Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Open sidebar
ISPConfig
ISPConfig 3
Commits
83957eb8
Commit
83957eb8
authored
Sep 06, 2017
by
Florian Schaal
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add check for mysql-plugin validate_password to allow passwords as hashes (Fixes #4777)
parent
70182c0b
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
32 additions
and
1 deletion
+32
-1
install/lib/installer_base.lib.php
install/lib/installer_base.lib.php
+9
-0
install/lib/update.lib.php
install/lib/update.lib.php
+9
-0
server/plugins-available/mysql_clientdb_plugin.inc.php
server/plugins-available/mysql_clientdb_plugin.inc.php
+14
-1
No files found.
install/lib/installer_base.lib.php
View file @
83957eb8
...
...
@@ -234,6 +234,15 @@ class installer_base {
die
();
}
$unwanted_sql_plugins
=
array
(
'validate_password'
);
$temp
=
'"'
.
implode
(
'","'
,
$unwanted_sql_plugins
)
.
'"'
;
$sql_plugins
=
$inst
->
db
->
queryAllRecords
(
"SELECT plugin_name FROM information_schema.plugins WHERE plugin_status='ACTIVE' AND plugin_name IN (
$temp
)"
);
if
(
is_array
(
$sql_plugins
)
&&
!
empty
(
$sql_plugins
))
{
foreach
(
$sql_plugins
as
$plugin
)
echo
"Login in to MySQL and disable
$plugin[plugin_name]
with:
\n\n
UNINSTALL PLUGIN
$plugin[plugin_name]
;"
;
die
();
}
unset
(
$temp
);
//** Create the database
if
(
!
$this
->
db
->
query
(
'CREATE DATABASE IF NOT EXISTS ?? DEFAULT CHARACTER SET ?'
,
$conf
[
'mysql'
][
'database'
],
$conf
[
'mysql'
][
'charset'
]))
{
$this
->
error
(
'Unable to create MySQL database: '
.
$conf
[
'mysql'
][
'database'
]
.
'.'
);
...
...
install/lib/update.lib.php
View file @
83957eb8
...
...
@@ -132,6 +132,15 @@ function updateDbAndIni() {
die
();
}
$unwanted_sql_plugins
=
array
(
'validate_password'
);
$temp
=
'"'
.
implode
(
'","'
,
$unwanted_sql_plugins
)
.
'"'
;
$sql_plugins
=
$inst
->
db
->
queryAllRecords
(
"SELECT plugin_name FROM information_schema.plugins WHERE plugin_status='ACTIVE' AND plugin_name IN (
$temp
)"
);
if
(
is_array
(
$sql_plugins
)
&&
!
empty
(
$sql_plugins
))
{
foreach
(
$sql_plugins
as
$plugin
)
echo
"Login in to MySQL and disable
$plugin[plugin_name]
with:
\n\n
UNINSTALL PLUGIN
$plugin[plugin_name]
;"
;
die
();
}
unset
(
$temp
);
//* Update $conf array with values from the server.ini that shall be preserved
$tmp
=
$inst
->
db
->
queryOneRecord
(
"SELECT * FROM ?? WHERE server_id = ?"
,
$conf
[
"mysql"
][
"database"
]
.
'.server'
,
$conf
[
'server_id'
]);
$ini_array
=
ini_to_array
(
stripslashes
(
$tmp
[
'config'
]));
...
...
server/plugins-available/mysql_clientdb_plugin.inc.php
View file @
83957eb8
...
...
@@ -73,7 +73,20 @@ class mysql_clientdb_plugin {
function
process_host_list
(
$action
,
$database_name
,
$database_user
,
$database_password
,
$host_list
,
$link
,
$database_rename_user
=
''
,
$user_access_mode
=
'rw'
)
{
global
$app
;
// check mysql-plugins
$unwanted_sql_plugins
=
array
(
'validate_password'
);
// strict-password-validation
$temp
=
"'"
.
implode
(
"','"
,
$unwanted_sql_plugins
)
.
"'"
;
$result
=
$link
->
query
(
"SELECT plugin_name FROM information_schema.plugins WHERE plugin_status='ACTIVE' AND plugin_name IN (
$temp
)"
);
if
(
$result
)
{
while
(
$row
=
$result
->
fetch_assoc
())
{
$sql_plugins
[]
=
$row
[
'plugin_name'
];
}
$result
->
free
();
foreach
(
$sql_plugins
as
$plugin
)
$app
->
log
(
"MySQL-Plugin
$plugin[plugin_name]
enabled - can not execute function process_host_list"
,
LOGLEVEL_ERROR
);
return
false
;
}
if
(
!
$user_access_mode
)
$user_access_mode
=
'rw'
;
$action
=
strtoupper
(
$action
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment