Stronger user token generation

diff --git a/config/index.php b/config/index.php
index 9b93deb..9902381 100644 (file)
--- a/config/index.php
+++ b/config/index.php
@@ -1001,14 +1001,14 @@ function writeLocalSettings( $conf ) {
 
        $file = @fopen( "/dev/urandom", "r" );
        if ( $file ) {
-               $proxyKey = bin2hex( fread( $file, 32 ) );
+               $secretKey = bin2hex( fread( $file, 32 ) );
                fclose( $file );
        } else {
-               $proxyKey = "";
+               $secretKey = "";
                for ( $i=0; $i<8; $i++ ) {
-                       $proxyKey .= dechex(mt_rand(0, 0x7fffffff));
+                       $secretKey .= dechex(mt_rand(0, 0x7fffffff));
                }
-               print "<li>Warning: \$wgProxyKey is insecure</li>\n";
+               print "<li>Warning: \$wgSecretKey key is insecure, generated with mt_rand(). Consider changing it manually.</li>\n";
        }
 
        # Add slashes to strings for double quoting
@@ -1106,7 +1106,7 @@ if ( \$wgCommandLineMode ) {
 \$wgLanguageCode = \"{$slconf['LanguageCode']}\";
 \$wgUseLatin1 = " . ($conf->Latin1 ? 'true' : 'false') . ";\n
 
-\$wgProxyKey = \"$proxyKey\";
+\$wgProxyKey = \"$secretKey\";
 
 ## Default skin: you can change the default skin. Use the internal symbolic
 ## names, ie 'standard', 'nostalgia', 'cologneblue', 'monobook':

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index f14fe7e..3ea935a 100644 (file)
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -525,8 +525,8 @@ $wgProxyPorts = array( 80, 81, 1080, 3128, 6588, 8000, 8080, 8888, 65506 );
 $wgProxyScriptPath = "$IP/proxy_check.php";
 /** */
 $wgProxyMemcExpiry = 86400;
-/** */
-$wgProxyKey = 'W1svekXc5u6lZllTZOwnzEk1nbs';
+/** This should always be customised in LocalSettings.php */
+$wgSecretKey = 'W1svekXc5u6lZllTZOwnzEk1nbs';
 /** big list of banned IP addresses, in the keys not the values */
 $wgProxyList = array();
 

diff --git a/includes/SpecialUserlogin.php b/includes/SpecialUserlogin.php
index 1f9c1bc..0f6fc19 100644 (file)
--- a/includes/SpecialUserlogin.php
+++ b/includes/SpecialUserlogin.php
@@ -261,6 +261,7 @@ class LoginForm {
                $u->setPassword( $this->mPassword );
                $u->setEmail( $this->mEmail );
                $u->setRealName( $this->mRealName );
+               $u->setToken();
                
                global $wgAuth;
                $wgAuth->initUser( $u );

diff --git a/includes/User.php b/includes/User.php
index 110a9f5..ceccb18 100644 (file)
--- a/includes/User.php
+++ b/includes/User.php
@@ -592,13 +592,9 @@ class User {
 
        # Set the random token (used for persistent authentication)
        function setToken( $token = false ) {
+               global $wgSecretKey, $wgDBname;
                if ( !$token ) {
-                       $this->mToken = '';
-                       # Take random data from PRNG
-                       # This is reasonably secure if the PRNG has been seeded correctly
-                       for ($i = 0; $i<USER_TOKEN_LENGTH / 4; $i++) {
-                               $this->mToken .= sprintf( "%04X", mt_rand( 0, 65535 ) );
-                       }
+                       $this->mToken = md5( $wgSecretKey . mt_rand( 0, 0x7fffffff ) . $wgDBname . $this->mId );
                } else {
                        $this->mToken = $token;
                }