fix: Use randomly generated Kerberos password

PretendoNetwork · Feb 11, 2025 · 24da2c6 · 24da2c6
1 parent 7524a05
commit 24da2c6
Showing 1 changed file with 8 additions and 5 deletions.
diff --git a/init.go b/init.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"fmt"
+	"crypto/rand"
 	"os"
 	"strconv"
 	"strings"
@@ -30,7 +31,6 @@ func init() {
 	}
 
 	postgresURI := os.Getenv("PN_MK7_POSTGRES_URI")
-	kerberosPassword := os.Getenv("PN_MK7_KERBEROS_PASSWORD")
 	authenticationServerPort := os.Getenv("PN_MK7_AUTHENTICATION_SERVER_PORT")
 	secureServerHost := os.Getenv("PN_MK7_SECURE_SERVER_HOST")
 	secureServerPort := os.Getenv("PN_MK7_SECURE_SERVER_PORT")
@@ -43,12 +43,15 @@ func init() {
 		os.Exit(0)
 	}
 
-	if strings.TrimSpace(kerberosPassword) == "" {
-		globals.Logger.Warningf("PN_MK7_KERBEROS_PASSWORD environment variable not set. Using default password: %q", globals.KerberosPassword)
-	} else {
-		globals.KerberosPassword = kerberosPassword
+	kerberosPassword := make([]byte, 0x10)
+	_, err = rand.Read(kerberosPassword)
+	if err != nil {
+		globals.Logger.Error("Error generating Kerberos password")
+		os.Exit(0)
 	}
 
+	globals.KerberosPassword = string(kerberosPassword)
+
 	globals.AuthenticationServerAccount = nex.NewAccount(types.NewPID(1), "Quazal Authentication", globals.KerberosPassword)
 	globals.SecureServerAccount = nex.NewAccount(types.NewPID(2), "Quazal Rendez-Vous", globals.KerberosPassword)