Fall back to wp_generate_password() in setup-config.php if HTTPS request for secret keys fails. Also use pretty link to secret-key API, see #12159
git-svn-id: https://develop.svn.wordpress.org/trunk@13133 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
0fc1312800
commit
43d5926b6b
@ -16,6 +16,11 @@
|
|||||||
*/
|
*/
|
||||||
define('WP_INSTALLING', true);
|
define('WP_INSTALLING', true);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* We are blissfully unaware of anything.
|
||||||
|
*/
|
||||||
|
define('WP_SETUP_CONFIG', true);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Disable error reporting
|
* Disable error reporting
|
||||||
*
|
*
|
||||||
@ -179,11 +184,17 @@ switch($step) {
|
|||||||
}
|
}
|
||||||
/**#@-*/
|
/**#@-*/
|
||||||
|
|
||||||
$secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/?salt=1' );
|
$secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/salt/' );
|
||||||
if ( is_wp_error( $secret_keys ) )
|
if ( is_wp_error( $secret_keys ) ) {
|
||||||
$secret_keys = false;
|
$secret_keys = array();
|
||||||
else
|
require_once( ABSPATH . WPINC . '/pluggable.php' );
|
||||||
|
for ( $i = 0; $i < 8; $i++ )
|
||||||
|
$secret_keys[] = wp_generate_password( 64 );
|
||||||
|
} else {
|
||||||
$secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) );
|
$secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) );
|
||||||
|
foreach ( $secret_keys as $k => $v )
|
||||||
|
$secret_keys[$k] = substr( $v, 28, 64 );
|
||||||
|
}
|
||||||
$key = 0;
|
$key = 0;
|
||||||
|
|
||||||
foreach ($configFile as $line_num => $line) {
|
foreach ($configFile as $line_num => $line) {
|
||||||
@ -211,8 +222,7 @@ switch($step) {
|
|||||||
case "define('SECURE_A":
|
case "define('SECURE_A":
|
||||||
case "define('LOGGED_I":
|
case "define('LOGGED_I":
|
||||||
case "define('NONCE_SA":
|
case "define('NONCE_SA":
|
||||||
if ( $secret_keys )
|
$configFile[$line_num] = str_replace('put your unique phrase here', $secret_keys[$key++], $line );
|
||||||
$configFile[$line_num] = str_replace('put your unique phrase here', substr( $secret_keys[$key++], 28, 64 ), $line );
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -37,7 +37,7 @@ define('DB_COLLATE', '');
|
|||||||
* Authentication Unique Keys and Salts.
|
* Authentication Unique Keys and Salts.
|
||||||
*
|
*
|
||||||
* Change these to different unique phrases!
|
* Change these to different unique phrases!
|
||||||
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/?salt=1 WordPress.org secret-key service}
|
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
|
||||||
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
|
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
|
||||||
*
|
*
|
||||||
* @since 2.6.0
|
* @since 2.6.0
|
||||||
|
@ -1495,11 +1495,15 @@ function wp_rand( $min = 0, $max = 0 ) {
|
|||||||
// Reset $rnd_value after 14 uses
|
// Reset $rnd_value after 14 uses
|
||||||
// 32(md5) + 40(sha1) + 40(sha1) / 8 = 14 random numbers from $rnd_value
|
// 32(md5) + 40(sha1) + 40(sha1) / 8 = 14 random numbers from $rnd_value
|
||||||
if ( strlen($rnd_value) < 8 ) {
|
if ( strlen($rnd_value) < 8 ) {
|
||||||
|
if ( defined( 'WP_SETUP_CONFIG' ) )
|
||||||
|
static $seed = '';
|
||||||
|
else
|
||||||
$seed = get_transient('random_seed');
|
$seed = get_transient('random_seed');
|
||||||
$rnd_value = md5( uniqid(microtime() . mt_rand(), true ) . $seed );
|
$rnd_value = md5( uniqid(microtime() . mt_rand(), true ) . $seed );
|
||||||
$rnd_value .= sha1($rnd_value);
|
$rnd_value .= sha1($rnd_value);
|
||||||
$rnd_value .= sha1($rnd_value . $seed);
|
$rnd_value .= sha1($rnd_value . $seed);
|
||||||
$seed = md5($seed . $rnd_value);
|
$seed = md5($seed . $rnd_value);
|
||||||
|
if ( ! defined( 'WP_SETUP_CONFIG' ) )
|
||||||
set_transient('random_seed', $seed);
|
set_transient('random_seed', $seed);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user