From 740aa78e447a471d4c345a46e1e0393f8e912ab6 Mon Sep 17 00:00:00 2001 From: Gusted Date: Mon, 7 Feb 2022 16:04:42 +0100 Subject: [PATCH 1/5] Only request write when necessary - Only request write for `INTERNAL_TOKEN_URI` when no token was found. - Resolves #18655 --- modules/setting/setting.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 5b8683f57838..5b648cf27935 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -1080,7 +1080,7 @@ func loadInternalToken(sec *ini.Section) string { } switch tempURI.Scheme { case "file": - fp, err := os.OpenFile(tempURI.RequestURI(), os.O_RDWR, 0o600) + fp, err := os.OpenFile(tempURI.RequestURI(), os.O_RDONLY, 0o400) if err != nil { log.Fatal("Failed to open InternalTokenURI (%s): %v", uri, err) } @@ -1092,6 +1092,12 @@ func loadInternalToken(sec *ini.Section) string { } // No token in the file, generate one and store it. if len(buf) == 0 { + fp.Close() + fp, err = os.OpenFile(tempURI.RequestURI(), os.O_WRONLY, 0o600) + if err != nil { + log.Fatal("Failed to open InternalTokenURI (%s): %v", uri, err) + } + token, err := generate.NewInternalToken() if err != nil { log.Fatal("Error generate internal token: %v", err) From 0c2149af83e187f83c285953fa947786ae4a9055 Mon Sep 17 00:00:00 2001 From: Gusted Date: Mon, 7 Feb 2022 16:06:29 +0100 Subject: [PATCH 2/5] Fix perm --- modules/setting/setting.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 5b648cf27935..68f1f7bcc803 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -1080,7 +1080,7 @@ func loadInternalToken(sec *ini.Section) string { } switch tempURI.Scheme { case "file": - fp, err := os.OpenFile(tempURI.RequestURI(), os.O_RDONLY, 0o400) + fp, err := os.OpenFile(tempURI.RequestURI(), os.O_RDONLY, 0o600) if err != nil { log.Fatal("Failed to open InternalTokenURI (%s): %v", uri, err) } From 5fe8c398133683875ac2151c4fbddf989c8862cb Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Tue, 8 Feb 2022 00:06:46 +0800 Subject: [PATCH 3/5] Update setting.go --- modules/setting/setting.go | 20 ++++---------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 68f1f7bcc803..255c5195a80d 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -1080,34 +1080,22 @@ func loadInternalToken(sec *ini.Section) string { } switch tempURI.Scheme { case "file": - fp, err := os.OpenFile(tempURI.RequestURI(), os.O_RDONLY, 0o600) - if err != nil { + buf, err := os.ReadFile(tempURI.RequestURI()) + if err != nil && !os.IsNotExist(err) { log.Fatal("Failed to open InternalTokenURI (%s): %v", uri, err) } - defer fp.Close() - - buf, err := io.ReadAll(fp) - if err != nil { - log.Fatal("Failed to read InternalTokenURI (%s): %v", uri, err) - } // No token in the file, generate one and store it. if len(buf) == 0 { - fp.Close() - fp, err = os.OpenFile(tempURI.RequestURI(), os.O_WRONLY, 0o600) - if err != nil { - log.Fatal("Failed to open InternalTokenURI (%s): %v", uri, err) - } - token, err := generate.NewInternalToken() if err != nil { log.Fatal("Error generate internal token: %v", err) } - if _, err := io.WriteString(fp, token); err != nil { + err = os.WriteFile(tempURI.RequestURI(), token, 0o600) + if err != nil { log.Fatal("Error writing to InternalTokenURI (%s): %v", uri, err) } return token } - return strings.TrimSpace(string(buf)) default: log.Fatal("Unsupported URI-Scheme %q (INTERNAL_TOKEN_URI = %q)", tempURI.Scheme, uri) From b34e92d03c3596ba6740e9a256cc26e71ced3c4b Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Tue, 8 Feb 2022 00:11:58 +0800 Subject: [PATCH 4/5] Update setting.go --- modules/setting/setting.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 255c5195a80d..45a291f7ed38 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -1090,7 +1090,7 @@ func loadInternalToken(sec *ini.Section) string { if err != nil { log.Fatal("Error generate internal token: %v", err) } - err = os.WriteFile(tempURI.RequestURI(), token, 0o600) + err = os.WriteFile(tempURI.RequestURI(), []byte(token), 0o600) if err != nil { log.Fatal("Error writing to InternalTokenURI (%s): %v", uri, err) } From fe94433d89f12272223a8346e53083f11862b29c Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Tue, 8 Feb 2022 00:16:04 +0800 Subject: [PATCH 5/5] Update setting.go --- modules/setting/setting.go | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 45a291f7ed38..aa1a5d0e5ab7 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -8,7 +8,6 @@ package setting import ( "encoding/base64" "fmt" - "io" "math" "net" "net/url"