forked from GNUsocial/gnu-social
Replace common_good_random with common_random_hexstr
This commit is contained in:
parent
7233869298
commit
3cab5b36c1
@ -38,7 +38,7 @@ class Consumer extends Managed_DataObject
|
|||||||
static function generateNew()
|
static function generateNew()
|
||||||
{
|
{
|
||||||
$cons = new Consumer();
|
$cons = new Consumer();
|
||||||
$rand = common_good_rand(16);
|
$rand = common_random_hexstr(16);
|
||||||
|
|
||||||
$cons->seed = $rand;
|
$cons->seed = $rand;
|
||||||
$cons->consumer_key = md5(time() + $rand);
|
$cons->consumer_key = md5(time() + $rand);
|
||||||
|
@ -66,7 +66,7 @@ class Login_token extends Managed_DataObject
|
|||||||
$login_token = new Login_token();
|
$login_token = new Login_token();
|
||||||
|
|
||||||
$login_token->user_id = $user->id;
|
$login_token->user_id = $user->id;
|
||||||
$login_token->token = common_good_rand(16);
|
$login_token->token = common_random_hexstr(16);
|
||||||
$login_token->created = common_sql_now();
|
$login_token->created = common_sql_now();
|
||||||
|
|
||||||
$result = $login_token->insert();
|
$result = $login_token->insert();
|
||||||
|
@ -264,8 +264,8 @@ class ApiGNUsocialOAuthDataStore extends OAuthDataStore
|
|||||||
$at = new Token();
|
$at = new Token();
|
||||||
|
|
||||||
$at->consumer_key = $consumer->key;
|
$at->consumer_key = $consumer->key;
|
||||||
$at->tok = common_good_rand(16);
|
$at->tok = common_random_hexstr(16);
|
||||||
$at->secret = common_good_rand(16);
|
$at->secret = common_random_hexstr(16);
|
||||||
$at->type = 1; // access
|
$at->type = 1; // access
|
||||||
$at->verifier = $verifier;
|
$at->verifier = $verifier;
|
||||||
$at->verified_callback = $rt->verified_callback; // 1.0a
|
$at->verified_callback = $rt->verified_callback; // 1.0a
|
||||||
@ -392,8 +392,8 @@ class ApiGNUsocialOAuthDataStore extends OAuthDataStore
|
|||||||
{
|
{
|
||||||
$t = new Token();
|
$t = new Token();
|
||||||
$t->consumer_key = $consumer->key;
|
$t->consumer_key = $consumer->key;
|
||||||
$t->tok = common_good_rand(16);
|
$t->tok = common_random_hexstr(16);
|
||||||
$t->secret = common_good_rand(16);
|
$t->secret = common_random_hexstr(16);
|
||||||
$t->type = 0; // request
|
$t->type = 0; // request
|
||||||
$t->state = 0; // unauthorized
|
$t->state = 0; // unauthorized
|
||||||
$t->verified_callback = $callback;
|
$t->verified_callback = $callback;
|
||||||
@ -402,7 +402,7 @@ class ApiGNUsocialOAuthDataStore extends OAuthDataStore
|
|||||||
// six digit pin
|
// six digit pin
|
||||||
$t->verifier = mt_rand(0, 9999999);
|
$t->verifier = mt_rand(0, 9999999);
|
||||||
} else {
|
} else {
|
||||||
$t->verifier = common_good_rand(8);
|
$t->verifier = common_random_hexstr(8);
|
||||||
}
|
}
|
||||||
|
|
||||||
$t->created = common_sql_now();
|
$t->created = common_sql_now();
|
||||||
|
14
lib/util.php
14
lib/util.php
@ -374,7 +374,7 @@ function common_rememberme($user=null)
|
|||||||
|
|
||||||
$rm = new Remember_me();
|
$rm = new Remember_me();
|
||||||
|
|
||||||
$rm->code = common_good_rand(16);
|
$rm->code = common_random_hexstr(16);
|
||||||
$rm->user_id = $user->id;
|
$rm->user_id = $user->id;
|
||||||
|
|
||||||
// Wrap the insert in some good ol' fashioned transaction code
|
// Wrap the insert in some good ol' fashioned transaction code
|
||||||
@ -1549,15 +1549,7 @@ function common_root_url($ssl=false)
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* returns $bytes bytes of random data as a hexadecimal string
|
* returns $bytes bytes of random data as a hexadecimal string
|
||||||
* "good" here is a goal and not a guarantee
|
|
||||||
*
|
|
||||||
* TODO: Find and replace all calls to this with common_random_hexstr
|
|
||||||
*/
|
*/
|
||||||
function common_good_rand($bytes)
|
|
||||||
{
|
|
||||||
return common_random_hexstr($bytes);
|
|
||||||
}
|
|
||||||
|
|
||||||
function common_random_hexstr($bytes)
|
function common_random_hexstr($bytes)
|
||||||
{
|
{
|
||||||
$str = @file_exists('/dev/urandom')
|
$str = @file_exists('/dev/urandom')
|
||||||
@ -1975,7 +1967,7 @@ function common_confirmation_code($bits)
|
|||||||
$code = '';
|
$code = '';
|
||||||
for ($i = 0; $i < $chars; $i++) {
|
for ($i = 0; $i < $chars; $i++) {
|
||||||
// XXX: convert to string and back
|
// XXX: convert to string and back
|
||||||
$num = hexdec(common_good_rand(1));
|
$num = hexdec(common_random_hexstr(1));
|
||||||
// XXX: randomness is too precious to throw away almost
|
// XXX: randomness is too precious to throw away almost
|
||||||
// 40% of the bits we get!
