From 069aea5989ec7fe4090cf3f1151f99476fa038be Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Mon, 13 Aug 2018 15:59:24 +0300 Subject: [PATCH] remove FEED_CRYPT_KEY and everything related to it always assume auth_pass_encrypted is false --- classes/pref/feeds.php | 10 +--------- classes/rssutils.php | 19 ++----------------- config.php-dist | 6 ------ include/crypt.php | 20 -------------------- include/sanity_check.php | 8 -------- include/sanity_config.php | 4 ++-- update.php | 33 --------------------------------- 7 files changed, 5 insertions(+), 95 deletions(-) mode change 100644 => 100755 config.php-dist delete mode 100644 include/crypt.php diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index 459fbbe2..4c9574cd 100755 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -513,8 +513,6 @@ class Pref_Feeds extends Handler_Protected { print '
'; - $auth_pass_encrypted = $row["auth_pass_encrypted"]; - $title = htmlspecialchars($row["title"]); print_hidden("id", "$feed_id"); @@ -615,14 +613,8 @@ class Pref_Feeds extends Handler_Protected { print "
"; $auth_login = htmlspecialchars($row["auth_login"]); - $auth_pass = $row["auth_pass"]; - - if ($auth_pass_encrypted && function_exists("mcrypt_decrypt")) { - require_once "crypt.php"; - $auth_pass = decrypt_string($auth_pass); - } + $auth_pass = htmlspecialchars($row["auth_pass"]); - $auth_pass = htmlspecialchars($auth_pass); $auth_enabled = $auth_login !== '' || $auth_pass !== ''; $auth_style = $auth_enabled ? '' : 'display: none'; diff --git a/classes/rssutils.php b/classes/rssutils.php index af5fd057..bd20a6b4 100755 --- a/classes/rssutils.php +++ b/classes/rssutils.php @@ -218,24 +218,15 @@ class RSSUtils { $pdo = Db::pdo(); - $sth = $pdo->prepare("SELECT owner_uid,feed_url,auth_pass,auth_login,auth_pass_encrypted + $sth = $pdo->prepare("SELECT owner_uid,feed_url,auth_pass,auth_login FROM ttrss_feeds WHERE id = ?"); $sth->execute([$feed]); if ($row = $sth->fetch()) { $owner_uid = $row["owner_uid"]; - - $auth_pass_encrypted = $row["auth_pass_encrypted"]; - $auth_login = $row["auth_login"]; $auth_pass = $row["auth_pass"]; - - if ($auth_pass_encrypted && function_exists("mcrypt_decrypt")) { - require_once "crypt.php"; - $auth_pass = decrypt_string($auth_pass); - } - $fetch_url = $row["feed_url"]; $pluginhost = new PluginHost(); @@ -347,7 +338,6 @@ class RSSUtils { $owner_uid = $row["owner_uid"]; $mark_unread_on_update = $row["mark_unread_on_update"]; - $auth_pass_encrypted = $row["auth_pass_encrypted"]; $sth = $pdo->prepare("UPDATE ttrss_feeds SET last_update_started = NOW() WHERE id = ?"); @@ -355,16 +345,11 @@ class RSSUtils { $auth_login = $row["auth_login"]; $auth_pass = $row["auth_pass"]; - - if ($auth_pass_encrypted && function_exists("mcrypt_decrypt")) { - require_once "crypt.php"; - $auth_pass = decrypt_string($auth_pass); - } - $stored_last_modified = $row["last_modified"]; $last_unconditional = $row["last_unconditional"]; $cache_images = $row["cache_images"]; $fetch_url = $row["feed_url"]; + $feed_language = mb_strtolower($row["feed_language"]); if (!$feed_language) $feed_language = 'english'; diff --git a/config.php-dist b/config.php-dist old mode 100644 new mode 100755 index 7a076d97..7821fe27 --- a/config.php-dist +++ b/config.php-dist @@ -24,12 +24,6 @@ // You need to set this option correctly otherwise several features // including PUSH, bookmarklets and browser integration will not work properly. - define('FEED_CRYPT_KEY', ''); - // WARNING: mcrypt is deprecated in php 7.1. This directive exists for backwards - // compatibility with existing installs, new passwords are NOT going to be encrypted. - // Use update.php --decrypt-feeds to decrypt existing passwords in the database while - // mcrypt is still available. - // Key used for encryption of passwords for password-protected feeds // in the database. A string of 24 random characters. If left blank, encryption // is not used. Requires mcrypt functions. diff --git a/include/crypt.php b/include/crypt.php deleted file mode 100644 index 3e26dfd5..00000000 --- a/include/crypt.php +++ /dev/null @@ -1,20 +0,0 @@ - 0 && strlen(FEED_CRYPT_KEY) != 24) { - array_push($errors, "FEED_CRYPT_KEY should be exactly 24 characters in length."); - } - - if (strlen(FEED_CRYPT_KEY) > 0 && !function_exists("mcrypt_decrypt")) { - array_push($errors, "FEED_CRYPT_KEY requires mcrypt functions which are not found."); - } - if (GENERATED_CONFIG_CHECK != EXPECTED_CONFIG_VERSION) { array_push($errors, "Configuration option checker sanity_config.php is outdated, please recreate it using ./utils/regen_config_checks.sh"); diff --git a/include/sanity_config.php b/include/sanity_config.php index 0e994436..d9ae18a8 100644 --- a/include/sanity_config.php +++ b/include/sanity_config.php @@ -1,3 +1,3 @@ - +$requred_defines = array( 'DB_TYPE', 'DB_HOST', 'DB_USER', 'DB_NAME', 'DB_PASS', 'MYSQL_CHARSET', 'SELF_URL_PATH', 'SINGLE_USER_MODE', 'SIMPLE_UPDATE_MODE', 'PHP_EXECUTABLE', 'LOCK_DIRECTORY', 'CACHE_DIR', 'ICONS_DIR', 'ICONS_URL', 'AUTH_AUTO_CREATE', 'AUTH_AUTO_LOGIN', 'FORCE_ARTICLE_PURGE', 'SPHINX_SERVER', 'SPHINX_INDEX', 'ENABLE_REGISTRATION', 'REG_NOTIFY_ADDRESS', 'REG_MAX_USERS', 'SESSION_COOKIE_LIFETIME', 'SMTP_FROM_NAME', 'SMTP_FROM_ADDRESS', 'DIGEST_SUBJECT', 'SMTP_SERVER', 'SMTP_LOGIN', 'SMTP_PASSWORD', 'SMTP_SECURE', 'CHECK_FOR_UPDATES', 'ENABLE_GZIP_OUTPUT', 'PLUGINS', 'LOG_DESTINATION', 'CONFIG_VERSION'); ?> diff --git a/update.php b/update.php index 553175c8..2abb756b 100755 --- a/update.php +++ b/update.php @@ -417,39 +417,6 @@ exit($rc); } - if (isset($options["decrypt-feeds"])) { - - if (!function_exists("mcrypt_decrypt")) { - _debug("mcrypt functions not available."); - return; - } - - $res = $pdo->query("SELECT id, auth_pass FROM ttrss_feeds WHERE auth_pass_encrypted = true"); - - require_once "crypt.php"; - - $total = 0; - - $pdo->beginTransaction(); - - $usth = $pdo->prepare("UPDATE ttrss_feeds SET auth_pass_encrypted = false, auth_pass = ? - WHERE id = ?"); - - while ($line = $res->fetch()) { - _debug("processing feed id " . $line["id"]); - - $auth_pass = decrypt_string($line["auth_pass"]); - - $usth->execute([$auth_pass, $line['id']]); - - ++$total; - } - - $pdo->commit(); - - _debug("$total feeds processed."); - } - PluginHost::getInstance()->run_commands($options); if (file_exists(LOCK_DIRECTORY . "/$lock_filename")) -- 2.39.5