From 67c3d8bd131e113318073a387c74ad5e9a8bfbf6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sz=C3=A1nt=C3=B3=20Zolt=C3=A1n?= Date: Fri, 18 Jan 2019 11:27:58 +0200 Subject: [PATCH 1/6] Config phpmyadmin 4.8.4 to autologin --- .devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php b/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php index 234479d1..7e0511b2 100644 --- a/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php +++ b/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php @@ -31,7 +31,9 @@ $i = 0; */ $i++; /* Authentication type */ -$cfg['Servers'][$i]['auth_type'] = 'cookie'; +$cfg['Servers'][$i]['auth_type'] = 'config'; +$cfg['Servers'][$i]['user'] = 'root'; +$cfg['Servers'][$i]['password'] = getenv('MYSQL_ROOT_PASSWORD'); /* Server parameters */ $cfg['Servers'][$i]['host'] = '127.0.0.1'; $cfg['Servers'][$i]['compress'] = false; From 233c906d572fac55908fe66651b54ccfb6717fa1 Mon Sep 17 00:00:00 2001 From: cytopia Date: Tue, 29 Jan 2019 15:42:04 +0100 Subject: [PATCH 2/6] Change hostname from 127.0.0.1 to mysql --- .devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php b/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php index 7e0511b2..5aea16ae 100644 --- a/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php +++ b/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php @@ -33,9 +33,9 @@ $i++; /* Authentication type */ $cfg['Servers'][$i]['auth_type'] = 'config'; $cfg['Servers'][$i]['user'] = 'root'; -$cfg['Servers'][$i]['password'] = getenv('MYSQL_ROOT_PASSWORD'); +$cfg['Servers'][$i]['password'] = getenv('MYSQL_ROOT_PASSWORD'); /* Server parameters */ -$cfg['Servers'][$i]['host'] = '127.0.0.1'; +$cfg['Servers'][$i]['host'] = 'mysql'; $cfg['Servers'][$i]['compress'] = false; $cfg['Servers'][$i]['AllowNoPassword'] = true; From 7a75f04952bb4b242a936cf0cf048b1203ae1456 Mon Sep 17 00:00:00 2001 From: cytopia Date: Tue, 29 Jan 2019 15:50:09 +0100 Subject: [PATCH 3/6] Make autologin configurable --- .../htdocs/vendor/phpmyadmin-4.8.4/config.inc.php | 12 ++++++++---- env-example | 11 ++++++++++- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php b/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php index 5aea16ae..1bc88eda 100644 --- a/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php +++ b/.devilbox/www/htdocs/vendor/phpmyadmin-4.8.4/config.inc.php @@ -30,10 +30,14 @@ $i = 0; * First server */ $i++; -/* Authentication type */ -$cfg['Servers'][$i]['auth_type'] = 'config'; -$cfg['Servers'][$i]['user'] = 'root'; -$cfg['Servers'][$i]['password'] = getenv('MYSQL_ROOT_PASSWORD'); +if (getenv('DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN') == 1) { + /* Authentication type */ + $cfg['Servers'][$i]['auth_type'] = 'config'; + $cfg['Servers'][$i]['user'] = 'root'; + $cfg['Servers'][$i]['password'] = getenv('MYSQL_ROOT_PASSWORD'); +} else { + $cfg['Servers'][$i]['auth_type'] = 'cookie'; +} /* Server parameters */ $cfg['Servers'][$i]['host'] = 'mysql'; $cfg['Servers'][$i]['compress'] = false; diff --git a/env-example b/env-example index 8b3e3683..36446270 100644 --- a/env-example +++ b/env-example @@ -128,7 +128,6 @@ TIMEZONE=Europe/Berlin - ################################################################################ ### ### INTRANET SETTINGS @@ -203,6 +202,16 @@ DEVILBOX_UI_PASSWORD=password DEVILBOX_UI_ENABLE=1 +### +### Automatically be logged in into phpMyAdmin +### +### Example: +### DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN=1 +### DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN=0 +### +DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN=1 + + ################################################################################ ### From 6caaea6b345a40d00c7b46b4971c156dc10b5c77 Mon Sep 17 00:00:00 2001 From: cytopia Date: Tue, 29 Jan 2019 15:54:12 +0100 Subject: [PATCH 4/6] Configure old phpMyAdmin version for autologin --- .../www/htdocs/vendor/phpmyadmin-4.0/config.inc.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.devilbox/www/htdocs/vendor/phpmyadmin-4.0/config.inc.php b/.devilbox/www/htdocs/vendor/phpmyadmin-4.0/config.inc.php index bdc996d8..28e74e7c 100644 --- a/.devilbox/www/htdocs/vendor/phpmyadmin-4.0/config.inc.php +++ b/.devilbox/www/htdocs/vendor/phpmyadmin-4.0/config.inc.php @@ -27,13 +27,21 @@ $i = 0; * First server */ $i++; + /* Authentication type */ -$cfg['Servers'][$i]['auth_type'] = 'cookie'; +if (getenv('DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN') == 1) { + $cfg['Servers'][$i]['auth_type'] = 'config'; + $cfg['Servers'][$i]['user'] = 'root'; + $cfg['Servers'][$i]['password'] = getenv('MYSQL_ROOT_PASSWORD'); +} else { + $cfg['Servers'][$i]['auth_type'] = 'cookie'; +} + /* Server parameters */ $cfg['Servers'][$i]['host'] = 'mysql'; $cfg['Servers'][$i]['connect_type'] = 'tcp'; $cfg['Servers'][$i]['compress'] = false; -$cfg['Servers'][$i]['AllowNoPassword'] = TRUE; +$cfg['Servers'][$i]['AllowNoPassword'] = true; /* Select mysql if your server does not have mysqli */ $cfg['Servers'][$i]['extension'] = 'mysqli'; From 4324f137147a87f86bb0998c7239a01a8e3bb668 Mon Sep 17 00:00:00 2001 From: cytopia Date: Tue, 29 Jan 2019 15:58:04 +0100 Subject: [PATCH 5/6] Add documentation entry for env settings about phpMyAdmin autologin --- docs/configuration-files/env-file.rst | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/docs/configuration-files/env-file.rst b/docs/configuration-files/env-file.rst index 408bc88c..0c9c17da 100644 --- a/docs/configuration-files/env-file.rst +++ b/docs/configuration-files/env-file.rst @@ -495,7 +495,7 @@ password by which it will be protected. .. _env_devilbox_ui_enable: DEVILBOX_UI_ENABLE -------------------- +------------------ In case you want to completely disable the Devilbox intranet, such as when running it on production, you need to set this variable to ``0``. @@ -511,6 +511,20 @@ ordering their names alphabetically. +-------------------------+----------------+-------------------+ +DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN +------------------------------------ + +By default phpMyAdmin will autologin without having to specify username or password. The phpMyAdmin +vendor is not protected once you protect the Intranet. If you want users to enter username and +password here as well, you should set the value to ``0``. + ++-------------------------------------------+----------------+-------------------+ +| Name | Allowed values | Default value | ++===========================================+================+===================+ +| ``DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN`` | ``0`` or ``1`` | ``1`` | ++-------------------------------------------+----------------+-------------------+ + + Docker image versions ===================== From a47a49759734d0effaa1c57d3092ed3ff02d7479 Mon