This is an automated email from the ASF dual-hosted git repository. rnewson pushed a commit to branch sync-secret in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 66c564a771673860c859bd9fa1f8e9d35b73303e Author: Robert Newson <[email protected]> AuthorDate: Fri Dec 19 12:27:28 2025 +0000 use secret from config if ETS not populated This helps with startup race conditions in the test suite where the secret is set in config but the gen_server in couch_secrets hasn't received it via config_change callback yet. --- src/couch/src/couch_httpd_auth.erl | 12 ------------ src/couch/src/couch_secrets.erl | 24 ++++++++++++++++++++++-- 2 files changed, 22 insertions(+), 14 deletions(-) diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl index 604c9dcfe..3779be66b 100644 --- a/src/couch/src/couch_httpd_auth.erl +++ b/src/couch/src/couch_httpd_auth.erl @@ -460,23 +460,11 @@ ensure_cookie_auth_secret() -> undefined -> NewSecret = ?b2l(couch_uuids:random()), config:set("chttpd_auth", "secret", NewSecret), - wait_for_secret(10), NewSecret; Secret -> Secret end. -wait_for_secret(0) -> - ok; -wait_for_secret(N) -> - case couch_secrets:secret_is_set() of - true -> - ok; - false -> - timer:sleep(50), - wait_for_secret(N - 1) - end. - % session handlers % Login handler with user db handle_session_req(Req) -> diff --git a/src/couch/src/couch_secrets.erl b/src/couch/src/couch_secrets.erl index 574db73a3..46269ecbc 100644 --- a/src/couch/src/couch_secrets.erl +++ b/src/couch/src/couch_secrets.erl @@ -41,7 +41,7 @@ sign(Message) -> sign(Message, ExtraSecret) -> [HashAlgorithm | _] = couch_util:get_config_hash_algorithms(), - case current_secret_from_ets() of + case current_secret() of undefined -> throw({internal_server_error, <<"cookie auth secret is not set">>}); CurrentSecret -> @@ -53,7 +53,7 @@ verify(Message, ExpectedMAC) -> verify(Message, <<>>, ExpectedMAC). verify(Message, ExtraSecret, ExpectedMAC) -> - FullSecrets = [<<Secret/binary, ExtraSecret/binary>> || Secret <- all_secrets_from_ets()], + FullSecrets = [<<Secret/binary, ExtraSecret/binary>> || Secret <- all_secrets()], AllAlgorithms = couch_util:get_config_hash_algorithms(), verify(Message, AllAlgorithms, FullSecrets, ExpectedMAC). @@ -177,12 +177,32 @@ current_secret_from_config() -> ?l2b(Secret) end. +current_secret() -> + case current_secret_from_ets() of + undefined -> + current_secret_from_config(); + CurrentSecret -> + CurrentSecret + end. + current_secret_from_ets() -> current_secret_from_ets(node()). current_secret_from_ets(Node) -> secret_from_ets({Node, current}). +all_secrets() -> + case all_secrets_from_ets() of + [] -> + CurrentSecret = current_secret_from_config(), + if + CurrentSecret == undefined -> []; + true -> [CurrentSecret] + end; + AllSecrets -> + AllSecrets + end. + all_secrets_from_ets() -> secret_from_ets(all_secrets).
