diff options
| author | Ben Fuhrmannek | 2021-11-11 12:02:07 +0100 |
|---|---|---|
| committer | Ben Fuhrmannek | 2021-11-11 12:02:07 +0100 |
| commit | 9111fdf5e6332923a5faf9f8a7e6b428eb91795a (patch) | |
| tree | 046703d4a95f8590a01e8a82631d3c061a6c2865 /src/sp_config_keywords.c | |
| parent | 8e95c5d30f197716ba132e3f2494c5e220f3e5cd (diff) | |
detect dummy or short encryption key
Diffstat (limited to 'src/sp_config_keywords.c')
| -rw-r--r-- | src/sp_config_keywords.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c index f6af86b..cf44ed9 100644 --- a/src/sp_config_keywords.c +++ b/src/sp_config_keywords.c | |||
| @@ -136,6 +136,19 @@ SP_PARSE_FN(parse_global) { | |||
| 136 | {0, 0, 0}}; | 136 | {0, 0, 0}}; |
| 137 | 137 | ||
| 138 | SP_PROCESS_CONFIG_KEYWORDS_ERR(); | 138 | SP_PROCESS_CONFIG_KEYWORDS_ERR(); |
| 139 | |||
| 140 | if (SPCFG(encryption_key)) { | ||
| 141 | if (ZSTR_LEN(SPCFG(encryption_key)) < 10) { | ||
| 142 | sp_log_err("config", "The encryption key set on line %zu is too short. please use at least 10 bytes", parsed_rule->lineno); | ||
| 143 | return SP_PARSER_ERROR; | ||
| 144 | } | ||
| 145 | if (zend_string_equals_literal(SPCFG(encryption_key), "YOU _DO_ NEED TO CHANGE THIS WITH SOME RANDOM CHARACTERS.") || | ||
| 146 | zend_string_equals_literal(SPCFG(encryption_key), "c6a0e02b3b818f7559d5f85303d8fe44")) { | ||
| 147 | sp_log_err("config", "The encryption key set on line %zu is an unchanged dummy value. please use a unique secret.", parsed_rule->lineno); | ||
| 148 | return SP_PARSER_ERROR; | ||
| 149 | } | ||
| 150 | } | ||
| 151 | |||
| 139 | return SP_PARSER_STOP; | 152 | return SP_PARSER_STOP; |
| 140 | } | 153 | } |
| 141 | 154 | ||
