Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 33934: Add more detail to 'No encryption_key in koha-conf.xml'

Browse source 
If encryption_key is not set in $KOHA_CONF we are raising an exception.

This key was only needed for a couple of feature, but now we are using Koha::Encryption from the update DB process, and so the upgrade fails with no more info than 'No encryption_key in koha-conf.xml'.

We need to provide more detail in this error.

Additionally we reject "__ENCRYPTION_KEY__", in case people will simple
copy/paste that

Test plan:
Apply the patch
Edit $KOHA_CONf, remove the encryption_key entry (or blank)
restart_all
Go to the about page and enable 2FA
=> warning on the about page, and 500 server-side are displaying more
info about how to generate the missing entry
Edit $KOHA_CONF and set the value to __ENCRYPTION_KEY__
restart_all
=> Same messages
Edit $KOHA_CONF and set a correct value
restart_all
=> No error, everything is working correctly

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit d7288411f0)
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
This commit is contained in:
Jonathan Druart 2023-06-07 09:30:15 +02:00 committed by Matt Blenkinsop
parent 63714f9b04
commit 748611f2f6
2 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
Koha/Encryption.pm
View file

@ -54,12 +54,14 @@ It's based on Crypt::CBC
sub new {
my ( $class ) = @_;
my $key = C4::Context->config('encryption_key');
if( !$key ) {
Koha::Exceptions::MissingParameter->throw('No encryption_key in koha-conf.xml');
my $encryption_key = C4::Context->config('encryption_key');
if ( !$encryption_key || $encryption_key eq '__ENCRYPTION_KEY__') {
Koha::Exceptions::MissingParameter->throw(
q{No encryption_key in koha-conf.xml. Please generate a key. We recommend one of at least 32 bytes. (You might use 'pwgen 32' to do so.)}
);
}
return $class->SUPER::new(
-key => $key,
-key => $encryption_key,
-cipher => 'Cipher::AES'
);
}

3
about.pl
View file

@ -280,7 +280,8 @@ if ( ! C4::Context->config('tmp_path') ) {
}
}
if( ! C4::Context->config('encryption_key') ) {
my $encryption_key = C4::Context->config('encryption_key');
if ( !$encryption_key || $encryption_key eq '__ENCRYPTION_KEY__') {
push @xml_config_warnings, { error => 'encryption_key_missing' };
}