fix(redis): Apply patch to fix redis acl connection

crowdsecurity · Dec 13, 2024 · 23b85a6 · 23b85a6
1 parent 4b43c46
commit 23b85a6
Show file tree

Hide file tree

Showing 11 changed files with 82 additions and 11 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ---
 
+## [2.8.1](https://github.com/crowdsecurity/cs-wordpress-bouncer/releases/tag/v2.8.0) - 2024-12-13
+[_Compare with previous release_](https://github.com/crowdsecurity/cs-wordpress-bouncer/compare/v2.8.0...v2.8.1)
+
+
+### Fixed
+
+- Fix Redis connection error when using user and password in DSN
+
+---
+
 
 ## [2.8.0](https://github.com/crowdsecurity/cs-wordpress-bouncer/releases/tag/v2.8.0) - 2024-12-13
 [_Compare with previous release_](https://github.com/crowdsecurity/cs-wordpress-bouncer/compare/v2.7.0...v2.8.0)

diff --git a/composer.json b/composer.json
@@ -40,6 +40,9 @@
 		"patches": {
 			"gregwar/captcha": {
 				"Fix deprecation in CaptchaBuilder constructor": "patches/gregwar-captcha-constructor.patch"
+			},
+			"symfony/cache": {
+				"Fix auth connection in RedisTrait": "patches/symfony-redis-cache-auth.patch"
 			}
 		}
 	}

diff --git a/composer.lock b/composer.lock
diff --git a/crowdsec.php b/crowdsec.php
@@ -4,7 +4,7 @@
  * Plugin URI: https://github.com/crowdsecurity/cs-wordpress-bouncer
  * Description: Safer Together. Protect your WordPress application with CrowdSec.
  * Tags: security, captcha, ip-blocker, crowdsec, hacker-protection, appsec
- * Version: 2.8.0
+ * Version: 2.8.1
  * Author: CrowdSec
  * Author URI: https://www.crowdsec.net/
  * Github: https://github.com/crowdsecurity/cs-wordpress-bouncer
@@ -13,7 +13,7 @@
  * Requires PHP: 7.2
  * Requires at least: 4.9
  * Tested up to: 6.7
- * Stable tag: 2.8.0
+ * Stable tag: 2.8.1
  * Text Domain: crowdsec-wp
  * First release: 2021.
  */

diff --git a/inc/Constants.php b/inc/Constants.php
@@ -21,5 +21,5 @@ class Constants extends LibConstants
 
     public const DEFAULT_BASE_FILE_PATH = __DIR__ . '/../../../../wp-content/uploads/crowdsec/';
     public const STANDALONE_CONFIG_PATH = __DIR__ . '/standalone-settings.php';
-    public const VERSION = 'v2.8.0';
+    public const VERSION = 'v2.8.1';
 }
diff --git a/patches/symfony-redis-cache-auth.patch b/patches/symfony-redis-cache-auth.patch
@@ -0,0 +1,36 @@
+diff --git a/vendor/symfony/cache/Traits/RedisTrait.php b/vendor/symfony/cache/Traits/RedisTrait.php
+index 518a563..c767330 100644
+--- a/vendor/symfony/cache/Traits/RedisTrait.php
++++ b/vendor/symfony/cache/Traits/RedisTrait.php
+@@ -105,9 +105,13 @@ trait RedisTrait
+             throw new CacheException('Cannot find the "redis" extension nor the "predis/predis" package.');
+         }
+
+-        $params = preg_replace_callback('#^'.$scheme.':(//)?(?:(?:[^:@]*+:)?([^@]*+)@)?#', function ($m) use (&$auth) {
+-            if (isset($m[2])) {
+-                $auth = rawurldecode($m[2]);
++        $params = preg_replace_callback('#^'.$scheme.':(//)?(?:(?:(?<user>[^:@]*+):)?(?<password>[^@]*+)@)?#', function ($m) use (&$auth) {
++            if (isset($m['password'])) {
++                if (\in_array($m['user'], ['', 'default'], true)) {
++                    $auth = $m['password'];
++                } else {
++                    $auth = [$m['user'], $m['password']];
++                }
+
+                 if ('' === $auth) {
+                     $auth = null;
+@@ -376,7 +380,13 @@ trait RedisTrait
+                 $params['parameters']['database'] = $params['dbindex'];
+             }
+             if (null !== $auth) {
+-                $params['parameters']['password'] = $auth;
++                if (\is_array($auth)) {
++                    // ACL
++                    $params['parameters']['username'] = $auth[0];
++                    $params['parameters']['password'] = $auth[1];
++                } else {
++                    $params['parameters']['password'] = $auth;
++                }
+             }
+
+             if (isset($params['ssl'])) {
diff --git a/readme.txt b/readme.txt
@@ -4,7 +4,7 @@ Donate link: https://crowdsec.net/
 Tags: security, captcha, ip-blocker, crowdsec, hacker-protection
 Requires at least: 4.9
 Tested up to: 6.7
-Stable tag: 2.8.0
+Stable tag: 2.8.1
 Requires PHP: 7.2
 License: MIT
 License URI: https://opensource.org/licenses/MIT

diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json
@@ -1130,6 +1130,11 @@
             },
             "time": "2024-05-31T14:33:22+00:00",
             "type": "library",
+            "extra": {
+                "patches_applied": {
+                    "Fix auth connection in RedisTrait": "patches/symfony-redis-cache-auth.patch"
+                }
+            },
             "installation-source": "dist",
             "autoload": {
                 "psr-4": {

diff --git a/vendor/composer/installed.php b/vendor/composer/installed.php
@@ -3,7 +3,7 @@
         'name' => 'crowdsec/wordpress-bouncer',
         'pretty_version' => 'dev-main',
         'version' => 'dev-main',
-        'reference' => 'e3507c08812edc1e02c0e4af672299f68cb9ad5a',
+        'reference' => '4b43c4688a1c0cf4dbaa5aa269fe3ba9416bddf5',
         'type' => 'project',
         'install_path' => __DIR__ . '/../../',
         'aliases' => array(),
@@ -67,7 +67,7 @@
         'crowdsec/wordpress-bouncer' => array(
             'pretty_version' => 'dev-main',
             'version' => 'dev-main',
-            'reference' => 'e3507c08812edc1e02c0e4af672299f68cb9ad5a',
+            'reference' => '4b43c4688a1c0cf4dbaa5aa269fe3ba9416bddf5',
             'type' => 'project',
             'install_path' => __DIR__ . '/../../',
             'aliases' => array(),

diff --git a/vendor/symfony/cache/PATCHES.txt b/vendor/symfony/cache/PATCHES.txt
@@ -0,0 +1,7 @@
+This file was automatically generated by Composer Patches (https://github.com/cweagans/composer-patches)
+Patches applied to this directory:
+
+Fix auth connection in RedisTrait
+Source: patches/symfony-redis-cache-auth.patch
+
+
diff --git a/vendor/symfony/cache/Traits/RedisTrait.php b/vendor/symfony/cache/Traits/RedisTrait.php
@@ -105,9 +105,13 @@ public static function createConnection(string $dsn, array $options = [])
             throw new CacheException('Cannot find the "redis" extension nor the "predis/predis" package.');
         }
 
-        $params = preg_replace_callback('#^'.$scheme.':(//)?(?:(?:[^:@]*+:)?([^@]*+)@)?#', function ($m) use (&$auth) {
-            if (isset($m[2])) {
-                $auth = rawurldecode($m[2]);
+        $params = preg_replace_callback('#^'.$scheme.':(//)?(?:(?:(?<user>[^:@]*+):)?(?<password>[^@]*+)@)?#', function ($m) use (&$auth) {
+            if (isset($m['password'])) {
+                if (\in_array($m['user'], ['', 'default'], true)) {
+                    $auth = $m['password'];
+                } else {
+                    $auth = [$m['user'], $m['password']];
+                }
 
                 if ('' === $auth) {
                     $auth = null;
@@ -376,7 +380,13 @@ public static function createConnection(string $dsn, array $options = [])
                 $params['parameters']['database'] = $params['dbindex'];
             }
             if (null !== $auth) {
-                $params['parameters']['password'] = $auth;
+                if (\is_array($auth)) {
+                    // ACL
+                    $params['parameters']['username'] = $auth[0];
+                    $params['parameters']['password'] = $auth[1];
+                } else {
+                    $params['parameters']['password'] = $auth;
+                }
             }
 
             if (isset($params['ssl'])) {