fix: add handling for MD5 on new MySQL and deprecate MD5 SQL function

susnux · susnux · commit 4740f9be9f28 · 2026-06-12T16:28:44.000+02:00
Signed-off-by: Ferdinand Thiessen &lt;opensource@fthiessen.de&gt;
diff --git a/lib/private/Setup/MySQL.php b/lib/private/Setup/MySQL.php
@@ -30,6 +30,19 @@ public function setupDatabase(): void {
 			$connection = $this->connect(['dbname' => null]);
 		}
 
+		// for MD5 support
+		if ($connection->getDatabasePlatform() instanceof MySQL84Platform) {
+			$statement = $connection->prepare("SHOW VARIABLES LIKE 'version';");
+			$result = $statement->executeQuery();
+			$row = $result->fetchAssociative();
+			$version = $row['Value'];
+			[$major, ] = explode('.', strtolower($version));
+			if ((int)$major >= 9) {
+				$statement = $connection->prepare("INSTALL COMPONENT 'file://component_classic_hashing';");
+				$statement->executeStatement();
+			}
+		}
+
 		if ($this->tryCreateDbUser) {
 			$this->createSpecificUser('oc_admin', new ConnectionAdapter($connection));
 		}
@@ -103,12 +116,6 @@ private function createDBUser(IDBConnection $connection): void {
 				$connection->executeStatement($query, [$name,$password]);
 				$query = "CREATE USER ?@'%' IDENTIFIED WITH caching_sha2_password BY ?";
 				$connection->executeStatement($query, [$name,$password]);
-			} elseif ($connection->getDatabasePlatform() instanceof Mysql80Platform) {
-				// TODO: Remove this elseif section as soon as MySQL 8.0 is out-of-support (after April 2026)
-				$query = "CREATE USER ?@'localhost' IDENTIFIED WITH mysql_native_password BY ?";
-				$connection->executeStatement($query, [$name,$password]);
-				$query = "CREATE USER ?@'%' IDENTIFIED WITH mysql_native_password BY ?";
-				$connection->executeStatement($query, [$name,$password]);
 			} else {
 				$query = "CREATE USER ?@'localhost' IDENTIFIED BY ?";
 				$connection->executeStatement($query, [$name,$password]);
diff --git a/lib/public/DB/QueryBuilder/IFunctionBuilder.php b/lib/public/DB/QueryBuilder/IFunctionBuilder.php
@@ -20,6 +20,7 @@ interface IFunctionBuilder {
 	 *
 	 * @return IQueryFunction
 	 * @since 12.0.0
+	 * @deprecated 35.0.0 - MD5 is not considered secure anymore, thus most databases have or will drop support for this function
 	 */
 	public function md5($input): IQueryFunction;
 

Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,7 @@ interface IFunctionBuilder {`
`20`	`20`	`*`
`21`	`21`	`* @return IQueryFunction`
`22`	`22`	`* @since 12.0.0`
	`23`	`+ * @deprecated 35.0.0 - MD5 is not considered secure anymore, thus most databases have or will drop support for this function`
`23`	`24`	`*/`
`24`	`25`	`public function md5($input): IQueryFunction;`
`25`	`26`