Do not require the openssl extension

2014-11-10 11:20:02 +01:00 · 2014-11-10 11:20:02 +01:00 · 2bb7217d04
parent 79493592bb
commit 2bb7217d04
2 changed files with 12 additions and 2 deletions
--- a/application/clicommands/SetupCommand.php
+++ b/application/clicommands/SetupCommand.php
@ -47,7 +47,12 @@ class SetupCommand extends Command
     */
    public function generateTokenAction()
    {
-        $token = bin2hex(openssl_random_pseudo_bytes(8));
+        if (function_exists('openssl_random_pseudo_bytes')) {
+            $token = bin2hex(openssl_random_pseudo_bytes(8));
+        } else {
+            $token = substr(md5(mt_rand()), 16);
+        }
+
        $filepath = $this->app->getConfigDir() . '/setup.token';

        if (false === file_put_contents($filepath, $token)) {
--- a/library/Icinga/Authentication/Backend/DbUserBackend.php
+++ b/library/Icinga/Authentication/Backend/DbUserBackend.php
@ -144,7 +144,12 @@ class DbUserBackend extends UserBackend
     */
    protected function generateSalt()
    {
-        return openssl_random_pseudo_bytes(self::SALT_LENGTH);
+        if (function_exists('openssl_random_pseudo_bytes')) {
+            return openssl_random_pseudo_bytes(self::SALT_LENGTH);
+        } else {
+            // If you know a more secure way to generate a salt, do not hesitate to change this!
+            return substr(md5(mt_rand()), self::SALT_LENGTH);
+        }
    }

    /**