From d48e188d5e68223703ee5b5c5a9abe2f3f478f43 Mon Sep 17 00:00:00 2001
From: Jaime Perez Crespo <jaime.perez@uninett.no>
Date: Fri, 31 Jul 2015 14:05:22 +0200
Subject: [PATCH] Be explicit when checking if there's a salt defined or not.

---
 lib/SimpleSAML/Utils/Crypto.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/SimpleSAML/Utils/Crypto.php b/lib/SimpleSAML/Utils/Crypto.php
index 9d74a267f..269ed1b4d 100644
--- a/lib/SimpleSAML/Utils/Crypto.php
+++ b/lib/SimpleSAML/Utils/Crypto.php
@@ -284,7 +284,7 @@ class Crypto
         }
 
         // hash w/ salt
-        if (!$salt) { // no salt provided, generate one
+        if ($salt === null) { // no salt provided, generate one
             // default 8 byte salt, but 4 byte for LDAP SHA1 hashes
             $bytes = ($algorithm == 'SSHA1') ? 4 : 8;
             $salt = openssl_random_pseudo_bytes($bytes);
-- 
GitLab