[wp-trac] [WordPress Trac] #47186: At least one function in /wp-includes/sodium_compat/src/Core32 times out on 32 bit servers

WordPress Trac noreply at wordpress.org
Thu May 9 13:30:50 UTC 2019 

#47186: At least one function in /wp-includes/sodium_compat/src/Core32 times out on
32 bit servers
-----------------------------+-------------------------------------------
 Reporter:  lovingboth       |       Owner:  paragoninitiativeenterprises
     Type:  defect (bug)     |      Status:  reviewing
 Priority:  normal           |   Milestone:  Awaiting Review
Component:  Upgrade/Install  |     Version:  5.2
 Severity:  normal           |  Resolution:
 Keywords:  needs-testing    |     Focuses:
-----------------------------+-------------------------------------------

Comment (by paragoninitiativeenterprises):

 This is a problem with 32-bit platforms. See:
 https://github.com/paragonie/sodium_compat#help-sodium_compat-is-slow-how-
 can-i-make-it-fast

 The `ParagonIE_Sodium_Compat::polyfill_is_fast()` method was created to
 detect when performance might be a problem. The typical workaround most
 people employed was: `pecl install sodium`.

 However, that's not a universal solution. Some people cannot install PECL
 extensions. So a lot of the changes between v1.6.0 and v1.9.1 (the latest)
 have been attempts to optimize the 32-bit implementation of these
 functions.

 @lovingboth

 > I don't necessarily think it's relevant, but as the source of
 verify_file_signature in wp-admin/includes/files.php mentions that it
 doesn't work with PHP 7.2.0 to 7.2.2 if opcache is enabled...

 The verification is disabled on those versions because it generates
 incorrect results, not for performance reasons.

 The fix here, if there is one, will land in sodium_compat. It's not a bug
 in WordPress. We do have a few optimization ideas that we haven't tried
 yet (which are nontrivial to implement).

 A short-term workaround would be to, if
 `ParagonIE_Sodium_Compat::polyfill_is_fast()` returns false and
 `ini_get('max_execution_time')` is greater than 1 but less than some
 reasonable value (30 is too small... maybe 40?), don't check signatures.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/47186#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list