use 128 byte passwords
This commit is contained in:
Girish Ramakrishnan
+1
-1
@@ -376,7 +376,7 @@ function setupLdap(app, options, callback) {
|
||||
'LDAP_USERS_BASE_DN=ou=users,dc=cloudron',
|
||||
'LDAP_GROUPS_BASE_DN=ou=groups,dc=cloudron',
|
||||
'LDAP_BIND_DN=cn='+ app.id + ',ou=apps,dc=cloudron',
|
||||
'LDAP_BIND_PASSWORD=' + hat(256) // this is ignored
|
||||
'LDAP_BIND_PASSWORD=' + hat(8 * 128) // this is ignored
|
||||
];
|
||||
|
||||
debugApp(app, 'Setting up LDAP');
|
||||
|
||||
+1
-1
@@ -106,7 +106,7 @@ function add(appId, type, redirectURI, scope, callback) {
|
||||
if (error) return callback(error);
|
||||
|
||||
var id = 'cid-' + uuid.v4();
|
||||
var clientSecret = hat(256);
|
||||
var clientSecret = hat(8 * 128);
|
||||
|
||||
clientdb.add(id, appId, type, clientSecret, redirectURI, scope, function (error) {
|
||||
if (error) return callback(error);
|
||||
|
||||
+4
-4
@@ -101,7 +101,7 @@ function startGraphite(callback) {
|
||||
function startMysql(callback) {
|
||||
const tag = infra.images.mysql.tag;
|
||||
const dataDir = paths.DATA_DIR;
|
||||
const rootPassword = hat(256);
|
||||
const rootPassword = hat(8 * 128);
|
||||
|
||||
if (!safe.fs.writeFileSync(paths.DATA_DIR + '/addons/mysql_vars.sh',
|
||||
'MYSQL_ROOT_PASSWORD=' + rootPassword +'\nMYSQL_ROOT_HOST=172.18.0.1', 'utf8')) {
|
||||
@@ -125,7 +125,7 @@ function startMysql(callback) {
|
||||
function startPostgresql(callback) {
|
||||
const tag = infra.images.postgresql.tag;
|
||||
const dataDir = paths.DATA_DIR;
|
||||
const rootPassword = hat(256);
|
||||
const rootPassword = hat(8 * 128);
|
||||
|
||||
if (!safe.fs.writeFileSync(paths.DATA_DIR + '/addons/postgresql_vars.sh', 'POSTGRESQL_ROOT_PASSWORD=' + rootPassword, 'utf8')) {
|
||||
return callback(new Error('Could not create postgresql var file:' + safe.error.message));
|
||||
@@ -148,7 +148,7 @@ function startPostgresql(callback) {
|
||||
function startMongodb(callback) {
|
||||
const tag = infra.images.mongodb.tag;
|
||||
const dataDir = paths.DATA_DIR;
|
||||
const rootPassword = hat(256);
|
||||
const rootPassword = hat(8 * 128);
|
||||
|
||||
if (!safe.fs.writeFileSync(paths.DATA_DIR + '/addons/mongodb_vars.sh', 'MONGODB_ROOT_PASSWORD=' + rootPassword, 'utf8')) {
|
||||
return callback(new Error('Could not create mongodb var file:' + safe.error.message));
|
||||
@@ -176,7 +176,7 @@ function startMail(callback) {
|
||||
|
||||
const tag = infra.images.mail.tag;
|
||||
const dataDir = paths.DATA_DIR;
|
||||
const rootPassword = hat(256);
|
||||
const rootPassword = hat(8 * 128);
|
||||
const fqdn = config.fqdn();
|
||||
const mailFqdn = config.adminFqdn();
|
||||
|
||||
|
||||
+1
-1
@@ -26,7 +26,7 @@ var assert = require('assert'),
|
||||
var TOKENS_FIELDS = [ 'accessToken', 'identifier', 'clientId', 'scope', 'expires' ].join(',');
|
||||
|
||||
function generateToken() {
|
||||
return hat(256);
|
||||
return hat(8 * 64); // TODO: make this stronger
|
||||
}
|
||||
|
||||
function get(accessToken, callback) {
|
||||
|
||||
Reference in New Issue
Block a user