Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
If you use the source_database argument to specify your source database address/credentials (as opposed to defining them in settings.php and just referencing them through source_connection), the credentials are stored as plaintext in the arguments in migrate_status (or, in the coming wizard_api world, migrate_group). We should encrypt the credentials.
Comment | File | Size | Author |
---|---|---|---|
#10 | migrate_d2d-encryptdb-1896006-10.patch | 5.2 KB | mikeryan |
#9 | migrate_d2d-encrypt-stored-db-creds-1896006-9.patch | 1.6 KB | Anonymous (not verified) |
#6 | encrypt_stored_db_creds-1896006-6.patch | 4.64 KB | Anonymous (not verified) |
#5 | encrypt_stored_db_creds-1896006-5.patch | 3.95 KB | Anonymous (not verified) |
#2 | encrypt_stored_db_creds-1896006-2.patch | 1.45 KB | Anonymous (not verified) |
Comments
Comment #1
mikeryanComment #2
Anonymous (not verified) CreditAttribution: Anonymous commentedThis patch is dependent upon this other patch to migrate:
http://drupal.org/node/1901980#comment-6998214
Comment #3
Anonymous (not verified) CreditAttribution: Anonymous commentedComment #4
mikeryanWe're rethinking the general approach to encrypting arguments, see #1901980: Convenience functions for encryption/decryption.
Comment #5
Anonymous (not verified) CreditAttribution: Anonymous commentedI've isolated these changes to the migrate_d2d module (no patch to base migrate needed). I've mimicked the behavior of the encrypt module in the case of it being absent so that if it's added later the encrypted values will still be useable.
Comment #6
Anonymous (not verified) CreditAttribution: Anonymous commentedA few more updates based on feedback from Mike.
Comment #7
mikeryanLooks good to me (and works just fine with my current wizard code), feel free to commit at will to the wizard_api branch.
Thanks.
Comment #8
Anonymous (not verified) CreditAttribution: Anonymous commentedComment #9
Anonymous (not verified) CreditAttribution: Anonymous commentedDeprecating these functions before the official release of this branch and updating the code to rely on the encrypt/decrypt functions added to MigrationBase in this issue: http://drupal.org/node/1901980
Comment #10
mikeryanHere's a patch to work with the latest Migrate patch at #1901980: Convenience functions for encryption/decryption.
Comment #11
mikeryanActually, just occurred to me we should have an update function to add the encrypted_arguments to group argument for any existing migrations that have encrypted the source_database.
Comment #12
mikeryanI implemented the update function and tested with a site migration I had registered with the former encryption builtin to migrate_d2d, worked just fine, I've committed this.