Commit b1337668 authored by Marius Burkard's avatar Marius Burkard

Merge branch 'stable-3.1' into 'stable-3.1'

Add check for mysql-plugin validate_password to allow passwords as hashes (Fixes #4777)

See merge request !635
parents 84bc40b6 5ffb6bec
......@@ -234,6 +234,13 @@ class installer_base {
die();
}
$unwanted_sql_plugins = array('validate_password');
$sql_plugins = $inst->db->queryAllRecords("SELECT plugin_name FROM information_schema.plugins WHERE plugin_status='ACTIVE' AND plugin_name IN ?", $unwanted_sql_plugins);
if(is_array($sql_plugins) && !empty($sql_plugins)) {
foreach ($sql_plugins as $plugin) echo "Login in to MySQL and disable $plugin[plugin_name] with:\n\n UNINSTALL PLUGIN $plugin[plugin_name];";
die();
}
//** Create the database
if(!$this->db->query('CREATE DATABASE IF NOT EXISTS ?? DEFAULT CHARACTER SET ?', $conf['mysql']['database'], $conf['mysql']['charset'])) {
$this->error('Unable to create MySQL database: '.$conf['mysql']['database'].'.');
......
......@@ -132,6 +132,13 @@ function updateDbAndIni() {
die();
}
$unwanted_sql_plugins = array('validate_password');
$sql_plugins = $inst->db->queryAllRecords("SELECT plugin_name FROM information_schema.plugins WHERE plugin_status='ACTIVE' AND plugin_name IN ?", $unwanted_sql_plugins);
if(is_array($sql_plugins) && !empty($sql_plugins)) {
foreach ($sql_plugins as $plugin) echo "Login in to MySQL and disable $plugin[plugin_name] with:\n\n UNINSTALL PLUGIN $plugin[plugin_name];";
die();
}
//* Update $conf array with values from the server.ini that shall be preserved
$tmp = $inst->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
$ini_array = ini_to_array(stripslashes($tmp['config']));
......
......@@ -73,7 +73,20 @@ class mysql_clientdb_plugin {
function process_host_list($action, $database_name, $database_user, $database_password, $host_list, $link, $database_rename_user = '', $user_access_mode = 'rw') {
global $app;
// check mysql-plugins
$unwanted_sql_plugins = array('validate_password'); // strict-password-validation
$temp = "'".implode("','", $unwanted_sql_plugins)."'";
$result = $link->query("SELECT plugin_name FROM information_schema.plugins WHERE plugin_status='ACTIVE' AND plugin_name IN ($temp)");
if($result) {
while ($row = $result->fetch_assoc()) {
$sql_plugins[] = $row['plugin_name'];
}
$result->free();
foreach ($sql_plugins as $plugin) $app->log("MySQL-Plugin $plugin[plugin_name] enabled - can not execute function process_host_list", LOGLEVEL_ERROR);
return false;
}
if(!$user_access_mode) $user_access_mode = 'rw';
$action = strtoupper($action);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment