($meta);
$wpdb->insert( $wpdb->signups, array(
@@ -761,7 +761,7 @@ function wpmu_signup_user( $user, $user_email, $meta = array() ) {
// Format data
$user = preg_replace( '/\s+/', '', sanitize_user( $user, true ) );
$user_email = sanitize_email( $user_email );
- $key = substr( md5( time() . rand() . $user_email ), 0, 16 );
+ $key = substr( md5( time() . wp_secure_rand(8) . $user_email ), 0, 16 );
$meta = serialize($meta);
$wpdb->insert( $wpdb->signups, array(
View
@@ -1965,6 +1965,46 @@ function wp_generate_password( $length = 12, $special_chars = true, $extra_speci
}
endif;
+if ( !function_exists('wp_secure_rand') ) :
+/**
+ * Generate a cryptographically secure random string
+ *
+ * @param int $bytes - how many bytes do we want?
+ */
+
+function wp_secure_rand($bytes = 32) {
+ $buf = '';
+ // http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/
+ // Use /dev/urandom over all other methods
+ if (is_readable('/dev/urandom')) {
+ $fp = fopen('/dev/urandom', 'rb');
+ if ($fp !== false) {
+ $buf = fread($fp, $bytes);
+ fclose($fp);
+ if ($buf !== FALSE) {
+ return $buf;
+ }
+ }
+ }
+ if (function_exists('mcrypt_create_iv')) {
+ $buf = mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM);
+ if($buf !== FALSE) {
+ return $buf;
+ }
+ }
+ if (function_exists('openssl_random_pseudo_bytes')) {
+ $strong = false;
+ $buf = openssl_random_pseudo_bytes($bytes, $strong);
+ if ($strong) {
+ return $buf;
+ }
+ }
+ // This may be desirable down the road.
+ //die("No secure random number generator available!");
+}
+
+endif;
+
if ( !function_exists('wp_rand') ) :
/**
* Generates a random number
@@ -1985,7 +2025,7 @@ function wp_rand( $min = 0, $max = 0 ) {
static $seed = '';
else
$seed = get_transient('random_seed');
- $rnd_value = md5( uniqid(microtime() . mt_rand(), true ) . $seed );
+ $rnd_value = md5( wp_secure_rand(16) . uniqid(microtime() . mt_rand(), true ) . $seed );
$rnd_value .= sha1($rnd_value);
$rnd_value .= sha1($rnd_value . $seed);
$seed = md5($seed . $rnd_value);

0 comments on commit 22f587e

Please sign in to comment.