diff options
| author | Bart Visscher <bartv@thisnet.nl> | 2013-04-04 00:48:21 -0700 |
|---|---|---|
| committer | Bart Visscher <bartv@thisnet.nl> | 2013-04-04 00:48:21 -0700 |
| commit | 2f1962940785eb4aeb781d4c08fa19b8bc407050 (patch) | |
| tree | d91781622170ff5e46d83762f66affa84f23d753 /lib | |
| parent | 866221a01268c0783a1a759741b778332a7692d2 (diff) | |
| parent | 6645a54cacb80ceb2d394ab6d3e3014bc9019a0c (diff) | |
| download | nextcloud-server-2f1962940785eb4aeb781d4c08fa19b8bc407050.tar.gz nextcloud-server-2f1962940785eb4aeb781d4c08fa19b8bc407050.zip | |
Merge pull request #2706 from owncloud/random_is_random_and_not_time
Use a more random source...
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/setup.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/setup.php b/lib/setup.php index b4b07bd70e4..7082f0b2afd 100644 --- a/lib/setup.php +++ b/lib/setup.php @@ -243,7 +243,7 @@ class OC_Setup { $dbusername=substr('oc_'.$username, 0, 16); if($dbusername!=$oldUser) { //hash the password so we don't need to store the admin config in the config file - $dbpassword=md5(time().$dbpass); + $dbpassword=OC_Util::generate_random_bytes(30); self::createDBUser($dbusername, $dbpassword, $connection); @@ -333,7 +333,7 @@ class OC_Setup { //add prefix to the postgresql user name to prevent collisions $dbusername='oc_'.$username; //create a new password so we don't need to store the admin config in the config file - $dbpassword=md5(time()); + $dbpassword=OC_Util::generate_random_bytes(30); self::pg_createDBUser($dbusername, $dbpassword, $connection); @@ -476,7 +476,7 @@ class OC_Setup { //add prefix to the oracle user name to prevent collisions $dbusername='oc_'.$username; //create a new password so we don't need to store the admin config in the config file - $dbpassword=md5(time().$dbpass); + $dbpassword=OC_Util::generate_random_bytes(30); //oracle passwords are treated as identifiers: // must start with aphanumeric char |