Remove the default "monster" cookie

author: Robert Newson <rnewson@apache.org> 2022-04-02 01:12:10 -0400
committer: Nick Vatamaniuc <vatamane@apache.org> 2022-04-05 23:28:24 -0400
commit: c4e811ecf97d5796145b60f3b99a84abcec56ebf (patch)
tree: a52bfec243714603f99552ff3276590808734052
parent: 244d428afe01a746b012f3dc4ec4865935ea8ad3 (diff)
download: couchdb-c4e811ecf97d5796145b60f3b99a84abcec56ebf.tar.gz
5 files changed, 30 insertions, 9 deletions
diff --git a/dev/remsh b/dev/remsh
index b9b81d226..347a799d0 100755
--- a/dev/remsh
+++ b/dev/remsh
@@ -25,5 +25,4 @@ fi
 
 NAME="remsh$$@$HOST"
 NODE="node$NODE@$HOST"
-COOKIE=monster
-erl -name $NAME -remsh $NODE -setcookie $COOKIE -hidden
+erl -name $NAME -remsh $NODE -hidden
diff --git a/dev/remsh-tls b/dev/remsh-tls
index 603317d72..089db669f 100755
--- a/dev/remsh-tls
+++ b/dev/remsh-tls
@@ -25,6 +25,5 @@ fi
 
 NAME="remsh$$@$HOST"
 NODE="node$NODE@$HOST"
-COOKIE=monster
 rootdir="$(cd "${0%/*}" 2>/dev/null; echo "$PWD")"
-erl -name $NAME -remsh $NODE -setcookie $COOKIE -hidden -proto_dist inet_tls -ssl_dist_optfile "${rootdir}/couch_ssl_dist.conf"
+erl -name $NAME -remsh $NODE -hidden -proto_dist inet_tls -ssl_dist_optfile "${rootdir}/couch_ssl_dist.conf"
diff --git a/rel/overlay/bin/remsh b/rel/overlay/bin/remsh
index 3f59bcb21..de37d6cc2 100755
--- a/rel/overlay/bin/remsh
+++ b/rel/overlay/bin/remsh
@@ -55,11 +55,10 @@ if test -f "$ARGS_FILE"; then
   ARGS_FILE_COOKIE=$(awk '$1=="-setcookie"{print $2}' "$ARGS_FILE")
   COOKIE="${COOKIE:-$ARGS_FILE_COOKIE}"
 fi
-COOKIE="${COOKIE:-monster}"
 
 printHelpAndExit() {
   echo "Usage: ${PROGNAME} [OPTION]... [-- <additional Erlang cli options>]"
-  echo "  -c cookie         specify shared Erlang cookie (default: monster)"
+  echo "  -c cookie         specify shared Erlang cookie"
   echo "  -l HOST           specify remsh's host name (default: 127.0.0.1)"
   echo "  -m                use output of \`hostname -f\` as remsh's host name"
   echo "  -n NAME@HOST      specify couchdb's Erlang node name (-name in vm.args)"
@@ -114,6 +113,11 @@ fi
 # to avoid conflicts with the cli parameters
 ERL_FLAGS_CLEAN=$(echo "$ERL_FLAGS" | sed 's/-setcookie \([^ ][^ ]*\)//g' | sed 's/-name \([^ ][^ ]*\)//g')
 
+if [ -z "${COOKIE}" ]; then
+    echo "No Erlang cookie could be found, please specify with -c" >&2
+    exit 1
+fi
+
 if [ -z "$TLSCONF" ]; then
   exec env ERL_FLAGS="$ERL_FLAGS_CLEAN" "$BINDIR/erl" -boot "$ROOTDIR/releases/$APP_VSN/start_clean" \
       -name remsh$$@$LHOST -remsh $NODE -hidden -setcookie $COOKIE \
diff --git a/rel/overlay/etc/vm.args b/rel/overlay/etc/vm.args
index 805e9ec22..4971627c9 100644
--- a/rel/overlay/etc/vm.args
+++ b/rel/overlay/etc/vm.args
@@ -38,9 +38,8 @@
 {{node_name}}
 
 # All nodes must share the same magic cookie for distributed Erlang to work.
-# Comment out this line if you synchronized the cookies by other means (using
-# the ~/.erlang.cookie file, for example).
--setcookie monster
+# Uncomment the following line and append a securely generated random value.
+# -setcookie
 
 # Tell kernel and SASL not to log anything
 -kernel error_logger silent
diff --git a/src/couch/src/couch_sup.erl b/src/couch/src/couch_sup.erl
index b936c1e5d..85400a39a 100644
--- a/src/couch/src/couch_sup.erl
+++ b/src/couch/src/couch_sup.erl
@@ -28,6 +28,7 @@
 
 
 start_link() ->
+    assert_no_monsters(),
     assert_admins(),
     maybe_launch_admin_annoyance_reporter(),
     write_pidfile(),
@@ -87,6 +88,25 @@ handle_config_change(_, _, _, _, _) ->
 handle_config_terminate(_Server, _Reason, _State) ->
     ok.
 
+assert_no_monsters() ->
+    couch_log:info("Preflight check: Checking For Monsters~n", []),
+    case erlang:get_cookie() of
+        monster ->
+            couch_log:info(
+                "~n%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%~n" ++
+                    "  Monster detected ohno!, aborting startup.                      ~n" ++
+                    "  Please change the Erlang cookie in vm.args to the same         ~n" ++
+                    "  securely generated random value on all nodes of this cluster.  ~n" ++
+                    "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%~n",
+                []
+            ),
+            % Wait a second so the log message can make it to the log
+            timer:sleep(500),
+            erlang:halt(1);
+        _ ->
+            ok
+    end.
+
 assert_admins() ->
     couch_log:info("Preflight check: Asserting Admin Account~n", []),
     case {config:get("admins"), os:getenv("COUCHDB_TEST_ADMIN_PARTY_OVERRIDE")} of
author	Robert Newson <rnewson@apache.org>	2022-04-02 01:12:10 -0400
committer	Nick Vatamaniuc <vatamane@apache.org>	2022-04-05 23:28:24 -0400
commit	c4e811ecf97d5796145b60f3b99a84abcec56ebf (patch)
tree	a52bfec243714603f99552ff3276590808734052
parent	244d428afe01a746b012f3dc4ec4865935ea8ad3 (diff)
download	couchdb-c4e811ecf97d5796145b60f3b99a84abcec56ebf.tar.gz