Skip to content

Additional check for correct version of sodium #23420

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
matei wants to merge 1 commit into from
Closed

Additional check for correct version of sodium #23420

matei wants to merge 1 commit into from

Conversation

@matei
Copy link
Contributor

@matei matei commented Jun 26, 2019

The Encryptor class checks for the presence of the sodium library and if installed, adds the ARGON2ID13 as hashing mechanism for passwords.
The problem is in official php Docker images, (even :7.2 and :7.3 tags - based on debian-stretch) have an older version of libsodium php extension (1.0.11) which doesn't have support for argon2id. Under this scenario, Magento will fail (e.g. running bin/magento will fail with an exception).
This PR adds an additional check for the presence of the SODIUM_CRYPTO_PWHASH_ALG_ARGON2ID13 constant (as we are not able to grab the sodium extension version correctly)

Fixed Issues (if relevant)

  1. magento/magento2#issue-23405: 2.3.2 installed and bin/magento setup:upgrade not working

Manual testing scenarios (*)

  1. Have a docker-compose.yml with a DB container with a 2.3.1 database and a FPM container based on php:7.2.4-fpm
  2. On the FPM container , create a composer.json depending on Magento 2.3.2 (tested with magento/product-enterprise-edition but probably community has the same issue)
  3. Ensure you have an env.php file with appropriate configuration for connectivity to the DB container
  4. Run composer install
  5. Run bin/magento setup:upgrade

Expected result: Magento DB should upgrade correctly
Actual result: bin/magento fails with


  An abstract factory could not create an instance of magentosetupconsolecommandbackupcommand(alias: Magento\Setup\Console\Command\Back
  upCommand).


In ServiceManager.php line 941:

  An exception was raised while creating "Magento\Setup\Console\Command\BackupCommand"; no instance returned


In Di.php line 865:

  Missing instance/object for parameter maintenanceMode for Magento\Setup\Console\Command\BackupCommand::__construct


In ServiceManager.php line 1130:

  An abstract factory could not create an instance of magentoframeworkappmaintenancemode(alias: Magento\Framework\App\MaintenanceMode).


In ServiceManager.php line 941:

  An exception was raised while creating "Magento\Framework\App\MaintenanceMode"; no instance returned


In ErrorHandler.php line 61:

  Warning: Use of undefined constant SODIUM_CRYPTO_PWHASH_ALG_ARGON2ID13 - assumed 'SODIUM_CRYPTO_PWHASH_ALG_ARGON2ID13' (this will thr
  ow an Error in a future version of PHP) in /var/www/html/vendor/magento/framework/Encryption/Encryptor.php on line 153

Contribution checklist (*)

  • Pull request has a meaningful description of its purpose
  • All commits are accompanied by meaningful commit messages
  • All new or changed code is covered with unit/integration tests (if applicable)
  • All automated tests passed successfully (all builds are green)

@m2-assistant
Copy link

m2-assistant bot commented Jun 26, 2019

Hi @matei. Thank you for your contribution
Here is some useful tips how you can test your changes using Magento test environment.
Add the comment under your pull request to deploy test or vanilla Magento instance:

  • @magento give me test instance - deploy test instance based on PR changes
  • @magento give me 2.3 instance - deploy vanilla Magento instance

For more details, please, review the Magento Contributor Assistant documentation

@magento-engcom-team
Copy link
Contributor

magento-engcom-team commented Jun 26, 2019

Hi @matei
Unfortunately, we only accept Pull Requests to the following branches: 2.2-develop, 2.3-develop.
Please create a new Pull Request and use one of those as a target.

Thank you.

@magento-cicd2
Copy link
Contributor

magento-cicd2 commented Jun 26, 2019

CLA assistant check
Thank you for your submission, we really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

Matei Stefanescu seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.

@m2-assistant
Copy link

m2-assistant bot commented Jun 26, 2019

Hi @matei, thank you for your contribution!
Please, complete Contribution Survey, it will take less than a minute.
Your feedback will help us to improve contribution process.

@hostep
Copy link
Contributor

hostep commented Jun 30, 2019

@matei: do you plan to continue working on this? The proposed change looks correct to me.

You just need to make sure you have a github user associated with the email address with which the commit was created. You can assign the email address to your current github user, or just create a new github user if you want separate ones. Or you can re-create the commit but with a different email address.

@matei
Copy link
Contributor Author

matei commented Jul 1, 2019

@hostep yes, just waiting for 2.3-develop to get the latest 2.3 updates (currently it's not reflecting 2.3.2)

@hostep
Copy link
Contributor

hostep commented Jul 24, 2019

Hi @matei

It looks like the 2.3.2 code finally got merged in the 2.3-develop branch: 7ffabd0#diff-07981c7827bdf60bd9649fa9f8ec974d 🎉

@matei
Copy link
Contributor Author

matei commented Jul 24, 2019

Hi @hostep
thanks for the heads-up. I've submitted a new PR based on the new 2.3-develop (#23866)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@matei @magento-engcom-team @magento-cicd2 @hostep