From f00ba61a873501b135332716cd83dc669ecee860 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Fri, 21 Apr 2023 13:07:24 +0200
Subject: [PATCH] Generate WCF_UUID earlier during installation

This is required for cronjob randomization. Some additional changes needed to
be performed to not break WCFSetup. As the options.inc.php is rewritten, the
cookie prefix update needs to be moved into the install script from
PackageInstallationDispatcher.
---
 com.woltlab.wcf/package.xml                   |  2 +-
 .../acp/install_com.woltlab.wcf_step1.php     | 39 +++++++++++++++----
 .../acp/install_com.woltlab.wcf_step2.php     |  5 ---
 .../PackageInstallationDispatcher.class.php   | 19 ---------
 4 files changed, 33 insertions(+), 32 deletions(-)

diff --git a/com.woltlab.wcf/package.xml b/com.woltlab.wcf/package.xml
index d89b20deb6..1b8e0f2c48 100644
--- a/com.woltlab.wcf/package.xml
+++ b/com.woltlab.wcf/package.xml
@@ -23,7 +23,7 @@
 		<instruction type="template" run="standalone" />
 
 		<instruction type="eventListener" />
-		<instruction type="script">acp/install_com.woltlab.wcf_step1.php</instruction>
+		<instruction type="script" run="standalone">acp/install_com.woltlab.wcf_step1.php</instruction>
 		<instruction type="cronjob" />
 		<instruction type="coreObject" />
 		<instruction type="clipboardAction" />
diff --git a/wcfsetup/install/files/acp/install_com.woltlab.wcf_step1.php b/wcfsetup/install/files/acp/install_com.woltlab.wcf_step1.php
index c8f7f72d91..e65aa10d2d 100644
--- a/wcfsetup/install/files/acp/install_com.woltlab.wcf_step1.php
+++ b/wcfsetup/install/files/acp/install_com.woltlab.wcf_step1.php
@@ -1,14 +1,17 @@
 <?php
 
 /**
- * @author  Marcel Werk
- * @copyright   2001-2019 WoltLab GmbH
+ * @author Tim Duesterhus, Marcel Werk
+ * @copyright 2001-2023 WoltLab GmbH
  * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
  */
 
+use ParagonIE\ConstantTime\Hex;
+use wcf\data\option\OptionEditor;
 use wcf\system\user\storage\UserStorageHandler;
 use wcf\system\WCF;
 use wcf\util\DateUtil;
+use wcf\util\StringUtil;
 
 // change the priority of the PIPs to "1"
 $sql = "UPDATE  wcf1_package_installation_plugin
@@ -19,16 +22,38 @@ $statement->execute([1]);
 // Clear any outdated cached data from WCFSetup.
 UserStorageHandler::getInstance()->clear();
 
-// get server timezone
+// Configure early dynamic option values
+
+$sql = "UPDATE  wcf1_option
+        SET     optionValue = ?
+        WHERE   optionName = ?";
+$statement = WCF::getDB()->prepare($sql);
+$statement->execute([
+    StringUtil::getUUID(),
+    'wcf_uuid',
+]);
+
+$statement->execute([
+    Hex::encode(\random_bytes(20)),
+    'signature_secret',
+]);
+
+if (\file_exists(WCF_DIR . 'cookiePrefix.txt')) {
+    $statement->execute([
+        COOKIE_PREFIX,
+        'cookie_prefix',
+    ]);
+
+    @\unlink(WCF_DIR . 'cookiePrefix.txt');
+}
+
 if ($timezone = @\date_default_timezone_get()) {
     if (\in_array($timezone, DateUtil::getAvailableTimezones())) {
-        $sql = "UPDATE  wcf1_option
-                SET     optionValue = ?
-                WHERE   optionName = ?";
-        $statement = WCF::getDB()->prepare($sql);
         $statement->execute([
             $timezone,
             'timezone',
         ]);
     }
 }
+
+OptionEditor::resetCache();
diff --git a/wcfsetup/install/files/acp/install_com.woltlab.wcf_step2.php b/wcfsetup/install/files/acp/install_com.woltlab.wcf_step2.php
index e5f39473e7..1c89485717 100644
--- a/wcfsetup/install/files/acp/install_com.woltlab.wcf_step2.php
+++ b/wcfsetup/install/files/acp/install_com.woltlab.wcf_step2.php
@@ -121,15 +121,10 @@ $statement->execute([
 ]);
 
 // Configure dynamic option values
-
 $sql = "UPDATE  wcf1_option
         SET     optionValue = ?
         WHERE   optionName = ?";
 $statement = WCF::getDB()->prepare($sql);
-$statement->execute([
-    StringUtil::getUUID(),
-    'wcf_uuid',
-]);
 
 if (
     ImagickImageAdapter::isSupported()
diff --git a/wcfsetup/install/files/lib/system/package/PackageInstallationDispatcher.class.php b/wcfsetup/install/files/lib/system/package/PackageInstallationDispatcher.class.php
index 8a68e6dddc..502decb4f3 100644
--- a/wcfsetup/install/files/lib/system/package/PackageInstallationDispatcher.class.php
+++ b/wcfsetup/install/files/lib/system/package/PackageInstallationDispatcher.class.php
@@ -268,25 +268,6 @@ class PackageInstallationDispatcher
      */
     protected function finalizeWcfSetup(): void
     {
-        $sql = "UPDATE  wcf1_option
-                SET     optionValue = ?
-                WHERE   optionName = ?";
-        $statement = WCF::getDB()->prepare($sql);
-
-        if (\file_exists(WCF_DIR . 'cookiePrefix.txt')) {
-            $statement->execute([
-                COOKIE_PREFIX,
-                'cookie_prefix',
-            ]);
-
-            @\unlink(WCF_DIR . 'cookiePrefix.txt');
-        }
-
-        $statement->execute([
-            $signatureSecret = Hex::encode(\random_bytes(20)),
-            'signature_secret',
-        ]);
-        \define('SIGNATURE_SECRET', $signatureSecret);
         HeaderUtil::setCookie(
             'user_session',
             CryptoUtil::createSignedString(
-- 
2.20.1