|
// 40% of the bits we get!
|
||||||
$code .= $codechars[$num%32];
|
$code .= $codechars[$num%32];
|
||||||
@ -2107,7 +2099,7 @@ function common_session_token()
|
|||||||
{
|
{
|
||||||
common_ensure_session();
|
common_ensure_session();
|
||||||
if (!array_key_exists('token', $_SESSION)) {
|
if (!array_key_exists('token', $_SESSION)) {
|
||||||
$_SESSION['token'] = common_good_rand(64);
|
$_SESSION['token'] = common_random_hexstr(64);
|
||||||
}
|
}
|
||||||
return $_SESSION['token'];
|
return $_SESSION['token'];
|
||||||
}
|
}
|
||||||
|
10
lib/uuid.php
10
lib/uuid.php
@ -93,18 +93,18 @@ class UUID
|
|||||||
{
|
{
|
||||||
return sprintf('%s-%s-%04x-%04x-%s',
|
return sprintf('%s-%s-%04x-%04x-%s',
|
||||||
// 32 bits for "time_low"
|
// 32 bits for "time_low"
|
||||||
common_good_rand(4),
|
common_random_hexstr(4),
|
||||||
// 16 bits for "time_mid"
|
// 16 bits for "time_mid"
|
||||||
common_good_rand(2),
|
common_random_hexstr(2),
|
||||||
// 16 bits for "time_hi_and_version",
|
// 16 bits for "time_hi_and_version",
|
||||||
// four most significant bits holds version number 4
|
// four most significant bits holds version number 4
|
||||||
(hexdec(common_good_rand(2)) & 0x0fff) | 0x4000,
|
(hexdec(common_random_hexstr(2)) & 0x0fff) | 0x4000,
|
||||||
// 16 bits, 8 bits for "clk_seq_hi_res",
|
// 16 bits, 8 bits for "clk_seq_hi_res",
|
||||||
// 8 bits for "clk_seq_low",
|
// 8 bits for "clk_seq_low",
|
||||||
// two most significant bits holds zero and one
|
// two most significant bits holds zero and one
|
||||||
// for variant DCE1.1
|
// for variant DCE1.1
|
||||||
(hexdec(common_good_rand(2)) & 0x3fff) | 0x8000,
|
(hexdec(common_random_hexstr(2)) & 0x3fff) | 0x8000,
|
||||||
// 48 bits for "node"
|
// 48 bits for "node"
|
||||||
common_good_rand(6));
|
common_random_hexstr(6));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -187,7 +187,7 @@ class AnonymousFavePlugin extends Plugin
|
|||||||
list($proxy, $ip) = common_client_ip();
|
list($proxy, $ip) = common_client_ip();
|
||||||
|
|
||||||
// IP + time + random number should help to avoid collisions
|
// IP + time + random number should help to avoid collisions
|
||||||
$baseNickname = $ip . '-' . time() . '-' . common_good_rand(5);
|
$baseNickname = $ip . '-' . time() . '-' . common_random_hexstr(5);
|
||||||
|
|
||||||
$profile = new Profile();
|
$profile = new Profile();
|
||||||
$profile->nickname = $baseNickname;
|
$profile->nickname = $baseNickname;
|
||||||
|
@ -34,7 +34,7 @@ class CasloginAction extends Action
|
|||||||
phpCAS::handleLogoutRequests();
|
phpCAS::handleLogoutRequests();
|
||||||
phpCAS::forceAuthentication();
|
phpCAS::forceAuthentication();
|
||||||
global $casTempPassword;
|
global $casTempPassword;
|
||||||
$casTempPassword = common_good_rand(16);
|
$casTempPassword = common_random_hexstr(16);
|
||||||
$user = common_check_user(phpCAS::getUser(), $casTempPassword);
|
$user = common_check_user(phpCAS::getUser(), $casTempPassword);
|
||||||
if (!$user) {
|
if (!$user) {
|
||||||
// TRANS: Server error displayed when trying to log in with incorrect username or password.
