Remove PHP mcrypt installation dependency
|Target version:||Release 2.5.0|
|Google Code Legacy ID:||Tested version:|
Mcrypt has been deprecated in PHP 7.1. Update AtoM to remove dependency on mcrypt.
PHP's openssl_encrypt: http://php.net/manual/en/function.openssl-encrypt.php
#2 Updated by David Juhasz about 1 year ago
Steve Breker said on 9 April 2017 at 11:20AM (PST):
It appears that mcrypt is used in ‘random_compat’ and ‘password_compat’ which are git packages that are being used in AtoM for other purposes.
Random_compat: grep indicates used to generate DO hashed filenames.
Password_compat: Used in ldapuser.
#4 Updated by Steve Breker 6 months ago
Solution seems to be to remove the random_compat and password_compat libraries that were making calls to the mcrypt library. Both of these libraries were used to provide access to 'random', 'password_hash' and 'password_verify' to versions of PHP earlier than 7. These functions are now available starting in PHP 7.0.0 so we no longer need to include these.
AtoM 2.5 requirements will be PHP 7 or greater from prior discussion.
- the master image copyright notice functionality still works when using the PHP 7.0 versions of 'random'.
- the calls to the PHP 7 versions of password_hash and password_verify will work with the ldap user authentication.
Copyright: Anthony Ferrara 2012
#9 Updated by Steve Breker 6 months ago
- Status changed from Feedback to Code Review
- Assignee changed from Steve Breker to José Raddaoui Marín
An additional change I thought of after merging the previous one.
I will look into whether the ansible script will need updating too.
#11 Updated by Steve Breker 6 months ago
- Status changed from Feedback to QA/Review
- Assignee changed from Steve Breker to Dan Gillean
Ready for QA.
This change affects the copyright message popup when viewing master images, and the LDAP authentication functionality.
The mcrypt library is no longer available in PHP 7.1 and up. Mcrypt was used in the backwards compat libs used for the copyright message popup when viewing master images, and the LDAP authentication functionality.
The functions that were made available in password_compat and random_compat are included in PHP 7.x (7.0 and up).
Solution was to remove password_compat and random_compat completely and rely on the versions included in PHP 7.x. This means that AtoM 2.5.x requires PHP 7.x (PHP 7.0 and up).
- remove the backwards compat libs that were present in AtoM's vendor dir for PHP versions less than 7.0. This means that AtoM 2.5.x will only work with PHP 7.0 or greater now.
- ensure that the random and password PHP functions will now use the PHP versions included in PHP 7.0 and up instead of the backwards compat versions that used to be included in the vendor dir.
- unlock the PHP version when running Docker - it will now use the latest version 7.x of PHP included with Alpine Linux. PHP no longer needs to be locked to 7.0 since mcrypt is no longer included.