Commit graph

6 commits

Author SHA1 Message Date
Yorick Peterse
0e41564762
Backport gitlab.yml.example from EE
To make this happen, we need to conditionally add the group_saml
strategy when running tests, but only on EE. This requires some changes
to Gitlab.ee? so that it can be used before/without loading the Rails
environment. We also have to change how we require a few files, so this
can run outside of Rails.
2019-06-20 14:51:49 +02:00
Grzegorz Bizon
777b6713bb Ensure that db encryption keys have proper bytesize 2018-11-22 15:35:49 +01:00
Stan Hu
61df812ac6 Fix attr_encryption key settings
attr_encrypted does different things with `key` depending on what mode you are using:

1. In `:per_attribute_iv_and_salt` mode, it generates a hash with the salt:
c3a62c4a9e/lib/encryptor.rb (L77).
There is no need to truncate the key to 32 bytes here.

2. In `:per_attribute_iv` mode, it sets the key directly to the password, so
truncation to 32 bytes is necessary.

Closes #47166
2018-06-02 05:24:59 -07:00
Stan Hu
78d78ad199 Add comment about the need for truncating keys in Ruby 2.4
[ci skip]
2018-06-01 13:49:22 -07:00
Stan Hu
b5c706326a Upgrade to Ruby 2.4.4
Fixes that make this work:

* A change in Ruby (ce635262f5)
requires passing in the exact required length for OpenSSL keys and IVs.

* Ensure the secrets.yml is generated before any prepended modules are
loaded. This is done by renaming the `secret_token.rb` initializer to
`01_secret_token.rb`, which is a bit ugly but involves the least impact on
other files.
2018-05-29 15:19:33 -07:00
Kamil Trzciński
575302c1b9 Do not preload settings 2018-04-24 19:32:06 +02:00
Renamed from lib/settings.rb (Browse further)