|
// TRANS: Server error displayed when trying to log in with incorrect username or password.
|
||||||
|
@ -436,7 +436,7 @@ class FacebookfinishloginAction extends Action
|
|||||||
if ($response->isOk()) {
|
if ($response->isOk()) {
|
||||||
|
|
||||||
// seems to always be jpeg, but not sure
|
// seems to always be jpeg, but not sure
|
||||||
$tmpname = "facebook-avatar-tmp-" . common_good_rand(4);
|
$tmpname = "facebook-avatar-tmp-" . common_random_hexstr(4);
|
||||||
|
|
||||||
$ok = file_put_contents(
|
$ok = file_put_contents(
|
||||||
Avatar::path($tmpname),
|
Avatar::path($tmpname),
|
||||||
|
@ -114,7 +114,7 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin
|
|||||||
}
|
}
|
||||||
$registration_data['nickname'] = $nickname;
|
$registration_data['nickname'] = $nickname;
|
||||||
//set the database saved password to a random string.
|
//set the database saved password to a random string.
|
||||||
$registration_data['password']=common_good_rand(16);
|
$registration_data['password']=common_random_hexstr(16);
|
||||||
return User::register($registration_data);
|
return User::register($registration_data);
|
||||||
}else{
|
}else{
|
||||||
//user isn't in ldap, so we cannot register him
|
//user isn't in ldap, so we cannot register him
|
||||||
|
@ -31,7 +31,7 @@ class OMBOAuthDataStore extends OAuthDataStore
|
|||||||
if (!$con) {
|
if (!$con) {
|
||||||
$con = new Consumer();
|
$con = new Consumer();
|
||||||
$con->consumer_key = $consumer_key;
|
$con->consumer_key = $consumer_key;
|
||||||
$con->seed = common_good_rand(16);
|
$con->seed = common_random_hexstr(16);
|
||||||
$con->created = common_sql_now();
|
$con->created = common_sql_now();
|
||||||
if (!$con->insert()) {
|
if (!$con->insert()) {
|
||||||
return null;
|
return null;
|
||||||
@ -78,8 +78,8 @@ class OMBOAuthDataStore extends OAuthDataStore
|
|||||||
{
|
{
|
||||||
$t = new Token();
|
$t = new Token();
|
||||||
$t->consumer_key = $consumer->key;
|
$t->consumer_key = $consumer->key;
|
||||||
$t->tok = common_good_rand(16);
|
$t->tok = common_random_hexstr(16);
|
||||||
$t->secret = common_good_rand(16);
|
$t->secret = common_random_hexstr(16);
|
||||||
$t->type = 0; // request
|
$t->type = 0; // request
|
||||||
$t->state = 0; // unauthorized
|
$t->state = 0; // unauthorized
|
||||||
$t->created = common_sql_now();
|
$t->created = common_sql_now();
|
||||||
@ -107,8 +107,8 @@ class OMBOAuthDataStore extends OAuthDataStore
|
|||||||
common_debug('request token found.', __FILE__);
|
common_debug('request token found.', __FILE__);
|
||||||
$at = new Token();
|
$at = new Token();
|
||||||
$at->consumer_key = $consumer->key;
|
$at->consumer_key = $consumer->key;
|
||||||
$at->tok = common_good_rand(16);
|
$at->tok = common_random_hexstr(16);
|
||||||
$at->secret = common_good_rand(16);
|
$at->secret = common_random_hexstr(16);
|
||||||
$at->type = 1; // access
|
$at->type = 1; // access
|
||||||
$at->created = common_sql_now();
|
$at->created = common_sql_now();
|
||||||
if (!$at->insert()) {
|
if (!$at->insert()) {
|
||||||
|
@ -251,9 +251,9 @@ class FeedSub extends Managed_DataObject
|
|||||||
protected function doSubscribe($mode)
|
protected function doSubscribe($mode)
|
||||||
{
|
{
|
||||||
$orig = clone($this);
|
$orig = clone($this);
|
||||||
$this->verify_token = common_good_rand(16);
|
$this->verify_token = common_random_hexstr(16);
|
||||||
if ($mode == 'subscribe') {
|
if ($mode == 'subscribe') {
|
||||||
$this->secret = common_good_rand(32);
|
$this->secret = common_random_hexstr(32);
|
||||||
}
|
}
|
||||||
$this->sub_state = $mode;
|
$this->sub_state = $mode;
|
||||||
$this->update($orig);
|
$this->update($orig);
|
||||||
|
@ -132,7 +132,7 @@ class HubSub extends Managed_DataObject
|
|||||||
{
|
{
|
||||||
assert($mode == 'subscribe' || $mode == 'unsubscribe');
|
assert($mode == 'subscribe' || $mode == 'unsubscribe');
|
||||||
|
|
||||||
$challenge = common_good_rand(32);
|
$challenge = common_random_hexstr(32);
|
||||||
$params = array('hub.mode' => $mode,
|
$params = array('hub.mode' => $mode,
|
||||||
'hub.topic' => $this->topic,
|
'hub.topic' => $this->topic,
|
||||||
'hub.challenge' => $challenge);
|
'hub.challenge' => $challenge);
|
||||||
|
@ -121,7 +121,7 @@ class Realtime_channel extends Managed_DataObject
|
|||||||
$channel->arg2 = $arg2;
|
$channel->arg2 = $arg2;
|
||||||
$channel->audience = 1;
|
$channel->audience = 1;
|
||||||
|
|
||||||
$channel->channel_key = common_good_rand(16); // 128-bit key, 32 hex chars
|
$channel->channel_key = common_random_hexstr(16); // 128-bit key, 32 hex chars
|
||||||
|
|
||||||
$channel->created = common_sql_now();
|
$channel->created = common_sql_now();
|
||||||
$channel->modified = $channel->created;
|
$channel->modified = $channel->created;
|
||||||
|
@ -28,14 +28,14 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
{
|
{
|
||||||
parent::__construct();
|
parent::__construct();
|
||||||
|
|
||||||
$authorNick1 = 'activitygenerationtestsuser' . common_good_rand(4);
|
$authorNick1 = 'activitygenerationtestsuser' . common_random_hexstr(4);
|
||||||
$authorNick2 = 'activitygenerationtestsuser' . common_good_rand(4);
|
$authorNick2 = 'activitygenerationtestsuser' . common_random_hexstr(4);
|
||||||
|
|
||||||
$targetNick1 = 'activitygenerationteststarget' . common_good_rand(4);
|
$targetNick1 = 'activitygenerationteststarget' . common_random_hexstr(4);
|
||||||
$targetNick2 = 'activitygenerationteststarget' . common_good_rand(4);
|
$targetNick2 = 'activitygenerationteststarget' . common_random_hexstr(4);
|
||||||
|
|
||||||
$groupNick1 = 'activitygenerationtestsgroup' . common_good_rand(4);
|
$groupNick1 = 'activitygenerationtestsgroup' . common_random_hexstr(4);
|
||||||
$groupNick2 = 'activitygenerationtestsgroup' . common_good_rand(4);
|
$groupNick2 = 'activitygenerationtestsgroup' . common_random_hexstr(4);
|
||||||
|
|
||||||
$this->author1 = User::register(array('nickname' => $authorNick1,
|
$this->author1 = User::register(array('nickname' => $authorNick1,
|
||||||
'email' => $authorNick1 . '@example.net',
|
'email' => $authorNick1 . '@example.net',
|
||||||
@ -236,7 +236,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
{
|
{
|
||||||
$orig = $this->_fakeNotice($this->targetUser1);
|
$orig = $this->_fakeNotice($this->targetUser1);
|
||||||
|
|
||||||
$text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4);
|
$text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4);
|
||||||
|
|
||||||
$reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
|
$reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
|
||||||
|
|
||||||
@ -255,7 +255,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
{
|
{
|
||||||
$orig = $this->_fakeNotice($this->targetUser1);
|
$orig = $this->_fakeNotice($this->targetUser1);
|
||||||
|
|
||||||
$text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4);
|
$text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4);
|
||||||
|
|
||||||
$reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
|
$reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
|
||||||
|
|
||||||
@ -271,11 +271,11 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
{
|
{
|
||||||
$orig = $this->_fakeNotice($this->targetUser1);
|
$orig = $this->_fakeNotice($this->targetUser1);
|
||||||
|
|
||||||
$text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4);
|
$text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4);
|
||||||
|
|
||||||
$reply = Notice::saveNew($this->targetUser2->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
|
$reply = Notice::saveNew($this->targetUser2->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
|
||||||
|
|
||||||
$text = "@" . $this->targetUser1->nickname . " @" . $this->targetUser2->nickname . " reply text " . common_good_rand(4);
