[Phpmyadmin-devel] possible patch for 4.3.0: PHP OpenSSL support

Marc Delisle marc at infomarc.info
Tue Nov 18 22:06:19 CET 2014


Marc Delisle a écrit :
> Marc Delisle a écrit :
>> Michal Čihař a écrit :
>>> Hi
>>>
>>> Dne Mon, 17 Nov 2014 16:00:30 -0500
>>> Marc Delisle <marc at infomarc.info> napsal(a):
>>>
>>>> Marc Delisle a écrit :
>>>>> Hi,
>>>>>
>>>>> Robert Scheck from Fedora would like his patch to be merged in time for
>>>>> 4.3.0. I feel that we should have a look at it even if we said we froze
>>>>> 4.3.x for new features.
>>>>>
>>>>> Here is his email.
>>>>> -----
>>>>>
>>>>> Hello Marc,
>>>>>
>>>>> when I read your e-mail regarding phpMyAdmin 4.3.0-alpha1, I remembered
>>>>> back to my patch to add PHP OpenSSL support (additionally to MCrypt and
>>>>> phpseclib) at https://sourceforge.net/p/phpmyadmin/feature-requests/1537/
>>>>> again. Is there any chance for a decision for 4.3.0 series? I guess this
>>>>> (hopefully) not much work for an experienced PHP developer to review and
>>>>> maybe to adapt slightly if needed.
>>>>>
>>>>> My main reason for asking you is that (especially RHEL) doesn't contain
>>>>> PHP MCrypt while PHP OpenSSL is even faster (if I can believe Roundcube
>>>>> Webmail developers). Indeed PHP MCrypt is available via a separate repo
>>>>> for RHEL/CentOS users but that causes some mixed feelings from time to
>>>>> time again. The goal would be to additionally support PHP OpenSSL
>>>>> without dropping any other existing MCrypt and phpseclib support.
>>>>>
>>>>>
>>>>> Thanks,
>>>>>   Robert
>>>>>
>>>> The patch looks fine to me, apart from a minor addition I made to avoid 
>>>> a warning (see the feature request). I would appreciate that someone 
>>>> else review the patch.
>>>>
>>>> Any feedback on the process of adding this feature to 4.3.0 ?
>>> I think it's fine, the patch looks sane, but IMHO it should come with
>>> tests that ensure that encrypted data is compatible with other
>>> implementations (we currently only have one test which expects same
>>> behavior regardless implementation see 
>>> PMA_AuthenticationCookie_Test::testCookieEncrypt/testCookieDecrypt).
>> Good point. Also, testAuthSetUser() is failing.
>>
> I adapted the patch for 4.3.0, please review.
> 
> https://sourceforge.net/p/phpmyadmin/feature-requests/_discuss/thread/1a25ee17/85f4/attachment/4.3.0-openssl.patch

I also changed the tests, which work when openssl is active or inactive.

-- 
Marc Delisle (phpMyAdmin)




More information about the Developers mailing list