http://www.mediawiki.org/wiki/Special:Code/MediaWiki/76806
Revision: 76806 Author: platonides Date: 2010-11-16 16:16:09 +0000 (Tue, 16 Nov 2010) Log Message: ----------- Revert r76393 and make $wgUpgradeKey like $wgSecretKey. Followup for r76391 Modified Paths: -------------- trunk/phase3/includes/installer/CoreInstaller.php trunk/phase3/includes/installer/Installer.i18n.php Modified: trunk/phase3/includes/installer/CoreInstaller.php =================================================================== --- trunk/phase3/includes/installer/CoreInstaller.php 2010-11-16 16:06:46 UTC (rev 76805) +++ trunk/phase3/includes/installer/CoreInstaller.php 2010-11-16 16:16:09 UTC (rev 76806) @@ -308,6 +308,7 @@ array( 'name' => 'tables', 'callback' => array( $this, 'installTables' ) ), array( 'name' => 'interwiki', 'callback' => array( $installer, 'populateInterwikiTable' ) ), array( 'name' => 'secretkey', 'callback' => array( $this, 'generateSecretKey' ) ), + array( 'name' => 'upgradekey', 'callback' => array( $this, 'generateUpgradeKey' ) ), array( 'name' => 'sysop', 'callback' => array( $this, 'createSysop' ) ), array( 'name' => 'mainpage', 'callback' => array( $this, 'createMainpage' ) ), ); @@ -369,6 +370,16 @@ * @return Status */ protected function generateSecretKey() { + return $this->generateSecret( 'wgSecretKey' ); + } + + /** + * Generate a secret value for a variable using either + * /dev/urandom or mt_rand() Produce a warning in the later case. + * + * @return Status + */ + protected function generateSecret( $secretName ) { if ( wfIsWindows() ) { $file = null; } else { @@ -389,20 +400,25 @@ $secretKey .= dechex( mt_rand( 0, 0x7fffffff ) ); } - $status->warning( 'config-insecure-secretkey' ); + $status->warning( 'config-insecure-secret', '$' . $secretName ); } - $this->setVar( 'wgSecretKey', $secretKey ); + $this->setVar( $secretName, $secretKey ); - // Generate a $wgUpgradeKey from our secret key - $secretKey = md5( $secretKey ); - $randPos = mt_rand( 0, strlen( $secretKey ) - 8 ); - $this->setVar( 'wgUpgradeKey', substr( $secretKey, $randPos, $randPos + 8 ) ); - return $status; } /** + * Generate a default $wgUpradeKey, Will warn if we had to use + * mt_rand() instead of /dev/urandom + * + * @return Status + */ + protected function generateUpgradeKey() { + return $this->generateSecret( 'wgUpgradeKey' ); + } + + /** * Create the first user account, grant it sysop and bureaucrat rights * * @return Status Modified: trunk/phase3/includes/installer/Installer.i18n.php =================================================================== --- trunk/phase3/includes/installer/Installer.i18n.php 2010-11-16 16:06:46 UTC (rev 76805) +++ trunk/phase3/includes/installer/Installer.i18n.php 2010-11-16 16:16:09 UTC (rev 76806) @@ -475,7 +475,7 @@ 'config-install-interwiki-exists' => "'''Warning''': The interwiki table seems to already have entries. Skipping default list.", 'config-install-secretkey' => 'Generating secret key', - 'config-insecure-secretkey' => "'''Warning:''' Unable to create secure <code>\$wgSecretKey</code>. + 'config-insecure-secret' => "'''Warning:''' Unable to create a secure <code>$1</code>. Consider changing it manually.", 'config-install-sysop' => 'Creating administrator user account', 'config-install-mainpage' => 'Creating main page with default content', _______________________________________________ MediaWiki-CVS mailing list MediaWiki-CVS@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs