Test for mcrypt support in the installer

[mbabker]

Partial Pull Request for Issue #9507.

Summary of Changes

This adds a test to Joomla's install app to check for mcrypt support. On a server without it, though Joomla is installable, a degraded experience will be present (namely two-factor authentication cannot be used and several libraries (JCrypt, FOFEncryptAes, the random_compat polyfill, and the password_compat polyfill) either use different encryption libraries or fail completely).

Testing Instructions

On the overview page of the install app, in the Pre-Installation Check section, you will see a new line testing for mcrypt support. This should report accurately depending on your server's configuration.

[brianteeman]

I have tested this item ✅ successfully on a236e7f

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9508.}

[brianteeman]

Would it perhaps be better to put the check in the code that enables the 2fa

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9508.}

[mbabker]

There should be a check there too, yes. As I said on the other issue, this is just a very small piece of things and at least adds a generalized check that didn't exist before.

[brianteeman]

Either way - this is not a critical or a new issue and can wait until 3.5.1

On 21 March 2016 at 20:30, Michael Babker notifications@github.com wrote:

There should be a check there too, yes. As I said on the other issue, this
is just a very small piece of things and at least adds a generalized check
that didn't exist before.

—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#9508 (comment)

Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/

[brianteeman]

Thinking about it this must go in the 2fa plugin code because a large % of
sites never use our installer and/or are upgrades from earlier releases and
the install check will be of no use to them at all

On 21 March 2016 at 20:31, Brian Teeman brian@teeman.net wrote:

Either way - this is not a critical or a new issue and can wait until 3.5.1

On 21 March 2016 at 20:30, Michael Babker notifications@github.com
wrote:

There should be a check there too, yes. As I said on the other issue,
this is just a very small piece of things and at least adds a generalized
check that didn't exist before.

—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#9508 (comment)

Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/

Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/

[mbabker]

To close out #9507 completely at a minimum you should have this PR merged, some kind of check in the com_users edit screens which disables the 2FA fields if the server doesn't support the requirements (and a big UI warning explaining why), and checks in the code which skip calling the functions if unsupported since you shouldn't rely on just the UI to block something. Ideally also the environmental checks that exist in the installer should be integrated into the system information view as a new tab so that information is available to the admin regardless of how they installed (plus just because you install on one server doesn't mean it will test the same on another server).

[brianteeman]

Yes we need a complete solution not just a quick fix ;)

On 21 March 2016 at 20:37, Michael Babker notifications@github.com wrote:

To close out #9507 #9507
completely at a minimum you should have this PR merged, some kind of check
in the com_users edit screens which disables the 2FA fields if the server
doesn't support the requirements (and a big UI warning explaining why), and
checks in the code which skip calling the functions if unsupported since
you shouldn't rely on just the UI to block something. Ideally also the
environmental checks that exist in the installer should be integrated into
the system information view as a new tab so that information is available
to the admin regardless of how they installed (plus just because you
install on one server doesn't mean it will test the same on another server).

—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#9508 (comment)

Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/

[richard67]

I have tested this item ✅ successfully on a236e7f

Successfully tested for the case of mcrypt support = true.

Pre-Installation Check section of the installation app shows this.

Unfortunately I have no other server available to test the other case where it is false.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9508.}

[andrepereiradasilva]

See for adding mcrypt info to sysinfo #9532

[brianteeman]

RTC

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9508.}