[Phpmyadmin-devel] possible patch for 4.3.0: PHP OpenSSL support

[Marc Delisle]

Michal Čihař a écrit :
> Hi
> 
> Dne Mon, 17 Nov 2014 16:00:30 -0500
> Marc Delisle <marc at infomarc.info> napsal(a):
> 
>> Marc Delisle a écrit :
>>> Hi,
>>>
>>> Robert Scheck from Fedora would like his patch to be merged in time for
>>> 4.3.0. I feel that we should have a look at it even if we said we froze
>>> 4.3.x for new features.
>>>
>>> Here is his email.
>>> -----
>>>
>>> Hello Marc,
>>>
>>> when I read your e-mail regarding phpMyAdmin 4.3.0-alpha1, I remembered
>>> back to my patch to add PHP OpenSSL support (additionally to MCrypt and
>>> phpseclib) at https://sourceforge.net/p/phpmyadmin/feature-requests/1537/
>>> again. Is there any chance for a decision for 4.3.0 series? I guess this
>>> (hopefully) not much work for an experienced PHP developer to review and
>>> maybe to adapt slightly if needed.
>>>
>>> My main reason for asking you is that (especially RHEL) doesn't contain
>>> PHP MCrypt while PHP OpenSSL is even faster (if I can believe Roundcube
>>> Webmail developers). Indeed PHP MCrypt is available via a separate repo
>>> for RHEL/CentOS users but that causes some mixed feelings from time to
>>> time again. The goal would be to additionally support PHP OpenSSL
>>> without dropping any other existing MCrypt and phpseclib support.
>>>
>>>
>>> Thanks,
>>>   Robert
>>>
>> The patch looks fine to me, apart from a minor addition I made to avoid 
>> a warning (see the feature request). I would appreciate that someone 
>> else review the patch.
>>
>> Any feedback on the process of adding this feature to 4.3.0 ?
> 
> I think it's fine, the patch looks sane, but IMHO it should come with
> tests that ensure that encrypted data is compatible with other
> implementations (we currently only have one test which expects same
> behavior regardless implementation see 
> PMA_AuthenticationCookie_Test::testCookieEncrypt/testCookieDecrypt).

Good point. Also, testAuthSetUser() is failing.

-- 
Marc Delisle (phpMyAdmin)