From: Dylan William Hardison Date: Mon, 6 Mar 2017 00:15:30 +0000 (-0500) Subject: Bug 1342818 - Move some configuration out of data/params.json into localconfig X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=940bae774ba9c68067144ca374010d8d232ba5aa;p=thirdparty%2Fbugzilla.git Bug 1342818 - Move some configuration out of data/params.json into localconfig --- diff --git a/Bugzilla.pm b/Bugzilla.pm index 880426e5b0..56ddf90cc1 100644 --- a/Bugzilla.pm +++ b/Bugzilla.pm @@ -556,7 +556,7 @@ sub switch_to_shadow_db { my $class = shift; if (!$class->request_cache->{dbh_shadow}) { - if ($class->params->{'shadowdb'}) { + if ($class->localconfig->{db_shadow}{db_name}) { $class->request_cache->{dbh_shadow} = Bugzilla::DB::connect_shadow(); } else { $class->request_cache->{dbh_shadow} = $class->dbh_main; diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index edfc7ba70f..8d3f38d609 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -581,7 +581,7 @@ sub url_is_attachment_base { # If we are behind a reverse proxy, we need to determine the original # URL, else the comparison with the attachment_base URL will fail. - if (Bugzilla->params->{'inbound_proxies'}) { + if (Bugzilla->localconfig->{'inbound_proxies'}) { # X-Forwarded-Proto is defined in RFC 7239. my $protocol = $ENV{HTTP_X_FORWARDED_PROTO} || $self->protocol; my $host = $self->virtual_host; diff --git a/Bugzilla/Config.pm b/Bugzilla/Config.pm index 8bd774b709..ae08c503e9 100644 --- a/Bugzilla/Config.pm +++ b/Bugzilla/Config.pm @@ -92,11 +92,7 @@ sub SetParam { my $entry = $params{$name}; # sanity check the value - - # XXX - This runs the checks. Which would be good, except that - # check_shadowdb creates the database as a side effect, and so the - # checker fails the second time around... - if ($name ne 'shadowdb' && exists $entry->{'checker'}) { + if (exists $entry->{'checker'}) { my $err = $entry->{'checker'}->($value, $entry); die "Param $name is not valid: $err" unless $err eq ''; } diff --git a/Bugzilla/Config/Advanced.pm b/Bugzilla/Config/Advanced.pm index 7a61bf7c47..acdbf71e3b 100644 --- a/Bugzilla/Config/Advanced.pm +++ b/Bugzilla/Config/Advanced.pm @@ -16,13 +16,6 @@ use Bugzilla::Config::Common; our $sortkey = 1700; use constant get_param_list => ( - { - name => 'inbound_proxies', - type => 't', - default => '', - checker => \&check_inbound_proxies - }, - { name => 'proxy_url', type => 't', @@ -38,15 +31,4 @@ use constant get_param_list => ( }, ); -sub check_inbound_proxies { - my $inbound_proxies = shift; - - return "" if $inbound_proxies eq "*"; - my @proxies = split(/[\s,]+/, $inbound_proxies); - foreach my $proxy (@proxies) { - validate_ip($proxy) || return "$proxy is not a valid IPv4 or IPv6 address"; - } - return ""; -} - 1; diff --git a/Bugzilla/Config/Common.pm b/Bugzilla/Config/Common.pm index e6e0d4a233..a17fc36afd 100644 --- a/Bugzilla/Config/Common.pm +++ b/Bugzilla/Config/Common.pm @@ -24,7 +24,7 @@ use parent qw(Exporter); @Bugzilla::Config::Common::EXPORT = qw(check_multi check_numeric check_regexp check_group check_sslbase check_priority check_severity check_platform - check_opsys check_shadowdb check_urlbase check_user_verify_class + check_opsys check_urlbase check_user_verify_class check_ip check_mail_delivery_method check_notification check_bug_status check_smtp_auth check_theschwartz_available check_maxattachmentsize check_email check_smtp_ssl @@ -191,23 +191,6 @@ sub check_group { return ""; } -sub check_shadowdb { - my ($value) = (@_); - $value = trim($value); - if ($value eq "") { - return ""; - } - - if (!Bugzilla->params->{'shadowdbhost'}) { - return "You need to specify a host when using a shadow database"; - } - - # Can't test existence of this because ConnectToDatabase uses the param, - # but we can't set this before testing.... - # This can really only be fixed after we can use the DBI more openly - return ""; -} - sub check_urlbase { my ($url) = (@_); if ($url && $url !~ m:^http.*/$:) { @@ -218,8 +201,8 @@ sub check_urlbase { sub check_user_verify_class { # doeditparams traverses the list of params, and for each one it checks, - # then updates. This means that if one param checker wants to look at - # other params, it must be below that other one. So you can't have two + # then updates. This means that if one param checker wants to look at + # other params, it must be below that other one. So you can't have two # params mutually dependent on each other. # This means that if someone clears the LDAP config params after setting # the login method as LDAP, we won't notice, but all logins will fail. @@ -245,7 +228,7 @@ sub check_user_verify_class { return "LDAP support is not available. Run checksetup.pl" . " for more details"; } - return "LDAP servername (LDAPserver) is missing" + return "LDAP servername (LDAPserver) is missing" if !$params->{"LDAPserver"}; return "LDAPBaseDN is empty" if !$params->{"LDAPBaseDN"}; } @@ -516,8 +499,6 @@ changed, insert all missing transitions to the new bug status. =item check_resolution -=item check_shadowdb - =item check_smtp_server =item check_smtp_auth diff --git a/Bugzilla/Config/Memcached.pm b/Bugzilla/Config/Memcached.pm deleted file mode 100644 index e45c33da19..0000000000 --- a/Bugzilla/Config/Memcached.pm +++ /dev/null @@ -1,33 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# This Source Code Form is "Incompatible With Secondary Licenses", as -# defined by the Mozilla Public License, v. 2.0. - -package Bugzilla::Config::Memcached; - -use 5.14.0; -use strict; -use warnings; - -use Bugzilla::Config::Common; - -our $sortkey = 1550; - -sub get_param_list { - return ( - { - name => 'memcached_servers', - type => 't', - default => '' - }, - { - name => 'memcached_namespace', - type => 't', - default => 'bugzilla:', - }, - ); -} - -1; diff --git a/Bugzilla/Config/ShadowDB.pm b/Bugzilla/Config/ShadowDB.pm deleted file mode 100644 index 20212629cf..0000000000 --- a/Bugzilla/Config/ShadowDB.pm +++ /dev/null @@ -1,51 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# This Source Code Form is "Incompatible With Secondary Licenses", as -# defined by the Mozilla Public License, v. 2.0. - -package Bugzilla::Config::ShadowDB; - -use 5.14.0; -use strict; -use warnings; - -use Bugzilla::Config::Common; - -our $sortkey = 1500; - -sub get_param_list { - my $class = shift; - my @param_list = ( - { - name => 'shadowdbhost', - type => 't', - default => '', - }, - - { - name => 'shadowdbport', - type => 't', - default => '3306', - checker => \&check_numeric, - }, - - { - name => 'shadowdbsock', - type => 't', - default => '', - }, - - # This entry must be _after_ the shadowdb{host,port,sock} settings so that - # they can be used in the validation here - { - name => 'shadowdb', - type => 't', - default => '', - checker => \&check_shadowdb - } ); - return @param_list; -} - -1; diff --git a/Bugzilla/DB.pm b/Bugzilla/DB.pm index 51d736f273..b327b776fa 100644 --- a/Bugzilla/DB.pm +++ b/Bugzilla/DB.pm @@ -98,24 +98,23 @@ sub quote { ##################################################################### sub connect_shadow { - my $params = Bugzilla->params; - die "Tried to connect to non-existent shadowdb" - unless $params->{'shadowdb'}; + my $localconfig = Bugzilla->localconfig; + die "Tried to connect to non-existent shadowdb" + unless $localconfig->{db_shadow}{db_name}; # Instead of just passing in a new hashref, we locally modify the # values of "localconfig", because some