[wp-trac] [WordPress Trac] #28633: Generate better random numbers
WordPress Trac
noreply at wordpress.org
Wed Jul 8 05:42:08 UTC 2015
#28633: Generate better random numbers
-------------------------------------------+-----------------------------
Reporter: sarciszewski | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Future Release
Component: Security | Version:
Severity: normal | Resolution:
Keywords: needs-testing has-patch early | Focuses:
-------------------------------------------+-----------------------------
Comment (by sarciszewski):
Hey, it's been a while.
I see that this still hasn't gotten merged. This might be a good thing.
I've put together a polyfill library for PHP7's `random_int()` and
`random_bytes()` functions for PHP 5.x projects and (with WordPress in
mind) I kept PHP 5.2 compatibility.
https://github.com/paragonie/random_compat
@dd32 If you would prefer to use an external library and have
`wp_external_random_bytes()` just invoke it rather than try to manage this
internally, that might make upgrading/patching any bugs that crop up in
the future more sane. "Upgrade random_compat to 1.0.1" is probably an
easier change to audit than a comprehensive rewrite of core functions.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28633#comment:43>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list