Commits

Arjan Scherpenisse committed c63dec3

Put the sign_key and sign_key simple in the config table.

This fixes issue #148.

Config files and config.in are a lot simpler now, without the whole
story about the secureness of the system (zotonic now generates a
secure key itself).

If you keep the sign_keys in the config file, they still will be used.

Comments (0)

Files changed (9)

modules/mod_admin_config/actions/action_admin_config_config_delete.erl

 event({postback, {config_delete, Module, Key, OnSuccess}, _TriggerId, _TargetId}, Context) ->
     case z_acl:is_allowed(use, mod_admin_config, Context) of
         true ->
+            ?DEBUG(11),
             ok = m_config:delete(Module, Key, Context),
+            ?DEBUG(22),
             z_render:wire(OnSuccess, Context);
         false ->
             z_render:growl_error("Only administrators can delete configurations.", Context)

priv/sites/testsandbox/config.in

     {dbdatabase, "zotonic_testsandbox"},
 
     % Admin password, used during installation. You can change it later
-    {admin_password, "admin"},
-    
-    {sign_key_simple, <<"testsandbox">>},
-    {sign_key, <<"testsandbox">>}
+    {admin_password, "admin"}
 ].

priv/sites/zotonic_status/config

 	% This site doesn't use a database connection
 	{dbdatabase, none},
 
-    % Key used for signing image urls with image manipulations (crop, rotate, resize, etc.)
     {sign_key_simple, <<>>},
-    
-    % Key used for signing postbacks - this _must_ be a hard to guess key, otherwise your system is insecure.
-    % When not defined, then zotonic will generate a new key on every restart.
-    % When a new key is generated then all postbacks from old html pages will fail.
     {sign_key, <<>>},
 
 	% Installed modules, defined here as there is no database connection

priv/sites/zotonicwww/config.in

     {dbdatabase, "zotonic"},
     
     % Password for the 'admin' user.
-    {admin_password, "admin"},
-
-    % Key used for signing image urls with image manipulations (crop, rotate, resize, etc.)
-    % A new key will also forces regenerating images, which takes cpu time and will fill your hard disk.
-    {sign_key_simple, <<"--change-me--">>},
-    
-    % Key used for signing postbacks - this _must_ be a hard to guess key, otherwise your system is insecure.
-    % When not defined, then zotonic will generate a new key on every restart.
-    % When a new key is generated then all postbacks from old html pages will fail.
-    {sign_key, <<"--change-me--">>}
+    {admin_password, "admin"}
 ].

priv/skel/blog/config.in

     % What skeleton site this site is based on; for installing the initial data.
     {skeleton, %%SKEL%%},
  
-    % Now you'll need to construct two keys. They should be short strings of random characters. Like good passwords, they should be hard to guess.
-
-    % Key used for signing image urls with image manipulations (crop, rotate, resize, etc.)
-    %  This key will help prevent denial of service attacks.
-    % A new key will also forces regenerating images, which takes cpu time and will fill your hard disk.
-    {sign_key_simple, <<"--change-me--">>},
-    
-    % Key used for signing postbacks - this _must_ be a hard to guess key, otherwise your system is insecure.
-    % When not defined, then zotonic will generate a new key on every restart.
-    % When a new key is generated then all postbacks from old html pages will fail.
-    {sign_key, <<"--change-me--">>},
-
     %% Specific options
 
     %% Title of your site

priv/skel/empty/config.in

     {admin_password, "admin"},
 
     % What skeleton site this site is based on; for installing the initial data.
-    {skeleton, %%SKEL%%},
-
-    % Now you'll need to construct two keys. They should be short strings of random characters. Like good passwords, they should be hard to guess.
-
-    % Key used for signing image urls with image manipulations (crop, rotate, resize, etc.)
-    %  This key will help prevent denial of service attacks.
-    % A new key will also forces regenerating images, which takes cpu time and will fill your hard disk.
-    {sign_key_simple, <<"--change-me--">>},
-
-    % Key used for signing postbacks - this _must_ be a hard to guess key, otherwise your system is insecure.
-    % When not defined, then zotonic will generate a new key on every restart.
-    % When a new key is generated then all postbacks from old html pages will fail.
-    {sign_key, <<"--change-me--">>}
+    {skeleton, %%SKEL%%}
 ].

src/models/m_config.erl

         0 -> z_db:insert(config, [{module,Module}, {key, Key}, {value, Value}], Context);
         1 -> ok
     end,
-    z_depcache:flush(config, Context).
+    z_depcache:flush(config, Context),
+    ok.
 
