Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 PST on 31 March 2024, to get $100 off your ticket.
I was just running phpcs with the PHPCompatibility sniffs to assess the feasibility of migrating our Lockr-supported sites to PHP 7.2 and I got this output:
FILE: src/Lockr/KeyWrapper/LockrAesCbcKeyWrapper.php
----------------------------------------------------------------------------------------------------------------------
FOUND 12 ERRORS AFFECTING 7 LINES
----------------------------------------------------------------------------------------------------------------------
21 | ERROR | The constant "MCRYPT_RIJNDAEL_256" is deprecated since PHP 7.1 and removed since PHP 7.2
22 | ERROR | The constant "MCRYPT_MODE_CBC" is deprecated since PHP 7.1 and removed since PHP 7.2
25 | ERROR | Extension 'mcrypt' is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or
| | pecl/mcrypt once available instead
25 | ERROR | Function mcrypt_get_iv_size() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead
26 | ERROR | Extension 'mcrypt' is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or
| | pecl/mcrypt once available instead
26 | ERROR | Function mcrypt_create_iv() is deprecated since PHP 7.1 and removed since PHP 7.2; Use random_bytes() or
| | OpenSSL instead
28 | ERROR | Extension 'mcrypt' is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or
| | pecl/mcrypt once available instead
28 | ERROR | Function mcrypt_encrypt() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead
50 | ERROR | Extension 'mcrypt' is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or
| | pecl/mcrypt once available instead
50 | ERROR | Function mcrypt_decrypt() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead
68 | ERROR | Extension 'mcrypt' is deprecated since PHP 7.1 and removed since PHP 7.2; Use openssl (preferred) or
| | pecl/mcrypt once available instead
68 | ERROR | Function mcrypt_encrypt() is deprecated since PHP 7.1 and removed since PHP 7.2; Use OpenSSL instead
----------------------------------------------------------------------------------------------------------------------
Options
It looks like Lockr uses one or more key wrappers with various clients...is LockrAesCbcKeyWrapper always in use, or just in some situations?
What is Lockr's plan for PHP 7.2?
Thanks!
Comments
Comment #2
Cellar Door CreditAttribution: Cellar Door at Cellar Door commentedHi bwood!
Yes there's mcrypt in the library for backwards compatibility as it was what we originally used when the module/library first launched. We've since moved to openssl + HMAC but that's still there for keys that were set before that change.
I can look back in the logs to see when that change was made but it's been a while. We'll also be rolling out an upgraded use of openssl prior to 7.1 stopping active support.
Any keys set using the openssl library won't need to be updated though and will continue to work fine in 7.2. We operate our internal testing for Lockr on 7.2 without any issue.
I'll update here when the update is pushed for legacy keys.
Comment #3
bwood CreditAttribution: bwood as a volunteer commentedHi Chris,
Thanks for the quick reply.
My concern is that these errors will be written to Drupal's logs when the Lockr code runs on these sites. I'd like to avoid seeing these errors in the logs for every site. Other modules that need deprecated code for backwards compatibility use a pattern like this
to prevent the code from ever running when a modern PHP version is in use. I don't see this pattern in the Lockr code, but you may be mitigating this in a different way...? Can you confirm that the mcrypt code will never be run when using PHP 7.2 and errors will not be thrown?
Thanks again!
Comment #4
Cellar Door CreditAttribution: Cellar Door at Cellar Door commentedIt has to be a bit more complex than that since we need to provide an update pathway for the mcrypt values to update to openssl. We'll be bracketing the code in the version check so it won't throw an error but we'll also be doing an upgrade pathway that'll allow someone to migrate the keys from mcrypt to openssl (if they have any) so they can use 7.2 without any interruption.
All of this should be out well within time of the 1st to allow for migration to occur.
Comment #5
RajeevChoudhary CreditAttribution: RajeevChoudhary as a volunteer and at Asentech LLC commentedHi Guys,
Can you try on load PHP 7.2 as mentioned below.
https://gist.github.com/arzzen/1209aa4a430bd95db3090a3399e6c35f
and share your experience with me.
Thanks
Rajeev Kr Choudhary
Comment #6
tynor CreditAttribution: tynor commentedI believe this transition has already happened and we shouldn't have any more clients looking to upgrade to 7.2 and are using mcrypt.