View Issue Details

IDProjectCategoryView StatusLast Update
0019583mantisbtdocumentationpublic2015-09-06 17:37
ReporternoeAssigned Todregad 
PrioritynormalSeveritytextReproducibilityN/A
Status closedResolutionfixed 
Product Version1.3.0-beta.2 
Target Version1.3.0-beta.3Fixed in Version1.3.0-beta.3 
Summary0019583: Add $g_crypto_master_salt to sample config file
Description

I tried mantisbt-1.3.0-rc1-dev-master-83a66f1 to upgrade my 1.2.19 installation, and admin/install.php told me to add $g_crypto_master_salt to my config_inc.php file.
I do that but I had always the same error till I paste the result of
cat /dev/urandom | head -c 64 | base64
for $g_crypto_master_salt value.

Steps To Reproduce

$g_crypto_master_salt = 'lkfqsdjfklmqsdjfmklqsdfjlmqsdkfjqsldkmjf';
in config_inc.php

Additional Information

Additionnaly, there is no $g_crypto_master_salt in config_inc.php.sample.

TagsNo tags attached.

Activities

dregad

dregad

2015-04-08 03:07

developer   ~0049336

$g_crypto_master_salt = 'lkfqsdjfklmqsdjfmklqsdfjlmqsdkfjqsldkmjf';
in config_inc.php

I was not able to reproduce the error with this string.

there is no $g_crypto_master_salt in config_inc.php.sample.

This is by design actually - the idea behind the salt is that it should be unique to each instance; if we provided a valid value in this file, many administrators will just rename the sample file and use the provided value as-is, defeating its purpose.

What I can do is add $g_crypto_master_salt = ''; in the sample file with a comment indicating that it should be filled, if you think that would be more clear.

dregad

dregad

2015-04-19 08:34

developer   ~0050554

Updating summary to reflect the change that was made

Related Changesets

MantisBT: master cbfe0832

2015-04-10 08:16:18

dregad

Details Diff
Add $g_crypto_master_salt to sample config file

Since the string is required for MantisBT to operate, including it in
the sample file gives a good hint to administrators that they need to
initialize it.

Fixes 0019583
mod - config/config_inc.php.sample Diff File

Issue History

Date Modified Username Field Change
2015-04-07 12:36 noe New Issue
2015-04-08 03:07 dregad Note Added: 0049336
2015-04-08 03:08 dregad Assigned To => dregad
2015-04-08 03:08 dregad Status new => resolved
2015-04-08 03:08 dregad Resolution open => unable to reproduce
2015-04-10 08:21 dregad Changeset attached => MantisBT master cbfe0832
2015-04-10 08:21 dregad Resolution unable to reproduce => fixed
2015-04-10 08:21 dregad Fixed in Version => 1.3.0-beta.3
2015-04-19 06:39 atrol Target Version => 1.3.0-beta.3
2015-04-19 08:34 dregad Severity minor => text
2015-04-19 08:34 dregad Reproducibility always => N/A
2015-04-19 08:34 dregad Category security => documentation
2015-04-19 08:34 dregad Summary $g_crypto_master_salt need more than 16 characters => Add $g_crypto_master_salt to sample config file
2015-04-19 08:34 dregad Note Added: 0050554
2015-09-06 17:37 vboctoradmin Status resolved => closed