Bug #29976
CSRF token is always the same
100%
Description
This is probably a Windows issue (Windows 7, 64bit):
The blog example generates links like "posts/new?__csrfToken=00000000000000000000000000000000" for protected actions.
Updated by Christian Müller over 9 years ago
That is a shortcoming of /Packages/Framework/TYPO3.FLOW3/Resources/PHP/iSecurity/Security_Randomizer.php, it also mentions in a comment that it probably won't work on Win 64-bit.
Updated by Christian Müller over 9 years ago
Maybe we should add a fallback to generate "not so strongly randomized data" to have it running on Win 64-bit but log the fact that it is not so secure? WDYT?
Updated by Bastian Waidelich over 9 years ago
Christian Mueller wrote:
Maybe we should add a fallback to generate "not so strongly randomized data" to have
it running on Win 64-bit but log the fact that it is not so secure? WDYT?
+1
The Randomizer already comes with a fallback to mt_rand
- but the problem is, that (in my case) it doesn't reach that fallback as it considers "00000000000000000000000000000000" as valid result.
Updated by Christian Müller over 9 years ago
Yep I see,
I guess it goes wrong around line 219 for you, maybe you check that out. It fills an array with zeros then uses the .NET crypto stuff, but finally it returns the array filled with zeros. For me this code looks plain wrong, I think this $variant thingy is filled with the random bytes and so its content needs to be returned there.
Updated by Mr. Hudson over 9 years ago
- Status changed from New to Under Review
Patch set 1 of change I93c432e45071a3c5628e98b3fbefa7407c715c15 has been pushed to the review server.
It is available at http://review.typo3.org/5727
Updated by Bastian Waidelich over 9 years ago
FYI: We have added two bug reports to the "Improved Security" project at SourceSorge
Updated by Mr. Hudson over 9 years ago
Patch set 2 of change I93c432e45071a3c5628e98b3fbefa7407c715c15 has been pushed to the review server.
It is available at http://review.typo3.org/5727
Updated by Christian Müller over 9 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 1dd7ba68d3f0b6d6b2c0f9ef9f480e80aab08f2d.