In the options, both OPENSSL and MCRYPT are enabled by default.
PHP 7.1 and later are deprecating/removing MCRYPT ( http://php.net/manual/en/migration71.deprecated.php and https://wiki.php.net/rfc/mcrypt-viking-funeral )
I've read this PR from 2010: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=144983 but now OpenSSL is recommended by phpMyAdmin: https://github.com/phpmyadmin/phpmyadmin/pull/12273/files
This comment say OpenSSL is used in priority by phpseclib (used by phpmyadmin): https://github.com/phpseclib/phpseclib/issues/1028#issuecomment-242739527
Having the OPENSSL option already enabled by default, I think MCRYPT is useless even on PHP < 7.1. It should be safe to set the MCRYPT option to Off.
What do you think?
Yes, I agree. I shall remove the MCRYPT option tonight.
A commit references this bug:
Date: Wed Sep 13 21:15:27 UTC 2017
New revision: 449813
Drop the MCRYPT option. MCRYPT has been deprecated by upstream PHP
and the mcrypt project itself is abandonware.
Reported by: email@example.com