Opened 12 months ago

Closed 12 months ago

#20780 closed defect (bug) (fixed)

Remove nonces in maint/repair.php

Reported by: nacin Owned by: nacin
Priority: normal Milestone: 3.4
Component: Administration Version:
Severity: major Keywords: has-patch dev-reviewed, commit
Cc:

Description

Since salts (and now keys) fall back to the database, a user with an options table down for the count often won't be able to repair the database. That's because maint/repair.php has nonce checks.

I chatted with ryan about this, and he confirmed that there definitely should not be nonces here.

A friend of mine just ran into this. Luckily I knew exactly why he was seeing "Please try again" over and over again, but most users do not have core developers as neighbors.

See also #20779, where we can encourage extra security on maint/repair.php by seeing if they actually have a complete set of keys in place.

Attachments (1)

20780.diff (1.6 KB) - added by nacin 12 months ago.

Download all attachments as: .zip

Change History (5)

nacin12 months ago

comment:1   ryan12 months ago

Looks good.

comment:2   SergeyBiryukov12 months ago

  • Keywords has-patch added

comment:3   westi12 months ago

  • Keywords dev-reviewed, commit added

Looks good here too.

comment:4   nacin12 months ago

  • Owner set to nacin
  • Resolution set to fixed
  • Status changed from new to closed

In [20953]:

Do not perform nonce checks in maint/repair.php.

If the options table is damaged and the keys/salts fall back to the database,
the nonce will never validate.

fixes #20780. see #20779.

Note: See TracTickets for help on using tickets.