[wp-trac] [WordPress Trac] #47186: At least one function in /wp-includes/sodium_compat/src/Core32 times out on 32 bit servers

[WordPress Trac]

#47186: At least one function in /wp-includes/sodium_compat/src/Core32 times out on
32 bit servers
-------------------------------------+-------------------------------------
 Reporter:  lovingboth               |       Owner:
                                     |  paragoninitiativeenterprises
     Type:  defect (bug)             |      Status:  reopened
 Priority:  normal                   |   Milestone:  5.2.1
Component:  Upgrade/Install          |     Version:  5.2
 Severity:  normal                   |  Resolution:
 Keywords:  needs-testing has-patch  |     Focuses:
  commit                             |
-------------------------------------+-------------------------------------

Comment (by dd32):

 I'm still catching up on the changes in Sodium_Compat, but I can say that
 yes, we were aware it could be slow on some systems (32bit, windows, and
 lower-powered PHPs) but were also hopeful that bumping the minimum PHP
 from 5.2 to 5.6 was going to help reduce affected installs - of course
 when you're operating on the WordPress-scale of things though, you're
 always bound to run into all of the edge-cases, it's a balancing act of
 pushing the envelope but also having a fallback and a safe exit to avoid
 breaking things.

 Currently the only two types of packages which we are intentionally
 allowing signatures to be served for are A) Themes and B) WordPress
 releases.

 During the 5.2-development cycle a few issues came up, and we used that
 data to gauge problems as they occurred and to find the appropriate way
 forward.
  - One of the things we did was move from Signing entire ZIPs (10M) to
 signing Hashes instead (88Bytes?) with the hope that that would bypass any
 speed concerns - and it did in the test scenario's we worked with.
  - Another was finding out that [https://bugs.php.net/bug.php?id=75938
 there's a bug in PHP 7.2.0-7.2.2 which caused PHP Math functions to return
 incorrect results] - something that few would have expected, but one which
 would cause signature verification (and a whole bunch of other random
 things) to not work as expected.

 Thankfully this issue has been reported prior to us shipping WordPress
 5.2.1, which means that the update failures being experienced are limited
 to a) nightly/development builds and b) theme updates/installs.

 Moving forward, there's a few things we're going to need to do IMHO:
  - Stop serving signatures for Themes immediately (which will bypass this
 timeout issue for existing WP 5.2.0 installs - I've just done this, caches
 may take a few minutes to clear.
  - Include the updates to Sodium_Compat in 5.2.1
  - Include the signature bypass for likely-to-be-slow systems (That will
 also give us some telemetry for number of affected hosts)
  - Not serve signatures for the WordPress 5.2.1 packages, avoiding any
 failed updates due to Sodium_Compat timeouts
  - Once 5.2.1 is released, we can re-enable signatures for Themes and see
 if the timeouts occur again (hopefully they don't)

 The reason for not serving WP 5.2.1 signatures is that we don't include
 enough system-details on the API requests to allow us to conditionally
 serve signatures to only systems which aren't affected by this.

 ----

 Looking at [attachment:"47186.patch"] Although I recognise that the latest
 Sodium_Compat will help greatly, What's your opinion on making that overly
 safe and using 60s instead @paragoninitiativeenterprises?
 I'd rather not have to bump the required time up later.. I'm mostly
 considering lower-processing-power systems right now such as ARM devices,
 overly full shared hosts and super-low-cpu VMs.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/47186#comment:25>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform