diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 15:44:42 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 15:44:42 +0000 |
| commit | 4555e1b21c365ed8303ffb7a3325d773c9b8bf31 (patch) | |
| tree | 5423a1c7516cffe36384133ade12572cf709398d /config/settings.rb | |
| parent | e570267f2f6b326480d284e0164a6464ba4081bc (diff) | |
| download | gitlab-ce-4555e1b21c365ed8303ffb7a3325d773c9b8bf31.tar.gz | |
Add latest changes from gitlab-org/gitlab@13-12-stable-eev13.12.0-rc42
Diffstat (limited to 'config/settings.rb')
| -rw-r--r-- | config/settings.rb | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/config/settings.rb b/config/settings.rb index 3369f2a4480..a88f6d89ce4 100644 --- a/config/settings.rb +++ b/config/settings.rb @@ -126,16 +126,18 @@ class Settings < Settingslogic File.expand_path(path, Rails.root) end - # Ruby 2.4+ requires passing in the exact required length for OpenSSL keys - # (https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1). - # Previous versions quietly truncated the input. - # - # Use this when using :per_attribute_iv mode for attr_encrypted. - # We have to truncate the string to 32 bytes for a 256-bit cipher. + # Don't use this in new code, use attr_encrypted_db_key_base_32 instead! def attr_encrypted_db_key_base_truncated Gitlab::Application.secrets.db_key_base[0..31] end + # Ruby 2.4+ requires passing in the exact required length for OpenSSL keys + # (https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1). + # Previous versions quietly truncated the input. + # + # Makes sure the key is exactly 32 bytes long, either by + # truncating or right-padding it with ASCII 0s. Use this when + # using :per_attribute_iv mode for attr_encrypted. def attr_encrypted_db_key_base_32 Gitlab::Utils.ensure_utf8_size(attr_encrypted_db_key_base, bytes: 32.bytes) end |