crypt_data() needs to support stronger key derivation
On 2.5.0 snapshots, if ACB is enabled, the following error is printed in the package install output when it writes config.xml:
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
If ACB is disabled, the error message is not shown.
The writes succeed and backups are made, so it's not fatal.
This appears to be from crypt_data(), similar to #9420, so still a syntax issue remaining there.
If you run some data through crypt_data() in the PHP shell, the error is printed there. So it appears fine from the GUI, but not from the console.
- Status changed from New to In Progress
- Assignee set to Jim Pingle
- Subject changed from Error message in package output during write_config() when ACB is enabled to crypt_data() needs to support stronger key derivation
Updated subject to match actual underlying issue. Fix inbound.
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Also available in: Atom