Edit report at https://bugs.php.net/bug.php?id=52523&edit=1
ID: 52523 Updated by: [email protected] Reported by: php-bugs at thequod dot de Summary: mcrypt_create_iv not reliable on win: "Could not gather sufficient random data" Status: Closed Type: Feature/Change Request Package: mcrypt related Operating System: win32 PHP Version: 5.3.3 Assigned To: pajoye Block user comment: N Private report: N New Comment: @mah at everybody dot org Again, there is zero difference between the two on Windows. If you can 100% reproduce the problem, then I really need to know your configuration, windows version, php version, etc. Also to test it, you can try using a simple script calling the mcrypt function directly instead of using mediawiki. Previous Comments: ------------------------------------------------------------------------ [2013-01-19 02:50:08] mah at everybody dot org Just came across this while trying to install the latest MediaWiki on a host with PHP 5.3.5 phpinfo() reports has a system string of "Windows NT A1-WHW-B69 6.0 build 6002 (Windows Server 2008 Web Server Edition Service Pack 2) i586" and a build date of "Jan 5 2011 20:33:43". Since this was on a hosted account, I didn't have the opportunity to upgrade PHP and I couldn't find a way to test for the bug without causing a fatal error. If I had been able to do that, I would have added code to MediaWiki to test for the bug. I was able to work-around the bug by modifying the installer source so that MCRYPT_RAND was used instead of MCRYPT_DEV_URANDOM. For a package like MediaWiki, though, this is less than ideal. ------------------------------------------------------------------------ [2011-06-14 11:17:03] [email protected] There is no difference between the two on Windows. Both called the same function. How do you get the error? Which windows version do you use? ------------------------------------------------------------------------ [2011-06-14 10:28:23] [email protected] I'm still experiencing issues with 5.3.6. Calling the method with both MCRYPT_DEV_RANDOM and MCRYPT_DEV_URANDOM results in the fatal error. IMO the first should block, and the second should just return non-crypto-safe data, but it should return *something*, and ideally do it fast. ------------------------------------------------------------------------ [2010-08-09 10:14:52] [email protected] This bug has been fixed in SVN. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. ------------------------------------------------------------------------ [2010-08-09 10:14:16] [email protected] Automatic comment from SVN on behalf of pajoye Revision: http://svn.php.net/viewvc/?view=revision&revision=302024 Log: - #52523, fix logic (0 is perfectly valid as part of the data, bin data) ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=52523 -- Edit this bug report at https://bugs.php.net/bug.php?id=52523&edit=1
