From 4a00ec677b718c292d3c097d18fef821e9ee5a6e Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Mon, 13 Feb 2012 07:41:25 +0000
Subject: [PATCH] Add warning if the secretsalt option isn't updated.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Thanks to François Kooman for providing this patch!
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3030 44740490-163a-0410-bde0-09ae8108e29a
---
modules/core/dictionaries/frontpage.definition.json | 3 +++
modules/core/www/frontpage_config.php | 4 ++++
2 files changed, 7 insertions(+)
diff --git a/modules/core/dictionaries/frontpage.definition.json b/modules/core/dictionaries/frontpage.definition.json
index 5fa95513f..8de47267e 100644
--- a/modules/core/dictionaries/frontpage.definition.json
+++ b/modules/core/dictionaries/frontpage.definition.json
@@ -44,6 +44,9 @@
"warnings_https": {
"en": "<strong>You are not using HTTPS<\/strong> - encrypted communication with the user. HTTP works fine for test purposes, but in a production environment, you should use HTTPS. [ <a href=\"http:\/\/rnd.feide.no\/content\/simplesamlphp-maintenance-and-configuration\">Read more about simpleSAMLphp maintenance<\/a> ]"
},
+ "warnings_secretsalt": {
+ "en": "<strong>The configuration uses the default secret salt</strong> - make sure you modify the default 'secretsalt' option in the simpleSAML configuration in production environments. [<a href=\"http:\/\/simplesamlphp.org\/docs\/trunk\/simplesamlphp-install\">Read more about simpleSAMLphp configuration<\/a> ]"
+ },
"warnings_suhosin_url_length": {
"en": "The length of query parameters is limited by the PHP Suhosin extension. Please increase the suhosin.get.max_value_length option to at least 2048 bytes."
},
diff --git a/modules/core/www/frontpage_config.php b/modules/core/www/frontpage_config.php
index 392ee1815..6c345d614 100644
--- a/modules/core/www/frontpage_config.php
+++ b/modules/core/www/frontpage_config.php
@@ -20,6 +20,10 @@ if (!SimpleSAML_Utilities::isHTTPS()) {
$warnings[] = '{core:frontpage:warnings_https}';
}
+if ($config->getValue('secretsalt') === 'defaultsecretsalt') {
+ $warnings[] = '{core:frontpage:warnings_secretsalt}';
+}
+
if (extension_loaded('suhosin')) {
$suhosinLength = ini_get('suhosin.get.max_value_length');
if (empty($suhosinLength) || (int)$suhosinLength < 2048) {
--
GitLab