From 2a0d604e406647d68c5b5439aa57ef417fcfcc98 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Wed, 14 Oct 2020 11:41:07 +0200
Subject: [PATCH] Require generation of a valid signature_secret during
 WCFSetup

---
 .../PackageInstallationDispatcher.class.php        | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/wcfsetup/install/files/lib/system/package/PackageInstallationDispatcher.class.php b/wcfsetup/install/files/lib/system/package/PackageInstallationDispatcher.class.php
index e2621d57c0..80df31f82f 100644
--- a/wcfsetup/install/files/lib/system/package/PackageInstallationDispatcher.class.php
+++ b/wcfsetup/install/files/lib/system/package/PackageInstallationDispatcher.class.php
@@ -230,16 +230,10 @@ class PackageInstallationDispatcher {
 						'mail_admin_address'
 					]);
 					
-					try {
-						$statement->execute([
-							bin2hex(\random_bytes(20)),
-							'signature_secret'
-						]);
-					}
-					catch (\Throwable $e) {
-						// ignore, the secret will stay empty and crypto operations
-						// depending on it will fail
-					}
+					$statement->execute([
+						\bin2hex(\random_bytes(20)),
+						'signature_secret'
+					]);
 					
 					if (WCF::getSession()->getVar('__wcfSetup_developerMode')) {
 						$statement->execute([
-- 
2.20.1