couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kxe...@apache.org
Subject couchdb commit: updated refs/heads/master to cfcb0c0
Date Wed, 05 Aug 2015 13:31:14 GMT
Repository: couchdb
Updated Branches:
  refs/heads/master 09b9a722f -> cfcb0c034


Setup dev cluster with common CSRF secret


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/cfcb0c03
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/cfcb0c03
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/cfcb0c03

Branch: refs/heads/master
Commit: cfcb0c034427635a7d0153a32ec3d99d1216d08e
Parents: 09b9a72
Author: Alexander Shorin <kxepal@apache.org>
Authored: Mon Aug 3 21:12:23 2015 +0300
Committer: Alexander Shorin <kxepal@apache.org>
Committed: Wed Aug 5 16:29:43 2015 +0300

----------------------------------------------------------------------
 dev/run | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/cfcb0c03/dev/run
----------------------------------------------------------------------
diff --git a/dev/run b/dev/run
index 67334fe..ff952e0 100755
--- a/dev/run
+++ b/dev/run
@@ -30,6 +30,7 @@ import uuid
 from pbkdf2 import pbkdf2_hex
 
 COMMON_SALT = uuid.uuid4().hex
+COMMON_CSRF_SECRET = uuid.uuid4().hex
 
 try:
     from urllib import urlopen
@@ -218,9 +219,11 @@ def hack_local_ini(ctx, contents):
     previous_line = "; require_valid_user = false\n"
     contents = contents.replace(previous_line, previous_line + secret_line)
 
+    csrf_secret = '[couch_httpd_csrf]\nsecret = %s\n' % COMMON_CSRF_SECRET
+
     if ctx['with_admin_party']:
         ctx['admin'] = ('Admin Party!', 'You do not need any password.')
-        return contents
+        return contents + csrf_secret
 
     # handle admin credentials passed from cli or generate own one
     if ctx['admin'] is None:
@@ -228,7 +231,7 @@ def hack_local_ini(ctx, contents):
     else:
         user, pswd = ctx['admin']
 
-    return contents + "\n%s = %s" % (user, hashify(pswd))
+    return contents + "\n%s = %s" % (user, hashify(pswd)) + csrf_secret
 
 
 def gen_password():


Mime
View raw message