more secure cookie login
This commit is contained in:
Michal Čihař
@@ -5,6 +5,12 @@ phpMyAdmin - Changelog
|
|||||||
$Id$
|
$Id$
|
||||||
$Source$
|
$Source$
|
||||||
|
|
||||||
|
|
||||||
|
2004-02-27 Michal Cihar <imback@cihar.com>
|
||||||
|
* config.inc.php, libraries/config_import.lib.php,
|
||||||
|
libraries/auth/cookie.auth.lib.php: Encrypted password is working only
|
||||||
|
for limited (configurable) time, user name is encrypted (RFE #902295).
|
||||||
|
|
||||||
2004-02-26 Marc Delisle <lem9@users.sourceforge.net>
|
2004-02-26 Marc Delisle <lem9@users.sourceforge.net>
|
||||||
* libraries/sqlparser.lib.php: bug 905066, memory eater, thanks to xuefer
|
* libraries/sqlparser.lib.php: bug 905066, memory eater, thanks to xuefer
|
||||||
|
|
||||||
|
|||||||
@@ -201,6 +201,7 @@ $cfg['ShowSQL'] = TRUE; // show SQL queries as run
|
|||||||
$cfg['AllowUserDropDatabase'] = FALSE; // show a 'Drop database' link to normal users
|
$cfg['AllowUserDropDatabase'] = FALSE; // show a 'Drop database' link to normal users
|
||||||
$cfg['Confirm'] = TRUE; // confirm 'DROP TABLE' & 'DROP DATABASE'
|
$cfg['Confirm'] = TRUE; // confirm 'DROP TABLE' & 'DROP DATABASE'
|
||||||
$cfg['LoginCookieRecall'] = TRUE; // recall previous login in cookie auth. mode or not
|
$cfg['LoginCookieRecall'] = TRUE; // recall previous login in cookie auth. mode or not
|
||||||
|
$cfg['LoginCookieValidity'] = 1800; // validity of cookie login (in seconds)
|
||||||
$cfg['UseDbSearch'] = TRUE; // whether to enable the "database search" feature
|
$cfg['UseDbSearch'] = TRUE; // whether to enable the "database search" feature
|
||||||
// or not
|
// or not
|
||||||
$cfg['IgnoreMultiSubmitErrors'] = FALSE; // if set to true, PMA continues computing multiple-statement queries
|
$cfg['IgnoreMultiSubmitErrors'] = FALSE; // if set to true, PMA continues computing multiple-statement queries
|
||||||
|
|||||||
@@ -22,6 +22,7 @@ PMA_setFontSizes();
|
|||||||
$pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
|
$pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
|
||||||
$cookie_path = substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/'));
|
$cookie_path = substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/'));
|
||||||
$is_https = (isset($pma_uri_parts['scheme']) && $pma_uri_parts['scheme'] == 'https') ? 1 : 0;
|
$is_https = (isset($pma_uri_parts['scheme']) && $pma_uri_parts['scheme'] == 'https') ? 1 : 0;
|
||||||
|
$current_time = time();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* String padding
|
* String padding
|
||||||
@@ -76,7 +77,7 @@ function PMA_blowfish_encrypt($data, $secret) {
|
|||||||
}
|
}
|
||||||
$encrypt .= $pma_cipher->encryptBlock($block, $secret);
|
$encrypt .= $pma_cipher->encryptBlock($block, $secret);
|
||||||
}
|
}
|
||||||
return $encrypt;
|
return base64_encode($encrypt);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -91,9 +92,10 @@ function PMA_blowfish_encrypt($data, $secret) {
|
|||||||
*
|
*
|
||||||
* @author lem9
|
* @author lem9
|
||||||
*/
|
*/
|
||||||
function PMA_blowfish_decrypt($data, $secret) {
|
function PMA_blowfish_decrypt($encdata, $secret) {
