/[smecontribs]/rpms/smeserver-phpmyadmin/contribs10/smeserver-phpmyadmin-4.0.10.2-bz11043-add-blowfishsecret.patch
ViewVC logotype

Contents of /rpms/smeserver-phpmyadmin/contribs10/smeserver-phpmyadmin-4.0.10.2-bz11043-add-blowfishsecret.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Thu Dec 17 12:53:37 2020 UTC (3 years, 11 months ago) by jcrisp
Branch: MAIN
CVS Tags: smeserver-phpmyadmin-4_0_10_2-8_el7_sme, smeserver-phpmyadmin-4_0_10_2-14_el7_sme, smeserver-phpmyadmin-4_0_10_2-12_el7_sme, smeserver-phpmyadmin-4_0_10_2-10_el7_sme, smeserver-phpmyadmin-4_0_10_2-9_el7_sme, smeserver-phpmyadmin-4_0_10_2-13_el7_sme, smeserver-phpmyadmin-4_0_10_2-11_el7_sme, smeserver-phpmyadmin-4_0_10_2-7_el7_sme, HEAD
* Thu Dec 17 2020 John Crisp <jcrisp@safeandsoundit.co.uk> 4.0.10.2-7.sme
- fix BlowfishSecret [SME: 11043]
- Update minimum e-smith release version

1 diff -ruN smeserver-phpmyadmin-4.0.10.2.old/root/etc/e-smith/db/configuration/migrate/addBlowfishSecret smeserver-phpmyadmin-4.0.10.2/root/etc/e-smith/db/configuration/migrate/addBlowfishSecret
2 --- smeserver-phpmyadmin-4.0.10.2.old/root/etc/e-smith/db/configuration/migrate/addBlowfishSecret 1970-01-01 01:00:00.000000000 +0100
3 +++ smeserver-phpmyadmin-4.0.10.2/root/etc/e-smith/db/configuration/migrate/addBlowfishSecret 2020-12-17 13:09:21.438411194 +0100
4 @@ -0,0 +1,32 @@
5 +{
6 + my $rec = $DB->get('phpmyadmin')
7 + || $DB->new_record('phpmyadmin', {type => 'configuration'});
8 + my $pw = $rec->prop('BlowfishSecret');
9 + if (not $pw or length($pw) < 57){
10 + my $pw = gen_pw();
11 + $rec->set_prop('BlowfishSecret', $pw);
12 + }
13 +
14 + sub gen_pw {
15 + use MIME::Base64 qw(encode_base64);
16 + my $p = "not set due to error";
17 + if ( open( RANDOM, "/dev/urandom" ) ){
18 + my $buf;
19 + # 57 bytes is a full line of Base64 coding, and contains
20 + # 456 bits of randomness - given a perfectly random /dev/random
21 + if ( read( RANDOM, $buf, 57 ) != 57 ){
22 + warn("Short read from /dev/random: $!");
23 + }
24 + else{
25 + $p = encode_base64($buf);
26 + chomp $p;
27 + }
28 + close RANDOM;
29 + }
30 + else{
31 + warn "Could not open /dev/urandom: $!";
32 + }
33 + return $p;
34 + }
35 +}
36 +
37 diff -ruN smeserver-phpmyadmin-4.0.10.2.old/root/etc/e-smith/templates/etc/phpMyAdmin/config.inc.php/20Directory smeserver-phpmyadmin-4.0.10.2/root/etc/e-smith/templates/etc/phpMyAdmin/config.inc.php/20Directory
38 --- smeserver-phpmyadmin-4.0.10.2.old/root/etc/e-smith/templates/etc/phpMyAdmin/config.inc.php/20Directory 2020-12-17 13:07:51.412987062 +0100
39 +++ smeserver-phpmyadmin-4.0.10.2/root/etc/e-smith/templates/etc/phpMyAdmin/config.inc.php/20Directory 2020-12-17 13:20:49.843313557 +0100
40 @@ -13,7 +13,6 @@
41 */
42 $cfg['PmaNoRelation_DisableWarning'] = TRUE;
43
44 -
45 -
46 -
47 -
48 +{
49 + $OUT .= "\$cfg['blowfish_secret'] = '$phpmyadmin{'BlowfishSecret'}';/* YOU MUST FILL IN THIS FOR COOKIE AUTH! */\n"
50 +}

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed