Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
ldap_servers/ldap_servers.encryption.inc has the following function:
<?php
/**
* Return a random salt of a given length for crypt-style passwords
*
* @param int length
* The requested length.
*
* @return string
* A (fairly) random salt of the requested length.
*
*/
function ldap_servers_random_salt( $length ) {
$possible = '0123456789' . 'abcdefghijklmnopqrstuvwxyz' . 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' . './';
$salt = "";
mt_srand((double)microtime() * 1000000);
while ( strlen( $salt ) < $length ) {
$salt .= substr( $possible, ( rand() % strlen( $possible ) ), 1 );
}
return $salt;
}
?>
I was thinking that it would be usefull if drupal core had something like this.
I searched around and found out that drupal core does have such a function.
see: http://api.drupal.org/api/drupal/includes!bootstrap.inc/function/drupal_...
It appears to be more versatile and has the ability to use things like openssl and /dev/urandom (if available).
Is there a reason not to use drupal_random_bytes() instead?
This is a request to switch to and use drupal_random_bytes() instead of ldap_servers_random_salt().
Comment | File | Size | Author |
---|---|---|---|
ldap-7.x-1.x-dev-use_drupal_random_bytes-1.patch | 1.77 KB | thekevinday | |
Comments
Comment #1
thekevinday CreditAttribution: thekevinday commentedoh wow, sorry wrong tab and therefore wrong project.
Fixing..
Comment #2
johnbarclay CreditAttribution: johnbarclay commentedNo reason for using ldap_servers_random_salt() except this part of the code was written before drupal 7. Since this is being called on install, it should have no effect on existing salt keys so I think its a good patch.
Comment #3
johnbarclay CreditAttribution: johnbarclay commentedThis is fixed now in 7.x-2.x-dev. See http://drupalcode.org/project/ldap.git/commitdiff/4528533fece804190c5543...
Comment #4
johnbarclay CreditAttribution: johnbarclay commented