From 26dec9f70d5bb72b923d36bcfd1105522de4c7cc Mon Sep 17 00:00:00 2001
From: Chris Hallberg <crhallberg@gmail.com>
Date: Thu, 23 Mar 2017 09:41:34 -0400
Subject: [PATCH] Convert from Mcrypt to OpenSSL (#895)
---
composer.json | 4 +-
composer.lock | 168 +++++++++++-------
.../VuFind/Controller/InstallController.php | 8 +-
module/VuFind/src/VuFind/Db/Row/User.php | 4 +-
.../Controller/UtilController.php | 8 +-
packages/DEBIAN/control | 1 -
6 files changed, 119 insertions(+), 74 deletions(-)
diff --git a/composer.json b/composer.json
index 1ba7fa86993..8c9b0ba7073 100644
--- a/composer.json
+++ b/composer.json
@@ -33,7 +33,7 @@
"zendframework/zend-code": "2.6.3",
"zendframework/zend-config": "2.6.0",
"zendframework/zend-console": "2.6.0",
- "zendframework/zend-crypt": "2.6.0",
+ "zendframework/zend-crypt": "3.2.0",
"zendframework/zend-db": "2.8.2",
"zendframework/zend-dom": "2.6.0",
"zendframework/zend-escaper": "2.5.2",
@@ -56,7 +56,7 @@
"zendframework/zend-validator": "2.8.2",
"zendframework/zend-view": "2.8.1",
"zendframework/zendrest": "2.0.2",
- "zendframework/zendservice-amazon": "2.0.4",
+ "zendframework/zendservice-amazon": "2.2.0",
"zendframework/zendservice-recaptcha": "3.0.0",
"zf-commons/zfc-rbac": "2.6.2"
},
diff --git a/composer.lock b/composer.lock
index 1fc7714b26d..9ec65a64bde 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
- "content-hash": "6b28ba78c0ed1a34882d7b7025c5bef7",
+ "content-hash": "4ca6cbb0520d1db4f0a0d27a859628e3",
"packages": [
{
"name": "aferrandini/phpqrcode",
@@ -459,6 +459,54 @@
],
"time": "2017-02-23T14:18:55+00:00"
},
+ {
+ "name": "paragonie/random_compat",
+ "version": "v2.0.10",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/paragonie/random_compat.git",
+ "reference": "634bae8e911eefa89c1abfbf1b66da679ac8f54d"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/paragonie/random_compat/zipball/634bae8e911eefa89c1abfbf1b66da679ac8f54d",
+ "reference": "634bae8e911eefa89c1abfbf1b66da679ac8f54d",
+ "shasum": ""
+ },
+ "require": {
+ "php": ">=5.2.0"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "4.*|5.*"
+ },
+ "suggest": {
+ "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes."
+ },
+ "type": "library",
+ "autoload": {
+ "files": [
+ "lib/random.php"
+ ]
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "Paragon Initiative Enterprises",
+ "email": "security@paragonie.com",
+ "homepage": "https://paragonie.com"
+ }
+ ],
+ "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7",
+ "keywords": [
+ "csprng",
+ "pseudorandom",
+ "random"
+ ],
+ "time": "2017-03-13T16:27:32+00:00"
+ },
{
"name": "pear/file_marc",
"version": "1.1.5",
@@ -1640,36 +1688,37 @@
},
{
"name": "zendframework/zend-crypt",
- "version": "2.6.0",
+ "version": "3.2.0",
"source": {
"type": "git",
"url": "https://github.com/zendframework/zend-crypt.git",
- "reference": "1b2f5600bf6262904167116fa67b58ab1457036d"
+ "reference": "274cdcb77a2165d6aff36b606e9d1c687ba9386c"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/zendframework/zend-crypt/zipball/1b2f5600bf6262904167116fa67b58ab1457036d",
- "reference": "1b2f5600bf6262904167116fa67b58ab1457036d",
+ "url": "https://api.github.com/repos/zendframework/zend-crypt/zipball/274cdcb77a2165d6aff36b606e9d1c687ba9386c",
+ "reference": "274cdcb77a2165d6aff36b606e9d1c687ba9386c",
"shasum": ""
},
"require": {
"container-interop/container-interop": "~1.0",
- "php": "^5.5 || ^7.0",
- "zendframework/zend-math": "^2.6",
+ "ext-mbstring": "*",
+ "php": "^5.6 || ^7.0",
+ "zendframework/zend-math": "^3.0",
"zendframework/zend-stdlib": "^2.7 || ^3.0"
},
"require-dev": {
- "fabpot/php-cs-fixer": "1.7.*",
- "phpunit/phpunit": "~4.0"
+ "phpunit/phpunit": "^5.6.7",
+ "squizlabs/php_codesniffer": "^2.3.1"
},
"suggest": {
- "ext-mcrypt": "Required for most features of Zend\\Crypt"