drivers access it while # connecting. - my %connect_params = %{ Bugzilla->localconfig }; - $connect_params{db_host} = $params->{'shadowdbhost'}; - $connect_params{db_name} = $params->{'shadowdb'}; - $connect_params{db_port} = $params->{'shadowdbport'}; - $connect_params{db_sock} = $params->{'shadowdbsock'}; + my %connect_params = %{ $localconfig }; + for my $key (qw(db_host db_name db_port db_sock)) { + $connect_params{$key} = $localconfig->{db_shadow}{$key}; + } return _connect(\%connect_params); } sub connect_main { - return _connect(Bugzilla->localconfig); + return _connect(Bugzilla->localconfig); } sub _connect { diff --git a/Bugzilla/Install/Localconfig.pm b/Bugzilla/Install/Localconfig.pm index d591ece150..91cb96be31 100644 --- a/Bugzilla/Install/Localconfig.pm +++ b/Bugzilla/Install/Localconfig.pm @@ -111,6 +111,17 @@ use constant LOCALCONFIG_VARS => ( name => 'db_mysql_ssl_client_key', default => '', }, + { + name => 'db_shadow', + default => sub { + return { + db_name => migrate_data_param('shadowdb'), + db_host => migrate_data_param('shadowdbhost'), + db_port => migrate_data_param('shadowdbport'), + db_sock => migrate_data_param('shadowdbsock'), + } + } + }, { name => 'index_html', default => 0, @@ -141,8 +152,29 @@ use constant LOCALCONFIG_VARS => ( name => 'apache_size_limit', default => 250000, }, + { + name => 'inbound_proxies', + default => sub { migrate_data_param('inbound_proxies') // '' }, + }, + { + name => 'proxy_url', + default => sub { migrate_data_param('proxy_url') // '' }, + }, + { + name => 'memcached_servers', + default => sub { migrate_data_param('memcached_servers') // '' }, + }, + { + name => 'memcached_namespace', + default => sub { migrate_data_param('memcached_namespace') // 'bugzilla:' }, + } ); +sub migrate_data_param { + my ($name) = @_; + state $params = Bugzilla::Config::read_param_file(); + return $params->{$name}; +} sub read_localconfig { my ($include_deprecated) = @_; diff --git a/Bugzilla/Memcached.pm b/Bugzilla/Memcached.pm index ed32fa27b0..aeea23c69e 100644 --- a/Bugzilla/Memcached.pm +++ b/Bugzilla/Memcached.pm @@ -27,13 +27,13 @@ sub _new { # always return an object to simplify calling code when memcached is # disabled. if (Bugzilla->feature('memcached') - && Bugzilla->params->{memcached_servers}) + && Bugzilla->localconfig->{memcached_servers}) { require Cache::Memcached::Fast; - $self->{namespace} = Bugzilla->params->{memcached_namespace} || ''; + $self->{namespace} = Bugzilla->localconfig->{memcached_namespace} || ''; $self->{memcached} = Cache::Memcached::Fast->new({ - servers => [ split(/[, ]+/, Bugzilla->params->{memcached_servers}) ], + servers => [ split(/[, ]+/, Bugzilla->localconfig->{memcached_servers}) ], namespace => $self->{namespace}, }); } diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index fcd4aff918..df969391f3 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -277,7 +277,7 @@ sub do_ssl_redirect_if_required { return if !Bugzilla->params->{'sslbase'}; # If we're already running under SSL, never redirect. - if (Bugzilla->params->{'inbound_proxies'} + if (Bugzilla->localconfig->{'inbound_proxies'} && uc($ENV{HTTP_X_FORWARDED_PROTO} || '') eq 'HTTPS') { return; } @@ -300,7 +300,7 @@ sub correct_urlbase { return $sslbase; } # Return what the user currently uses. - elsif (Bugzilla->params->{'inbound_proxies'}) { + elsif (Bugzilla->localconfig->{'inbound_proxies'}) { return (uc($ENV{HTTP_X_FORWARDED_PROTO} || '') eq 'HTTPS') ? $sslbase : $urlbase; } else { @@ -311,7 +311,7 @@ sub correct_urlbase { # Returns the real remote address of the client, sub remote_ip { my $remote_ip = $ENV{'REMOTE_ADDR'} || '127.0.0.1'; - my @proxies = split(/[\s,]+/, Bugzilla->params->{inbound_proxies}); + my @proxies = split(/[\s,]+/, Bugzilla->localconfig->{inbound_proxies}); my @x_forwarded_for = split(/[\s,]+/, $ENV{HTTP_X_FORWARDED_FOR} // ''); return $remote_ip unless @x_forwarded_for; diff --git a/t/015remote_ip.t b/t/015remote_ip.t index a35b887c78..4023add968 100644 --- a/t/015remote_ip.t +++ b/t/015remote_ip.t @@ -15,10 +15,10 @@ use Test::More qw(no_plan); use Bugzilla; use Bugzilla::Util qw(remote_ip); -my $params = Bugzilla->params; +my $localconfig = Bugzilla->localconfig; { - local $params->{inbound_proxies} = '10.0.0.1,10.0.0.2'; + local $localconfig->{inbound_proxies} = '10.0.0.1,10.0.0.2'; local $ENV{REMOTE_ADDR} = '10.0.0.2'; local $ENV{HTTP_X_FORWARDED_FOR} = '10.42.42.42'; @@ -26,7 +26,7 @@ my $params = Bugzilla->params; } { - local $params->{inbound_proxies} = '10.0.0.1,10.0.0.2'; + local $localconfig->{inbound_proxies} = '10.0.0.1,10.0.0.2'; local $ENV{REMOTE_ADDR} = '10.0.0.1'; local $ENV{HTTP_X_FORWARDED_FOR} = '10.42.42.42'; @@ -34,7 +34,7 @@ my $params = Bugzilla->params; } { - local $params->{inbound_proxies} = '10.0.0.1,10.0.0.2'; + local $localconfig->{inbound_proxies} = '10.0.0.1,10.0.0.2'; local $ENV{REMOTE_ADDR} = '10.0.0.3'; local $ENV{HTTP_X_FORWARDED_FOR} = '10.42.42.42'; @@ -42,7 +42,7 @@ my $params = Bugzilla->params; } { - local $params->{inbound_proxies} = '*'; + local $localconfig->{inbound_proxies} = '*'; local $ENV{REMOTE_ADDR} = '10.0.0.3'; local $ENV{HTTP_X_FORWARDED_FOR} = '10.42.42.42,1.4.9.2'; @@ -50,7 +50,7 @@ my $params = Bugzilla->params; } { - local $params->{inbound_proxies} = ''; + local $localconfig->{inbound_proxies} = ''; local $ENV{REMOTE_ADDR} = '10.9.8.7'; local $ENV{HTTP_X_FORWARDED_FOR} = '10.42.42.42,1.4.9.2'; @@ -59,7 +59,7 @@ my $params = Bugzilla->params; { - local $params->{inbound_proxies} = '10.0.0.1,2600:cafe::cafe:ffff:bf42:4998'; + local $localconfig->{inbound_proxies} = '10.0.0.1,2600:cafe::cafe:ffff:bf42:4998'; local $ENV{REMOTE_ADDR} = '2600:cafe::cafe:ffff:bf42:4998'; local $ENV{HTTP_X_FORWARDED_FOR} = '2600:cafe::cafe:ffff:bf42:BEEF'; @@ -67,7 +67,7 @@ my $params = Bugzilla->params; } { - local $params->{inbound_proxies} = '10.0.0.1,2600:cafe::cafe:ffff:bf42:4998'; + local $localconfig->{inbound_proxies} = '10.0.0.1,2600:cafe::cafe:ffff:bf42:4998'; local $ENV{REMOTE_ADDR} = '2600:cafe::cafe:ffff:bf42:DEAD'; local $ENV{HTTP_X_FORWARDED_FOR} = '2600:cafe::cafe:ffff:bf42:BEEF'; @@ -76,7 +76,7 @@ my $params = Bugzilla->params; { - local $params->{inbound_proxies} = '*'; + local $localconfig->{inbound_proxies} = '*'; local $ENV{REMOTE_ADDR} = '2600:cafe::cafe:ffff:bf42:DEAD'; local $ENV{HTTP_X_FORWARDED_FOR} = ''; diff --git a/template/en/default/admin/params/advanced.html.tmpl b/template/en/default/admin/params/advanced.html.tmpl index 70171bd539..682756eede 100644 --- a/template/en/default/admin/params/advanced.html.tmpl +++ b/template/en/default/admin/params/advanced.html.tmpl @@ -41,23 +41,5 @@ [% END %] [% param_descs = { - inbound_proxies => - "When inbound traffic to Bugzilla goes through a proxy," - _ " Bugzilla thinks that the IP address of every single" - _ " user is the IP address of the proxy. If you enter a comma-separated" - _ " list of IPs in this parameter, then Bugzilla will trust any" - _ " X-Forwarded-For header sent from those IPs," - _ " and use the value of that header as the end user's IP address." - _ " If set to a *, $terms.Bugzilla will trust the first value in the " - _ " X-Forwarded-For header.", - - proxy_url => - "Bugzilla may have to access the web to get notifications about" - _ " new releases (see the upgrade_notification parameter)." - _ " If your Bugzilla server is behind a proxy, it may be" - _ " necessary to enter its URL if the web server