From 781477fff1d1983897b35dad49c74e925185289c Mon Sep 17 00:00:00 2001 From: Anton Pirker Date: Thu, 30 Mar 2017 22:44:51 +0200 Subject: [PATCH] Rename 'session_key' config parameter to 'secret_key'. Resolves #220. --- CHANGELOG.md | 2 +- examples/config/Rocket.toml | 6 ++--- examples/session/Rocket.toml | 4 ++-- lib/src/config/builder.rs | 22 +++++++++--------- lib/src/config/config.rs | 40 ++++++++++++++++----------------- lib/src/config/custom_values.rs | 14 ++++++------ lib/src/config/mod.rs | 38 +++++++++++++++---------------- lib/src/rocket.rs | 4 ++-- 8 files changed, 65 insertions(+), 65 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c6d3ae1c..bed58aed 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -216,7 +216,7 @@ In addition to new features, Rocket saw the following smaller improvements: * Clippy issues injected by codegen are resolved. * Handlebars was updated to `0.25`. * The `PartialEq` implementation of `Config` doesn't consider the path or - session key. + secret key. * Hyper dependency updated to `0.10`. * The `Error` type for `JSON as FromData` has been exposed as `SerdeError`. * SVG was added as a known Content-Type. diff --git a/examples/config/Rocket.toml b/examples/config/Rocket.toml index 4002abf6..d55f482f 100644 --- a/examples/config/Rocket.toml +++ b/examples/config/Rocket.toml @@ -1,4 +1,4 @@ -# Except for the session key, nothing here is necessary; Rocket has sane +# Except for the secret key, none of these are actually needed; Rocket has sane # defaults. We show all of them here explicitly for demonstrative purposes. [global.limits] @@ -20,7 +20,7 @@ port = 80 log = "normal" workers = 8 # don't use this key! generate your own and keep it private! -session_key = "8Xui8SN4mI+7egV/9dlfYYLGQJeEx4+DwmSQLwDVXJg=" +secret_key = "8Xui8SN4mI+7egV/9dlfYYLGQJeEx4+DwmSQLwDVXJg=" [production] address = "0.0.0.0" @@ -28,4 +28,4 @@ port = 80 workers = 12 log = "critical" # don't use this key! generate your own and keep it private! -session_key = "hPRYyVRiMyxpw5sBB1XeCMN1kFsDCqKvBi2QJxBVHQk=" +secret_key = "hPRYyVRiMyxpw5sBB1XeCMN1kFsDCqKvBi2QJxBVHQk=" diff --git a/examples/session/Rocket.toml b/examples/session/Rocket.toml index d9c2fbaa..42a09793 100644 --- a/examples/session/Rocket.toml +++ b/examples/session/Rocket.toml @@ -1,7 +1,7 @@ [staging] -session_key = "itlYmFR2vYKrOmFhupMIn/hyB6lYCCTXz4yaQX89XVg=" +secret_key = "itlYmFR2vYKrOmFhupMIn/hyB6lYCCTXz4yaQX89XVg=" address = "localhost" port = 8000 [production] -session_key = "itlYmFR2vYKrOmFhupMIn/hyB6lYCCTXz4yaQX89XVg=" +secret_key = "itlYmFR2vYKrOmFhupMIn/hyB6lYCCTXz4yaQX89XVg=" diff --git a/lib/src/config/builder.rs b/lib/src/config/builder.rs index 5916a9d1..7ecc68a7 100644 --- a/lib/src/config/builder.rs +++ b/lib/src/config/builder.rs @@ -18,8 +18,8 @@ pub struct ConfigBuilder { pub workers: u16, /// How much information to log. pub log_level: LoggingLevel, - /// The session key. - pub session_key: Option, + /// The secret key. + pub secret_key: Option, /// TLS configuration (path to certificates file, path to private key file). pub tls: Option<(String, String)>, /// Size limits. @@ -66,7 +66,7 @@ impl ConfigBuilder { port: config.port, workers: config.workers, log_level: config.log_level, - session_key: None, + secret_key: None, tls: None, limits: config.limits, extras: config.extras, @@ -150,7 +150,7 @@ impl ConfigBuilder { self } - /// Sets the `session_key` in the configuration being built. + /// Sets the `secret_key` in the configuration being built. /// /// # Example /// @@ -160,11 +160,11 @@ impl ConfigBuilder { /// /// let key = "8Xui8SN4mI+7egV/9dlfYYLGQJeEx4+DwmSQLwDVXJg="; /// let mut config = Config::build(Environment::Staging) - /// .session_key(key) + /// .secret_key(key) /// .unwrap(); /// ``` - pub fn session_key>(mut self, key: K) -> Self { - self.session_key = Some(key.into()); + pub