diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2013-05-31 14:43:31 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2013-06-16 21:25:02 +0200 |
| commit | 25e48e54df60b3df6efa365daceb3a8966c8f427 (patch) | |
| tree | 7ed474fee55fba477064ee5013989a1f702a1214 | |
| parent | 45bc740ec08590304b589146b7f51ae8f3878e7c (diff) | |
| download | rpg-25e48e54df60b3df6efa365daceb3a8966c8f427.tar.gz rpg-25e48e54df60b3df6efa365daceb3a8966c8f427.tar.bz2 | |
make password reset token completely random
No need for HMAC here because there's no length attack vector here. We
only care for the existance of the file and each reset request is
completely (random) independent from each other.
Conflicts:
inc/auth.php
| -rw-r--r-- | inc/auth.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/inc/auth.php b/inc/auth.php index 0f3dc8b46..6107645cd 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -1007,7 +1007,7 @@ function act_resendpwd() { } // generate auth token - $token = md5(auth_cookiesalt().$user); //secret but user based + $token = md5(uniqid(mt_rand(), true)); // random secret $tfile = $conf['cachedir'].'/'.$token{0}.'/'.$token.'.pwauth'; $url = wl('', array('do'=> 'resendpwd', 'pwauth'=> $token), true, '&'); |