cannot access the" - _ " HTTP_PROXY environment variable. If you have to authenticate," - _ " use the http://user:pass@proxy_url/ syntax.", - strict_transport_security => sts_desc, } %] diff --git a/template/en/default/admin/params/memcached.html.tmpl b/template/en/default/admin/params/memcached.html.tmpl deleted file mode 100644 index 50ec435fb7..0000000000 --- a/template/en/default/admin/params/memcached.html.tmpl +++ /dev/null @@ -1,22 +0,0 @@ -[%# This Source Code Form is subject to the terms of the Mozilla Public - # License, v. 2.0. If a copy of the MPL was not distributed with this - # file, You can obtain one at http://mozilla.org/MPL/2.0/. - # - # This Source Code Form is "Incompatible With Secondary Licenses", as - # defined by the Mozilla Public License, v. 2.0. - #%] -[% - title = "Memcached" - desc = "Set up Memcached integration" -%] - -[% param_descs = { - memcached_servers => - "If this option is set, Bugzilla will integrate with Memcached. " _ - "Specify one or more servers, separated by spaces, using hostname:port " _ - "notation (for example: 127.0.0.1:11211).", - - memcached_namespace => - "Specify a string to prefix to each key on Memcached.", - } -%] diff --git a/template/en/default/setup/strings.txt.pl b/template/en/default/setup/strings.txt.pl index 34bbba2b79..a6302bc56c 100644 --- a/template/en/default/setup/strings.txt.pl +++ b/template/en/default/setup/strings.txt.pl @@ -182,6 +182,11 @@ END localconfig_db_mysql_ssl_client_key => <<'END', Full path to the private key corresponding to the client SSL certificate. The file must not be password-protected and must be readable by web server user. +END + localconfig_db_shadow => <<'END', +This is optional hack to increase database performance. If you have a read-only database +that is faster to connect to (such as a db slave) you can list its connection details +here. Note you cannot change the db_driver. END localconfig_diffpath => <<'END', For the "Difference Between Two Patches" feature to work, we need to know @@ -196,6 +201,14 @@ Unifont (http://unifoundry.com/unifont.html), which supports all printable characters in the Basic Multilingual Plane. If you leave this parameter empty, a default font will be used, but its support is limited to English characters only and so other characters will be displayed incorrectly. +END + localconfig_inbound_proxies => <<'END', +When inbound traffic to Bugzilla goes through a proxy, +Bugzilla thinks that the IP address of every single user is the IP address of the proxy. +If you enter a comma-separated list of IPs in this parameter, then Bugzilla will trust any +X-Forwarded-For header sent from those IPs, and use the value of that header as the end +user's IP address. +If set to a *, Bugzilla will trust the first value in the X-Forwarded-For header. END localconfig_index_html => <<'END', Most web servers will allow you to use index.cgi as a directory @@ -211,6 +224,18 @@ END If you want to use the "Difference Between Two Patches" feature of the Patch Viewer, please specify the full path to the "interdiff" executable here. +END + localconfig_memcached_namespace => <<'END', +Specify a string to prefix to each key on Memcached. +END + localconfig_memcached_servers => <<'END', +If this option is set, Bugzilla will integrate with Memcached. +Specify one or more servers, separated by spaces, using hostname:port +notation (for example: 127.0.0.1:11211). +END + localconfig_proxy_url => <<'END', +If your Bugzilla server is behind a proxy, it may be necessary to enter its URL +If you have to authenticate use http://user:pass@proxy_url/ syntax END localconfig_site_wide_secret => <<'END', This secret key is used by your installation for the creation and