You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
mortimer/vendor/gems/sentry-0.3.1/lib/sentry/symmetric_sentry.rb:25: warning: argumtents for OpenSSL::Cipher::Cipher#encrypt and OpenSSL::Cipher::Cipher#decrypt were deprecated; use OpenSSL::Cipher::Cipher#pkcs5_keyivgen to derive key and IV
Sometimes mortimer seems to lock up for about 1-5 seconds when resetting user passwords and/or logging out (tested under webrick and mongrel/apache), I suspect the warning has something to do with that, but don't have any proof yet.
It seems that sentry calls deprecated functions (no surprise here, last sentry upstream commit is from 2006). This could be a security issue, since from what I understand it generates weaker keys than it should.
Unfortunately I'm not yet comfortable enough with the codebase to provide a workaround/patch.
The text was updated successfully, but these errors were encountered:
webrick/mongrel throw the following warnings:
mortimer/vendor/gems/sentry-0.3.1/lib/sentry/symmetric_sentry.rb:25: warning: argumtents for OpenSSL::Cipher::Cipher#encrypt and OpenSSL::Cipher::Cipher#decrypt were deprecated; use OpenSSL::Cipher::Cipher#pkcs5_keyivgen to derive key and IV
Explanation:
http://stackoverflow.com/questions/1349397
Possible alternative:
http://github.com/shuber/attr_encrypted/
Sometimes mortimer seems to lock up for about 1-5 seconds when resetting user passwords and/or logging out (tested under webrick and mongrel/apache), I suspect the warning has something to do with that, but don't have any proof yet.
It seems that sentry calls deprecated functions (no surprise here, last sentry upstream commit is from 2006). This could be a security issue, since from what I understand it generates weaker keys than it should.
Unfortunately I'm not yet comfortable enough with the codebase to provide a workaround/patch.
The text was updated successfully, but these errors were encountered: