From 47639e3cf1bb96cea5066743e697ac8d4f1d16f8 Mon Sep 17 00:00:00 2001
From: nuxsmin <nuxsmin@syspass.org>
Date: Wed, 15 Jun 2016 12:22:22 +0200
Subject: [PATCH] * [FIX] Minor bugfixes * [ADD] Added temp master password
 counter (mas 100 attempts)

---
 CHANGELOG           | 11 +++++++++++
 inc/Crypt.class.php |  6 ++++--
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 70cbc618..5fd3275b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,14 @@
+=== ** v1.2.0.12 ===
+
+* [ADD] Added temp master password counter (max 100 attempts)
+* [FIX] Fixed issue when paging accounts when sort key was set.
+* [FIX] Closes #204. Fixed LDAP group search when ADS is set. Thanks to @vplanas
+* [ADD] Add styles.css minimized version file
+* [FIX] Closes #196. Fixed textarea element name. Thanks to @joeg1484 and @st3reo
+* [FIX] Improved installer when database is located in another host.
+* [FIX] Enforce 32 bytes IV length.
+* [FIX] Minor bugfixes
+
 === ** v1.2.0.11 ===
 
 * [MOD] Modified logout behavior to prevent login for two times. Related #189
diff --git a/inc/Crypt.class.php b/inc/Crypt.class.php
index ff16174e..7c18d671 100644
--- a/inc/Crypt.class.php
+++ b/inc/Crypt.class.php
@@ -75,10 +75,12 @@ class Crypt
             $source = MCRYPT_RAND;
         }
 
+        $ivSize = mcrypt_enc_get_iv_size($mcryptRes);
+
         // Crear el IV y asegurar que tiene una longitud de 32 bytes
         do {
-            $cryptIV = mcrypt_create_iv(mcrypt_enc_get_iv_size($mcryptRes), $source);
-        } while (strlen($cryptIV) < 32);
+            $cryptIV = mcrypt_create_iv($ivSize, $source);
+        } while (strlen(substr($cryptIV, 0, $ivSize)) < $ivSize);
 
         mcrypt_module_close($mcryptRes);