|
||||||
$pma_cipher = new Horde_Cipher_blowfish;
|
$pma_cipher = new Horde_Cipher_blowfish;
|
||||||
$decrypt = '';
|
$decrypt = '';
|
||||||
|
$data = base64_decode($encdata);
|
||||||
for ($i=0; $i<strlen($data); $i+=8) {
|
for ($i=0; $i<strlen($data); $i+=8) {
|
||||||
$decrypt .= $pma_cipher->decryptBlock(substr($data, $i, 8), $secret);
|
$decrypt .= $pma_cipher->decryptBlock(substr($data, $i, 8), $secret);
|
||||||
}
|
}
|
||||||
@@ -152,10 +154,9 @@ function PMA_auth()
|
|||||||
else if (!empty($_COOKIE) && isset($_COOKIE['pma_cookie_username'])) {
|
else if (!empty($_COOKIE) && isset($_COOKIE['pma_cookie_username'])) {
|
||||||
$default_user = $_COOKIE['pma_cookie_username'];
|
$default_user = $_COOKIE['pma_cookie_username'];
|
||||||
}
|
}
|
||||||
|
$decrypted_user = PMA_blowfish_decrypt($default_user, $GLOBALS['cfg']['blowfish_secret']);
|
||||||
if (isset($default_user) && get_magic_quotes_gpc()) {
|
$pos = strrpos($decrypted_user, ':');
|
||||||
$default_user = stripslashes($default_user);
|
$default_user = substr($decrypted_user, 0, $pos);
|
||||||
}
|
|
||||||
|
|
||||||
// server name
|
// server name
|
||||||
if (!empty($GLOBALS['pma_cookie_servername'])) {
|
if (!empty($GLOBALS['pma_cookie_servername'])) {
|
||||||
@@ -438,6 +439,7 @@ function PMA_auth_check()
|
|||||||
$from_cookie = TRUE;
|
$from_cookie = TRUE;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// username
|
// username
|
||||||
if (!empty($pma_cookie_username)) {
|
if (!empty($pma_cookie_username)) {
|
||||||
$PHP_AUTH_USER = $pma_cookie_username;
|
$PHP_AUTH_USER = $pma_cookie_username;
|
||||||
@@ -447,6 +449,18 @@ function PMA_auth_check()
|
|||||||
$PHP_AUTH_USER = $_COOKIE['pma_cookie_username'];
|
$PHP_AUTH_USER = $_COOKIE['pma_cookie_username'];
|
||||||
$from_cookie = TRUE;
|
$from_cookie = TRUE;
|
||||||
}
|
}
|
||||||
|
$decrypted_user = PMA_blowfish_decrypt($PHP_AUTH_USER, $GLOBALS['cfg']['blowfish_secret']);
|
||||||
|
$pos = strrpos($decrypted_user, ':');
|
||||||
|
$PHP_AUTH_USER = substr($decrypted_user, 0, $pos);
|
||||||
|
|
||||||
|
$decrypted_time = (int)substr($decrypted_user, $pos + 1);
|
||||||
|
|
||||||
|
/* User inactive too long */
|
||||||
|
/* FIXME: maybe we could say it to user... */
|
||||||
|
if ($decrypted_time < $GLOBALS['current_time'] - $GLOBALS['cfg']['LoginCookieValidity']) {
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
// password
|
// password
|
||||||
if (!empty($pma_cookie_password)) {
|
if (!empty($pma_cookie_password)) {
|
||||||
$PHP_AUTH_PW = $pma_cookie_password;
|
$PHP_AUTH_PW = $pma_cookie_password;
|
||||||
@@ -457,8 +471,7 @@ function PMA_auth_check()
|
|||||||
else {
|
else {
|
||||||
$from_cookie = FALSE;
|
$from_cookie = FALSE;
|
||||||
}
|
}
|
||||||
$PHP_AUTH_PW = base64_decode($PHP_AUTH_PW);
|
$PHP_AUTH_PW = PMA_blowfish_decrypt($PHP_AUTH_PW, $GLOBALS['cfg']['blowfish_secret'] . $decrypted_time);
|
||||||
$PHP_AUTH_PW = PMA_blowfish_decrypt($PHP_AUTH_PW,$GLOBALS['cfg']['blowfish_secret']);
|
|
||||||
|
|
||||||
if ($PHP_AUTH_PW == "\xff(blank)") {
|
if ($PHP_AUTH_PW == "\xff(blank)") {
|
||||||
