[MediaWiki-CodeReview] [MediaWiki r114233]: New comment added

Tue, 20 Mar 2012 07:03:17 -0700 

"Reedy" posted a comment on MediaWiki.r114233.
URL: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/114233#c32381

Commit summary for MediaWiki.r114233:

Commit the cryptrand project worked on in git:
- MWCryptRand: A new api for generating cryptographic randomness for security 
tokens. Uses whatever cryptographic source is available and if not falls back 
to using random state and clock drift.
- wfRandomString - A simple non-cryptographic pesudo-random string generation 
function to replace wfGenerateToken which was written pretending to be secure 
when it's really not.
- Core updates to use MWCryptRand in various places:
-- user_token generation (to do this we stop generating user_token implicitly 
and only generate it when needed to avoid depleting the system's entropy pool 
by reading random data we'll never use)
-- email confirmation token generation
-- password salt generation
-- temporary password generation
-- Generation of the automatic watchlist token
-- login and create user tokens
-- session ids when php's entropy sources are not set
-- the installer when generating wgSecretKey and the upgrade key

Reedy's comment:

seeing on trunk:

<pre>


Notice: A non well formed numeric value encountered in 
/home/reedy/mediawiki/trunk/phase3/includes/CryptRand.php on line 390

Call Stack:
    0.0003     651296   1. {main}() 
/home/reedy/mediawiki/trunk/phase3/index.php:0
    0.2429   15999288   2. MediaWiki->run() 
/home/reedy/mediawiki/trunk/phase3/index.php:58
    0.2430   15999288   3. MediaWiki->main() 
/home/reedy/mediawiki/trunk/phase3/includes/Wiki.php:502
    1.2842   39032608   4. MediaWiki->finalCleanup() 
/home/reedy/mediawiki/trunk/phase3/includes/Wiki.php:593
    1.2843   39032688   5. OutputPage->output() 
/home/reedy/mediawiki/trunk/phase3/includes/Wiki.php:405
    1.2938   39721992   6. SkinTemplate->outputPage() 
/home/reedy/mediawiki/trunk/phase3/includes/OutputPage.php:1982
    1.4869   41792816   7. SkinTemplate->buildContentNavigationUrls() 
/home/reedy/mediawiki/trunk/phase3/includes/SkinTemplate.php:451
    1.5072   41931248   8. WatchAction::getWatchToken() 
/home/reedy/mediawiki/trunk/phase3/includes/SkinTemplate.php:969
    1.5072   41931936   9. User->getEditToken() 
/home/reedy/mediawiki/trunk/phase3/includes/actions/WatchAction.php:122
    1.5090   42101528  10. MWCryptRand::generateHex() 
/home/reedy/mediawiki/trunk/phase3/includes/User.php:3182
    1.5090   42102312  11. MWCryptRand->realGenerateHex() 
/home/reedy/mediawiki/trunk/phase3/includes/CryptRand.php:473
    1.5090   42102392  12. MWCryptRand::generate() 
/home/reedy/mediawiki/trunk/phase3/includes/CryptRand.php:408
    1.5091   42102392  13. MWCryptRand->realGenerate() 
/home/reedy/mediawiki/trunk/phase3/includes/CryptRand.php:456
    1.5104   42103960  14. substr() 
/home/reedy/mediawiki/trunk/phase3/includes/CryptRand.php:390


Notice: A non well formed numeric value encountered in 
/home/reedy/mediawiki/trunk/phase3/includes/CryptRand.php on line 391

Call Stack:
    0.0003     651296   1. {main}() 
/home/reedy/mediawiki/trunk/phase3/index.php:0
    0.2429   15999288   2. MediaWiki->run() 
/home/reedy/mediawiki/trunk/phase3/index.php:58
    0.2430   15999288   3. MediaWiki->main() 
/home/reedy/mediawiki/trunk/phase3/includes/Wiki.php:502
    1.2842   39032608   4. MediaWiki->finalCleanup() 
/home/reedy/mediawiki/trunk/phase3/includes/Wiki.php:593
    1.2843   39032688   5. OutputPage->output() 
/home/reedy/mediawiki/trunk/phase3/includes/Wiki.php:405
    1.2938   39721992   6. SkinTemplate->outputPage() 
/home/reedy/mediawiki/trunk/phase3/includes/OutputPage.php:1982
    1.4869   41792816   7. SkinTemplate->buildContentNavigationUrls() 
/home/reedy/mediawiki/trunk/phase3/includes/SkinTemplate.php:451
    1.5072   41931248   8. WatchAction::getWatchToken() 
/home/reedy/mediawiki/trunk/phase3/includes/SkinTemplate.php:969
    1.5072   41931936   9. User->getEditToken() 
/home/reedy/mediawiki/trunk/phase3/includes/actions/WatchAction.php:122
    1.5090   42101528  10. MWCryptRand::generateHex() 
/home/reedy/mediawiki/trunk/phase3/includes/User.php:3182
    1.5090   42102312  11. MWCryptRand->realGenerateHex() 
/home/reedy/mediawiki/trunk/phase3/includes/CryptRand.php:473
    1.5090   42102392  12. MWCryptRand::generate() 
/home/reedy/mediawiki/trunk/phase3/includes/CryptRand.php:408
    1.5091   42102392  13. MWCryptRand->realGenerate() 
/home/reedy/mediawiki/trunk/phase3/includes/CryptRand.php:456
    1.5108   42104032  14. substr() 
/home/reedy/mediawiki/trunk/phase3/includes/CryptRand.php:391
</pre>

_______________________________________________
MediaWiki-CodeReview mailing list
mediawiki-coderev...@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview

Reply via email to