fix: add handling for MD5 on new MySQL and deprecate MD5 SQL function

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

Author: susnux

build/psalm-baseline.xml

@@ -1420,6 +1420,11 @@
       <code><![CDATA[getUsersForUserValue]]></code>
     </DeprecatedMethod>
   </file>
+  <file src="apps/files/lib/Command/RepairTree.php">
+    <DeprecatedMethod>
+      <code><![CDATA[md5]]></code>
+    </DeprecatedMethod>
+  </file>
   <file src="apps/files/lib/Command/Scan.php">
     <DeprecatedMethod>
       <code><![CDATA[listen]]></code>
@@ -3236,6 +3241,11 @@
       <code><![CDATA[$this->request->server]]></code>
     </NoInterfaceProperties>
   </file>
+  <file src="core/Migrations/Version24000Date20211230140012.php">
+    <DeprecatedMethod>
+      <code><![CDATA[md5]]></code>
+    </DeprecatedMethod>
+  </file>
   <file src="core/Migrations/Version25000Date20220515204012.php">
     <DeprecatedConstant>
       <code><![CDATA[Types::JSON]]></code>

lib/private/Setup/MySQL.php

@@ -8,7 +8,6 @@
 
 namespace OC\Setup;
 
-use Doctrine\DBAL\Platforms\MySQL80Platform;
 use Doctrine\DBAL\Platforms\MySQL84Platform;
 use OC\DatabaseSetupException;
 use OC\DB\ConnectionAdapter;
@@ -30,6 +29,19 @@ public function setupDatabase(): void {
 			$connection = $this->connect(['dbname' => null]);
 		}
 
+		// for MD5 support
+		if ($connection->getDatabasePlatform() instanceof MySQL84Platform) {
+			$statement = $connection->prepare("SHOW VARIABLES LIKE 'version';");
+			$result = $statement->executeQuery();
+			$row = $result->fetchAssociative();
+			$version = $row['Value'];
+			[$major, ] = explode('.', strtolower($version));
+			if ((int)$major >= 9) {
+				$statement = $connection->prepare("INSTALL COMPONENT 'file://component_classic_hashing';");
+				$statement->executeStatement();
+			}
+		}
+
 		if ($this->tryCreateDbUser) {
 			$this->createSpecificUser('oc_admin', new ConnectionAdapter($connection));
 		}
@@ -103,12 +115,6 @@ private function createDBUser(IDBConnection $connection): void {
 				$connection->executeStatement($query, [$name,$password]);
 				$query = "CREATE USER ?@'%' IDENTIFIED WITH caching_sha2_password BY ?";
 				$connection->executeStatement($query, [$name,$password]);
-			} elseif ($connection->getDatabasePlatform() instanceof Mysql80Platform) {
-				// TODO: Remove this elseif section as soon as MySQL 8.0 is out-of-support (after April 2026)
-				$query = "CREATE USER ?@'localhost' IDENTIFIED WITH mysql_native_password BY ?";
-				$connection->executeStatement($query, [$name,$password]);
-				$query = "CREATE USER ?@'%' IDENTIFIED WITH mysql_native_password BY ?";
-				$connection->executeStatement($query, [$name,$password]);
 			} else {
 				$query = "CREATE USER ?@'localhost' IDENTIFIED BY ?";
 				$connection->executeStatement($query, [$name,$password]);

lib/public/DB/QueryBuilder/IFunctionBuilder.php

@@ -20,6 +20,7 @@ interface IFunctionBuilder {
 	 *
 	 * @return IQueryFunction
 	 * @since 12.0.0
+	 * @deprecated 35.0.0 - MD5 is not considered secure anymore, thus most databases have or will drop support for this function
 	 */
 	public function md5($input): IQueryFunction;