Bug #25874

Security Randomizer produces a Warning on Windows if openssl_* is not available

Added by Bastian Waidelich over 10 years ago. Updated over 10 years ago.

Status:
Resolved
Priority:
Should have
Category:
Security
Target version:
-
Start date:
2011-04-11
Due date:
% Done:

100%

Estimated time:
PHP Version:
Has patch:
Complexity:

Description

In line 166ff of the Security_Randomizer script we're currently using to create the CSRF tokens a random string is generated with following command:

$fp = @fopen('/dev/urandom', 'rb')

Despite of the Error Control Operator a warning is produced that leads to an exception in Development mode.
We should check the OS here or try the windows commands first..

#1

Updated by Mr. Hudson over 10 years ago

Patch set 1 of change I7bc25437000c982083003926eaeb4d1f71f4e007 has been pushed to the review server.
It is available at http://review.typo3.org/1606

#2

Updated by Bastian Waidelich over 10 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Also available in: Atom PDF