Merge branch '0.7-develop' into develop

This commit is contained in:
Dane Everitt 2020-03-15 17:30:28 -07:00
commit b3fb658511
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
6 changed files with 49 additions and 18 deletions

View file

@ -3,6 +3,12 @@ This file is a running track of new features and fixes to each version of the pa
This project follows [Semantic Versioning](http://semver.org) guidelines.
## v0.7.17 (Derelict Dermodactylus)
### Fixed
* Limited accounts to 5 API keys at a time.
* Fixes database passwords not being generated with the proper requirements for some MySQL setups.
* Hostnames that are not FQDNs/IP addresses can now be used for connecting to a MySQL host.
## v0.7.16 (Derelict Dermodactylus)
### Fixed
* Fixed the /api/application/servers endpoint erroring when including subusers or egg

View file

@ -1,7 +1,7 @@
# The MIT License (MIT)
```
Copyright (c) 2015 - 2017 Dane Everitt <dane@daneeveritt.com>
Copyright (c) 2015 - 2020 Dane Everitt <dane@daneeveritt.com>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal

35
app/Helpers/Utilities.php Normal file
View file

@ -0,0 +1,35 @@
<?php
namespace Pterodactyl\Helpers;
use Exception;
use Illuminate\Support\Facades\Log;
class Utilities
{
/**
* Generates a random string and injects special characters into it, in addition to
* the randomness of the alpha-numeric default response.
*
* @param int $length
* @return string
*/
public static function randomStringWithSpecialCharacters(int $length = 16): string
{
$string = str_random($length);
// Given a random string of characters, randomly loop through the characters and replace some
// with special characters to avoid issues with MySQL password requirements on some servers.
try {
for ($i = 0; $i < random_int(2, 6); $i++) {
$character = ['!', '@', '=', '.', '+', '^'][random_int(0, 5)];
$string = substr_replace($string, $character, random_int(0, $length - 1), 1);
}
} catch (Exception $exception) {
// Just log the error and hope for the best at this point.
Log::error($exception);
}
return $string;
}
}

View file

@ -51,7 +51,7 @@ class DatabaseHost extends Validable
*/
public static $validationRules = [
'name' => 'required|string|max:255',
'host' => 'required|ip|unique:database_hosts,host',
'host' => 'required|unique:database_hosts,host',
'port' => 'required|numeric|between:1,65535',
'username' => 'required|string|max:32',
'password' => 'nullable|string',

View file

@ -4,6 +4,7 @@ namespace Pterodactyl\Services\Databases;
use Exception;
use Pterodactyl\Models\Database;
use Pterodactyl\Helpers\Utilities;
use Illuminate\Database\DatabaseManager;
use Illuminate\Contracts\Encryption\Encrypter;
use Pterodactyl\Extensions\DynamicDatabaseConnection;
@ -70,7 +71,9 @@ class DatabaseManagementService
$data['server_id'] = $server;
$data['database'] = sprintf('s%d_%s', $server, $data['database']);
$data['username'] = sprintf('u%d_%s', $server, str_random(10));
$data['password'] = $this->encrypter->encrypt(str_random(24));
$data['password'] = $this->encrypter->encrypt(
Utilities::randomStringWithSpecialCharacters(24)
);
$this->database->beginTransaction();
try {

View file

@ -2,9 +2,8 @@
namespace Pterodactyl\Services\Databases;
use Exception;
use Pterodactyl\Models\Database;
use Illuminate\Support\Facades\Log;
use Pterodactyl\Helpers\Utilities;
use Illuminate\Database\ConnectionInterface;
use Illuminate\Contracts\Encryption\Encrypter;
use Pterodactyl\Extensions\DynamicDatabaseConnection;
@ -62,19 +61,7 @@ class DatabasePasswordService
*/
public function handle(Database $database): string
{
$password = str_random(24);
// Given a random string of characters, randomly loop through the characters and replace some
// with special characters to avoid issues with MySQL password requirements on some servers.
try {
for ($i = 0; $i < random_int(2, 6); $i++) {
$character = ['!', '@', '=', '.', '+', '^'][random_int(0, 5)];
$password = substr_replace($password, $character, random_int(0, 23), 1);
}
} catch (Exception $exception) {
// Just log the error and hope for the best at this point.
Log::error($exception);
}
$password = Utilities::randomStringWithSpecialCharacters(24);
$this->connection->transaction(function () use ($database, $password) {
$this->dynamic->set('dynamic', $database->database_host_id);