Issue #128110 by kasperg: Replace key.php file with an entry in settings.php
Greg Dunlap
parent
acbd1a7a5c
commit
868915b6ca
|
|
@ -13,7 +13,6 @@ echo config('foo.bar')->foo;
|
|||
echo '<br>That should be bar';
|
||||
die();
|
||||
|
||||
config_write_signed_file_storage_key();
|
||||
//echo config_sign_data('onetwothree');
|
||||
$sfs = new SignedFileStorage('one.two');
|
||||
|
||||
|
|
|
|||
|
|
@ -716,7 +716,7 @@ function drupal_settings_initialize() {
|
|||
global $base_url, $base_path, $base_root;
|
||||
|
||||
// Export the following settings.php variables to the global namespace
|
||||
global $databases, $cookie_domain, $conf, $installed_profile, $update_free_access, $db_url, $db_prefix, $drupal_hash_salt, $is_https, $base_secure_url, $base_insecure_url, $drupal_config_directory_name;
|
||||
global $databases, $cookie_domain, $conf, $installed_profile, $update_free_access, $db_url, $db_prefix, $drupal_hash_salt, $is_https, $base_secure_url, $base_insecure_url, $drupal_config_directory_name, $drupal_config_key;
|
||||
$conf = array();
|
||||
|
||||
if (file_exists(DRUPAL_ROOT . '/' . conf_path() . '/settings.php')) {
|
||||
|
|
|
|||
|
|
@ -42,23 +42,6 @@ function config_get_signed_file_storage_names_with_prefix($prefix = '') {
|
|||
return array_map($clean_name, $files);
|
||||
}
|
||||
|
||||
/**
|
||||
* Write our signing key out to the filesystem.
|
||||
*
|
||||
* @param $force_rekey
|
||||
* Boolean to specify whether we should force a new key to be generated
|
||||
* and written, even if a key file exists already.
|
||||
*/
|
||||
function config_write_signed_file_storage_key($force_rekey = FALSE) {
|
||||
$file_path = conf_path() . '/key.php';
|
||||
if (!file_exists($file_path) || $force_rekey) {
|
||||
$key = drupal_hash_base64(drupal_random_bytes(55));
|
||||
if (!file_put_contents($file_path, '<?php die(); ' . $key . "\n")) {
|
||||
throw new Exception('Failed to write configuration signing key.');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a hash of a config file's contents using our encryption key.
|
||||
*
|
||||
|
|
@ -68,17 +51,11 @@ function config_write_signed_file_storage_key($force_rekey = FALSE) {
|
|||
* A hash of the data.
|
||||
*/
|
||||
function config_sign_data($data) {
|
||||
$file = file_get_contents(conf_path() . '/key.php');
|
||||
if ($file === FALSE) {
|
||||
throw new Exception('Key file not found.');
|
||||
}
|
||||
|
||||
// Strip the header from the file contents.
|
||||
$parts = explode(' ', $file);
|
||||
$key = $parts[2];
|
||||
// The configuration key is loaded from settings.php and imported into the global namespace
|
||||
global $drupal_config_key;
|
||||
|
||||
// SHA-512 is both secure and very fast on 64 bit CPUs.
|
||||
return hash_hmac('sha512', $data, $key);
|
||||
return hash_hmac('sha512', $data, $drupal_config_key);
|
||||
}
|
||||
|
||||
class ConfigException extends Exception {}
|
||||
|
|
|
|||
|
|
@ -969,13 +969,20 @@ function install_settings_form_submit($form, &$form_state) {
|
|||
'value' => drupal_hash_base64(drupal_random_bytes(55)),
|
||||
'required' => TRUE,
|
||||
);
|
||||
|
||||
$settings['drupal_config_key'] = array(
|
||||
'value' => drupal_hash_base64(drupal_random_bytes(55)),
|
||||
'required' => TRUE,
|
||||
);
|
||||
|
||||
// This duplicates drupal_get_token() because that function can't work yet.
|
||||
// Wondering if it makes sense to move this later in the process, but its
|
||||
// nice having all the settings stuff here.
|
||||
$settings['drupal_config_directory_name'] = array(
|
||||
'value' => 'config_' . drupal_hmac_base64('', session_id() . drupal_hash_base64(drupal_random_bytes(55)) . $settings['drupal_hash_salt']['value']),
|
||||
'value' => 'config_' . drupal_hmac_base64('', session_id() . $settings['drupal_config_key']['value'] . $settings['drupal_hash_salt']['value']),
|
||||
'required' => TRUE,
|
||||
);
|
||||
|
||||
drupal_rewrite_settings($settings);
|
||||
// Actually create the config directory named above.
|
||||
$config_path = conf_path() . '/files/' . $settings['drupal_config_directory_name']['value'];
|
||||
|
|
|
|||
|
|
@ -437,6 +437,10 @@ function module_enable($module_list, $enable_dependencies = TRUE) {
|
|||
$versions = drupal_get_schema_versions($module);
|
||||
$version = $versions ? max($versions) : SCHEMA_INSTALLED;
|
||||
|
||||
// Copy any default configuration data to the system config directory/
|
||||
// if (is_dir()) {
|
||||
// # code...
|
||||
// }
|
||||
// If the module has no current updates, but has some that were
|
||||
// previously removed, set the version to the value of
|
||||
// hook_update_last_removed().
|
||||
|
|
|
|||
|
|
@ -227,6 +227,13 @@ $drupal_hash_salt = '';
|
|||
*/
|
||||
$drupal_config_directory_name = '';
|
||||
|
||||
/**
|
||||
* Configuration key.
|
||||
*
|
||||
* Drupal configuration files are signed using this key.
|
||||
*/
|
||||
$drupal_config_key = '';
|
||||
|
||||
/**
|
||||
* Base URL (optional).
|
||||
*
|
||||
|
|
|
|||
|
|
@ -1 +0,0 @@
|
|||
<?php die(); qDYpUJKq-cF1sQLjx2uqNSyw4AlCmG6CER5GHG-cy68
|
||||
Loading…
Reference in New Issue