+ "ext-openssl": "Required for most features of Zend\\Crypt"
},
"type": "library",
"extra": {
"branch-alias": {
- "dev-master": "2.6-dev",
- "dev-develop": "2.7-dev"
+ "dev-master": "3.1-dev",
+ "dev-develop": "3.2-dev"
}
},
"autoload": {
@@ -1686,7 +1735,7 @@
"crypt",
"zf2"
],
- "time": "2016-02-03T23:46:30+00:00"
+ "time": "2016-12-06T15:33:37+00:00"
},
{
"name": "zendframework/zend-db",
@@ -2366,40 +2415,35 @@
},
{
"name": "zendframework/zend-json",
- "version": "2.6.1",
+ "version": "3.0.0",
"source": {
"type": "git",
"url": "https://github.com/zendframework/zend-json.git",
- "reference": "4c8705dbe4ad7d7e51b2876c5b9eea0ef916ba28"
+ "reference": "f42a1588e75c2a3e338cd94c37906231e616daab"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/zendframework/zend-json/zipball/4c8705dbe4ad7d7e51b2876c5b9eea0ef916ba28",
- "reference": "4c8705dbe4ad7d7e51b2876c5b9eea0ef916ba28",
+ "url": "https://api.github.com/repos/zendframework/zend-json/zipball/f42a1588e75c2a3e338cd94c37906231e616daab",
+ "reference": "f42a1588e75c2a3e338cd94c37906231e616daab",
"shasum": ""
},
"require": {
"php": "^5.5 || ^7.0"
},
"require-dev": {
- "fabpot/php-cs-fixer": "1.7.*",
"phpunit/phpunit": "~4.0",
- "zendframework/zend-http": "^2.5.4",
- "zendframework/zend-server": "^2.6.1",
- "zendframework/zend-stdlib": "^2.5 || ^3.0",
- "zendframework/zendxml": "^1.0.2"
+ "squizlabs/php_codesniffer": "^2.3",
+ "zendframework/zend-stdlib": "^2.7 || ^3.0"
},
"suggest": {
- "zendframework/zend-http": "Zend\\Http component, required to use Zend\\Json\\Server",
- "zendframework/zend-server": "Zend\\Server component, required to use Zend\\Json\\Server",
- "zendframework/zend-stdlib": "Zend\\Stdlib component, for use with caching Zend\\Json\\Server responses",
- "zendframework/zendxml": "To support Zend\\Json\\Json::fromXml() usage"
+ "zendframework/zend-json-server": "For implementing JSON-RPC servers",
+ "zendframework/zend-xml2json": "For converting XML documents to JSON"
},
"type": "library",
"extra": {
"branch-alias": {
- "dev-master": "2.6-dev",
- "dev-develop": "2.7-dev"
+ "dev-master": "3.0-dev",
+ "dev-develop": "3.1-dev"
}
},
"autoload": {
@@ -2417,7 +2461,7 @@
"json",
"zf2"
],
- "time": "2016-02-04T21:20:26+00:00"
+ "time": "2016-04-01T02:34:00+00:00"
},
{
"name": "zendframework/zend-loader",
@@ -2596,36 +2640,36 @@
},
{
"name": "zendframework/zend-math",
- "version": "2.7.0",
+ "version": "3.0.0",
"source": {
"type": "git",
"url": "https://github.com/zendframework/zend-math.git",
- "reference": "f4358090d5d23973121f1ed0b376184b66d9edec"
+ "reference": "fda3b4e6c3bb15c35adc6db38b2eacabaa243e65"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/zendframework/zend-math/zipball/f4358090d5d23973121f1ed0b376184b66d9edec",
- "reference": "f4358090d5d23973121f1ed0b376184b66d9edec",
+ "url": "https://api.github.com/repos/zendframework/zend-math/zipball/fda3b4e6c3bb15c35adc6db38b2eacabaa243e65",
+ "reference": "fda3b4e6c3bb15c35adc6db38b2eacabaa243e65",
"shasum": ""
},
"require": {
+ "ext-mbstring": "*",
+ "paragonie/random_compat": "^2.0.2",
"php": "^5.5 || ^7.0"
},
"require-dev": {
"fabpot/php-cs-fixer": "1.7.*",
- "ircmaxell/random-lib": "~1.1",
"phpunit/phpunit": "~4.0"
},
"suggest": {
"ext-bcmath": "If using the bcmath functionality",
- "ext-gmp": "If using the gmp functionality",
- "ircmaxell/random-lib": "Fallback random byte generator for Zend\\Math\\Rand if Mcrypt extensions is unavailable"
+ "ext-gmp": "If using the gmp functionality"
},
"type": "library",
"extra": {
"branch-alias": {
- "dev-master": "2.7-dev",
- "dev-develop": "2.8-dev"
+ "dev-master": "3.0-dev",
+ "dev-develop": "3.1-dev"
}
},
"autoload": {
@@ -2642,7 +2686,7 @@
"math",
"zf2"
],
- "time": "2016-04-07T16:29:53+00:00"
+ "time": "2016-04-28T17:37:42+00:00"
},
{
"name": "zendframework/zend-mime",
