From ffd3b4b7e391d40c476772bd16530572431d2896 Mon Sep 17 00:00:00 2001
From: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Date: Fri, 29 May 2020 16:10:58 +0200
Subject: [PATCH] Bug 25622: Use special chars in DB password (koha-create)

On bug 23250 we decided to generate a password without special chars
then add a '@' at the end to comply with MySQL policy.
That is wrong, we should handle correctly the special chars we don't
want to be part of the password.

Test plan:
1.
mysqlpwd=$(pwgen -s -y -r ":'&\\<>/" 16 1)
echo $mysqlpwd

Confirm that you don't see one of the following chars : ' & \ < > /

2.
Copy from src and edit /usr/sbin/koha-create to add an echo $mysqlpwd
Create several instances, like:
koha-create --create-db x
koha-create --create-db xx
koha-create --create-db xxx
...

When you see a password with a special chars, do:
koha-shell xxx
grep '<pass>' $KOHA_CONF
And make sure the password does not contain "__DB_PASS__"

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
---
 debian/scripts/koha-create | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/debian/scripts/koha-create b/debian/scripts/koha-create
index c833b451ad..fb404f470e 100755
--- a/debian/scripts/koha-create
+++ b/debian/scripts/koha-create
@@ -752,8 +752,8 @@ if [ "$op" = create ] || [ "$op" = request ] || [ "$op" = use ]
 then
     if [ "$mysqlpwd" = "" ]
     then
-        mysqlpwd="$(pwgen -s 15 1)"
-        mysqlpwd="$mysqlpwd@"
+        # Removing : ' & \ < > /
+        mysqlpwd=$(pwgen -s -y -r ":'&\\<>/" 16 1)
     fi
 else
     mysqlpwd="$(getinstancemysqlpassword $name)"
-- 
2.20.1