New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encrypted Sessions in XAMPP #3317
Comments
There's no such issue, if you tell |
How do you do that? |
How do I do what? |
How do I use a different encryption method? If I do nothing, the system fails to initialize. |
I am obviously not making my problem clear. In XAMPP 1.8.3, there is no AES-128. Using Session encryption causes CI to generate an error during the Encryption class initialization and session cookies do not work, there are errors in the log file. |
Well, could you show the error messages then? |
This is what I was getting in the error logs: ERROR - 2014-11-07 12:45:38 --> Severity: Warning --> mcrypt_module_open(): Could not open encryption module D:\Apps\xampp\htdocs\site\system\libraries\Encryption.php 278 As shown in the original post, AES is not supported at all. |
Line 278 is an empty one ... |
In my file, 278 is the following: if ($this->_handle = mcrypt_module_open($this->_cipher, '', $this->_mode, '')) |
See the above commit for the fix and don't modify files under system/ in the future. :) |
Also, the session lib is being replaced: #3073 |
Thank you for finding and squashing that bug. I have tested it on my end and it now does as you suggested, uses the substitute cipher. Much appreciated. Yes, I have been following the discussion into the new Session library. |
hi, |
I have just updated my old Codeigniter 2.x installation to 3.0.
My development system runs under XAMPP and this too has been updated to the latest 1.8.3, for PHP 5.5.15.
This is fine, it all works nicely so there is no problem.
As I move through switching things on with the existing project, I find that there is a problem using Encryption with the Session cookie class.
By default the system uses AES-128 with CBC. Fine, except that XAMPP does not have AES-128!
The available ciphers are: cast-128 gost rijndael-128 twofish cast-256 loki97 rijndael-192 saferplus wake blowfish-compat des rijndael-256 serpent xtea blowfish enigma rc2 tripledes arcfour
As per my phpinfo().
So, I need to change the cipher used. Not a problem you say, just ....
Which is possible of course, but I have added and am proposing that we add in some additional config paramenters, so that it can be easily controlled from the static config file.
That takes care of the default values, which are the same as current.
Then add these few lines into the __constructor
to give
A mcrypt cipher is now supported and all is well with the world.
This might not be the best way to do it, but it seems to work nicely.
Any additional guidance, as to the best way to change this would be appreciated if this is the wrong way.
Thanks
The text was updated successfully, but these errors were encountered: