[wp-trac] [WordPress Trac] #34409: random_bytes() prevents me to log in if PHP is 5.3.5
WordPress Trac
noreply at wordpress.org
Mon Nov 9 03:00:00 UTC 2015
#34409: random_bytes() prevents me to log in if PHP is 5.3.5
--------------------------+-----------------------
Reporter: imath | Owner: dd32
Type: defect (bug) | Status: assigned
Priority: high | Milestone: 4.4
Component: General | Version:
Severity: blocker | Resolution:
Keywords: has-patch | Focuses:
--------------------------+-----------------------
Comment (by dd32):
So far all i've been able to determine is that yes, `random_int()` can be
slow with OpenSSL on windows under certain situations in <= php 5.3.8.
Using [https://en.wikipedia.org/wiki/XAMPP XAMPP] has shown that every
call to `random_int()` takes roughly 1.2s using OpenSSL in those versions
of PHP, which is about the same speed as PHP 5.3.0~5.3.3 in my testing.
PHP 5.4.7 is orders of magnitude faster (The XAMPP version which includes
5.4.4 is broken, and none include 5.4.0/5.4.1).
I'm going to bump the WP version to PHP 5.4.1+ for OpenSSL since that's
when the last major change occurred, and we can't really risk it.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/34409#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list