Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Ensure that db encryption keys have proper bytesize | Grzegorz Bizon | 2018-11-22 | 1 | -0/+8 |
| | |||||
* | Fix attr_encryption key settings | Stan Hu | 2018-06-02 | 1 | -8/+15 |
| | | | | | | | | | | | | | attr_encrypted does different things with `key` depending on what mode you are using: 1. In `:per_attribute_iv_and_salt` mode, it generates a hash with the salt: https://github.com/attr-encrypted/encryptor/blob/c3a62c4a9e74686dd95e0548f9dc2a361fdc95d1/lib/encryptor.rb#L77. There is no need to truncate the key to 32 bytes here. 2. In `:per_attribute_iv` mode, it sets the key directly to the password, so truncation to 32 bytes is necessary. Closes #47166 | ||||
* | Add comment about the need for truncating keys in Ruby 2.4sh-add-ruby-2.4-comment | Stan Hu | 2018-06-01 | 1 | -0/+7 |
| | | | | [ci skip] | ||||
* | Upgrade to Ruby 2.4.4sh-bump-ruby-2.4 | Stan Hu | 2018-05-29 | 1 | -0/+4 |
| | | | | | | | | | | | | Fixes that make this work: * A change in Ruby (https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1) requires passing in the exact required length for OpenSSL keys and IVs. * Ensure the secrets.yml is generated before any prepended modules are loaded. This is done by renaming the `secret_token.rb` initializer to `01_secret_token.rb`, which is a bit ugly but involves the least impact on other files. | ||||
* | Do not preload settings | Kamil TrzciĆski | 2018-04-24 | 1 | -0/+126 |