]> git.koha-community.org Git - koha.git/commit
Bug 16929: Prevent opac-memberentry waiting for random chars
authorMarcel de Rooy <m.de.rooy@rijksmuseum.nl>
Fri, 15 Jul 2016 12:16:07 +0000 (14:16 +0200)
committerMason James <mtj@kohaaloha.com>
Tue, 31 Jan 2017 00:39:09 +0000 (13:39 +1300)
commit3e64a621ea1ce306a7c2ad6991ce683c20db68d1
tree8c760575bfbd6a2ecf76ee63e6271f69b6eadf5a
parent0a336684d6dfd1049591e1e5a0f7fae2c68b2385
Bug 16929: Prevent opac-memberentry waiting for random chars

Move calls to WWW::CSRF to Koha::Token.
Send a safe random string to WWW::CSRF instead of letting CSRF make a
blocking call to Bytes::Random::Secure. If your server has not enough
entropy, opac-memberentry will hang waiting for more characters in
dev/random. Koha::Token uses Bytes::Random::Secure with the NonBlocking
flag.

Test plan:
[1] Do not yet apply this patch.
[2] If your server has not enough entropy, calling opac-memberentry may
    take a while. But this not may be the case for you (no worries).
[3] Apply this patch.
[4] Verify that opac-memberentry still works as expected.
[5] Run t/Token.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Yes, my server had entropy trouble (reason for finding the problem).
This patch resolves the delay.

Tested all 3 patches together, works as expected.
Signed-off-by: Marc <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Mason James <mtj@kohaaloha.com>
Koha/Token.pm [new file with mode: 0644]
opac/opac-memberentry.pl
t/Token.t [new file with mode: 0644]