Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F726882
D478.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Mon, Jan 6, 2:22 AM
Size
3 KB
Mime Type
text/x-diff
Expires
Tue, Jan 7, 2:22 AM (2 d, 20 h ago)
Engine
blob
Format
Raw Data
Handle
536971
Attached To
D478: INP-1756 - Create "Security*" classes for security-related jobs
D478.diff
View Options
Index: branches/5.3.x/core/install.php
===================================================================
--- branches/5.3.x/core/install.php
+++ branches/5.3.x/core/install.php
@@ -607,6 +607,10 @@
}
switch ($this->currentStep) {
+ case 'check_paths':
+ $this->generateSecurityKeys();
+ break;
+
case 'db_config':
case 'db_reconfig':
// store db configuration
@@ -620,33 +624,6 @@
$this->Conn->Query('SET NAMES \''.$this->toolkit->systemConfig->get('DBCharset', 'Database').'\' COLLATE \''.$this->toolkit->systemConfig->get('DBCollation', 'Database').'\'');
}
- if ( !$this->toolkit->systemConfig->get('SecurityHmacKey', 'Misc')
- || !$this->toolkit->systemConfig->get('SecurityEncryptionKey', 'Misc')
- ) {
- // Include class declarations manually, because kApplication isn't available.
- require_once FULL_PATH . '/core/kernel/security/SecurityEncrypter.php';
- require_once FULL_PATH . '/core/kernel/security/SecurityGenerator.php';
- require_once FULL_PATH . '/core/kernel/security/SecurityGeneratorPromise.php';
-
- // Include dependencies, to make "random_int" function available in earlier PHP versions.
- require_once FULL_PATH . '/vendor/autoload.php';
-
- // Generate missing security-related settings.
- $this->toolkit->systemConfig->set(
- 'SecurityHmacKey',
- 'Misc',
- base64_encode(SecurityGenerator::generateString(
- SecurityEncrypter::HASHING_KEY_LENGTH,
- SecurityGenerator::CHAR_ALNUM | SecurityGenerator::CHAR_SYMBOLS
- ))
- );
- $this->toolkit->systemConfig->set(
- 'SecurityEncryptionKey',
- 'Misc',
- SecurityGenerator::generateBytes(SecurityEncrypter::ENCRYPTION_KEY_LENGTH)
- );
- }
-
$this->toolkit->systemConfig->save();
if ($this->currentStep == 'db_config') {
@@ -1095,6 +1072,44 @@
}
}
+ /**
+ * Generates a security keys.
+ *
+ * @return void
+ */
+ protected function generateSecurityKeys()
+ {
+ if ( $this->toolkit->systemConfig->get('SecurityHmacKey', 'Misc')
+ && $this->toolkit->systemConfig->get('SecurityEncryptionKey', 'Misc')
+ ) {
+ return;
+ }
+
+ // Include class declarations manually, because kApplication isn't available.
+ require_once FULL_PATH . '/core/kernel/security/SecurityEncrypter.php';
+ require_once FULL_PATH . '/core/kernel/security/SecurityGenerator.php';
+ require_once FULL_PATH . '/core/kernel/security/SecurityGeneratorPromise.php';
+
+ // Include dependencies, to make "random_int" function available in earlier PHP versions.
+ require_once FULL_PATH . '/vendor/autoload.php';
+
+ // Generate missing security-related settings.
+ $this->toolkit->systemConfig->set(
+ 'SecurityHmacKey',
+ 'Misc',
+ base64_encode(SecurityGenerator::generateString(
+ SecurityEncrypter::HASHING_KEY_LENGTH,
+ SecurityGenerator::CHAR_ALNUM | SecurityGenerator::CHAR_SYMBOLS
+ ))
+ );
+ $this->toolkit->systemConfig->set(
+ 'SecurityEncryptionKey',
+ 'Misc',
+ SecurityGenerator::generateBytes(SecurityEncrypter::ENCRYPTION_KEY_LENGTH)
+ );
+ $this->toolkit->systemConfig->save();
+ }
+
function getUpgradeDependencies($modules, &$upgrade_data)
{
$dependencies = Array ();
Event Timeline
Log In to Comment