summaryrefslogtreecommitdiffstats
path: root/lib/private/setup.php
diff options
context:
space:
mode:
authorLukas Reschke <lukas@owncloud.com>2014-08-26 19:02:40 +0200
committerLukas Reschke <lukas@owncloud.com>2014-08-27 00:18:04 +0200
commitd26a9c3c5819be48b76586c2fa60da9a7a9829dd (patch)
treefe50b3b1b7e785d644dd76e26c06dde375539b53 /lib/private/setup.php
parent3115053bbb3a1ba5d0bb3562bea6b7ef94a09cd0 (diff)
downloadnextcloud-server-d26a9c3c5819be48b76586c2fa60da9a7a9829dd.tar.gz
nextcloud-server-d26a9c3c5819be48b76586c2fa60da9a7a9829dd.zip
Add some security utilities
This adds some security utilities to core including: - A library for basic crypto operations (e.g. to encrypt passwords) - A better library for cryptographic actions which allows you to specify the charset - A library for secure string comparisions Remove .htaccess Remove .htaccess Fix typo Add public API Use timing constant comparision Remove CBC constant Adjust code Remove confusing $this
Diffstat (limited to 'lib/private/setup.php')
-rw-r--r--lib/private/setup.php17
1 files changed, 11 insertions, 6 deletions
diff --git a/lib/private/setup.php b/lib/private/setup.php
index fdf98ab0959..9ea1690b6d9 100644
--- a/lib/private/setup.php
+++ b/lib/private/setup.php
@@ -67,14 +67,19 @@ class OC_Setup {
}
//generate a random salt that is used to salt the local user passwords
- $salt = OC_Util::generateRandomBytes(30);
- OC_Config::setValue('passwordsalt', $salt);
+ $salt = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(30);
+ \OC::$server->getConfig()->setSystemValue('passwordsalt', $salt);
+
+ // generate a secret
+ $secret = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(48);
+ \OC::$server->getConfig()->setSystemValue('secret', $secret);
//write the config file
- OC_Config::setValue('trusted_domains', $trustedDomains);
- OC_Config::setValue('datadirectory', $datadir);
- OC_Config::setValue('dbtype', $dbtype);
- OC_Config::setValue('version', implode('.', OC_Util::getVersion()));
+ \OC::$server->getConfig()->setSystemValue('trusted_domains', $trustedDomains);
+ \OC::$server->getConfig()->setSystemValue('datadirectory', $datadir);
+ \OC::$server->getConfig()->setSystemValue('dbtype', $dbtype);
+ \OC::$server->getConfig()->setSystemValue('version', implode('.', OC_Util::getVersion()));
+
try {
$dbSetup->initialize($options);
$dbSetup->setupDatabase($username);
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-08 12:53:03 +0000