Sep 17 00:00:00 2001 From: cytopia Date: Tue, 29 Jan 2019 18:02:31 +0100 Subject: [PATCH 6/6] Remove pre-login from phpMyAdmin CI test --- .tests/intra-tests/vendor-phpmyadmin.sh | 392 ++++++++++++------------ 1 file changed, 196 insertions(+), 196 deletions(-) diff --git a/.tests/intra-tests/vendor-phpmyadmin.sh b/.tests/intra-tests/vendor-phpmyadmin.sh index 12dd41f8..dd6c7da7 100755 --- a/.tests/intra-tests/vendor-phpmyadmin.sh +++ b/.tests/intra-tests/vendor-phpmyadmin.sh @@ -80,202 +80,202 @@ else fi -### -### Ensure given phpMyAdmin version works -### - -printf "[TEST] Fetch ${URL}" -# 1st Try -if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then - # 2nd Try - sleep 1 - if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then - # 3rd Try - sleep 1 - if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then - printf "\r[FAIL] Fetch ${URL}\n" - curl -sS localhost/${URL} || true - curl -sSI localhost/${URL} || true - exit 1 - else - printf "\r[OK] Fetch ${URL} (3 rounds)\n" - fi - else - printf "\r[OK] Fetch ${URL} (2 rounds)\n" - fi -else - printf "\r[OK] Fetch ${URL} (1 round)\n" -fi - - -### -### Login -### - -TOKEN= -printf "[TEST] Retrieve phpMyAdmin login page" -while true; do - # Try again until it succeeds - if ! CONTENT="$( curl -sS -c cookie.txt localhost${URL} )"; then - rm -f cookie.txt - printf "e" - continue; - fi - # Extract the token - if ! TOKEN="$( echo "${CONTENT}" \ - | grep -Eo "name=\"token\" value=\".+\"" \ - | head -1 \ - | grep -Eo "value=\".+\"" \ - | sed -e 's/^value="//g' -e 's/"$//g' )"; then - rm -f cookie.txt - printf "w" - continue; - fi - # Ensure Token does not contain '!' - if echo "${TOKEN}" | grep -q "!"; then - rm -f cookie.txt - printf "!" - continue; - fi - # Ensure Token does not contain '&' - if echo "${TOKEN}" | grep -q "&"; then - rm -f cookie.txt - printf "&" - continue; - fi - # Ensure Token does not contain '?' - if echo "${TOKEN}" | grep -q "?"; then - rm -f cookie.txt - printf "?" - continue; - fi - # Ensure Token does not contain '"' - if echo "${TOKEN}" | grep -q "\""; then - rm -f cookie.txt - printf "\"" - continue; - fi - # Ensure Token does not contain ' - if echo "${TOKEN}" | grep -q "'"; then - rm -f cookie.txt - printf "'" - continue; - fi - # Ensure Token does not contain '@' - if echo "${TOKEN}" | grep -q "@"; then - rm -f cookie.txt - printf "@" - continue; - fi - # Ensure Token does not contain '\' - if echo "${TOKEN}" | grep -q "\\\\"; then - rm -f cookie.txt - printf "\\" - continue; - fi - # Ensure Token does not contain '=' - if echo "${TOKEN}" | grep -q "="; then - rm -f cookie.txt - printf "=" - continue; - fi - # Ensure Token does not contain '`' - if echo "${TOKEN}" | grep -q "\`"; then - rm -f cookie.txt - printf "\`" - continue; - fi - # Ensure Token does not contain '+' - if echo "${TOKEN}" | grep -q "+"; then - rm -f cookie.txt - printf "+" - continue; - fi - # Ensure Token does not contain ';' - if echo "${TOKEN}" | grep -q ";"; then - rm -f cookie.txt - printf ";" - continue; - fi - # Ensure Token does not contain '%' - if echo "${TOKEN}" | grep -q "%"; then - rm -f cookie.txt - printf "%%" - continue; - fi - # Ensure Token does not contain ']' - if echo "${TOKEN}" | grep -q "\]"; then - rm -f cookie.txt - printf "\]" - continue; - fi - # Ensure Token does not contain '[' - if echo "${TOKEN}" | grep -q "\["; then - rm -f cookie.txt - printf "\[" - continue; - fi - # Ensure Token does not contain '$' - if echo "${TOKEN}" | grep -q '\$'; then - rm -f cookie.txt - printf '\$' - continue; - fi - - # All set - break -done -printf "\r[OK] Retrieve phpMyAdmin login page\r\n" - - -printf "[TEST] Exract phpMyAdmin login token" -if ! TOKEN="$( echo "${CONTENT}" \ - | grep -Eo "name=\"token\" value=\".