dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d57458e) | patch
SessionManager: Add provision for encrypting session data
authorBrad Jorsch <bjorsch@wikimedia.org>
Tue, 26 Apr 2016 17:56:35 +0000 (13:56 -0400)
committerGergő Tisza <gtisza@wikimedia.org>
Fri, 29 Apr 2016 15:34:55 +0000 (15:34 +0000)
commit0b8b539a00226fb381a5c760bfc377a43fed558f
tree57853d1b9f90f65b8704ccfc6d40d202befef0c7tree | snapshot
parentd57458e64e9b754deb3b55bc9bd60be2f6c5e07bcommit | diff
SessionManager: Add provision for encrypting session data

This follows the model Chris Steipp implemented for OATHAuth.

At the moment, this avoids the need to require a crypto PHP extension by
adding a configuration variable to enable plaintext storage. Someday
when there's time for the necessary code review, we should probably
import a pure-PHP implementation of AES to fall back to when the crypto
extensions are unavailable.

Change-Id: Ie9cae1526d3b8bf3f517f3226ddd888893f65656
RELEASE-NOTES-1.27 diff | blob | history
includes/DefaultSettings.php diff | blob | history
includes/session/Session.php diff | blob | history
tests/phpunit/includes/session/SessionTest.php diff | blob | history
Wiklou, le Wiki du Wiklou