[Phpmyadmin-devel] possible patch for 4.3.0: PHP OpenSSL support
Marc Delisle
marc at infomarc.info
Tue Nov 18 19:13:37 CET 2014
Marc Delisle a écrit :
> Michal Čihař a écrit :
>> Hi
>>
>> Dne Mon, 17 Nov 2014 16:00:30 -0500
>> Marc Delisle <marc at infomarc.info> napsal(a):
>>
>>> Marc Delisle a écrit :
>>>> Hi,
>>>>
>>>> Robert Scheck from Fedora would like his patch to be merged in time for
>>>> 4.3.0. I feel that we should have a look at it even if we said we froze
>>>> 4.3.x for new features.
>>>>
>>>> Here is his email.
>>>> -----
>>>>
>>>> Hello Marc,
>>>>
>>>> when I read your e-mail regarding phpMyAdmin 4.3.0-alpha1, I remembered
>>>> back to my patch to add PHP OpenSSL support (additionally to MCrypt and
>>>> phpseclib) at https://sourceforge.net/p/phpmyadmin/feature-requests/1537/
>>>> again. Is there any chance for a decision for 4.3.0 series? I guess this
>>>> (hopefully) not much work for an experienced PHP developer to review and
>>>> maybe to adapt slightly if needed.
>>>>
>>>> My main reason for asking you is that (especially RHEL) doesn't contain
>>>> PHP MCrypt while PHP OpenSSL is even faster (if I can believe Roundcube
>>>> Webmail developers). Indeed PHP MCrypt is available via a separate repo
>>>> for RHEL/CentOS users but that causes some mixed feelings from time to
>>>> time again. The goal would be to additionally support PHP OpenSSL
>>>> without dropping any other existing MCrypt and phpseclib support.
>>>>
>>>>
>>>> Thanks,
>>>> Robert
>>>>
>>> The patch looks fine to me, apart from a minor addition I made to avoid
>>> a warning (see the feature request). I would appreciate that someone
>>> else review the patch.
>>>
>>> Any feedback on the process of adding this feature to 4.3.0 ?
>> I think it's fine, the patch looks sane, but IMHO it should come with
>> tests that ensure that encrypted data is compatible with other
>> implementations (we currently only have one test which expects same
>> behavior regardless implementation see
>> PMA_AuthenticationCookie_Test::testCookieEncrypt/testCookieDecrypt).
>
> Good point. Also, testAuthSetUser() is failing.
>
I adapted the patch for 4.3.0, please review.
https://sourceforge.net/p/phpmyadmin/feature-requests/_discuss/thread/1a25ee17/85f4/attachment/4.3.0-openssl.patch
--
Marc Delisle (phpMyAdmin)
More information about the Developers
mailing list