You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by kx...@apache.org on 2015/09/28 16:49:33 UTC
[04/39] couchdb commit: updated refs/heads/developer-preview-2.0 to
3ac3db6
Setup dev cluster with common CSRF secret
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/cfcb0c03
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/cfcb0c03
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/cfcb0c03
Branch: refs/heads/developer-preview-2.0
Commit: cfcb0c034427635a7d0153a32ec3d99d1216d08e
Parents: 09b9a72
Author: Alexander Shorin <kx...@apache.org>
Authored: Mon Aug 3 21:12:23 2015 +0300
Committer: Alexander Shorin <kx...@apache.org>
Committed: Wed Aug 5 16:29:43 2015 +0300
----------------------------------------------------------------------
dev/run | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb/blob/cfcb0c03/dev/run
----------------------------------------------------------------------
diff --git a/dev/run b/dev/run
index 67334fe..ff952e0 100755
--- a/dev/run
+++ b/dev/run
@@ -30,6 +30,7 @@ import uuid
from pbkdf2 import pbkdf2_hex
COMMON_SALT = uuid.uuid4().hex
+COMMON_CSRF_SECRET = uuid.uuid4().hex
try:
from urllib import urlopen
@@ -218,9 +219,11 @@ def hack_local_ini(ctx, contents):
previous_line = "; require_valid_user = false\n"
contents = contents.replace(previous_line, previous_line + secret_line)
+ csrf_secret = '[couch_httpd_csrf]\nsecret = %s\n' % COMMON_CSRF_SECRET
+
if ctx['with_admin_party']:
ctx['admin'] = ('Admin Party!', 'You do not need any password.')
- return contents
+ return contents + csrf_secret
# handle admin credentials passed from cli or generate own one
if ctx['admin'] is None:
@@ -228,7 +231,7 @@ def hack_local_ini(ctx, contents):
else:
user, pswd = ctx['admin']
- return contents + "\n%s = %s" % (user, hashify(pswd))
+ return contents + "\n%s = %s" % (user, hashify(pswd)) + csrf_secret
def gen_password():