|
$text = "@" . $this->targetUser1->nickname . " @" . $this->targetUser2->nickname . " reply text " . common_random_hexstr(4);
|
||||||
|
|
||||||
$reply2 = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $reply->id));
|
$reply2 = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $reply->id));
|
||||||
|
|
||||||
@ -312,7 +312,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
public function testGroupPostAttention()
|
public function testGroupPostAttention()
|
||||||
{
|
{
|
||||||
$text = "!" . $this->targetGroup1->nickname . " reply text " . common_good_rand(4);
|
$text = "!" . $this->targetGroup1->nickname . " reply text " . common_random_hexstr(4);
|
||||||
|
|
||||||
$notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null));
|
$notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null));
|
||||||
|
|
||||||
@ -326,7 +326,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
public function testMultipleGroupPostAttention()
|
public function testMultipleGroupPostAttention()
|
||||||
{
|
{
|
||||||
$text = "!" . $this->targetGroup1->nickname . " !" . $this->targetGroup2->nickname . " reply text " . common_good_rand(4);
|
$text = "!" . $this->targetGroup1->nickname . " !" . $this->targetGroup2->nickname . " reply text " . common_random_hexstr(4);
|
||||||
|
|
||||||
$notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null));
|
$notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null));
|
||||||
|
|
||||||
@ -379,7 +379,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
public function testTag()
|
public function testTag()
|
||||||
{
|
{
|
||||||
$tag1 = common_good_rand(4);
|
$tag1 = common_random_hexstr(4);
|
||||||
|
|
||||||
$notice = $this->_fakeNotice($this->author1, '#' . $tag1);
|
$notice = $this->_fakeNotice($this->author1, '#' . $tag1);
|
||||||
|
|
||||||
@ -395,8 +395,8 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
public function testMultiTag()
|
public function testMultiTag()
|
||||||
{
|
{
|
||||||
$tag1 = common_good_rand(4);
|
$tag1 = common_random_hexstr(4);
|
||||||
$tag2 = common_good_rand(4);
|
$tag2 = common_random_hexstr(4);
|
||||||
|
|
||||||
$notice = $this->_fakeNotice($this->author1, '#' . $tag1 . ' #' . $tag2);
|
$notice = $this->_fakeNotice($this->author1, '#' . $tag1 . ' #' . $tag2);
|
||||||
|
|
||||||
@ -422,7 +422,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
public function testGeotaggedActivity()
|
public function testGeotaggedActivity()
|
||||||
{
|
{
|
||||||
$notice = Notice::saveNew($this->author1->id, common_good_rand(4), 'test', array('uri' => null, 'lat' => 45.5, 'lon' => -73.6));
|
$notice = Notice::saveNew($this->author1->id, common_random_hexstr(4), 'test', array('uri' => null, 'lat' => 45.5, 'lon' => -73.6));
|
||||||
|
|
||||||
$entry = $notice->asAtomEntry();
|
$entry = $notice->asAtomEntry();
|
||||||
|
|
||||||
@ -518,7 +518,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
{
|
{
|
||||||
$orig = $this->_fakeNotice($this->targetUser1);
|
$orig = $this->_fakeNotice($this->targetUser1);
|
||||||
|
|
||||||
$text = "@" . $this->targetUser1->nickname . " reply text " . common_good_rand(4);
|
$text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4);
|
||||||
|
|
||||||
$reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
|
$reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id));
|
||||||
|
|
||||||
@ -565,7 +565,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (empty($text)) {
|
if (empty($text)) {
|
||||||
$text = "fake-o text-o " . common_good_rand(32);
|
$text = "fake-o text-o " . common_random_hexstr(32);
|
||||||
}
|
}
|
||||||
|
|
||||||
return Notice::saveNew($user->id, $text, 'test', array('uri' => null));
|
return Notice::saveNew($user->id, $text, 'test', array('uri' => null));
|
||||||
|
Loading…
Reference in New Issue
Block a user