Skip to content

fix(db): use caching_sha2_password for MySQL #54043

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
susnux merged 1 commit into from
Aug 6, 2025
Merged

fix(db): use caching_sha2_password for MySQL #54043

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 20 additions & 7 deletions lib/private/Setup/MySQL.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
namespace OC\Setup;

use Doctrine\DBAL\Platforms\MySQL80Platform;
use Doctrine\DBAL\Platforms\MySQL84Platform;
use OC\DB\ConnectionAdapter;
use OC\DB\MySqlTools;
use OCP\IDBConnection;
Expand Down Expand Up @@ -92,22 +93,29 @@ private function createDatabase($connection): void {
* @throws \OC\DatabaseSetupException
*/
private function createDBUser($connection): void {
$name = $this->dbUser;
$password = $this->dbPassword;

try {
$name = $this->dbUser;
$password = $this->dbPassword;
// we need to create 2 accounts, one for global use and one for local user. if we don't specify the local one,
// the anonymous user would take precedence when there is one.

if ($connection->getDatabasePlatform() instanceof Mysql80Platform) {
if ($connection->getDatabasePlatform() instanceof MySQL84Platform) {
$query = "CREATE USER ?@'localhost' IDENTIFIED WITH caching_sha2_password BY ?";
$connection->executeStatement($query, [$name,$password]);
$query = "CREATE USER ?@'%' IDENTIFIED WITH caching_sha2_password BY ?";
$connection->executeStatement($query, [$name,$password]);
} elseif ($connection->getDatabasePlatform() instanceof Mysql80Platform) {
// TODO: Remove this elseif section as soon as MySQL 8.0 is out-of-support (after April 2026)
$query = "CREATE USER ?@'localhost' IDENTIFIED WITH mysql_native_password BY ?";
$connection->executeUpdate($query, [$name,$password]);
$connection->executeStatement($query, [$name,$password]);
$query = "CREATE USER ?@'%' IDENTIFIED WITH mysql_native_password BY ?";
$connection->executeUpdate($query, [$name,$password]);
$connection->executeStatement($query, [$name,$password]);
} else {
$query = "CREATE USER ?@'localhost' IDENTIFIED BY ?";
$connection->executeUpdate($query, [$name,$password]);
$connection->executeStatement($query, [$name,$password]);
$query = "CREATE USER ?@'%' IDENTIFIED BY ?";
$connection->executeUpdate($query, [$name,$password]);
$connection->executeStatement($query, [$name,$password]);
}
} catch (\Exception $ex) {
$this->logger->error('Database user creation failed.', [
Expand Down Expand Up @@ -158,6 +166,11 @@ private function createSpecificUser($username, $connection): void {
//use the admin login data for the new database user
$this->dbUser = $adminUser;
$this->createDBUser($connection);
// if sharding is used we need to manually call this for every shard as those also need the user setup!
/** @var ConnectionAdapter $connection */
foreach ($connection->getInner()->getShardConnections() as $shard) {
$this->createDBUser($shard);
}

break;
} else {
Expand Down
Loading