Skip to content

Commit

Permalink
Fix token generation when using INTERNAL_TOKEN_URI (go-gitea#21669) (g…
Browse files Browse the repository at this point in the history
…o-gitea#21670)

Backport go-gitea#21669

Fix go-gitea#21666
Caused by go-gitea#19663

Before: when install, the INTERNAL_TOKEN was always generated and saved.
But the internal token may be already there by INTERNAL_TOKEN_URI

After: INTERNAL_TOKEN_URI file must be non-empty. When install, skip
internal token generation if the token exists.
  • Loading branch information
wxiaoguang authored Nov 3, 2022
1 parent 3a0d000 commit 89d5292
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 6 deletions.
12 changes: 11 additions & 1 deletion modules/setting/setting.go
Original file line number Diff line number Diff line change
Expand Up @@ -1156,6 +1156,8 @@ func parseAuthorizedPrincipalsAllow(values []string) ([]string, bool) {
return authorizedPrincipalsAllow, true
}

// loadSecret load the secret from ini by uriKey or verbatimKey, only one of them could be set
// If the secret is loaded from uriKey (file), the file should be non-empty, to guarantee the behavior stable and clear.
func loadSecret(sec *ini.Section, uriKey, verbatimKey string) string {
// don't allow setting both URI and verbatim string
uri := sec.Key(uriKey).String()
Expand All @@ -1179,7 +1181,15 @@ func loadSecret(sec *ini.Section, uriKey, verbatimKey string) string {
if err != nil {
log.Fatal("Failed to read %s (%s): %v", uriKey, tempURI.RequestURI(), err)
}
return strings.TrimSpace(string(buf))
val := strings.TrimSpace(string(buf))
if val == "" {
// The file shouldn't be empty, otherwise we can not know whether the user has ever set the KEY or KEY_URI
// For example: if INTERNAL_TOKEN_URI=file:///empty-file,
// Then if the token is re-generated during installation and saved to INTERNAL_TOKEN
// Then INTERNAL_TOKEN and INTERNAL_TOKEN_URI both exist, that's a fatal error (they shouldn't)
log.Fatal("Failed to read %s (%s): the file is empty", uriKey, tempURI.RequestURI())
}
return val

// only file URIs are allowed
default:
Expand Down
14 changes: 9 additions & 5 deletions routers/install/install.go
Original file line number Diff line number Diff line change
Expand Up @@ -473,12 +473,16 @@ func SubmitInstall(ctx *context.Context) {

cfg.Section("security").Key("INSTALL_LOCK").SetValue("true")

var internalToken string
if internalToken, err = generate.NewInternalToken(); err != nil {
ctx.RenderWithErr(ctx.Tr("install.internal_token_failed", err), tplInstall, &form)
return
// the internal token could be read from INTERNAL_TOKEN or INTERNAL_TOKEN_URI (the file is guaranteed to be non-empty)
// if there is no InternalToken, generate one and save to security.INTERNAL_TOKEN
if setting.InternalToken == "" {
var internalToken string
if internalToken, err = generate.NewInternalToken(); err != nil {
ctx.RenderWithErr(ctx.Tr("install.internal_token_failed", err), tplInstall, &form)
return
}
cfg.Section("security").Key("INTERNAL_TOKEN").SetValue(internalToken)
}
cfg.Section("security").Key("INTERNAL_TOKEN").SetValue(internalToken)

// if there is already a SECRET_KEY, we should not overwrite it, otherwise the encrypted data will not be able to be decrypted
if setting.SecretKey == "" {
Expand Down

0 comments on commit 89d5292

Please sign in to comment.