Edit report at http://bugs.php.net/bug.php?id=53578&edit=1
ID: 53578 User updated by: tanguy dot pruvot at gmail dot com Reported by: tanguy dot pruvot at gmail dot com Summary: php_curl init time (3 big seconds) Status: Open Type: Bug Package: cURL related Operating System: Win7 x86 PHP Version: 5.3.4 (Since 5.2.14/5.3) Block user comment: N Private report: N New Comment: If you want to try the difference, here is the patched php_curl dll. http://tanguy.wdscript.fr/files/php_curl.534vc6ts.Patched.zip I'm now compiling php with openssl comment... to check if its the cause of the problem... i dont understand why this code is in php_curl dll code... Previous Comments: ------------------------------------------------------------------------ [2010-12-20 02:34:29] tanguy dot pruvot at gmail dot com Here is an asm dump of lib_curl.dll 5.3.4 VC6 TS where RAND_screen is used : 0035DB10 > \E8 FF360100 call <jmp.&SSLEAY32.#74> 0035DB15 . E8 F4360100 call <jmp.&SSLEAY32.#183> 0035DB1A . 85C0 test eax, eax ; kernel32.BaseThreadInitThunk 0035DB1C . 75 01 jnz short php_curl.0035DB1F 0035DB1E . C3 ret 0035DB1F > E8 E4360100 call <jmp.&LIBEAY32.#3212_OPENSSL_add_all_algorithms_noconf> 0035DB24 . E8 D9360100 call <jmp.&LIBEAY32.#468_RAND_screen> 0035DB29 . B8 01000000 mov eax, 1 0035DB2E . C3 ret A simple replace of E8 D9360100 by 90 90909090 will fix the problem... but maybe a call to the regular rand() function could be needed elsewhere... ------------------------------------------------------------------------ [2010-12-20 02:07:57] tanguy dot pruvot at gmail dot com I'm using the 5.3.4-VC6-TS version (as Apache 2.2 module) ------------------------------------------------------------------------ [2010-12-20 02:06:17] tanguy dot pruvot at gmail dot com Please comment this line to fix the problem : php-5.3.4\ext\openssl\openssl.c PHP_FUNCTION(openssl_random_pseudo_bytes) line 4898 : #ifdef WINDOWS RAND_screen(); #endif ------------------------------------------------------------------------ [2010-12-20 01:31:33] [email protected] This has been fixed in 5.3.4 (I patched curl). Which versions and builds do you use exactly? ------------------------------------------------------------------------ [2010-12-20 01:03:56] tanguy dot pruvot at gmail dot com >From OpenSSL 0.9.8q Sources : The RAND_screen() function is available for the convenience of Windows programmers. It adds the current contents of the screen to the PRNG. For applications that can catch Windows events, seeding the PRNG by calling RAND_event() is a significantly better source of randomness. It should be noted that both methods cannot be used on servers that run without user interaction. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/bug.php?id=53578 -- Edit this bug report at http://bugs.php.net/bug.php?id=53578&edit=1
