From 08d5d52a34fa7f972f3a7da214f796ad72a9d944 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Sun, 4 Aug 2013 09:44:57 +0200
Subject: [PATCH] FS#2829 check if auth_random is available in PassHash

---
 inc/PassHash.class.php | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/inc/PassHash.class.php b/inc/PassHash.class.php
index 607661a22..db6a3a77c 100644
--- a/inc/PassHash.class.php
+++ b/inc/PassHash.class.php
@@ -98,7 +98,7 @@ class PassHash {
         $salt  = '';
         $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
         for($i = 0; $i < $len; $i++) {
-            $salt .= $chars[auth_random(0, 61)];
+            $salt .= $chars[$this->random(0, 61)];
         }
         return $salt;
     }
@@ -541,4 +541,20 @@ class PassHash {
 
         return ($raw_output) ? pack($pack, $output) : $output;
     }
+
+    /**
+     * Use DokuWiki's secure random generator if available
+     *
+     * @param $min
+     * @param $max
+     *
+     * @return int
+     */
+    protected function random($min, $max){
+        if(function_exists('auth_random')){
+            return auth_random($min, $max);
+        }else{
+            return mt_rand($min, $max);
+        }
+    }
 }
-- 
GitLab