fn secret_key>(mut self, key: K) -> Self { + self.secret_key = Some(key.into()); self } @@ -271,7 +271,7 @@ impl ConfigBuilder { /// # Errors /// /// If the current working directory cannot be retrieved, returns a `BadCWD` - /// error. If the address or session key fail to parse, returns a `BadType` + /// error. If the address or secret key fail to parse, returns a `BadType` /// error. /// /// # Example @@ -307,8 +307,8 @@ impl ConfigBuilder { config.set_tls(&certs_path, &key_path)?; } - if let Some(key) = self.session_key { - config.set_session_key(key)?; + if let Some(key) = self.secret_key { + config.set_secret_key(key)?; } Ok(config) @@ -319,7 +319,7 @@ impl ConfigBuilder { /// # Panics /// /// Panics if the current working directory cannot be retrieved or if the - /// supplied address or session key fail to parse. + /// supplied address or secret key fail to parse. /// /// # Example /// diff --git a/lib/src/config/config.rs b/lib/src/config/config.rs index 323ed582..ba5c3441 100644 --- a/lib/src/config/config.rs +++ b/lib/src/config/config.rs @@ -40,8 +40,8 @@ pub struct Config { pub workers: u16, /// How much information to log. pub log_level: LoggingLevel, - /// The session key. - pub(crate) session_key: SessionKey, + /// The secret key. + pub(crate) secret_key: SecretKey, /// TLS configuration. pub(crate) tls: Option, /// Streaming read size limits. @@ -131,8 +131,8 @@ impl Config { // Note: This may truncate if num_cpus::get() > u16::max. That's okay. let default_workers = ::std::cmp::max(num_cpus::get(), 2) as u16; - // Use a generated session key by default. - let key = SessionKey::Generated(Key::generate()); + // Use a generated secret key by default. + let key = SecretKey::Generated(Key::generate()); Ok(match env { Development => { @@ -142,7 +142,7 @@ impl Config { port: 8000, workers: default_workers, log_level: LoggingLevel::Normal, - session_key: key, + secret_key: key, tls: None, limits: Limits::default(), extras: HashMap::new(), @@ -156,7 +156,7 @@ impl Config { port: 80, workers: default_workers, log_level: LoggingLevel::Normal, - session_key: key, + secret_key: key, tls: None, limits: Limits::default(), extras: HashMap::new(), @@ -170,7 +170,7 @@ impl Config { port: 80, workers: default_workers, log_level: LoggingLevel::Critical, - session_key: key, + secret_key: key, tls: None, limits: Limits::default(), extras: HashMap::new(), @@ -192,7 +192,7 @@ impl Config { } /// Sets the configuration `val` for the `name` entry. If the `name` is one - /// of "address", "port", "session_key", "log", or "workers" (the "default" + /// of "address", "port", "secret_key", "log", or "workers" (the "default" /// values), the appropriate value in the `self` Config structure is set. /// Otherwise, the value is stored as an `extra`. /// @@ -204,7 +204,7 @@ impl Config { /// * **port**: Integer (16-bit unsigned) /// * **workers**: Integer (16-bit unsigned) /// * **log**: String - /// * **session_key**: String (192-bit base64) + /// * **secret_key**: String (192-bit base64) /// * **tls**: Table (`certs` (path as String), `key` (path as String)) pub(crate) fn set_raw(&mut self, name: &str, val: &Value) -> Result<()> { let (id, ok) = (|val| val, |_| Ok(())); @@ -212,7 +212,7 @@ impl Config { address => (str, set_address, id), port => (u16, set_port, ok), workers => (u16, set_workers, ok), - session_key => (str, set_session_key, id), + secret_key => (str, set_secret_key, id), log => (log_level, set_log_level, ok), tls => (tls_config, set_raw_tls, id), limits => (limits, set_limits, ok) @@ -313,7 +313,7 @@ impl Config { self.workers = workers; } - /// Sets the `session_key` in `self` to `key` which must be a 192-bit base64 + /// Sets the `secret_key` in `self` to `key` which must be a 192-bit base64 /// encoded string. /// /// # Errors @@ -330,14 +330,14 @@ impl Config { /// # fn config_test() -> Result<(), ConfigError> { /// let mut config = Config::new(Environment::Staging)?; /// let key = "8Xui8SN4mI+7egV/9dlfYYLGQJeEx4+DwmSQLwDVXJg="; - /// assert!