Opened 14 years ago
Closed 12 years ago
#15088 closed feature request (wontfix)
Reduce Remote Dependency of the Network Admin
Reported by: | hakre | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 3.0 |
Component: | Network Admin | Keywords: | needs-patch dev-feedback |
Focuses: | multisite | Cc: |
Description
The Network Admin Setup makes use of 'https://api.wordpress.org/secret-key/1.1/salt/', a kind of webserverice/webapi to generate keys.
I assume that the code there is some little PHP that could easily ship with the codebase itself.
So it would be nice to have such routines in core. Maybe wordpress.org can just donate their code?
Change History (18)
#3
@
14 years ago
udev/random Related: #12148 / class-phpass.php
#4
@
14 years ago
It would be nice if one of those who have access to the source-code of the webservice can actually make visible what creates the output from that URL.
#5
@
14 years ago
- Milestone Awaiting Review deleted
- Resolution set to invalid
- Status changed from new to closed
The API is the most reliable way to do this.
Building it into core isn't a good solution
#6
@
14 years ago
- Resolution invalid deleted
- Status changed from closed to reopened
A remote API is not reliable at all if it's not available (e.g. blocked network connections).
I guess there is some standard PHP code runnong on worpdress.org, would be nice you can just provide it here as well so we can take a look.
Related: #12159
#8
@
14 years ago
- Keywords needs-patch added
- Resolution invalid deleted
- Status changed from closed to reopened
- Type changed from enhancement to feature request
Westi, then I place this a feature request. I'd like to have the same functionality in core that is offered by the remote API.
If you could provide the source-code of that part of the remote API that would make it more easy to create a patch. Thanks.
#9
in reply to:
↑ 1
@
14 years ago
Replying to nacin:
We already have wp_generate_password(). The one on wordpress.org uses /dev/urandom/ which cannot be guaranteed to exist. If we can reach the API, it would be better to use it.
So does this technically mean, that if /dev/urandom is available on the local system, the remote request would not be necessary at all?
#11
follow-up:
↓ 12
@
14 years ago
that if /dev/urandom is available on the local system, the remote request would not be necessary at all?
It's not as simple as that.
Yes, If a true random source is available locally, then a remote request would not be required.
However, A significant proportion of WordPress installations are in environments where WordPress are unable to either a) determine if they have a random source available and accessible or b) unable to rely upon said random source.
Many installations will block access to files outside of certain directories, and is_readable() is not always reliable (Causing either a Warning/Notice to be issued at the time of checking, or upon actually accessing file after is_readable has given the all clear).
It comes down to reliability and ensuring that all users get the best possible security available to them.
In the standard wp-config.php generator, we offer the ?no-api call to bypass remote API calls, I'm not sure if something similar is offered for the Network Creator.
#12
in reply to:
↑ 11
;
follow-up:
↓ 13
@
14 years ago
Replying to dd32:
that if /dev/urandom is available on the local system, the remote request would not be necessary at all?
It's not as simple as that.
Yes, If a true random source is available locally, then a remote request would not be required.
Thanks for clarification.
However, A significant proportion of WordPress installations are in environments where WordPress are unable to either a) determine if they have a random source available and accessible or b) unable to rely upon said random source.
Can you share more information about how significant that proportion of WordPress installations actually is?
I can imagine the problems you're talking about, that's no different as requesting some remote API it just might fail as well.
In the standard wp-config.php generator, we offer the ?no-api call to bypass remote API calls, I'm not sure if something similar is offered for the Network Creator.
Yes, ?no-api was introduced in [13232] it has not been explicitly discussed in the related #12159.
I wonder if it's possible to get the code that works on the remote site to genreate the salts and offer it with core. If the better random source is not available, current options do still work but if it truly is, then this is what I'm looking for.
#13
in reply to:
↑ 12
;
follow-up:
↓ 14
@
14 years ago
- Resolution set to wontfix
- Status changed from reopened to closed
Replying to hakre:
...
I wonder if it's possible to get the code that works on the remote site to genreate the salts and offer it with core...
There are 2-3 methods to generate a random string in PHP. Core already has this implemented:
wp_generate_password( 64, true, true );
I don't see why we would need another implementation.
#14
in reply to:
↑ 13
;
follow-up:
↓ 15
@
14 years ago
- Resolution wontfix deleted
- Status changed from closed to reopened
Replying to azaozz:
Replying to hakre:
...
I wonder if it's possible to get the code that works on the remote site to genreate the salts and offer it with core...
There are 2-3 methods to generate a random string in PHP. Core already has this implemented:
wp_generate_password( 64, true, true );I don't see why we would need another implementation.
I've been looking into that function and I think we can do better for salts if /dev/urandom is available.
#15
in reply to:
↑ 14
;
follow-up:
↓ 16
@
14 years ago
Replying to hakre:
...
I've been looking into that function and I think we can do better for salts if /dev/urandom is available.
If you want to improve wp_generate_password()
, by all means, please do so in a new ticket. However keep in mind the above comment by @dd32. As the API uses functions that are external to PHP and are not available on the majority of servers (or are unreliable), it is impossible to implement the same code in core.
Keep in mind that the generation is only part of the scope of the feature request. Furthermnost part is to reduce the dependency from remote while keeping up the same level of quality of the salts if possible.
I don't see a problem in using wp_generate_password()
when the API is not available, even if the randomness of the strings is of a lesser quality. It would be better to have secret keys and salts in wp-config in any case.
If you can however provide more and better code, I would appreceate that.
No, not at this time. May be able to come back to it in a few weeks.
If you insist to keep this ticket open please change the title/description to reflect that it suggests using wp_generate_password()
to fill the secret keys and salts in wp-config during installation if the API is not available. And of course a patch would be nice :-)
#16
in reply to:
↑ 15
@
14 years ago
Replying to azaozz:
Replying to hakre:
...
I've been looking into that function and I think we can do better for salts if /dev/urandom is available.
If you want to improve
wp_generate_password()
, by all means, please do so in a new ticket.
Yes, that would be out of scope of this ticket for me.
However keep in mind the above comment by @dd32. As the API uses functions that are external to PHP and are not available on the majority of servers (or are unreliable), it is impossible to implement the same code in core.
Figures of quantities of the significance to the status of availability have not been provided in that comment, so it's actually hard to say at all for sure.
Keep in mind that the generation is only part of the scope of the feature request. Furthermnost part is to reduce the dependency from remote while keeping up the same level of quality of the salts if possible.
If you can however provide more and better code, I would appreceate that.
No, not at this time. May be able to come back to it in a few weeks.
Thanks.
If you insist to keep this ticket open please change the title/description to reflect that it suggests using
wp_generate_password()
to fill the secret keys and salts in wp-config during installation if the API is not available. And of course a patch would be nice :-)
You must have misread this feature request. It's about not using the remote API at all if the same functionality is already truly available on the server.
Some additional improvement of the wp_generate_password() function might be generally considerable and welcome by me, but it is obviously out of the scope of this ticket for me.
We already have wp_generate_password(). The one on wordpress.org uses /dev/urandom/ which cannot be guaranteed to exist. If we can reach the API, it would be better to use it.