diff options
Diffstat (limited to 'databases/adminer/files')
| -rw-r--r-- | databases/adminer/files/makephar.php | 11 | ||||
| -rw-r--r-- | databases/adminer/files/patch-adminer_include_functions.inc.php | 11 | ||||
| -rw-r--r-- | databases/adminer/files/patch-adminer_include_xxtea.inc.php | 70 |
3 files changed, 88 insertions, 4 deletions
diff --git a/databases/adminer/files/makephar.php b/databases/adminer/files/makephar.php index ad54a3cfe4cb..b8fdadf1dfbc 100644 --- a/databases/adminer/files/makephar.php +++ b/databases/adminer/files/makephar.php @@ -15,14 +15,16 @@ $stub = <<<STUB <?php /****************************************************************************** * - * All Adminer plugins are now included in this + * Adminer plugins are now included in this * FreeBSD ports edition, no need to download * them separately. * https://www.adminer.org/en/plugins/ * * copyright Paavo-Einari Kaipila (FreeBSD ports edition) - * copyright Jakub Vrana (original Adminer) - * + * copyright Jakub Vrana (Adminer) + * copyright MirLach (ForcedServer plugin) + * copyright Pematon (Collations, JsonPreview, LoginServers and SimpleMenu plugins) + * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -68,7 +70,7 @@ foreach(new DirectoryIterator(__DIR__ . '/plugins') as $file) * in Adminer editor. */ && !str_starts_with($fileName, 'editor') - && preg_match('/class\s(A[a-zA-Z0-9]+)\sextends\sAdminer/', $contents, $m) + && preg_match('/class\s(A[a-zA-Z0-9]+)\s(extends\sAdminer|\{)/', $contents, $m) ) { $plugins[$pharFile] = $contents; $classMap[$m[1]] = $file->getFileName(); @@ -110,6 +112,7 @@ foreach($plugins as $file => $contents) $contents ); } +$phar->compressFiles(Phar::GZ); $phar->addFromString( 'adminer.php', diff --git a/databases/adminer/files/patch-adminer_include_functions.inc.php b/databases/adminer/files/patch-adminer_include_functions.inc.php new file mode 100644 index 000000000000..fa627837460a --- /dev/null +++ b/databases/adminer/files/patch-adminer_include_functions.inc.php @@ -0,0 +1,11 @@ +--- adminer/include/functions.inc.php.orig 2025-10-19 12:05 UTC ++++ adminer/include/functions.inc.php +@@ -761,7 +761,7 @@ + * @return string 32 hexadecimal characters + */ + function rand_string(): string { +- return md5(uniqid(strval(mt_rand()), true)); ++ return bin2hex(random_bytes(32)); + } + + /** Format value to use in select diff --git a/databases/adminer/files/patch-adminer_include_xxtea.inc.php b/databases/adminer/files/patch-adminer_include_xxtea.inc.php new file mode 100644 index 000000000000..86b20cb3ea7f --- /dev/null +++ b/databases/adminer/files/patch-adminer_include_xxtea.inc.php @@ -0,0 +1,70 @@ +--- adminer/include/xxtea.inc.php.orig 2025-11-14 10:44:16 UTC ++++ adminer/include/xxtea.inc.php +@@ -45,6 +45,11 @@ + return int32((($z >> 5 & 0x7FFFFFF) ^ $y << 2) + (($y >> 3 & 0x1FFFFFFF) ^ $z << 4)) ^ int32(($sum ^ $y) + ($k ^ $z)); + } + ++const AES256_NAME = 'aes-256-gcm'; ++const AES256_KEY_BYTES = 32; ++const AES256_NONCE_BYTES = 12; ++const AES256_TAG_BYTES = 16; ++ + /** Cipher + * @param string $str plain-text password + * @return string binary cipher +@@ -53,6 +58,20 @@ + if ($str == "") { + return ""; + } ++ $key = hash_hkdf('sha256', $key, AES256_KEY_BYTES, AES256_NAME); ++ $nonce = random_bytes(AES256_NONCE_BYTES); ++ $cipherText = openssl_encrypt( ++ $str, ++ AES256_NAME, ++ $key, ++ OPENSSL_RAW_DATA, ++ $nonce, ++ $tag, ++ '', ++ AES256_TAG_BYTES ++ ); ++ return $nonce . $tag . $cipherText; ++/* + $key = array_values(unpack("V*", pack("H*", md5($key)))); + $v = str2long($str, true); + $n = count($v) - 1; +@@ -75,6 +94,7 @@ + $v[$n] = $z; + } + return long2str($v, false); ++*/ + } + + /** Decipher +@@ -88,6 +108,20 @@ + if (!$key) { + return false; + } ++ $key = hash_hkdf('sha256', $key, AES256_KEY_BYTES, AES256_NAME); ++ $nonce = substr($str, 0, AES256_NONCE_BYTES); ++ $tag = substr($str, AES256_NONCE_BYTES, AES256_TAG_BYTES); ++ $cipherText = substr($str, AES256_NONCE_BYTES + AES256_TAG_BYTES); ++ return openssl_decrypt( ++ $cipherText, ++ AES256_NAME, ++ $key, ++ OPENSSL_RAW_DATA, ++ $nonce, ++ $tag, ++ '' ++ ); ++/* + $key = array_values(unpack("V*", pack("H*", md5($key)))); + $v = str2long($str, false); + $n = count($v) - 1; +@@ -110,4 +144,5 @@ + $sum = int32($sum - 0x9E3779B9); + } + return long2str($v, true); ++*/ + } |