Hi Pierre,
On Thu, Oct 20, 2016 at 7:12 PM, Pierre Joye wrote:
>> Application requires unique ID under across multi process/thread
>> tasks, it will have more chance to have collided unique ID.
>
> uniqid fill(s|ed) some needs or maybe still fits for some.
>
> However for
On Thu, Oct 20, 2016 at 4:44 PM, Yasuo Ohgaki wrote:
> Application requires unique ID under across multi process/thread
> tasks, it will have more chance to have collided unique ID.
uniqid fill(s|ed) some needs or maybe still fits for some.
However for modern application
Hi Kalle,
I forgot to mention one more thing.
On Thu, Oct 20, 2016 at 6:28 PM, Yasuo Ohgaki wrote:
> Warnings are based on following facts.
>
> uniqid(); // without entropy
>
> usleep(1) is called to get unique timestamp, but NTP can disturb and
> uniqid() can result in the
Hi Kalle,
On Thu, Oct 20, 2016 at 5:17 PM, Kalle Sommer Nielsen wrote:
> 2016-10-20 9:18 GMT+02:00 Yasuo Ohgaki :
>> "Do not make assumption for uniqid() output format, entropy
>> especially. uniqid() output format may be changed to provide
>> reasonably unique
Hi Yasuo
2016-10-20 9:18 GMT+02:00 Yasuo Ohgaki :
> "Do not make assumption for uniqid() output format, entropy
> especially. uniqid() output format may be changed to provide
> reasonably unique ID in future versions."
Sounds reasonable to me; although I would phrase it a
Hi Anatol,
On Wed, Oct 19, 2016 at 8:20 PM, Anatol Belski wrote:
>> I won't have time to write RFC for this, probably. I have many other things
>> that I
>> would like to improve, like session error status handling improvement that I
>> recently proposed.
>>
> I see. It's
gh <lei...@gmail.com>; PHP Internals <internals@lists.php.net>
> Subject: Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness
>
> I think you and Joe could not follow the discussion. It's okay, reading them
> all is
> waste of your time. I read all, but I'm not
oe Watkins <pthre...@pthreads.org>; Niklas Keller <m...@kelunik.com>;
>> Leigh <lei...@gmail.com>; PHP Internals <internals@lists.php.net>
>> Subject: Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness
>>
>> Hi Anatol,
>>
>
gh <lei...@gmail.com>; PHP Internals <internals@lists.php.net>
> Subject: Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness
>
> Hi Anatol,
>
> On Wed, Oct 19, 2016 at 1:41 AM, Anatol Belski <anatol@belski.net> wrote:
> > AFM the patch is not accept
Hi Rowan,
On Wed, Oct 19, 2016 at 5:14 AM, Rowan Collins wrote:
> On 18/10/2016 20:52, Yasuo Ohgaki wrote:
>>
>> Which is important?
>> - uniqid() is not unique
>> - Really broken system that shouldn't be used may emit error
>
>
> Frankly, both are pretty rare cases.
On 18/10/2016 20:52, Yasuo Ohgaki wrote:
Which is important?
- uniqid() is not unique
- Really broken system that shouldn't be used may emit error
Frankly, both are pretty rare cases. From the way you talk about it,
everybody who uses uniqid() will get duplicate values all the time, when
Hi Kalle and all,
On Wed, Oct 19, 2016 at 1:43 AM, Kalle Sommer Nielsen wrote:
> 2016-10-18 18:41 GMT+02:00 Anatol Belski :
>> AFM the patch is not acceptable for 7.0. It is true that some place was
>> moved to the new random int functionality (in password
Hi Anatol,
On Wed, Oct 19, 2016 at 1:41 AM, Anatol Belski wrote:
> AFM the patch is not acceptable for 7.0. It is true that some place was moved
> to the new random int functionality (in password AFAIR). But, it is done at
> the place and the way that a BC breach is
2016-10-18 18:41 GMT+02:00 Anatol Belski :
> AFM the patch is not acceptable for 7.0. It is true that some place was moved
> to the new random int functionality (in password AFAIR). But, it is done at
> the place and the way that a BC breach is unlikely. Using the throwing
;internals@lists.php.net>
> Subject: Re: [PHP-DEV] Re: [RFC][DISCUSSION] Improve uniqid() uniqueness
>
> Hi Joe,
>
> On Tue, Oct 18, 2016 at 8:30 PM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote:
> >
> > On Tue, Oct 18, 2016 at 7:32 PM, Joe Watkins <pthre...@pthre
2016-10-18 14:41 GMT+02:00 Yasuo Ohgaki :
> Hi Niklas,
>
> On Tue, Oct 18, 2016 at 9:33 PM, Niklas Keller wrote:
> > 2016-10-18 14:12 GMT+02:00 Yasuo Ohgaki :
> >>
> >> Hi Niklas,
> >>
> >> On Tue, Oct 18, 2016 at 9:08 PM, Niklas Keller
Hi Niklas,
On Tue, Oct 18, 2016 at 9:33 PM, Niklas Keller wrote:
> 2016-10-18 14:12 GMT+02:00 Yasuo Ohgaki :
>>
>> Hi Niklas,
>>
>> On Tue, Oct 18, 2016 at 9:08 PM, Niklas Keller wrote:
>> >>
>> >> As you can see from last minutes
2016-10-18 14:12 GMT+02:00 Yasuo Ohgaki :
> Hi Niklas,
>
> On Tue, Oct 18, 2016 at 9:08 PM, Niklas Keller wrote:
> >>
> >> As you can see from last minutes discussion.
