-
-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Test for mcrypt support in the installer #9508
Conversation
I have tested this item ✅ successfully on a236e7f This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9508. |
Would it perhaps be better to put the check in the code that enables the 2fa This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9508. |
There should be a check there too, yes. As I said on the other issue, this is just a very small piece of things and at least adds a generalized check that didn't exist before. |
Either way - this is not a critical or a new issue and can wait until 3.5.1 On 21 March 2016 at 20:30, Michael Babker notifications@github.com wrote:
Brian Teeman |
Thinking about it this must go in the 2fa plugin code because a large % of On 21 March 2016 at 20:31, Brian Teeman brian@teeman.net wrote:
Brian Teeman |
To close out #9507 completely at a minimum you should have this PR merged, some kind of check in the com_users edit screens which disables the 2FA fields if the server doesn't support the requirements (and a big UI warning explaining why), and checks in the code which skip calling the functions if unsupported since you shouldn't rely on just the UI to block something. Ideally also the environmental checks that exist in the installer should be integrated into the system information view as a new tab so that information is available to the admin regardless of how they installed (plus just because you install on one server doesn't mean it will test the same on another server). |
Yes we need a complete solution not just a quick fix ;) On 21 March 2016 at 20:37, Michael Babker notifications@github.com wrote:
Brian Teeman |
I have tested this item ✅ successfully on a236e7f Pre-Installation Check section of the installation app shows this. Unfortunately I have no other server available to test the other case where it is false. This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9508. |
See for adding mcrypt info to sysinfo #9532 |
RTC This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9508. |
Partial Pull Request for Issue #9507.
Summary of Changes
This adds a test to Joomla's install app to check for mcrypt support. On a server without it, though Joomla is installable, a degraded experience will be present (namely two-factor authentication cannot be used and several libraries (JCrypt, FOFEncryptAes, the random_compat polyfill, and the password_compat polyfill) either use different encryption libraries or fail completely).
Testing Instructions
On the overview page of the install app, in the Pre-Installation Check section, you will see a new line testing for mcrypt support. This should report accurately depending on your server's configuration.