tux/drupal11-ddev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial Drupal 11 with DDEV setup

Browse Source
This commit is contained in:
gluebox
2025-10-08 11:39:17 -04:00
commit 89ef74b305
25344 changed files with 2599172 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
web/core/modules/phpass/phpass.info.yml Normal file
View File

@ -0,0 +1,5 @@
name: Password Compatibility
type: module
description: 'Provides the password checking algorithm for user accounts created with Drupal prior to version 10.1.0.'
package: Core
version: VERSION

8
web/core/modules/phpass/phpass.services.yml Normal file
View File

@ -0,0 +1,8 @@
services:
_defaults:
autoconfigure: true
phpass.password:
public: false
class: Drupal\phpass\Password\PhpassHashedPassword
decorates: password
arguments: ['@.inner']

51
web/core/modules/phpass/src/Hook/PhpassHooks.php Normal file
View File

@ -0,0 +1,51 @@
<?php
namespace Drupal\phpass\Hook;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Routing\RouteMatchInterface;
use Drupal\Core\Hook\Attribute\Hook;
use Drupal\Core\StringTranslation\StringTranslationTrait;
/**
* Hook implementations for phpass.
*/
class PhpassHooks {
use StringTranslationTrait;
/**
* Implements hook_help().
*/
#[Hook('help')]
public function help($route_name, RouteMatchInterface $route_match): ?string {
switch ($route_name) {
case 'help.page.phpass':
$output = '';
$output .= '<h2>' . $this->t('About') . '</h2>';
$output .= '<p>' . $this->t('The Password Compatibility module provides the password checking algorithm for user accounts created with Drupal prior to version 10.1.0. For more information, see the <a href=":phpass">online documentation for the Password Compatibility module</a>.', [
':phpass' => 'https://www.drupal.org/docs/core-modules-and-themes/core-modules/password-compatibility-module',
]) . '</p>';
$output .= '<p>' . $this->t('Drupal 10.1.0 and later use a different algorithm to compute the hashed password. This provides better security against brute-force attacks. The hashed passwords are different from the ones computed with Drupal versions before 10.1.0.') . '</p>';
$output .= '<p>' . $this->t('When the Password Compatibility module is installed, a user can log in with a username and password created before Drupal 10.1.0. The first time these credentials are used, a new hash is computed and saved. From then on, the user will be able to log in with the same username and password whether or not this module is installed.') . '</p>';
$output .= '<p>' . $this->t('Passwords created before Drupal 10.1.0 <strong>will not work</strong> unless they are used at least once while this module is installed. Make sure that you can log in before uninstalling this module.') . '</p>';
return $output;
}
return NULL;
}
/**
* Implements hook_form_FORM_ID_alter() for system_modules_uninstall_confirm_form.
*/
#[Hook('form_system_modules_uninstall_confirm_form_alter')]
public function formSystemModulesUninstallConfirmFormAlter(array &$form, FormStateInterface $form_state) : void {
$modules = \Drupal::keyValueExpirable('modules_uninstall')->get(\Drupal::currentUser()->id());
if (!in_array('phpass', $modules)) {
return;
}
\Drupal::messenger()->addWarning($this->t('Make sure that you can log in before uninstalling the Password Compatibility module. For more information, see the <a href=":phpass">online documentation for the Password Compatibility module</a>.', [
':phpass' => 'https://www.drupal.org/docs/core-modules-and-themes/core-modules/password-compatibility-module',
]));
}
}

12
web/core/modules/phpass/src/Password/PhpassHashedPassword.php Normal file
View File

@ -0,0 +1,12 @@
<?php
namespace Drupal\phpass\Password;
use Drupal\Core\Password\PhpassHashedPasswordBase;
/**
* Legacy password hashing framework.
*
* @see https://www.drupal.org/node/3322420
*/
class PhpassHashedPassword extends PhpassHashedPasswordBase {}

14
web/core/modules/phpass/tests/src/Functional/GenericTest.php Normal file
View File

@ -0,0 +1,14 @@
<?php
declare(strict_types=1);
namespace Drupal\Tests\phpass\Functional;
use Drupal\Tests\system\Functional\Module\GenericModuleTestBase;
/**
* Generic module test for phpass.
*
* @group phpass
*/
class GenericTest extends GenericModuleTestBase {}

185
web/core/modules/phpass/tests/src/Unit/PasswordVerifyTest.php Normal file
View File

@ -0,0 +1,185 @@
<?php
declare(strict_types=1);
namespace Drupal\Tests\phpass\Unit;
use Drupal\phpass\Password\PhpassHashedPassword;
use Drupal\Core\Password\PasswordInterface;
use Drupal\Core\Password\PhpPassword;
use Drupal\Tests\UnitTestCase;
/**
* Unit tests for password hashing API.
*
* @coversDefaultClass \Drupal\phpass\Password\PhpassHashedPassword
* @group phpass
* @group #slow
*/
class PasswordVerifyTest extends UnitTestCase {
/**
* Tests that hash() is forwarded to corePassword instance.
*
* @covers ::hash
*/
public function testPasswordHash(): void {
$samplePassword = $this->randomMachineName();
$sampleHash = $this->randomMachineName();
$corePassword = $this->prophesize(PasswordInterface::class);
$corePassword->hash($samplePassword)->willReturn($sampleHash);
$passwordService = new PhpassHashedPassword($corePassword->reveal());
$result = $passwordService->hash($samplePassword);
$this->assertSame($sampleHash, $result, 'Calls to hash() are forwarded to core password service.');
}
/**
* Tests that needsRehash() is forwarded to corePassword instance.
*
* @covers ::needsRehash
*/
public function testPasswordNeedsRehash(): void {
$sampleHash = $this->randomMachineName();
$corePassword = $this->prophesize(PasswordInterface::class);
$corePassword->needsRehash($sampleHash)->willReturn(TRUE);
$passwordService = new PhpassHashedPassword($corePassword->reveal());
$result = $passwordService->needsRehash($sampleHash);
$this->assertTrue($result, 'Calls to needsRehash() are forwarded to core password service.');
}
/**
* Tests that check() is forwarded to corePassword instance if hash settings are not recognized.
*
* @covers ::check
*/
public function testPasswordCheckUnknownHash(): void {
$samplePassword = $this->randomMachineName();
$sampleHash = $this->randomMachineName();
$corePassword = $this->prophesize(PasswordInterface::class);
$corePassword->check($samplePassword, $sampleHash)->willReturn(TRUE);
$passwordService = new PhpassHashedPassword($corePassword->reveal());
$result = $passwordService->check($samplePassword, $sampleHash);
$this->assertTrue($result, 'Calls to check() are forwarded to core password service if hash settings are not recognized.');
}
/**
* Tests that check() verifies passwords if hash settings are supported.
*
* @covers ::check
* @covers ::crypt
* @covers ::getCountLog2
* @covers ::enforceLog2Boundaries
* @covers ::base64Encode
*/
public function testPasswordCheckSupported(): void {
$validPassword = 'valid password';
// cspell:disable
$passwordHash = '$S$5TOxWPdvJRs0P/xZBdrrPlGgzViOS0drHu3jaIjitesfttrp18bk';
$passwordLayered = 'U$S$5vNHDQyLqCTvsYBLWBUWXJWhA0m3DTpBh04acFEOGB.bKBclhKgo';
// cspell:enable
$invalidPassword = 'invalid password';
$corePassword = $this->prophesize(PasswordInterface::class);
$corePassword->check()->shouldNotBeCalled();
$passwordService = new PhpassHashedPassword($corePassword->reveal());
$result = $passwordService->check($validPassword, $passwordHash);
$this->assertTrue($result, 'Accepts valid passwords created prior to 10.1.x');
$result = $passwordService->check($invalidPassword, $passwordHash);
$this->assertFalse($result, 'Rejects invalid passwords created prior to 10.1.x');
$result = $passwordService->check($validPassword, $passwordLayered);
$this->assertTrue($result, 'Accepts valid passwords migrated from sites running 6.x');
$result = $passwordService->check($invalidPassword, $passwordLayered);
$this->assertFalse($result, 'Rejects invalid passwords migrated from sites running 6.x');
}
/**
* Tests the hash count boundaries are enforced.
*
* @covers ::enforceLog2Boundaries
*/
public function testWithinBounds(): void {
$hasher = new PhpassHashedPasswordLog2BoundariesDouble();
$this->assertEquals(PhpassHashedPassword::MIN_HASH_COUNT, $hasher->enforceLog2Boundaries(1), "Min hash count enforced");
$this->assertEquals(PhpassHashedPassword::MAX_HASH_COUNT, $hasher->enforceLog2Boundaries(100), "Max hash count enforced");
}
/**
* Verifies that passwords longer than 512 bytes are not hashed.
*
* @covers ::crypt
*
* @dataProvider providerLongPasswords
*/
public function testLongPassword($password, $allowed): void {
// cspell:disable
$bogusHash = '$S$5TOxWPdvJRs0P/xZBdrrPlGgzViOS0drHu3jaIjitesfttrp18bk';
// cspell:enable
$passwordService = new PhpassHashedPassword(new PhpPassword());
if ($allowed) {
$hash = $passwordService->hash($password);
$this->assertNotFalse($hash);
$result = $passwordService->check($password, $hash);
$this->assertTrue($result);
}
else {
$result = $passwordService->check($password, $bogusHash);
$this->assertFalse($result);
}
}
/**
* Provides the test matrix for testLongPassword().
*/
public static function providerLongPasswords() {
// '512 byte long password is allowed.'
$passwords['allowed'] = [str_repeat('x', PasswordInterface::PASSWORD_MAX_LENGTH), TRUE];
// 513 byte long password is not allowed.
$passwords['too_long'] = [str_repeat('x', PasswordInterface::PASSWORD_MAX_LENGTH + 1), FALSE];
// Check a string of 3-byte UTF-8 characters, 510 byte long password is
// allowed.
$len = (int) floor(PasswordInterface::PASSWORD_MAX_LENGTH / 3);
$diff = PasswordInterface::PASSWORD_MAX_LENGTH % 3;
$passwords['utf8'] = [str_repeat('€', $len), TRUE];
// 512 byte long password is allowed.
$passwords['ut8_extended'] = [$passwords['utf8'][0] . str_repeat('x', $diff), TRUE];
// Check a string of 3-byte UTF-8 characters, 513 byte long password is
// allowed.
$passwords['utf8_too_long'] = [str_repeat('€', $len + 1), FALSE];
return $passwords;
}
}
/**
* Test double for test coverage of enforceLog2Boundaries().
*/
class PhpassHashedPasswordLog2BoundariesDouble extends PhpassHashedPassword {
public function __construct() {
// Noop.
}
/**
* Exposes this method as public for tests.
*/
public function enforceLog2Boundaries($count_log2) {
return parent::enforceLog2Boundaries($count_log2);
}
}