-
Notifications
You must be signed in to change notification settings - Fork 653
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Extension rsaauth that has been marked deprecated in v9 due to its flaws and is dropped from core v10 with this patch. People who still think not using https but using the rsaauth extension approach is a good idea can fetch the extension from ter using an upgrade wizard or composer require friendsoftypo3/rsaauth. Needs a typo3/testing-framework raise since the acceptance tests still used loginSecurityLevel rsa: composer require --dev typo3/testing-framework ~5.0.4 Resolves: #87470 Releases: master Change-Id: Iefdd1c4e4b8725e0968875d4b8cb68103634783c Reviewed-on: https://review.typo3.org/59470 Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de> Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de> Tested-by: TYPO3com <noreply@typo3.com> Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de> Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
- Loading branch information
Showing
64 changed files
with
132 additions
and
4,650 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
119 changes: 119 additions & 0 deletions
119
typo3/sysext/install/Classes/Updates/RsaauthExtractionUpdate.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,119 @@ | ||
<?php | ||
namespace TYPO3\CMS\Install\Updates; | ||
|
||
/* | ||
* This file is part of the TYPO3 CMS project. | ||
* | ||
* It is free software; you can redistribute it and/or modify it under | ||
* the terms of the GNU General Public License, either version 2 | ||
* of the License, or any later version. | ||
* | ||
* For the full copyright and license information, please read the | ||
* LICENSE.txt file that was distributed with this source code. | ||
* | ||
* The TYPO3 project - inspiring people to share! | ||
*/ | ||
|
||
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility; | ||
|
||
/** | ||
* Installs and downloads EXT:rsaauth if requested | ||
* @internal This class is only meant to be used within EXT:install and is not part of the TYPO3 Core API. | ||
*/ | ||
class RsaauthExtractionUpdate extends AbstractDownloadExtensionUpdate | ||
{ | ||
/** | ||
* @var \TYPO3\CMS\Install\Updates\ExtensionModel | ||
*/ | ||
protected $extension; | ||
|
||
/** | ||
* @var \TYPO3\CMS\Install\Updates\Confirmation | ||
*/ | ||
protected $confirmation; | ||
|
||
public function __construct() | ||
{ | ||
$this->extension = new ExtensionModel( | ||
'rsaauth', | ||
'Deprecated rsaauth extension', | ||
'10.0.0', | ||
'friendsoftypo3/rsaauth', | ||
'Contains a service to authenticate TYPO3 BE and FE users using private/public key encryption of passwords.' | ||
); | ||
|
||
$this->confirmation = new Confirmation( | ||
'Are you sure?', | ||
'Do not install this extension. Use HTTPS instead. ' . $this->extension->getDescription(), | ||
false | ||
); | ||
} | ||
|
||
/** | ||
* Return a confirmation message instance | ||
* | ||
* @return \TYPO3\CMS\Install\Updates\Confirmation | ||
*/ | ||
public function getConfirmation(): Confirmation | ||
{ | ||
return $this->confirmation; | ||
} | ||
|
||
/** | ||
* Return the identifier for this wizard | ||
* This should be the same string as used in the ext_localconf class registration | ||
* | ||
* @return string | ||
*/ | ||
public function getIdentifier(): string | ||
{ | ||
return 'rsaauthExtension'; | ||
} | ||
|
||
/** | ||
* Return the speaking name of this wizard | ||
* | ||
* @return string | ||
*/ | ||
public function getTitle(): string | ||
{ | ||
return 'Install extension "rsaauth" from TER if the site is still not secured using HTTPS'; | ||
} | ||
|
||
/** | ||
* Return the description for this wizard | ||
* | ||
* @return string | ||
*/ | ||
public function getDescription(): string | ||
{ | ||
return 'The extension "rsaauth" adds a public/private key based encryption for Backend and Frontend' | ||
. ' login passwords. The approach is limited and has various flaws. The extension is fully' | ||
. ' obsolete if the instance uses HTTPS.'; | ||
} | ||
|
||
/** | ||
* Is an update necessary? | ||
* Is used to determine whether a wizard needs to be run. | ||
* | ||
* @return bool | ||
*/ | ||
public function updateNecessary(): bool | ||
{ | ||
return !ExtensionManagementUtility::isLoaded('rsaauth'); | ||
} | ||
|
||
/** | ||
* Returns an array of class names of Prerequisite classes | ||
* This way a wizard can define dependencies like "database up-to-date" or | ||
* "reference index updated" | ||
* | ||
* @return string[] | ||
*/ | ||
public function getPrerequisites(): array | ||
{ | ||
return [ | ||
DatabaseUpdatedPrerequisite::class | ||
]; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.