(config.set_session_key(key).is_ok()); - /// assert!(config.set_session_key("hello? anyone there?").is_err()); + /// assert!(config.set_secret_key(key).is_ok()); + /// assert!(config.set_secret_key("hello? anyone there?").is_err()); /// # Ok(()) /// # } /// ``` - pub fn set_session_key>(&mut self, key: K) -> Result<()> { + pub fn set_secret_key>(&mut self, key: K) -> Result<()> { let key = key.into(); - let error = self.bad_type("session_key", "string", + let error = self.bad_type("secret_key", "string", "a 256-bit base64 encoded string"); if key.len() != 44 { @@ -349,7 +349,7 @@ impl Config { Err(_) => return Err(error) }; - self.session_key = SessionKey::Provided(Key::from_master(&bytes)); + self.secret_key = SecretKey::Provided(Key::from_master(&bytes)); Ok(()) } @@ -478,10 +478,10 @@ impl Config { self.extras.iter().map(|(k, v)| (k.as_str(), v)) } - /// Retrieves the session key from `self`. + /// Retrieves the secret key from `self`. #[inline] - pub(crate) fn session_key(&self) -> &Key { - self.session_key.inner() + pub(crate) fn secret_key(&self) -> &Key { + self.secret_key.inner() } /// Attempts to retrieve the extra named `name` as a string. @@ -668,7 +668,7 @@ impl fmt::Debug for Config { } } -/// Doesn't consider the session key or config path. +/// Doesn't consider the secret key or config path. impl PartialEq for Config { fn eq(&self, other: &Config) -> bool { self.address == other.address diff --git a/lib/src/config/custom_values.rs b/lib/src/config/custom_values.rs index c534e669..0860de5e 100644 --- a/lib/src/config/custom_values.rs +++ b/lib/src/config/custom_values.rs @@ -7,24 +7,24 @@ use config::{Result, Config, Value, ConfigError}; use http::Key; #[derive(Clone)] -pub enum SessionKey { +pub enum SecretKey { Generated(Key), Provided(Key) } -impl SessionKey { - #[inline(always)] +impl SecretKey { + #[inline] pub fn kind(&self) -> &'static str { match *self { - SessionKey::Generated(_) => "generated", - SessionKey::Provided(_) => "provided", + SecretKey::Generated(_) => "generated", + SecretKey::Provided(_) => "provided", } } - #[inline(always)] + #[inline] pub(crate) fn inner(&self) -> &Key { match *self { - SessionKey::Generated(ref key) | SessionKey::Provided(ref key) => key + SecretKey::Generated(ref key) | SecretKey::Provided(ref key) => key } } } diff --git a/lib/src/config/mod.rs b/lib/src/config/mod.rs index 866c6c17..6c2dd2aa 100644 --- a/lib/src/config/mod.rs +++ b/lib/src/config/mod.rs @@ -40,8 +40,8 @@ //! * examples: `12`, `1`, `4` //! * **log**: _[string]_ how much information to log; one of `"normal"`, //! `"debug"`, or `"critical"` -//! * **session_key**: _[string]_ a 256-bit base64 encoded string (44 -//! characters) to use as the session key +//! * **secret_key**: _[string]_ a 256-bit base64 encoded string (44 +//! characters) to use as the secret key //! * example: `"8Xui8SN4mI+7egV/9dlfYYLGQJeEx4+DwmSQLwDVXJg="` //! * **tls**: _[table]_ a table with two keys: 1) `certs`: _[string]_ a path //! to a certificate chain in PEM format, and 2) `key`: _[string]_ a path to a @@ -71,7 +71,7 @@ //! port = 8000 //! workers = max(number_of_cpus, 2) //! log = "normal" -//! session_key = [randomly generated at launch] +//! secret_key = [randomly generated at launch] //! limits = { forms = 32768 } //! //! [staging] @@ -79,7 +79,7 @@ //! port = 80 //! workers = max(number_of_cpus, 2) //! log = "normal" -//! session_key = [randomly generated at launch] +//! secret_key = [randomly generated at launch] //! limits = { forms = 32768 } //! //! [production] @@ -87,14 +87,14 @@ //! port = 80 //! workers = max(number_of_cpus, 2) //! log = "critical" -//! session_key = [randomly generated at launch] +//! secret_key = [randomly generated at launch] //! limits = { forms = 32768 } //! ``` //! -//! The `workers` and `session_key` default parameters are computed by Rocket +//! The `workers` and `secret_key` default parameters are computed by Rocket //! automatically; the values above are not valid TOML syntax. When manually //! specifying the number of workers, the value should be an integer: `workers = -//! 10`. When manually specifying the session key, the value should a 256-bit +//! 10`. When manually specifying the secret key, the value should a 256-bit //! base64 encoded string. Such a string can be generated with the `openssl` //! command line tool: `openssl rand -base64 32`. //! @@ -634,7 +634,7 @@ mod test { port = 7810 workers = 21 log = "critical" - session_key = "8Xui8SN4mI+7egV/9dlfYYLGQJeEx4+DwmSQLwDVXJg=" + secret_key = "8Xui8SN4mI+7egV/9dlfYYLGQJeEx4+DwmSQLwDVXJg=" template_dir = "mine" json = true pi = 3.14 @@ -645,7 +645,7 @@ mod test { .port(7810) .workers(21) .log_level(LoggingLevel::Critical) - .session_key("8Xui8SN4mI+7egV/9dlfYYLGQJeEx4+DwmSQLwDVXJg=") + .secret_key("8Xui8SN4mI+7egV/9dlfYYLGQJeEx4+DwmSQLwDVXJg=") .extra("template_dir", "mine") .extra("json", true) .extra("pi", 3.14); @@ -971,49 +971,49 @@ mod test { } #[test] - fn test_good_session_key() { + fn test_good_secret_key() { // Take the lock so changing the environment doesn't cause races. let _env_lock = ENV_LOCK.lock().unwrap(); env::set_var(CONFIG_ENV, "stage"); check_config!(RocketConfig::parse(r#" [stage] - session_key = "TpUiXK2d/v5DFxJnWL12suJKPExKR8h9zd/o+E7SU+0=" + secret_key = "TpUiXK2d/v5DFxJnWL12suJKPExKR8h9zd/o+E7SU+0=" "#.to_string(), TEST_CONFIG_FILENAME), { - default_config(Staging).session_key( + default_config(Staging).secret_key( "TpUiXK2d/v5DFxJnWL12suJKPExKR8h9zd/o+E7SU+0=" ) }); check_config!(RocketConfig::parse(r#" [stage] - session_key = "jTyprDberFUiUFsJ3vcb1XKsYHWNBRvWAnXTlbTgGFU=" + secret_key = "jTyprDberFUiUFsJ3vcb1XKsYHWNBRvWAnXTlbTgGFU=" "#.to_string(), TEST_CONFIG_FILENAME), { - default_config(Staging).session_key( + default_config(Staging).secret_key( "jTyprDberFUiUFsJ3vcb1XKsYHWNBRvWAnXTlbTgGFU=" ) }); } #[test] - fn test_bad_session_key() { + fn test_bad_secret_key() { // Take the lock so changing the environment doesn't cause races. let _env_lock = ENV_LOCK.lock().unwrap(); env::remove_var(CONFIG_ENV); assert!(RocketConfig::parse(r#" [dev] - session_key = true + secret_key = true "#.to_string(), TEST_CONFIG_FILENAME).is_err()); assert!(RocketConfig::parse(r#" [dev] - session_key = 1283724897238945234897 + secret_key = 1283724897238945234897 "#.to_string(), TEST_CONFIG_FILENAME).is_err()); assert!(RocketConfig::parse(r#" [dev] - session_key = "abcv" + secret_key = "abcv" "#.to_string(), TEST_CONFIG_FILENAME).is_err()); } @@ -1034,7 +1034,7 @@ mod test { assert!(RocketConfig::parse(r#" [dev] - session_key = "abcv" = other + secret_key = "abcv" = other "#.to_string(), TEST_CONFIG_FILENAME).is_err()); } diff --git a/lib/src/rocket.rs b/lib/src/rocket.rs index b27dba0a..6bf54446 100644 --- a/lib/src/rocket.rs +++ b/lib/src/rocket.rs @@ -218,7 +218,7 @@ impl Rocket { info!("{}:", request); // Inform the request about all of the precomputed state. - request.set_preset_state(&self.config.session_key(), &self.state); + request.set_preset_state(&self.config.secret_key(), &self.state); // Do a bit of preprocessing before routing; run the attached fairings. self.preprocess_request(request, &data); @@ -393,7 +393,7 @@ impl Rocket { info_!("port: {}", White.paint(&config.port)); info_!("log: {}", White.paint(config.log_level)); info_!("workers: {}", White.paint(config.workers)); - info_!("session key: {}", White.paint(config.session_key.kind())); + info_!("secret key: {}", White.paint(config.secret_key.kind())); info_!("limits: {}", White.paint(&config.limits)); let tls_configured = config.tls.is_some();