@@ -3578,29 +3622,30 @@
},
{
"name": "zendframework/zendservice-amazon",
- "version": "2.0.4",
+ "version": "2.2.0",
"source": {
"type": "git",
"url": "https://github.com/zendframework/ZendService_Amazon.git",
- "reference": "f69e443f3114bda3da31515e51b66d442a22e360"
+ "reference": "5c5bde61af3f93e29f1a8deb3b3c77780ab3d5aa"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/zendframework/ZendService_Amazon/zipball/f69e443f3114bda3da31515e51b66d442a22e360",
- "reference": "f69e443f3114bda3da31515e51b66d442a22e360",
+ "url": "https://api.github.com/repos/zendframework/ZendService_Amazon/zipball/5c5bde61af3f93e29f1a8deb3b3c77780ab3d5aa",
+ "reference": "5c5bde61af3f93e29f1a8deb3b3c77780ab3d5aa",
"shasum": ""
},
"require": {
- "php": ">=5.3.3",
- "zendframework/zend-crypt": "~2.0",
- "zendframework/zend-http": "~2.0",
- "zendframework/zend-json": "~2.0",
+ "php": "^5.6 || ^7.0",
+ "zendframework/zend-crypt": "^2.6 || ^3.2",
+ "zendframework/zend-http": "^2.6",
+ "zendframework/zend-json": "^2.6 || ^3.0",
"zendframework/zendrest": "~2.0",
- "zendframework/zendxml": "~1.0-dev"
+ "zendframework/zendxml": "^1.0"
},
"require-dev": {
- "fabpot/php-cs-fixer": "~1.7.0",
- "phpunit/phpunit": "~4.0",
+ "malukenho/docheader": "^0.1.5",
+ "phpunit/phpunit": "^6.0.8 || ^5.7.15",
+ "zendframework/zend-coding-standard": "~1.0.0",
"zendframework/zend-i18n": "~2.0"
},
"suggest": {
@@ -3609,12 +3654,13 @@
"type": "library",
"extra": {
"branch-alias": {
- "dev-master": "2.0.x-dev"
+ "dev-master": "2.2.x-dev",
+ "dev-develop": "2.3.x-dev"
}
},
"autoload": {
- "psr-0": {
- "ZendService\\Amazon\\": "library/"
+ "psr-4": {
+ "ZendService\\Amazon\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
@@ -3631,7 +3677,7 @@
"sqs",
"zf2"
],
- "time": "2015-06-04T19:47:46+00:00"
+ "time": "2017-03-15T02:47:08+00:00"
},
{
"name": "zendframework/zendservice-recaptcha",
@@ -4828,16 +4874,16 @@
},
{
"name": "monolog/monolog",
- "version": "1.22.0",
+ "version": "1.22.1",
"source": {
"type": "git",
"url": "https://github.com/Seldaek/monolog.git",
- "reference": "bad29cb8d18ab0315e6c477751418a82c850d558"
+ "reference": "1e044bc4b34e91743943479f1be7a1d5eb93add0"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/Seldaek/monolog/zipball/bad29cb8d18ab0315e6c477751418a82c850d558",
- "reference": "bad29cb8d18ab0315e6c477751418a82c850d558",
+ "url": "https://api.github.com/repos/Seldaek/monolog/zipball/1e044bc4b34e91743943479f1be7a1d5eb93add0",
+ "reference": "1e044bc4b34e91743943479f1be7a1d5eb93add0",
"shasum": ""
},
"require": {
@@ -4902,7 +4948,7 @@
"logging",
"psr-3"
],
- "time": "2016-11-26T00:15:39+00:00"
+ "time": "2017-03-13T07:08:03+00:00"
},
{
"name": "myclabs/deep-copy",
@@ -6917,7 +6963,7 @@
},
{
"name": "symfony/css-selector",
- "version": "v3.2.5",
+ "version": "v3.2.6",
"source": {
"type": "git",
"url": "https://github.com/symfony/css-selector.git",
@@ -7027,7 +7073,7 @@
},
{
"name": "symfony/dependency-injection",
- "version": "v3.2.5",
+ "version": "v3.2.6",
"source": {
"type": "git",
"url": "https://github.com/symfony/dependency-injection.git",
diff --git a/module/VuFind/src/VuFind/Controller/InstallController.php b/module/VuFind/src/VuFind/Controller/InstallController.php
index 20bb8e189b1..41da1a674e0 100644
--- a/module/VuFind/src/VuFind/Controller/InstallController.php
+++ b/module/VuFind/src/VuFind/Controller/InstallController.php
@@ -237,7 +237,7 @@ class InstallController extends AbstractBase
{
$requiredFunctionsExist
= function_exists('mb_substr') && is_callable('imagecreatefromstring')
- && function_exists('mcrypt_module_open')
+ && function_exists('openssl_encrypt')
&& class_exists('XSLTProcessor');
return [
@@ -288,10 +288,10 @@ class InstallController extends AbstractBase
$problems++;
}
- // Is the mcrypt library missing?