+\"" \ - | head -1 \ - | grep -Eo "value=\".+\"" \ - | sed -e 's/^value="//g' -e 's/"$//g' )"; then - printf "\r[FAIL] Exract phpMyAdmin login token\n" - rm -f cookie.txt || true - echo "${CONTENT}" - exit 1 -fi -printf "\r[OK] Exract phpMyAdmin login token: \"%s\"\n" "${TOKEN}" - -printf "[TEST] Extract phpMyAdmin login session" -if ! SESSION="$( echo "${CONTENT}" \ - | grep -Eo "name=\"set_session\" value=\"[A-Fa-f0-9]+\"" \ - | grep -Eo "value=\"[A-Fa-f0-9]+\"" \ - | sed -e 's/^value="//g' -e 's/"$//g' )"; then - printf "\r[OK] Extract phpMyAdmin login session (not available)\n" - SESSION="" -else - printf "\r[OK] Extract phpMyAdmin login session: \"%s\"\n" "${SESSION}" -fi - - -printf "[TEST] Submit phpMyAdmin POST login" -# 1st Try -if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then - # 2nd Try - sleep 1 - if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then - # 3rd Try - sleep 1 - if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then - printf "\r[FAIL] Submit phpMyAdmin POST login\n" - curl -sS -c cookie.txt -b cookie.txt localhost/${URL} || true - curl -sSI -c cookie.txt -b cookie.txt localhost/${URL} || true - rm -f cookie.txt || true - exit 1 - else - printf "\r[OK] Submit phpMyAdmin POST login (3 rounds)\n" - fi - else - printf "\r[OK] Submit phpMyAdmin POST login (2 rounds)\n" - fi -else - printf "\r[OK] Submit phpMyAdmin POST login (1 round)\n" -fi +#### +#### Ensure given phpMyAdmin version works +#### +# +#printf "[TEST] Fetch ${URL}" +## 1st Try +#if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then +# # 2nd Try +# sleep 1 +# if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then +# # 3rd Try +# sleep 1 +# if ! curl -sS localhost${URL} | tac | tac | grep -Eiq "welcome to.+phpMyAdmin"; then +# printf "\r[FAIL] Fetch ${URL}\n" +# curl -sS localhost/${URL} || true +# curl -sSI localhost/${URL} || true +# exit 1 +# else +# printf "\r[OK] Fetch ${URL} (3 rounds)\n" +# fi +# else +# printf "\r[OK] Fetch ${URL} (2 rounds)\n" +# fi +#else +# printf "\r[OK] Fetch ${URL} (1 round)\n" +#fi +# +# +#### +#### Login +#### +# +#TOKEN= +#printf "[TEST] Retrieve phpMyAdmin login page" +#while true; do +# # Try again until it succeeds +# if ! CONTENT="$( curl -sS -c cookie.txt localhost${URL} )"; then +# rm -f cookie.txt +# printf "e" +# continue; +# fi +# # Extract the token +# if ! TOKEN="$( echo "${CONTENT}" \ +# | grep -Eo "name=\"token\" value=\".+\"" \ +# | head -1 \ +# | grep -Eo "value=\".+\"" \ +# | sed -e 's/^value="//g' -e 's/"$//g' )"; then +# rm -f cookie.txt +# printf "w" +# continue; +# fi +# # Ensure Token does not contain '!' +# if echo "${TOKEN}" | grep -q "!"; then +# rm -f cookie.txt +# printf "!" +# continue; +# fi +# # Ensure Token does not contain '&' +# if echo "${TOKEN}" | grep -q "&"; then +# rm -f cookie.txt +# printf "&" +# continue; +# fi +# # Ensure Token does not contain '?' +# if echo "${TOKEN}" | grep -q "?"; then +# rm -f cookie.txt +# printf "?" +# continue; +# fi +# # Ensure Token does not contain '"' +# if echo "${TOKEN}" | grep -q "\""; then +# rm -f cookie.txt +# printf "\"" +# continue; +# fi +# # Ensure Token does not contain ' +# if echo "${TOKEN}" | grep -q "'"; then +# rm -f cookie.txt +# printf "'" +# continue; +# fi +# # Ensure Token does not contain '@' +# if echo "${TOKEN}" | grep -q "@"; then +# rm -f cookie.txt +# printf "@" +# continue; +# fi +# # Ensure Token does not contain '\' +# if echo "${TOKEN}" | grep -q "\\\\"; then +# rm -f cookie.txt +# printf "\\" +# continue; +# fi +# # Ensure Token does not contain '=' +# if echo "${TOKEN}" | grep -q "="; then +# rm -f cookie.txt +# printf "=" +# continue; +# fi +# # Ensure Token does not contain '`' +# if echo "${TOKEN}" | grep -q "\`"; then +# rm -f cookie.txt +# printf "\`" +# continue; +# fi +# # Ensure Token does not contain '+' +# if echo "${TOKEN}" | grep -q "+"; then +# rm -f cookie.txt +# printf "+" +# continue; +# fi +# # Ensure Token does not contain ';' +# if echo "${TOKEN}" | grep -q ";"; then +# rm -f cookie.txt +# printf ";" +# continue; +# fi +# # Ensure Token does not contain '%' +# if echo "${TOKEN}" | grep -q "%"; then +# rm -f cookie.txt +# printf "%%" +# continue; +# fi +# # Ensure Token does not contain ']' +# if echo "${TOKEN}" | grep -q "\]"; then +# rm -f cookie.txt +# printf "\]" +# continue; +# fi +# # Ensure Token does not contain '[' +# if echo "${TOKEN}" | grep -q "\["; then +# rm -f cookie.txt +# printf "\[" +# continue; +# fi +# # Ensure Token does not contain '$' +# if echo "${TOKEN}" | grep -q '\$'; then +# rm -f cookie.txt +# printf '\$' +# continue; +# fi +# +# # All set +# break +#done +#printf "\r[OK] Retrieve phpMyAdmin login page\r\n" +# +# +#printf "[TEST] Exract phpMyAdmin login token" +#if ! TOKEN="$( echo "${CONTENT}" \ +# | grep -Eo "name=\"token\" value=\".+\"" \ +# | head -1 \ +# | grep -Eo "value=\".+\"" \ +# | sed -e 's/^value="//g' -e 's/"$//g' )"; then +# printf "\r[FAIL] Exract phpMyAdmin login token\n" +# rm -f cookie.txt || true +# echo "${CONTENT}" +# exit 1 +#fi +#printf "\r[OK] Exract phpMyAdmin login token: \"%s\"\n" "${TOKEN}" +# +#printf "[TEST] Extract phpMyAdmin login session" +#if ! SESSION="$( echo "${CONTENT}" \ +# | grep -Eo "name=\"set_session\" value=\"[A-Fa-f0-9]+\"" \ +# | grep -Eo "value=\"[A-Fa-f0-9]+\"" \ +# | sed -e 's/^value="//g' -e 's/"$//g' )"; then +# printf "\r[OK] Extract phpMyAdmin login session (not available)\n" +# SESSION="" +#else +# printf "\r[OK] Extract phpMyAdmin login session: \"%s\"\n" "${SESSION}" +#fi +# +# +#printf "[TEST] Submit phpMyAdmin POST login" +## 1st Try +#if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then +# # 2nd Try +# sleep 1 +# if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then +# # 3rd Try +# sleep 1 +# if ! curl -sS -c cookie.txt -b cookie.txt -d "pma_username=root&pma_password=&server=1&target=index.php&token=${TOKEN}&set_session=${SESSION}" localhost${URL}; then +# printf "\r[FAIL] Submit phpMyAdmin POST login\n" +# curl -sS -c cookie.txt -b cookie.txt localhost/${URL} || true +# curl -sSI -c cookie.txt -b cookie.txt localhost/${URL} || true +# rm -f cookie.txt || true +# exit 1 +# else +# printf "\r[OK] Submit phpMyAdmin POST login (3 rounds)\n" +# fi +# else +# printf "\r[OK] Submit phpMyAdmin POST login (2 rounds)\n" +# fi +#else +# printf "\r[OK] Submit phpMyAdmin POST login (1 round)\n" +#fi printf "[TEST] Evaluate successful phpMyAdmin login"