diff options
author | Shawn O. Pearce <sop@google.com> | 2011-06-16 19:18:54 -0700 |
---|---|---|
committer | Shawn O. Pearce <sop@google.com> | 2011-06-16 19:18:54 -0700 |
commit | 34f38cf6795e0a558e85719718f7a10969285879 (patch) | |
tree | 9da65a623b5d2c5d8962ffc83fe19af4c9cff8fa | |
parent | 1eabff509827a0834cc829aecd2f8abb9f7bfe3d (diff) | |
download | gerrit-34f38cf6795e0a558e85719718f7a10969285879.tar.gz |
Move registerEmailPrivateKey to secure.config
This is the last column in the system_config table that is needed by
the stand-alone daemon installation format. Later we can look into
dropping the entire system_config table.
Change-Id: I8448c79e959b465e370a10a7fa6751c200c1b1a0
8 files changed, 54 insertions, 78 deletions
diff --git a/Documentation/config-gerrit.txt b/Documentation/config-gerrit.txt index c8d17ed6..c7a45d56 100644 --- a/Documentation/config-gerrit.txt +++ b/Documentation/config-gerrit.txt @@ -165,6 +165,22 @@ to express their setting: + Default is -1, permitting infinite time between authentications. +[[auth.maxRegisterEmailTokenAge]]auth.maxRegisterEmailTokenAge:: ++ +Time in seconds before an email verification token sent to a user in +order to validate their email address expires. ++ +* s, sec, second, seconds +* m, min, minute, minutes +* h, hr, hour, hours +* d, day, days +* w, week, weeks (`1 week` is treated as `7 days`) +* mon, month, months (`1 month` is treated as `30 days`) +* y, year, years (`1 year` is treated as `365 days`) + ++ +Default is 5 days. + [[auth.httpHeader]]auth.httpHeader:: + HTTP header to trust the username from, or unset to select HTTP basic @@ -1971,6 +1987,9 @@ be exposed to everyone. Sample `etc/secure.config`: ---- +[auth] + registerEmailPrivateKey = 2zHNrXE2bsoylzUqDxZp0H1cqUmjgWb6 + [database] username = webuser password = s3kr3t @@ -2024,64 +2043,6 @@ Other files support site customization. * link:config-headerfooter.html[Site Header/Footer] * link:config-replication.html[Git Replication/Mirroring] -Not User Serviceable -~~~~~~~~~~~~~~~~~~~~ - -These fields generally shouldn't be modified. - -register_email_private_key:: -+ -Private key used to sign the links emailed to users when they -request to register a new email address on their user account. -When the link is activated, the private key authenticates the link -was created and sent by this Gerrit server, proving that the user -can receive email at the address they are registering. -+ -This column is automatically generated when the database is -initialized. Changing it to a new value would cause all current -links to be invalidated. -+ -Changing it is not recommended. - -admin_group_id:: -+ -Unique identity of the group with full privileges. Any user who -is a member of this group may manage any other group, any project, -and other system settings over the web. -+ -This is initialized by Gerrit to be the "Administrators" group. -+ -Changing it is not recommended. - -anonymous_group_id:: -+ -Unique identity of the group for anonymous (not authenticated) users. -+ -All users are a member of this group, whether or not they are -actually signed in to Gerrit. Any access rights assigned to -this group are inherited by all users. -+ -This is initialized by Gerrit to be the "Anonymous Users" group. -+ -Changing it is not recommended. - -registered_group_id:: -+ -Unique identity of the group for all authenticated users. -+ -All signed-in users are a member of this group. Any access rights -assigned to this group are inherited by all users once they have -authenticated to Gerrit. -+ -Since account registration is open and fairly easy to obtain, -moving from the "Anonymous Users" group to this group is not -very difficult. Caution should be taken when assigning any -permissions to this group. -+ -This is initialized by Gerrit to be the "Registered Users" group. -+ -Changing it is not recommended. - GERRIT ------ Part of link:index.html[Gerrit Code Review] diff --git a/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitAuth.java b/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitAuth.java index a5c7d9b2..a4007d5e 100644 --- a/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitAuth.java +++ b/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitAuth.java @@ -18,6 +18,7 @@ import static com.google.gerrit.pgm.init.InitUtil.dnOf; import com.google.gerrit.pgm.util.ConsoleUI; import com.google.gerrit.reviewdb.AuthType; +import com.google.gwtjsonrpc.server.SignedToken; import com.google.inject.Inject; import com.google.inject.Singleton; @@ -80,5 +81,9 @@ class InitAuth implements InitStep { break; } } + + if (auth.getSecure("registerEmailPrivateKey") == null) { + auth.setSecure("registerEmailPrivateKey", SignedToken.generateRandomKey()); + } } } diff --git a/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/Section.java b/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/Section.java index 005904c2..02ed991a 100644 --- a/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/Section.java +++ b/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/Section.java @@ -126,7 +126,7 @@ class Section { } String password(final String username, final String password) { - final String ov = flags.sec.getString(section, null, password); + final String ov = getSecure(password); String user = flags.sec.getString(section, null, username); if (user == null) { @@ -149,15 +149,23 @@ class Section { final String nv = ui.password("%s's password", user); if (!eq(ov, nv)) { - if (nv != null) { - flags.sec.setString(section, null, password, nv); - } else { - flags.sec.unset(section, null, password); - } + setSecure(password, nv); } return nv; } + String getSecure(String name) { + return flags.sec.getString(section, null, name); + } + + void setSecure(String name, String value) { + if (value != null) { + flags.sec.setString(section, null, name, value); + } else { + flags.sec.unset(section, null, name); + } + } + private static boolean eq(final String a, final String b) { if (a == null && b == null) { return true; diff --git a/gerrit-reviewdb/src/main/java/com/google/gerrit/reviewdb/SystemConfig.java b/gerrit-reviewdb/src/main/java/com/google/gerrit/reviewdb/SystemConfig.java index c5524ae1..e366a47a 100644 --- a/gerrit-reviewdb/src/main/java/com/google/gerrit/reviewdb/SystemConfig.java +++ b/gerrit-reviewdb/src/main/java/com/google/gerrit/reviewdb/SystemConfig.java @@ -52,10 +52,6 @@ public final class SystemConfig { @Column(id = 1) protected Key singleton; - /** Private key to sign account identification cookies. */ - @Column(id = 2, length = 36) - public transient String registerEmailPrivateKey; - /** * Local filesystem location of header/footer/CSS configuration files */ @@ -67,6 +63,9 @@ public final class SystemConfig { // but survive to support schema upgrade code. /** DEPRECATED DO NOT USE */ + @Column(id = 2, length = 36, notNull = false) + public transient String registerEmailPrivateKey; + /** DEPRECATED DO NOT USE */ @Column(id = 4, notNull = false) public AccountGroup.Id adminGroupId; /** DEPRECATED DO NOT USE */ diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/config/AuthConfig.java b/gerrit-server/src/main/java/com/google/gerrit/server/config/AuthConfig.java index 50fc2051..a789546a 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/config/AuthConfig.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/config/AuthConfig.java @@ -29,6 +29,7 @@ import java.util.ArrayList; import java.util.Collection; import java.util.Collections; import java.util.List; +import java.util.concurrent.TimeUnit; /** Authentication related settings from {@code gerrit.config}. */ @Singleton @@ -54,7 +55,17 @@ public class AuthConfig { allowedOpenIDs = toPatterns(cfg, "allowedOpenID"); cookiePath = cfg.getString("auth", null, "cookiepath"); cookieSecure = cfg.getBoolean("auth", "cookiesecure", false); - emailReg = new SignedToken(5 * 24 * 60 * 60, s.registerEmailPrivateKey); + + String key = cfg.getString("auth", null, "registerEmailPrivateKey"); + if (key != null && !key.isEmpty()) { + int age = (int) ConfigUtil.getTimeUnit(cfg, + "auth", null, "maxRegisterEmailTokenAge", + TimeUnit.SECONDS.convert(5, TimeUnit.DAYS), + TimeUnit.SECONDS); + emailReg = new SignedToken(age, key); + } else { + emailReg = null; + } if (authType == AuthType.OPENID) { allowGoogleAccountUpgrade = diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/schema/SchemaCreator.java b/gerrit-server/src/main/java/com/google/gerrit/server/schema/SchemaCreator.java index 4fa79ef5..08e9b556 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/schema/SchemaCreator.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/schema/SchemaCreator.java @@ -36,7 +36,6 @@ import com.google.gerrit.server.git.GitRepositoryManager; import com.google.gerrit.server.git.MetaDataUpdate; import com.google.gerrit.server.git.NoReplication; import com.google.gerrit.server.git.ProjectConfig; -import com.google.gwtjsonrpc.server.SignedToken; import com.google.gwtorm.client.OrmException; import com.google.gwtorm.jdbc.JdbcExecutor; import com.google.gwtorm.jdbc.JdbcSchema; @@ -192,8 +191,6 @@ public class SchemaCreator { Collections.singleton(new AccountGroupName(owners))); final SystemConfig s = SystemConfig.create(); - s.registerEmailPrivateKey = SignedToken.generateRandomKey(); - try { s.sitePath = site_path.getCanonicalPath(); } catch (IOException e) { diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/schema/Schema_57.java b/gerrit-server/src/main/java/com/google/gerrit/server/schema/Schema_57.java index f7ed79ed..2ae1b7a9 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/schema/Schema_57.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/schema/Schema_57.java @@ -163,6 +163,7 @@ public class Schema_57 extends SchemaVersion { sc.ownerGroupId = new AccountGroup.Id(0); sc.batchUsersGroupId = new AccountGroup.Id(0); sc.batchUsersGroupUUID = new AccountGroup.UUID("DELETED"); + sc.registerEmailPrivateKey = "DELETED"; db.systemConfig().update(Collections.singleton(sc)); } diff --git a/gerrit-server/src/test/java/com/google/gerrit/server/schema/SchemaCreatorTest.java b/gerrit-server/src/test/java/com/google/gerrit/server/schema/SchemaCreatorTest.java index 9ac88581..90cb0d34 100644 --- a/gerrit-server/src/test/java/com/google/gerrit/server/schema/SchemaCreatorTest.java +++ b/gerrit-server/src/test/java/com/google/gerrit/server/schema/SchemaCreatorTest.java @@ -78,11 +78,6 @@ public class SchemaCreatorTest extends TestCase { sitePath = sitePath.getParentFile(); } assertEquals(sitePath.getAbsolutePath(), config.sitePath); - - // This is randomly generated and should be at least 20 bytes long. - // - assertNotNull(config.registerEmailPrivateKey); - assertTrue(20 < config.registerEmailPrivateKey.length()); } public void testSubsequentGetReads() throws OrmException { @@ -92,7 +87,6 @@ public class SchemaCreatorTest extends TestCase { assertNotSame(exp, act); assertEquals(exp.sitePath, act.sitePath); - assertEquals(exp.registerEmailPrivateKey, act.registerEmailPrivateKey); } public void testCreateSchema_ApprovalCategory_CodeReview() |