$PHP_AUTH_PW = '';
|
$PHP_AUTH_PW = '';
|
||||||
@@ -469,10 +482,6 @@ function PMA_auth_check()
|
|||||||
if (!$from_cookie && !$from_form) {
|
if (!$from_cookie && !$from_form) {
|
||||||
return FALSE;
|
return FALSE;
|
||||||
} elseif ($from_cookie) {
|
} elseif ($from_cookie) {
|
||||||
if (get_magic_quotes_gpc()) {
|
|
||||||
$PHP_AUTH_USER = stripslashes($PHP_AUTH_USER);
|
|
||||||
// no need to strip password as it is encrypted during transfer
|
|
||||||
}
|
|
||||||
return TRUE;
|
return TRUE;
|
||||||
} else {
|
} else {
|
||||||
// we don't need to strip here, it is done in grab_globals
|
// we don't need to strip here, it is done in grab_globals
|
||||||
@@ -545,16 +554,16 @@ function PMA_auth_set_user()
|
|||||||
}
|
}
|
||||||
// Duration = one month for username
|
// Duration = one month for username
|
||||||
setcookie('pma_cookie_username',
|
setcookie('pma_cookie_username',
|
||||||
$cfg['Server']['user'],
|
PMA_blowfish_encrypt($cfg['Server']['user'] . ':' . $GLOBALS['current_time'],
|
||||||
|
$GLOBALS['cfg']['blowfish_secret']),
|
||||||
time() + (60 * 60 * 24 * 30),
|
time() + (60 * 60 * 24 * 30),
|
||||||
$GLOBALS['cookie_path'], '',
|
$GLOBALS['cookie_path'], '',
|
||||||
$GLOBALS['is_https']);
|
$GLOBALS['is_https']);
|
||||||
|
|
||||||
// Duration = till the browser is closed for password
|
// Duration = till the browser is closed for password
|
||||||
// Some binary contents are now retrieved properly when stored
|
|
||||||
// as a cookie, so we base64_encode()
|
|
||||||
setcookie('pma_cookie_password',
|
setcookie('pma_cookie_password',
|
||||||
base64_encode(PMA_blowfish_encrypt(((!empty($cfg['Server']['password'])) ? $cfg['Server']['password'] : "\xff(blank)"), $GLOBALS['cfg']['blowfish_secret'])),
|
PMA_blowfish_encrypt(!empty($cfg['Server']['password']) ? $cfg['Server']['password'] : "\xff(blank)",
|
||||||
|
$GLOBALS['cfg']['blowfish_secret'] . $GLOBALS['current_time']),
|
||||||
0,
|
0,
|
||||||
$GLOBALS['cookie_path'], '',
|
$GLOBALS['cookie_path'], '',
|
||||||
$GLOBALS['is_https']);
|
$GLOBALS['is_https']);
|
||||||
@@ -589,7 +598,7 @@ function PMA_auth_fails()
|
|||||||
global $conn_error;
|
global $conn_error;
|
||||||
|
|
||||||
// Deletes password cookie and displays the login form
|
// Deletes password cookie and displays the login form
|
||||||
setcookie('pma_cookie_password', base64_encode(''), 0, $GLOBALS['cookie_path'], '' , $GLOBALS['is_https']);
|
setcookie('pma_cookie_password', '', 0, $GLOBALS['cookie_path'], '' , $GLOBALS['is_https']);
|
||||||
|
|
||||||
if (PMA_DBI_getError()) {
|
if (PMA_DBI_getError()) {
|
||||||
$conn_error = PMA_DBI_getError();
|
$conn_error = PMA_DBI_getError();
|
||||||
|
|||||||
@@ -275,6 +275,10 @@ if (!isset($cfg['LoginCookieRecall'])) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!isset($cfg['LoginCookieValidity'])) {
|
||||||
|
$cfg['LoginCookieValidity'] = 1800;
|
||||||
|
}
|
||||||
|
|
||||||
if (!isset($cfg['UseDbSearch'])) {
|
if (!isset($cfg['UseDbSearch'])) {
|
||||||
$cfg['UseDbSearch'] = TRUE;
|
$cfg['UseDbSearch'] = TRUE;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user