Issue #2286837 by ParisLiakos, damiankloip: Remove drupal_get_hash_salt().
Alex Pott
parent
8074550db8
commit
8878f6b107
|
|
@ -1043,19 +1043,6 @@ function drupal_get_user_timezone() {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets a salt useful for hardening against SQL injection.
|
||||
*
|
||||
* @return
|
||||
* A salt based on information in settings.php, not in the database.
|
||||
*
|
||||
* @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0. Use
|
||||
* \Drupal\Core\Site\Settings::getHashSalt() instead.
|
||||
*/
|
||||
function drupal_get_hash_salt() {
|
||||
return Settings::getHashSalt();
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides custom PHP error handling.
|
||||
*
|
||||
|
|
@ -1548,7 +1535,7 @@ function drupal_classloader($class_loader = NULL) {
|
|||
}
|
||||
if ($class_loader === 'apc') {
|
||||
require_once __DIR__ . '/../vendor/symfony/class-loader/Symfony/Component/ClassLoader/ApcClassLoader.php';
|
||||
$apc_loader = new ApcClassLoader('drupal.' . drupal_get_hash_salt(), $loader);
|
||||
$apc_loader = new ApcClassLoader('drupal.' . Settings::getHashSalt(), $loader);
|
||||
$loader->unregister();
|
||||
$apc_loader->register();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2569,10 +2569,10 @@ function drupal_get_private_key() {
|
|||
*
|
||||
* @return string
|
||||
* A 43-character URL-safe token for validation, based on the user session ID,
|
||||
* the hash salt provided from drupal_get_hash_salt(), and the
|
||||
* the hash salt provided from Settings::getHashSalt(), and the
|
||||
* 'drupal_private_key' configuration variable.
|
||||
*
|
||||
* @see drupal_get_hash_salt()
|
||||
* @see \Drupal\Core\Site\Settings::getHashSalt()
|
||||
* @see \Drupal\Core\Access\CsrfTokenGenerator
|
||||
* @see \Drupal\Core\Session\SessionManager::start()
|
||||
*
|
||||
|
|
|
|||
|
|
@ -49,10 +49,10 @@ class CsrfTokenGenerator {
|
|||
*
|
||||
* @return string
|
||||
* A 43-character URL-safe token for validation, based on the token seed,
|
||||
* the hash salt provided by drupal_get_hash_salt(), and the
|
||||
* the hash salt provided by Settings::getHashSalt(), and the
|
||||
* 'drupal_private_key' configuration variable.
|
||||
*
|
||||
* @see drupal_get_hash_salt()
|
||||
* @see \Drupal\Core\Site\Settings::getHashSalt()
|
||||
* @see \Drupal\Core\Session\SessionManager::start()
|
||||
*/
|
||||
public function get($value = '') {
|
||||
|
|
@ -92,8 +92,10 @@ class CsrfTokenGenerator {
|
|||
*
|
||||
* @return string
|
||||
* A 43-character URL-safe token for validation, based on the token seed,
|
||||
* the hash salt provided by drupal_get_hash_salt(), and the
|
||||
* the hash salt provided by Settings::getHashSalt(), and the
|
||||
* 'drupal_private_key' configuration variable.
|
||||
*
|
||||
* @see \Drupal\Core\Site\Settings::getHashSalt()
|
||||
*/
|
||||
protected function computeToken($seed, $value = '') {
|
||||
return Crypt::hmacBase64($value, $seed . $this->privateKey->get() . Settings::getHashSalt());
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ class PhpStorageFactory {
|
|||
else {
|
||||
$configuration = array(
|
||||
'class' => 'Drupal\Component\PhpStorage\MTimeProtectedFileStorage',
|
||||
'secret' => drupal_get_hash_salt(),
|
||||
'secret' => Settings::getHashSalt(),
|
||||
);
|
||||
}
|
||||
$class = isset($configuration['class']) ? $configuration['class'] : 'Drupal\Component\PhpStorage\MTimeProtectedFileStorage';
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ use Drupal\Core\Config\Entity\ConfigEntityBase;
|
|||
use Drupal\Core\Entity\EntityStorageInterface;
|
||||
use Drupal\Core\Entity\EntityWithPluginBagsInterface;
|
||||
use Drupal\Core\Routing\RequestHelper;
|
||||
use Drupal\Core\Site\Settings;
|
||||
use Drupal\image\ImageEffectBag;
|
||||
use Drupal\image\ImageEffectInterface;
|
||||
use Drupal\image\ImageStyleInterface;
|
||||
|
|
@ -308,7 +309,7 @@ class ImageStyle extends ConfigEntityBase implements ImageStyleInterface, Entity
|
|||
*/
|
||||
public function getPathToken($uri) {
|
||||
// Return the first 8 characters.
|
||||
return substr(Crypt::hmacBase64($this->id() . ':' . $uri, \Drupal::service('private_key')->get() . drupal_get_hash_salt()), 0, 8);
|
||||
return substr(Crypt::hmacBase64($this->id() . ':' . $uri, \Drupal::service('private_key')->get() . Settings::getHashSalt()), 0, 8);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ class DrupalKernelTest extends DrupalUnitTestBase {
|
|||
'bin' => 'service_container',
|
||||
'class' => 'Drupal\Component\PhpStorage\MTimeProtectedFileStorage',
|
||||
'directory' => DRUPAL_ROOT . '/' . $this->public_files_directory . '/php',
|
||||
'secret' => drupal_get_hash_salt(),
|
||||
'secret' => Settings::getHashSalt(),
|
||||
)));
|
||||
|
||||
$this->classloader = drupal_classloader();
|
||||
|
|
|
|||
|
|
@ -658,7 +658,7 @@ function update_storage_clear() {
|
|||
function _update_manager_unique_identifier() {
|
||||
$id = &drupal_static(__FUNCTION__, '');
|
||||
if (empty($id)) {
|
||||
$id = substr(hash('sha256', drupal_get_hash_salt()), 0, 8);
|
||||
$id = substr(hash('sha256', Settings::getHashSalt()), 0, 8);
|
||||
}
|
||||
return $id;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@ use Drupal\Core\Session\AccountInterface;
|
|||
use Drupal\Core\PrivateKey;
|
||||
use Drupal\Core\Cache\Cache;
|
||||
use Drupal\Core\Cache\CacheBackendInterface;
|
||||
use Drupal\Core\Site\Settings;
|
||||
|
||||
/**
|
||||
* Generates and caches the permissions hash for a user.
|
||||
|
|
@ -81,7 +82,7 @@ class PermissionsHash implements PermissionsHashInterface {
|
|||
sort($permissions);
|
||||
$permissions_by_role[$role] = $permissions;
|
||||
}
|
||||
return hash('sha256', $this->privateKey->get() . drupal_get_hash_salt() . serialize($permissions_by_role));
|
||||
return hash('sha256', $this->privateKey->get() . Settings::getHashSalt() . serialize($permissions_by_role));
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,8 +7,9 @@
|
|||
|
||||
namespace Drupal\user\Tests {
|
||||
|
||||
use Drupal\Tests\UnitTestCase;
|
||||
use Drupal\Component\Utility\Crypt;
|
||||
use Drupal\Core\Site\Settings;
|
||||
use Drupal\Tests\UnitTestCase;
|
||||
use Drupal\user\PermissionsHash;
|
||||
|
||||
|
||||
|
|
@ -81,6 +82,8 @@ class PermissionsHashTest extends UnitTestCase {
|
|||
protected function setUp() {
|
||||
parent::setUp();
|
||||
|
||||
new Settings(array('hash_salt' => 'test'));
|
||||
|
||||
// Account 1: 'administrator' and 'authenticated' roles.
|
||||
$roles_1 = array('administrator', 'authenticated');
|
||||
$this->account_1 = $this->getMockBuilder('Drupal\user\Entity\User')
|
||||
|
|
@ -196,17 +199,4 @@ namespace {
|
|||
}
|
||||
}
|
||||
|
||||
// @todo remove once drupal_get_hash_salt() can be injected.
|
||||
if (!function_exists('drupal_get_hash_salt')) {
|
||||
function drupal_get_hash_salt() {
|
||||
static $salt;
|
||||
|
||||
if (!isset($salt)) {
|
||||
$salt = Drupal\Component\Utility\Crypt::randomBytesBase64(55);
|
||||
}
|
||||
|
||||
return $salt;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ use Drupal\Core\Session\AccountInterface;
|
|||
use Drupal\Core\Session\AnonymousUserSession;
|
||||
use \Drupal\Core\Entity\Display\EntityViewDisplayInterface;
|
||||
use Drupal\Core\Url;
|
||||
use Drupal\Core\Site\Settings;
|
||||
use Drupal\file\Entity\File;
|
||||
use Drupal\user\Entity\Role;
|
||||
use Drupal\user\Entity\User;
|
||||
|
|
@ -844,7 +845,7 @@ function user_cancel_url($account, $options = array()) {
|
|||
* A string that is safe for use in URLs and SQL statements.
|
||||
*/
|
||||
function user_pass_rehash($password, $timestamp, $login) {
|
||||
return Crypt::hmacBase64($timestamp . $login, drupal_get_hash_salt() . $password);
|
||||
return Crypt::hmacBase64($timestamp . $login, Settings::getHashSalt() . $password);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Reference in New Issue