0002-Ruby-2.4-Fixed-key-must-be-32-bytes-error-of-OpenSSL.patch

Go MAEDA, 2017-02-28 07:17

Download (1.7 KB)

View differences:

lib/redmine/ciphering.rb
26 26
        if cipher_key.blank? || text.blank?
27 27
          text
28 28
        else
29
          c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
29
          c = OpenSSL::Cipher.new("aes-256-cbc")
30 30
          iv = c.random_iv
31 31
          c.encrypt
32 32
          c.key = cipher_key
......
44 44
            return text
45 45
          end
46 46
          text = match[1]
47
          c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
47
          c = OpenSSL::Cipher.new("aes-256-cbc")
48 48
          e, iv = text.split("--").map {|s| Base64.decode64(s)}
49 49
          c.decrypt
50 50
          c.key = cipher_key
......
58 58

  
59 59
      def cipher_key
60 60
        key = Redmine::Configuration['database_cipher_key'].to_s
61
        key.blank? ? nil : Digest::SHA256.hexdigest(key)
61
        key.blank? ? nil : Digest::SHA256.hexdigest(key)[0..31]
62 62
      end
63
      
63

  
64 64
      def logger
65 65
        Rails.logger
66 66
      end
......
84 84
            object.send :write_attribute, attribute, clear
85 85
            raise(ActiveRecord::Rollback) unless object.save(:validation => false)
86 86
          end
87
        end
88
      end ? true : false
87
        end ? true : false
88
      end
89 89
    end
90 90

  
91 91
    private
92
-