- if (!function_exists('mcrypt_module_open')) {
+ // Is the openssl library missing?
+ if (!function_exists('openssl_encrypt')) {
$msg
- = "Your PHP installation appears to be missing the mcrypt plug-in."
+ = "Your PHP installation appears to be missing the openssl plug-in."
. " For better security support, it is recommended that you add"
. " this. For details on how to do this, see "
. "https://vufind.org/wiki/installation "
diff --git a/module/VuFind/src/VuFind/Db/Row/User.php b/module/VuFind/src/VuFind/Db/Row/User.php
index 8b4646d6c2c..446722e3ec9 100644
--- a/module/VuFind/src/VuFind/Db/Row/User.php
+++ b/module/VuFind/src/VuFind/Db/Row/User.php
@@ -29,7 +29,7 @@ namespace VuFind\Db\Row;
use Zend\Db\Sql\Expression,
Zend\Db\Sql\Predicate\Predicate,
Zend\Db\Sql\Sql,
- Zend\Crypt\Symmetric\Mcrypt,
+ Zend\Crypt\Symmetric\Openssl,
Zend\Crypt\Password\Bcrypt,
Zend\Crypt\BlockCipher as BlockCipher;
@@ -210,7 +210,7 @@ class User extends RowGateway implements \VuFind\Db\Table\DbTableAwareInterface,
$algo = isset($this->config->Authentication->ils_encryption_algo)
? $this->config->Authentication->ils_encryption_algo
: 'blowfish';
- $cipher = new BlockCipher(new Mcrypt(['algorithm' => $algo]));
+ $cipher = new BlockCipher(new Openssl(['algorithm' => $algo]));
$cipher->setKey($this->encryptionKey);
return $encrypt ? $cipher->encrypt($text) : $cipher->decrypt($text);
}
diff --git a/module/VuFindConsole/src/VuFindConsole/Controller/UtilController.php b/module/VuFindConsole/src/VuFindConsole/Controller/UtilController.php
index 323d261cfc6..26e23f63957 100644
--- a/module/VuFindConsole/src/VuFindConsole/Controller/UtilController.php
+++ b/module/VuFindConsole/src/VuFindConsole/Controller/UtilController.php
@@ -32,7 +32,7 @@ use VuFind\Config\Writer as ConfigWriter;
use VuFindSearch\Backend\Solr\Document\UpdateDocument;
use VuFindSearch\Backend\Solr\Record\SerializableRecord;
use Zend\Console\Console;
-use Zend\Crypt\Symmetric\Mcrypt,
+use Zend\Crypt\Symmetric\Openssl,
Zend\Crypt\BlockCipher as BlockCipher;
/**
@@ -785,13 +785,13 @@ class UtilController extends AbstractBase
return $this->getSuccessResponse();
}
- // Initialize Mcrypt first, so we can catch any illegal algorithms before
+ // Initialize Openssl first, so we can catch any illegal algorithms before
// making any changes:
try {
if ($oldhash != 'none') {
- $oldCrypt = new Mcrypt(['algorithm' => $oldhash]);
+ $oldCrypt = new Openssl(['algorithm' => $oldhash]);
}
- $newCrypt = new Mcrypt(['algorithm' => $newhash]);
+ $newCrypt = new Openssl(['algorithm' => $newhash]);
} catch (\Exception $e) {
Console::writeLine($e->getMessage());
return $this->getFailureResponse();
diff --git a/packages/DEBIAN/control b/packages/DEBIAN/control
index 4672f103799..4aaf0a3f8f2 100644
--- a/packages/DEBIAN/control
+++ b/packages/DEBIAN/control
@@ -15,7 +15,6 @@ Depends: apache2,
php5-intl | php-intl,
php5-json | php-json,
php5-ldap | php-ldap,
- php5-mcrypt | php-mcrypt,
php5-mysql | php-mysql,
php5-xsl | php-xml
Maintainer: VuFind Project Administration Team <vufind-admins@lists.sourceforge.net>
--
GitLab