Re: libmcrypt: abandonware?

From:	Andrea Faulds	Date:	Wed, 10 Dec 2014 18:31:24 +0000
Subject:	Re: libmcrypt: abandonware?
References:	1 2	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

Hi!

> On 10 Dec 2014, at 06:33, Remi Collet <[email protected]> wrote:
> 
> Having a dead upstream for crypto API is a critical issue :(
> 
> FYI some downstream (ex RHEL) don't even provide this library.
> Already too much crypto libraries, and it will be a mess to provide a
> dead project in an Enterprise distribution.
> 
> So php/mcrypt also not available.
> 
> But most applications. which use it, usually have alternative, and
> make it optional (ex phpMyAdmin 4.3 now even use openssl as first choice).
> 
> We probably have enough crypto API in PHP, and we probably should mark
> this one as deprecated / unmaintained in 5.x, and move it to PECL (7.x).

It’s my understanding that ext/mcrypt is quite widely used. Would it not be possible to update the
lib to use OpenSSL or something on the backend, so existing applications would not need changing?

Thanks!
--
Andrea Faulds
http://ajf.me/






   

Thread (15 messages)

• Scott ArciszewskiFri, 05 Dec 2014 16:17:43 +0000
  • Remi ColletWed, 10 Dec 2014 06:33:01 +0000
    • Andrea FauldsWed, 10 Dec 2014 18:31:24 +0000
      • LeighWed, 10 Dec 2014 19:37:36 +0000
      • Pierre JoyeThu, 11 Dec 2014 06:54:52 +0000
        • Andrea FauldsThu, 11 Dec 2014 07:11:47 +0000
      • Derick RethansThu, 11 Dec 2014 10:10:58 +0000
        • Thomas HruskaThu, 11 Dec 2014 15:38:57 +0000
          • LeighThu, 11 Dec 2014 19:44:53 +0000
            • Ángel GonzálezThu, 11 Dec 2014 22:29:33 +0000
          • Pierre JoyeFri, 12 Dec 2014 04:29:27 +0000
        • Pierre JoyeWed, 04 Feb 2015 00:53:18 +0000
    • Pierre JoyeThu, 11 Dec 2014 06:53:37 +0000
  • LeighThu, 11 Dec 2014 13:47:17 +0000
• Scott ArciszewskiWed, 10 Dec 2014 18:25:28 +0000Re: libmcrypt: abandonware?