diff --git a/lib/Froxlor/Api/Commands/Admins.php b/lib/Froxlor/Api/Commands/Admins.php index 2b40a799..5f9ba445 100644 --- a/lib/Froxlor/Api/Commands/Admins.php +++ b/lib/Froxlor/Api/Commands/Admins.php @@ -528,7 +528,7 @@ class Admins extends ApiCommand implements ResourceEntity $email = $this->getParam('email', true, $idna_convert->decode($result['email'])); $password = $this->getParam('admin_password', true, ''); $def_language = $this->getParam('def_language', true, $result['def_language']); - $custom_notes = $this->getParam('custom_notes', true, $result['custom_notes']); + $custom_notes = $this->getParam('custom_notes', true, ($result['custom_notes'] ?? "")); $custom_notes_show = $this->getBoolParam('custom_notes_show', true, $result['custom_notes_show']); $theme = $this->getParam('theme', true, $result['theme']); diff --git a/lib/Froxlor/Database/DbManager.php b/lib/Froxlor/Database/DbManager.php index a80d3da1..ce602da1 100644 --- a/lib/Froxlor/Database/DbManager.php +++ b/lib/Froxlor/Database/DbManager.php @@ -111,7 +111,11 @@ class DbManager foreach ($databases as $username) { if (isset($users[$username]) && is_array($users[$username]) && isset($users[$username]['hosts']) && is_array($users[$username]['hosts'])) { - $password = $users[$username]['password']; + + $password = [ + 'password' => $users[$username]['password'], + 'plugin' => $users[$username]['plugin'] + ]; foreach ($mysql_access_host_array as $mysql_access_host) { $mysql_access_host = trim($mysql_access_host); diff --git a/lib/Froxlor/Database/Manager/DbManagerMySQL.php b/lib/Froxlor/Database/Manager/DbManagerMySQL.php index 4808e4b5..3114d02e 100644 --- a/lib/Froxlor/Database/Manager/DbManagerMySQL.php +++ b/lib/Froxlor/Database/Manager/DbManagerMySQL.php @@ -70,7 +70,7 @@ class DbManagerMySQL * username and sets the password for that user the given access_host * * @param string $username - * @param string $password + * @param string|array $password * @param string $access_host * @param bool $p_encrypted * optional, whether the password is encrypted or not, default false @@ -79,6 +79,12 @@ class DbManagerMySQL */ public function grantPrivilegesTo($username = null, $password = null, $access_host = null, $p_encrypted = false, $update = false) { + $pwd_plugin = 'mysql_native_password'; + if (is_array($password) && count($password) == 2) { + $pwd_plugin = $password['plugin']; + $password = $password['password']; + } + if (!$update) { // create user if ($p_encrypted) { @@ -88,7 +94,7 @@ class DbManagerMySQL "); } else { $stmt = Database::prepare(" - CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH mysql_native_password AS :password + CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH " . $pwd_plugin . " AS :password "); } } else { @@ -117,7 +123,7 @@ class DbManagerMySQL } } else { if ($p_encrypted) { - $stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED WITH mysql_native_password AS :password"); + $stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED WITH " . $pwd_plugin . " AS :password"); } else { $stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED BY :password"); } @@ -252,6 +258,7 @@ class DbManagerMySQL if (!isset($allsqlusers[$row['User']]) || !is_array($allsqlusers[$row['User']])) { $allsqlusers[$row['User']] = [ 'password' => $row['Password'] ?? $row['authentication_string'], + 'plugin' => $row['plugin'] ?? 'mysql_native_password', 'hosts' => [] ]; } diff --git a/tests/Mysqls/MysqlsTest.php b/tests/Mysqls/MysqlsTest.php index 4798ce5a..180938df 100644 --- a/tests/Mysqls/MysqlsTest.php +++ b/tests/Mysqls/MysqlsTest.php @@ -319,7 +319,7 @@ class MysqlsTest extends TestCase $users = $dbm->getManager()->getAllSqlUsers(false); foreach ($users as $user => $data) { if (strtolower($user) == 'mariadb.sys') { - // travis seems to have a user for mariadb on version 10.4 + // some systems seem to have a user for mariadb on version 10.4 // we do not want to test that one continue; } @@ -334,7 +334,11 @@ class MysqlsTest extends TestCase // grant privileges to another host $testdata = $users['froxlor010']; - $dbm->getManager()->grantPrivilegesTo('froxlor010', $testdata['password'], '10.0.0.10', true); + $password = [ + 'password' => $testdata['password'], + 'plugin' => $testdata['plugin'] + ]; + $dbm->getManager()->grantPrivilegesTo('froxlor010', $password, '10.0.0.10', true); // select all entries from mysql.user for froxlor010 to compare password-hashes $sel_stmt = Database::prepare("SELECT * FROM mysql.user WHERE `User` = :usr");