diff options
author | Codruț Constantin Gușoi <codrut.gusoi@gmail.com> | 2018-02-18 18:14:37 +0000 |
---|---|---|
committer | Lauris BH <lauris@nix.lv> | 2018-02-18 20:14:37 +0200 |
commit | 96c268c0fcc22604103f67821d66fef39944e80b (patch) | |
tree | fb5a97ff8557ae18dd22b227e52fcd811320eac3 /modules/setting | |
parent | e59fe7c8d9eb8e49858cb2d59e8732f6058756ff (diff) | |
download | gitea-96c268c0fcc22604103f67821d66fef39944e80b.tar.gz gitea-96c268c0fcc22604103f67821d66fef39944e80b.zip |
Implements generator cli for secrets (#3531)
Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
Diffstat (limited to 'modules/setting')
-rw-r--r-- | modules/setting/setting.go | 28 |
1 files changed, 5 insertions, 23 deletions
diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 936dac85c4..9ef175d20e 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -6,10 +6,8 @@ package setting import ( - "crypto/rand" "encoding/base64" "fmt" - "io" "net" "net/mail" "net/url" @@ -24,12 +22,12 @@ import ( "time" "code.gitea.io/git" + "code.gitea.io/gitea/modules/generate" "code.gitea.io/gitea/modules/log" _ "code.gitea.io/gitea/modules/minwinsvc" // import minwinsvc for windows services "code.gitea.io/gitea/modules/user" "github.com/Unknwon/com" - "github.com/dgrijalva/jwt-go" _ "github.com/go-macaron/cache/memcache" // memcache plugin for cache _ "github.com/go-macaron/cache/redis" "github.com/go-macaron/session" @@ -834,16 +832,12 @@ func NewContext() { n, err := base64.RawURLEncoding.Decode(LFS.JWTSecretBytes, []byte(LFS.JWTSecretBase64)) if err != nil || n != 32 { - //Generate new secret and save to config - - _, err := io.ReadFull(rand.Reader, LFS.JWTSecretBytes) - + LFS.JWTSecretBase64, err = generate.NewLfsJwtSecret() if err != nil { - log.Fatal(4, "Error reading random bytes: %v", err) + log.Fatal(4, "Error generating JWT Secret for custom config: %v", err) + return } - LFS.JWTSecretBase64 = base64.RawURLEncoding.EncodeToString(LFS.JWTSecretBytes) - // Save secret cfg := ini.Empty() if com.IsFile(CustomConf) { @@ -913,19 +907,7 @@ func NewContext() { DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false) InternalToken = sec.Key("INTERNAL_TOKEN").String() if len(InternalToken) == 0 { - secretBytes := make([]byte, 32) - _, err := io.ReadFull(rand.Reader, secretBytes) - if err != nil { - log.Fatal(4, "Error reading random bytes: %v", err) - } - - secretKey := base64.RawURLEncoding.EncodeToString(secretBytes) - - now := time.Now() - InternalToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{ - "nbf": now.Unix(), - }).SignedString([]byte(secretKey)) - + InternalToken, err = generate.NewInternalToken() if err != nil { log.Fatal(4, "Error generate internal token: %v", err) } |