 
 %% @doc Set a "complex" config value.
         undefined -> z_db:insert(config, [{module,Module}, {key,Key}, {Prop,PropValue}], Context);
         Id -> z_db:update(config, Id, [{Prop,PropValue}], Context)
     end,
-    z_depcache:flush(config, Context).
+    z_depcache:flush(config, Context),
+    ok.
 
 
 %% @doc Delete the specified module/key combination
+%% @spec delete(Module::atom(), Key::atom(), #context{}) -> ok
 delete(Module, Key, Context) ->
     z_db:q("delete from config where module = $1 and key = $2", [Module, Key], Context),
-    z_depcache:flush(config, Context).
+    z_depcache:flush(config, Context),
+    ok.
 
 
 %% @doc Lookup the unique id in the config table from the module/key combination.

src/support/z_ids.erl

     fix_seed/0
 ]).
 
--record(state, {sign_key, sign_key_simple}).
+-record(state, {}).
+-include("zotonic.hrl").
 
 start_tests() -> gen_server:start({local, ?MODULE}, ?MODULE, [[{fixed_seed,true}]], []).
 start_link() -> gen_server:start_link({local, ?MODULE}, ?MODULE, [], []).
 %% @spec sign_key(Context) -> binary()
 %% @doc Get the key for signing requests stored in the user agent.
 sign_key(Context) ->
-    case m_site:get(sign_key, Context) of
-        SiteKey when not is_binary(SiteKey) orelse SiteKey =:= <<"--change-me--">> -> 
-            gen_server:call(?MODULE, sign_key);
+    case m_config:get_value(site, sign_key, Context) of
+        undefined ->
+            Key = list_to_binary(generate_id(50)),
+            m_config:set_value(site, sign_key, Key, Context),
+            Key;
         SignKey -> 
             SignKey
     end.
 %% @spec sign_key_simple(Context) -> binary()
 %% @doc Get the key for less secure signing of data (without nonce).
 sign_key_simple(Context) -> 
-    case m_site:get(sign_key_simple, Context) of
-        SiteKey when not is_binary(SiteKey) -> 
-            gen_server:call(?MODULE, sign_key_simple);
-        SignKeySimple -> 
-            SignKeySimple
+    case m_config:get_value(site, sign_key_simple, Context) of
+        undefined ->
+            Key = list_to_binary(generate_id(10)),
+            m_config:set_value(site, sign_key_simple, Key, Context),
+            Key;
+        SignKey ->
+            SignKey
     end.
 
 
     Id = generate_id(Len),
     {reply, Id, State};
 
-handle_call(sign_key, _From, State) ->
-    case State#state.sign_key of
-        undefined ->
-            Key = list_to_binary(generate_id(50)),
-            {reply, Key, State#state{sign_key=Key}};
-        Key -> 
-            {reply, Key, State}
-    end;
-
-handle_call(sign_key_simple, _From, State) ->
-    case State#state.sign_key_simple of
-        undefined ->
-            Key = list_to_binary(generate_id(10)),
-            {reply, Key, State#state{sign_key_simple=Key}};
-        Key -> 
-            {reply, Key, State}
-    end;
-
-handle_call({set_sign_key_simple, Key}, _From, State) ->
-    {reply, State#state.sign_key_simple, State#state{sign_key_simple = Key}};
-
 handle_call(Msg, _From, State) ->
     {stop, {unknown_call, Msg}, State}.
 

src/support/z_site_startup.erl

 
     % Put software version in database
     % @todo Check if current version != database version and run upgrader (and downgrader?)
-    m_config:set_value(zotonic, version, ?ZOTONIC_VERSION, Context),
+    case z_context:site(Context) of
+        zotonic_status -> ok;
+        _ -> m_config:set_value(zotonic, version, ?ZOTONIC_VERSION, Context)
+    end,
 
     % Let the module handle their startup code, the whole site is now up and running.
     z_notifier:notify(site_startup, Context),