Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-8198

Random-number generation in CRM_Utils_Crypt leads to sporadically slow email processing

    Details

    • Type: Bug
    • Status: Done/Fixed
    • Priority: Major
    • Resolution: Fixed/Completed
    • Affects Version/s: 3.4.1
    • Fix Version/s: 3.3.7, 3.4.4
    • Component/s: CiviMail, Core CiviCRM
    • Labels:
      None

      Description

      When encrypting and decrypting the smtpPassword with CRM_Utils_Crypt, the cryptographic routine "mcrypt_generic_init" requires an initialization vector. As a rule of thumb, the initialization vector used for encryption should often be generated randomly – and this is what CRM_Utils_Crypt appears to do. In particular, it prepares an IV using /dev/random.

      However, /dev/random can be quite slow. Anecdotally, I've seen several page-requests timeout due to this random generation. See also: http://stupefydeveloper.blogspot.com/2007/12/random-vs-urandom.html

      This is particularly an issue when running in an isolated environment (like a desktop VM) because an isolated environment doesn't provide as many sources of entropy.

      In any event, CRM_Utils_Crypt doesn't really require a random value (let alone one as rigorous as /dev/random) because it's encrypting with ECB mode. (See, e.g., http://php.net/mcrypt_generic_init ). The attached patch replaces the 32-byte random value with a placeholder constant; this produces the same ciphertext – but more quickly.

        Attachments

          Activity

            People

            • Assignee:
              kurund Kurund Jalmi
              Reporter:
              timotten Tim Otten
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: