Page MenuHomePhabricator
Create Task
Maniphest T46142

mcrypt_rand_iv() not reliable with MCRYPT_DEV_URANDOM on Windows
Closed, ResolvedPublic
Actions

Description

Upstream bug is https://bugs.php.net/bug.php?id=52523 but I experienced this today with PHP 5.3.5 on a host where phpinfo reports the system is "Windows NT A1-WHW-B69 6.0 build 6002 (Windows Server 2008 Web Server Edition Service Pack 2) i586"

Webserver died with a fatal error during installation:

PHP Fatal error:  mcrypt_create_iv() [<a
href='function.mcrypt-create-iv'>function.mcrypt-create-iv</a>]:
Could not gather sufficient random data in
E:\...\Web\includes\CryptRand.php on line 309

As far as I could tell, There was no way to work around this or even see if the error would pop up in the code, so I had to hack CryptRand.php so that MCRYPT_RAND was used instead of MCRYPT_DEV_URANDOM.

Only then could installation complete.

Version: 1.20.x
Severity: normal
See Also:
https://bugzilla.wikimedia.org/show_bug.cgi?id=35894

Details

Reference
bz44142

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 1:27 AM
bzimport added projects: MediaWiki-Installer, Upstream.
bzimport set Reference to bz44142.
bzimport added a subscriber: Unknown Object (MLST).
MarkAHershberger created this task.Jan 19 2013, 2:36 AM
Ciencia_Al_Poder added a comment.Oct 6 2013, 12:40 PM
  • Bug 55364 has been marked as a duplicate of this bug. ***
Ciencia_Al_Poder added a comment.Oct 6 2013, 12:59 PM
  • This bug has been marked as a duplicate of bug 35894 ***
DanielFriesen added a comment.Oct 6 2013, 1:11 PM

(In reply to comment #0)

As far as I could tell, There was no way to work around this or even see if
the
error would pop up in the code, so I had to hack CryptRand.php so that
MCRYPT_RAND was used instead of MCRYPT_DEV_URANDOM.

Only then could installation complete.

This is not a good way to work around this issue, I've explained in detail here:
https://bugzilla.wikimedia.org/show_bug.cgi?id=55364#c4

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL