From 85cdc82d4d997034a36de8821194c53e53d58017 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Michal=20=C4=8Ciha=C5=99?= <michal@cihar.com>
Date: Wed, 3 Sep 2008 13:27:43 +0000
Subject: [PATCH] Cookie auth now autogenerates blowfish_secret, but it has
 some limitations and you still should set it in config file

---
 ChangeLog                          |  2 ++
 Documentation.html                 | 13 ++++++++--
 libraries/auth/cookie.auth.lib.php | 52 ++++++++++++++++++--------------------
 main.php                           |  8 ++++++
 4 files changed, 45 insertions(+), 30 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index abb124cffa..192ca0379c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,8 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
   thanks to Thijs Kinkhorst - kink
 + new setup script, thanks to Piotr Przybylski (work in progress)
 - rfe #1892243 [export] more links to documentation
++ [auth] cookie auth now autogenerates blowfish_secret, but it has some
+  limitations and you still should set it in config file
 
 3.0.0.0 (not yet released)
 + [export] properly handle line breaks for YAML, thanks to Dan Barry -
diff --git a/Documentation.html b/Documentation.html
index 02baf93ebf..a0e69a717f 100644
--- a/Documentation.html
+++ b/Documentation.html
@@ -597,7 +597,12 @@ since this link provides funding for phpMyAdmin.
         If you are using the &quot;cookie&quot; auth_type, enter here a random
         passphrase of your choice. It will be used internally by the blowfish
         algorithm: you won&#8217;t be prompted for this passphrase. The maximum
-        number of characters for this parameter seems to be 46.</dd>
+        number of characters for this parameter seems to be 46.<br /><br />
+        
+        Since version 3.1.0 phpMyAdmin can generate this on the fly, but it
+        makes a bit weaker security as this generated secret is stored in
+        session and furthermore it makes impossible to recall user name from 
+        cookie.</dd>
 
     <dt id="cfg_Servers">$cfg['Servers'] array</dt>
     <dd>Since version 1.4.2, phpMyAdmin supports the administration of multiple
@@ -1180,7 +1185,11 @@ ALTER TABLE `pma_column_comments`
 
     <dt id="cfg_LoginCookieRecall">$cfg['LoginCookieRecall'] boolean</dt>
     <dd>Define whether the previous login should be recalled or not in cookie
-        authentication mode.</dd>
+        authentication mode.<br /><br />
+
+        This is automatically diabled if you do not have configured 
+        <tt><a href="#cfg_blowfish_secret">$cfg['blowfish_secret']</a></tt>.
+        </dd>
 
     <dt id="cfg_LoginCookieValidity">$cfg['LoginCookieValidity'] integer [number of seconds]</dt>
     <dd>Define how long is login cookie valid.</dd>
diff --git a/libraries/auth/cookie.auth.lib.php b/libraries/auth/cookie.auth.lib.php
index a858f44ecb..765c736688 100644
--- a/libraries/auth/cookie.auth.lib.php
+++ b/libraries/auth/cookie.auth.lib.php
@@ -76,6 +76,24 @@ if (function_exists('mcrypt_encrypt')) {
 }
 
 /**
+ * Returns blowfish secret or generates one if needed.
+ * @uses    $cfg['blowfish_secret']
+ * @uses    $_SESSION['auto_blowfish_secret']
+ *
+ * @access  public
+ */
+function PMA_get_blowfish_secret() {
+    if (empty($GLOBALS['cfg']['blowfish_secret'])) {
+        if (empty($_SESSION['auto_blowfish_secret'])) {
+            $_SESSION['auto_blowfish_secret'] = uniqid('', true);
+        }
+        return $_SESSION['auto_blowfish_secret'];
+    } else {
+        return $GLOBALS['cfg']['blowfish_secret'];
+    }
+}
+
+/**
  * Displays authentication form
  *
  * this function MUST exit/quit the application
@@ -133,7 +151,8 @@ function PMA_auth()
         exit;
     }
 
-    if ($GLOBALS['cfg']['LoginCookieRecall']) {
+    /* No recall if blowfish secret is not configured as it would produce garbage */
+    if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) {
         $default_user   = $GLOBALS['PHP_AUTH_USER'];
         $default_server = $GLOBALS['pma_auth_server'];
         $autocomplete   = '';
@@ -203,22 +222,6 @@ if (top != self) {
         PMA_select_language(true, false);
     }
 
