diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-11-11 14:04:33 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-11-11 14:04:33 +0000 |
| commit | e9f9927534d8a4be9145819fcb78a5d02de24e88 (patch) | |
| tree | 3641031da54cb766c414a656f5869c48931d6ec8 | |
| parent | 981a6223e40ef7d1550f155202279dee5b7f8978 (diff) | |
| download | redmine-e9f9927534d8a4be9145819fcb78a5d02de24e88.tar.gz redmine-e9f9927534d8a4be9145819fcb78a5d02de24e88.zip | |
Fixed: Error when reading ciphered text from the database without cipher key configured (#9552).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@7780 e93f8b46-1217-0410-a6f0-8f06a7374b81
| -rw-r--r-- | lib/redmine/ciphering.rb | 8 | ||||
| -rw-r--r-- | test/unit/lib/redmine/ciphering_test.rb | 14 |
2 files changed, 22 insertions, 0 deletions
diff --git a/lib/redmine/ciphering.rb b/lib/redmine/ciphering.rb index 2fb2dca86..b07d9fa09 100644 --- a/lib/redmine/ciphering.rb +++ b/lib/redmine/ciphering.rb @@ -39,6 +39,10 @@ module Redmine def decrypt_text(text) if text && match = text.match(/\Aaes-256-cbc:(.+)\Z/) + if cipher_key.blank? + logger.error "Attempt to decrypt a ciphered text with no cipher key configured in config/configuration.yml" if logger + return text + end text = match[1] c = OpenSSL::Cipher::Cipher.new("aes-256-cbc") e, iv = text.split("--").map {|s| Base64.decode64(s)} @@ -56,6 +60,10 @@ module Redmine key = Redmine::Configuration['database_cipher_key'].to_s key.blank? ? nil : Digest::SHA256.hexdigest(key) end + + def logger + RAILS_DEFAULT_LOGGER + end end module ClassMethods diff --git a/test/unit/lib/redmine/ciphering_test.rb b/test/unit/lib/redmine/ciphering_test.rb index be4206f5f..6c0e0e368 100644 --- a/test/unit/lib/redmine/ciphering_test.rb +++ b/test/unit/lib/redmine/ciphering_test.rb @@ -53,6 +53,20 @@ class Redmine::CipheringTest < ActiveSupport::TestCase assert_equal 'clear', r.password end end + + def test_ciphered_password_with_no_cipher_key_configured_should_be_returned_ciphered + Redmine::Configuration.with 'database_cipher_key' => 'secret' do + r = Repository::Subversion.generate!(:password => 'clear') + end + + Redmine::Configuration.with 'database_cipher_key' => '' do + r = Repository.first(:order => 'id DESC') + # password can not be deciphered + assert_nothing_raised do + assert r.password.match(/\Aaes-256-cbc:.+\Z/) + end + end + end def test_encrypt_all Repository.delete_all |