On 10/30/15 3:48 PM, Leigh wrote:
I would like to refactor session id generation to use our new
php_random_bytes API as the single entropy source for session ids,
targeting 7.1
...
I'd like to hear if there are any strong objections to this proposal.
Hi Leigh,
Again, not an objection but a question about performance, in particular,
performance relative to existing 7.0 generation of php_random_bytes'
different routes to randomness.
I suspect without any real evidence that php_random_bytes' different
routes have big performance differences and if any of them are slow
enough to affect sessions, it's worth knowing about.
Do current tests rigs allow such measurements?
Tom
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