> >>
> >> "/dev/urandom cannot be read" is FUD.
> >> It's pure bug fix. (I intentionally
Hi Niklas,
On Tue, Oct 18, 2016 at 9:08 PM, Niklas Keller wrote:
>>
>> As you can see from last minutes discussion.
>>
>> "/dev/urandom cannot be read" is FUD.
>> It's pure bug fix. (I intentionally made patch easy to extend used
>> chars, though)
>>
>> Would you consider
2016-10-18 14:02 GMT+02:00 Yasuo Ohgaki :
> Hi Joe,
>
> On Tue, Oct 18, 2016 at 8:30 PM, Yasuo Ohgaki wrote:
> >
> > On Tue, Oct 18, 2016 at 7:32 PM, Joe Watkins
> wrote:
> >>> This change should go through the standard RFC process
Hi Joe,
On Tue, Oct 18, 2016 at 8:30 PM, Yasuo Ohgaki wrote:
>
> On Tue, Oct 18, 2016 at 7:32 PM, Joe Watkins wrote:
>>> This change should go through the standard RFC process and should be
>>> targeted at 7.2+ (master) *only*.
>>
>>> Please check with
On Tue, Oct 18, 2016 at 8:47 PM, Lester Caine wrote:
> On 18/10/16 12:37, Yasuo Ohgaki wrote:
>> The patch committed is pure bug fix.
> https://www.google.co.uk/search?q=%2Fdev%2Furandom+is+not+readable+by+php
>
> Even bug fixes need proper documentation to avoid the WTF !
On 18/10/16 12:37, Yasuo Ohgaki wrote:
> The patch committed is pure bug fix.
https://www.google.co.uk/search?q=%2Fdev%2Furandom+is+not+readable+by+php
Even bug fixes need proper documentation to avoid the WTF !
--
Lester Caine - G8HFL
-
Contact -
On Tue, Oct 18, 2016 at 8:00 PM, Lester Caine wrote:
> On 18/10/16 11:02, Niklas Keller wrote:
>>> 'Suppliers' should perhaps be helped to configure their systems so the
>>> > users can use things, but things like /dev/urandom may need some
>>> > additional notes to help
Hi Joe,
On Tue, Oct 18, 2016 at 7:32 PM, Joe Watkins wrote:
>> This change should go through the standard RFC process and should be
>> targeted at 7.2+ (master) *only*.
>
>> Please check with the RMs before merging functionality changes into
>> release
>> branches. All
On 18/10/16 11:02, Niklas Keller wrote:
>> 'Suppliers' should perhaps be helped to configure their systems so the
>> > users can use things, but things like /dev/urandom may need some
>> > additional notes to help identify problems when frameworks like owncloud
>> > start throwing errors. As
Morning,
> This change should go through the standard RFC process and should be
> targeted at 7.2+ (master) *only*.
> Please check with the RMs before merging functionality changes into
release
> branches. All functionality changes need consent and consensus. Bug fixes
> (that don't change
Lester Caine schrieb am Di., 18. Okt. 2016, 11:42:
> On 18/10/16 08:35, Yasuo Ohgaki wrote:
> >> Sure, but it did happen that shared hosts block it, noticed during
> >> > random_compat adoption.
> >> >
> >> > You claimed there isn't any BC break.
> > The line should be
> >
>
On 18/10/16 08:35, Yasuo Ohgaki wrote:
>> Sure, but it did happen that shared hosts block it, noticed during
>> > random_compat adoption.
>> >
>> > You claimed there isn't any BC break.
> The line should be
>
> "There is no BC for usable systems"
>
> Any file permission could disturb PHP script
On Tue, Oct 18, 2016 at 4:16 PM, Niklas Keller wrote:
> Yasuo Ohgaki schrieb am Di., 18. Okt. 2016, 08:47:
>>
>> Hi Niklas,
>>
>> On Tue, Oct 18, 2016 at 3:36 PM, Niklas Keller wrote:
>> > Yasuo Ohgaki schrieb am Di.,
Yasuo Ohgaki schrieb am Di., 18. Okt. 2016, 08:47:
> Hi Niklas,
>
> On Tue, Oct 18, 2016 at 3:36 PM, Niklas Keller wrote:
> > Yasuo Ohgaki schrieb am Di., 18. Okt. 2016, 02:21:
> >>
> >> Hi all,
> >>
> >> I committed this patch that
Hi Niklas,
On Tue, Oct 18, 2016 at 3:36 PM, Niklas Keller wrote:
> Yasuo Ohgaki schrieb am Di., 18. Okt. 2016, 02:21:
>>
>> Hi all,
>>
>> I committed this patch that simply use php_random_bytes() w/o any BC.
>
>
> Doesn't this throw now in some environments
Yasuo Ohgaki schrieb am Di., 18. Okt. 2016, 02:21:
> Hi all,
>
> I committed this patch that simply use php_random_bytes() w/o any BC.
>
Doesn't this throw now in some environments where /dev/urandom isn't
readable?
Regards, Niklas
Hi all,
I committed this patch that simply use php_random_bytes() w/o any BC.
http://git.php.net/?p=php-src.git;a=commitdiff;h=48f1a17886d874dc90867c669481804de90509e8
I thought there is php_random_int(), but it's not.
So this is one of the best patch for this purpose.
There is bug reports
Hi Leigh,
On Wed, Oct 5, 2016 at 5:25 PM, Leigh wrote:
> The list was missed off of Yasuo's replies to me, replying including the
> list
Me too :)
>
> On Wed, 5 Oct 2016 at 01:07 Yasuo Ohgaki wrote:
>>
>> Hi Leigh,
>>
>> On Tue, Oct 4, 2016 at 7:06 PM,
The list was missed off of Yasuo's replies to me, replying including the
list
On Wed, 5 Oct 2016 at 01:07 Yasuo Ohgaki wrote:
> Hi Leigh,
>
> On Tue, Oct 4, 2016 at 7:06 PM, Leigh wrote:
> > Since we want to preserve BC
> >
> > entropy = random_int(0,
On 4 October 2016 at 02:39, Yasuo Ohgaki wrote:
> Hi Leigh,
>
> On Mon, Oct 3, 2016 at 9:06 PM, Leigh wrote:
>> I'm curious, did you consider using random_int? It already handles
>> biasing, and you can reduce the repeated calls to random_bytes.
>
> Yes. It
Hi Leigh,
On Mon, Oct 3, 2016 at 9:06 PM, Leigh wrote:
> I'm curious, did you consider using random_int? It already handles
> biasing, and you can reduce the repeated calls to random_bytes.
Yes. It seemed it might be slower due to number of retries at first,
but I realized
On 2 October 2016 at 21:03, Yasuo Ohgaki wrote:
> Hi all,
>
> On Mon, Oct 3, 2016 at 3:56 AM, Yasuo Ohgaki wrote:
>> Besides improving "more entropy" the default and data, I prepared
>> fully compatible patch to simplify discussion.
>>
>>
Hi all,
On Mon, Oct 3, 2016 at 3:56 AM, Yasuo Ohgaki wrote:
> Besides improving "more entropy" the default and data, I prepared
> fully compatible patch to simplify discussion.
>
> https://gist.github.com/anonymous/fb615df325d559fa806a265031a06ede
>
> I would like to apply
Hi Yasuo
2016-10-02 20:56 GMT+02:00 Yasuo Ohgaki :
> I would like to apply this patch from PHP 7.0 branch, then discuss what
> the default should be.
>
> Any comments?
> If there is no objections, I'll apply this few days later.
If anything this should be considered from
On Sun, Oct 2, 2016 at 8:56 PM, Yasuo Ohgaki wrote:
> Besides improving "more entropy" the default and data, I prepared
> fully compatible patch to simplify discussion.
>
> https://gist.github.com/anonymous/fb615df325d559fa806a265031a06ede
>
> I would like to apply this patch
Hi all,
On Mon, Sep 12, 2016 at 11:54 AM, Yasuo Ohgaki wrote:
> This is RFC for improving uniqid() uniqueness.
> https://wiki.php.net/rfc/uniqid
>
> PR
> https://github.com/php/php-src/pull/2123
>
> If there is anything left to discuss, please comment.
>
> Regards,
Besides
43 matches
Mail list logo