diff options
| author | Denis Denisov <denji@users.noreply.github.com> | 2016-12-20 14:32:02 +0200 |
|---|---|---|
| committer | Thomas Boerger <thomas@webhippie.de> | 2016-12-20 13:32:02 +0100 |
| commit | 380e32e129d7a8868b9853e92e208a97e3ac125f (patch) | |
| tree | 3b7ffc74a7f28f9c165ee4a780e52053d9f749fd /models | |
| parent | 952587dbae987e05fb36f0ff56bf5eff92ae1080 (diff) | |
| download | gitea-380e32e129d7a8868b9853e92e208a97e3ac125f.tar.gz gitea-380e32e129d7a8868b9853e92e208a97e3ac125f.zip | |
Fix random string generator (#384)
* Remove unused custom-alphabet feature of random string generator
Fix random string generator
Random string generator should return error if it fails to read random data via crypto/rand
* Fixes variable (un)initialization mixed assign
Update test GetRandomString
Diffstat (limited to 'models')
| -rw-r--r-- | models/migrations/migrations.go | 8 | ||||
| -rw-r--r-- | models/org.go | 8 | ||||
| -rw-r--r-- | models/user.go | 10 | ||||
| -rw-r--r-- | models/user_mail.go | 4 |
4 files changed, 22 insertions, 8 deletions
diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go index 9c37da4a3a..2d5aba7546 100644 --- a/models/migrations/migrations.go +++ b/models/migrations/migrations.go @@ -457,8 +457,12 @@ func generateOrgRandsAndSalt(x *xorm.Engine) (err error) { } for _, org := range orgs { - org.Rands = base.GetRandomString(10) - org.Salt = base.GetRandomString(10) + if org.Rands, err = base.GetRandomString(10); err != nil { + return err + } + if org.Salt, err = base.GetRandomString(10); err != nil { + return err + } if _, err = sess.Id(org.ID).Update(org); err != nil { return err } diff --git a/models/org.go b/models/org.go index 4a81814bae..9908386f0d 100644 --- a/models/org.go +++ b/models/org.go @@ -109,8 +109,12 @@ func CreateOrganization(org, owner *User) (err error) { } org.LowerName = strings.ToLower(org.Name) - org.Rands = GetUserSalt() - org.Salt = GetUserSalt() + if org.Rands, err = GetUserSalt(); err != nil { + return err + } + if org.Salt, err = GetUserSalt(); err != nil { + return err + } org.UseCustomAvatar = true org.MaxRepoCreation = -1 org.NumTeams = 1 diff --git a/models/user.go b/models/user.go index a9a7ba5948..1b8ebce432 100644 --- a/models/user.go +++ b/models/user.go @@ -532,7 +532,7 @@ func IsUserExist(uid int64, name string) (bool, error) { } // GetUserSalt returns a ramdom user salt token. -func GetUserSalt() string { +func GetUserSalt() (string, error) { return base.GetRandomString(10) } @@ -604,8 +604,12 @@ func CreateUser(u *User) (err error) { u.LowerName = strings.ToLower(u.Name) u.AvatarEmail = u.Email u.Avatar = base.HashEmail(u.AvatarEmail) - u.Rands = GetUserSalt() - u.Salt = GetUserSalt() + if u.Rands, err = GetUserSalt(); err != nil { + return err + } + if u.Salt, err = GetUserSalt(); err != nil { + return err + } u.EncodePasswd() u.MaxRepoCreation = -1 diff --git a/models/user_mail.go b/models/user_mail.go index 49d1bf78b2..ce29354771 100644 --- a/models/user_mail.go +++ b/models/user_mail.go @@ -122,7 +122,9 @@ func (email *EmailAddress) Activate() error { if err != nil { return err } - user.Rands = GetUserSalt() + if user.Rands, err = GetUserSalt(); err != nil { + return err + } sess := x.NewSession() defer sessionRelease(sess) |