-    // Displays the warning message and the login form
-    if (empty($GLOBALS['cfg']['blowfish_secret'])) {
-        PMA_Message::error('strSecretRequired')->display();
-        if ($GLOBALS['error_handler']->hasDisplayErrors()) {
-            echo '<div>';
-            $GLOBALS['error_handler']->dispErrors();
-            echo '</div>';
-        }
-        echo '</div>' . "\n";
-        if (file_exists('./config.footer.inc.php')) {
-            require './config.footer.inc.php';
-        }
-        echo '</body></html>';
-        exit;
-    }
-
     // BEGIN Swekey Integration
     $swekeyErr = Swekey_auth_error();
     if ($swekeyErr != null) {
@@ -376,7 +379,6 @@ window.setTimeout('PMA_focusInput()', 500);
  * @uses    $GLOBALS['server']
  * @uses    $GLOBALS['from_cookie']
  * @uses    $GLOBALS['pma_auth_server']
- * @uses    $cfg['blowfish_secret']
  * @uses    $cfg['AllowArbitraryServer']
  * @uses    $cfg['LoginCookieValidity']
  * @uses    $cfg['Servers']
@@ -406,11 +408,6 @@ function PMA_auth_check()
     $GLOBALS['PHP_AUTH_USER'] = $GLOBALS['PHP_AUTH_PW'] = '';
     $GLOBALS['from_cookie'] = false;
 
-    // avoid an error in mcrypt
-    if (empty($GLOBALS['cfg']['blowfish_secret'])) {
-        return false;
-    }
-
     // BEGIN Swekey Integration
     if (! Swekey_auth_check()) {
         return false;
@@ -472,7 +469,7 @@ function PMA_auth_check()
 
     $GLOBALS['PHP_AUTH_USER'] = PMA_blowfish_decrypt(
         $_COOKIE['pmaUser-' . $GLOBALS['server']],
-        $GLOBALS['cfg']['blowfish_secret']);
+        PMA_get_blowfish_secret());
 
     // user was never logged in since session start
     if (empty($_SESSION['last_access_time'])) {
@@ -493,7 +490,7 @@ function PMA_auth_check()
 
     $GLOBALS['PHP_AUTH_PW'] = PMA_blowfish_decrypt(
         $_COOKIE['pmaPass-' . $GLOBALS['server']],
-        $GLOBALS['cfg']['blowfish_secret'] /* . $_SESSION['last_access_time'] */);
+        PMA_get_blowfish_secret());
 
     if ($GLOBALS['PHP_AUTH_PW'] == "\xff(blank)") {
         $GLOBALS['PHP_AUTH_PW'] = '';
@@ -515,7 +512,6 @@ function PMA_auth_check()
  * @uses    $GLOBALS['pma_auth_server']
  * @uses    $cfg['Server']
  * @uses    $cfg['AllowArbitraryServer']
- * @uses    $cfg['blowfish_secret']
  * @uses    $cfg['LoginCookieStore']
  * @uses    $cfg['PmaAbsoluteUri']
  * @uses    $_SESSION['last_access_time']
@@ -567,12 +563,12 @@ function PMA_auth_set_user()
     // Duration = one month for username
     PMA_setCookie('pmaUser-' . $GLOBALS['server'],
         PMA_blowfish_encrypt($cfg['Server']['user'],
-            $GLOBALS['cfg']['blowfish_secret']));
+            PMA_get_blowfish_secret()));
 
     // Duration = as configured
     PMA_setCookie('pmaPass-' . $GLOBALS['server'],
         PMA_blowfish_encrypt(!empty($cfg['Server']['password']) ? $cfg['Server']['password'] : "\xff(blank)",
-            $GLOBALS['cfg']['blowfish_secret'] /* . $_SESSION['last_access_time'] */),
+            PMA_get_blowfish_secret()),
         null,
         $GLOBALS['cfg']['LoginCookieStore']);
 
diff --git a/main.php b/main.php
index 72f0b73050..dc38479d52 100644
--- a/main.php
+++ b/main.php
@@ -284,6 +284,14 @@ if (! @extension_loaded('mbstring')) {
 }
 
 /**
+ * Check if user does not have defined blowfish secret and it is being used.
+ */
+if (!empty($_SESSION['auto_blowfish_secret']) &&
+        empty($GLOBALS['cfg']['blowfish_secret'])) {
+    trigger_error($strSecretRequired, E_USER_WARNING);
+}
+
+/**
  * Warning about different MySQL library and server version
  * (a difference on the third digit does not count).
  * If someday there is a constant that we can check about mysqlnd, we can use it instead
-- 
2.11.4.GIT