On Thu, Dec 11, 2014 at 5:10 PM, Derick Rethans <der...@php.net> wrote: > On Wed, 10 Dec 2014, Andrea Faulds wrote: > >> > On 10 Dec 2014, at 06:33, Remi Collet <r...@fedoraproject.org> wrote: >> > >> > Having a dead upstream for crypto API is a critical issue :( >> > >> > FYI some downstream (ex RHEL) don't even provide this library. >> > Already too much crypto libraries, and it will be a mess to provide >> > a dead project in an Enterprise distribution. >> > >> > So php/mcrypt also not available. >> > >> > But most applications. which use it, usually have alternative, and >> > make it optional (ex phpMyAdmin 4.3 now even use openssl as first >> > choice). >> > >> > We probably have enough crypto API in PHP, and we probably should >> > mark this one as deprecated / unmaintained in 5.x, and move it to >> > PECL (7.x). >> >> It’s my understanding that ext/mcrypt is quite widely used. Would it >> not be possible to update the lib to use OpenSSL or something on the >> backend, so existing applications would not need changing? > > I think you're going to find this difficult, as the mcrypt > implementations can have some odd quircks in them. As the "maintainer" > of this extension I'd say to just drop it in PHP 7. I wouldn't even > bother trying to make it compile for it.
You won't bother but we should? Wondering why you voted against removing it. -- Pierre @pierrejoye | http://www.libgd.org -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
