maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

update sql-users with their corresponding password-hash-algorithm; remove a few notices for empty values in str_replace and others

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2022-07-17 12:03:37 +02:00
parent 430aefe0f7
commit faba5b0715
4 changed files with 22 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/Froxlor/Api/Commands/Admins.php
View File

@@ -528,7 +528,7 @@ class Admins extends ApiCommand implements ResourceEntity
$email = $this->getParam('email', true, $idna_convert->decode($result['email'])); $email = $this->getParam('email', true, $idna_convert->decode($result['email']));
$password = $this->getParam('admin_password', true, ''); $password = $this->getParam('admin_password', true, '');
$def_language = $this->getParam('def_language', true, $result['def_language']); $def_language = $this->getParam('def_language', true, $result['def_language']);
$custom_notes = $this->getParam('custom_notes', true, $result['custom_notes']); $custom_notes = $this->getParam('custom_notes', true, ($result['custom_notes'] ?? ""));
$custom_notes_show = $this->getBoolParam('custom_notes_show', true, $result['custom_notes_show']); $custom_notes_show = $this->getBoolParam('custom_notes_show', true, $result['custom_notes_show']);
$theme = $this->getParam('theme', true, $result['theme']); $theme = $this->getParam('theme', true, $result['theme']);

6
lib/Froxlor/Database/DbManager.php
View File

@@ -111,7 +111,11 @@ class DbManager
foreach ($databases as $username) { foreach ($databases as $username) {
if (isset($users[$username]) && is_array($users[$username]) && isset($users[$username]['hosts']) && is_array($users[$username]['hosts'])) { if (isset($users[$username]) && is_array($users[$username]) && isset($users[$username]['hosts']) && is_array($users[$username]['hosts'])) {
$password = $users[$username]['password'];
$password = [
'password' => $users[$username]['password'],
'plugin' => $users[$username]['plugin']
];
foreach ($mysql_access_host_array as $mysql_access_host) { foreach ($mysql_access_host_array as $mysql_access_host) {
$mysql_access_host = trim($mysql_access_host); $mysql_access_host = trim($mysql_access_host);

13
lib/Froxlor/Database/Manager/DbManagerMySQL.php
View File

@@ -70,7 +70,7 @@ class DbManagerMySQL
* username and sets the password for that user the given access_host * username and sets the password for that user the given access_host
* *
* @param string $username * @param string $username
* @param string $password * @param string|array $password
* @param string $access_host * @param string $access_host
* @param bool $p_encrypted * @param bool $p_encrypted
* optional, whether the password is encrypted or not, default false * optional, whether the password is encrypted or not, default false
@@ -79,6 +79,12 @@ class DbManagerMySQL
*/ */
public function grantPrivilegesTo($username = null, $password = null, $access_host = null, $p_encrypted = false, $update = false) public function grantPrivilegesTo($username = null, $password = null, $access_host = null, $p_encrypted = false, $update = false)
{ {
$pwd_plugin = 'mysql_native_password';
if (is_array($password) && count($password) == 2) {
$pwd_plugin = $password['plugin'];
$password = $password['password'];
}
if (!$update) { if (!$update) {
// create user // create user
if ($p_encrypted) { if ($p_encrypted) {
@@ -88,7 +94,7 @@ class DbManagerMySQL
"); ");
} else { } else {
$stmt = Database::prepare(" $stmt = Database::prepare("
CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH mysql_native_password AS :password CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH " . $pwd_plugin . " AS :password
"); ");
} }
} else { } else {
@@ -117,7 +123,7 @@ class DbManagerMySQL
} }
} else { } else {
if ($p_encrypted) { if ($p_encrypted) {
$stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED WITH mysql_native_password AS :password"); $stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED WITH " . $pwd_plugin . " AS :password");
} else { } else {
$stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED BY :password"); $stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED BY :password");
} }
@@ -252,6 +258,7 @@ class DbManagerMySQL
if (!isset($allsqlusers[$row['User']]) || !is_array($allsqlusers[$row['User']])) { if (!isset($allsqlusers[$row['User']]) || !is_array($allsqlusers[$row['User']])) {
$allsqlusers[$row['User']] = [ $allsqlusers[$row['User']] = [
'password' => $row['Password'] ?? $row['authentication_string'], 'password' => $row['Password'] ?? $row['authentication_string'],
'plugin' => $row['plugin'] ?? 'mysql_native_password',
'hosts' => [] 'hosts' => []
]; ];
} }

8
tests/Mysqls/MysqlsTest.php
View File

@@ -319,7 +319,7 @@ class MysqlsTest extends TestCase
$users = $dbm->getManager()->getAllSqlUsers(false); $users = $dbm->getManager()->getAllSqlUsers(false);
foreach ($users as $user => $data) { foreach ($users as $user => $data) {
if (strtolower($user) == 'mariadb.sys') { if (strtolower($user) == 'mariadb.sys') {
// travis seems to have a user for mariadb on version 10.4 // some systems seem to have a user for mariadb on version 10.4
// we do not want to test that one // we do not want to test that one
continue; continue;
} }
@@ -334,7 +334,11 @@ class MysqlsTest extends TestCase
// grant privileges to another host // grant privileges to another host
$testdata = $users['froxlor010']; $testdata = $users['froxlor010'];
$dbm->getManager()->grantPrivilegesTo('froxlor010', $testdata['password'], '10.0.0.10', true); $password = [
'password' => $testdata['password'],
'plugin' => $testdata['plugin']
];
$dbm->getManager()->grantPrivilegesTo('froxlor010', $password, '10.0.0.10', true);
// select all entries from mysql.user for froxlor010 to compare password-hashes // select all entries from mysql.user for froxlor010 to compare password-hashes
$sel_stmt = Database::prepare("SELECT * FROM mysql.user WHERE `User` = :usr"); $sel_stmt = Database::prepare("SELECT * FROM mysql.user WHERE `User` = :usr");