You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add methods to TokenServiceFactory which allow to create a Horde\Token\Token from the installation-wide secret or from an explicitly-passed session object. Keep the default behaviour of initializing from the current session's secret (if set). Stay BC. → refactor(Core): migrate Cache/Session/Token to modern HashTable + factory named methods #132 (createFromSecret, createForSession, createFromDeploymentSecret; create(Injector) unchanged for Form V3 BC)
The legacy create(Injector) path still uses the $session global for Form V3 / whups BC. The new named methods (createForSession, createFromDeploymentSecret, createFromSecret) do not touch any globals.
fix(core): keep encrypted session slots readable across key drift (imp #66) #174 — encryption-key-drift fix that surfaced as Crash when trying to open Email source. Horde RC7 imp#66. Four layered changes inside HordeSession / SessionLifecycle / Horde_Core_Secret_Cbc / a new Horde_Core_Alarm_Handler_Mail: defensive decrypt in HordeSession::getEncrypted returns null on failure rather than crashing; new HordeSession::reEncryptAll(\Closure $rotate) drains plaintexts, runs the rotation, and refills under the new key, used by SessionLifecycle::regenerate(); the per-session Blowfish key is now persisted at _secret/key in the session payload (cookie still written for BC); the alarm handler defers Horde_Mail resolution until the first notify() call so portal renders no longer crash on a latent decrypt failure.
Migrate to the modern Session & Token PSR-4 APIs
Step 1
feat: optional per-call secret Token#3→ feat(Token): support per-call secret override in generate/isValid/validateUnique Token#4Add methods to TokenServiceFactory which allow to create a Horde\Token\Token from the installation-wide secret or from an explicitly-passed session object. Keep the default behaviour of initializing from the current session's secret (if set). Stay BC.→ refactor(Core): migrate Cache/Session/Token to modern HashTable + factory named methods #132 (createFromSecret,createForSession,createFromDeploymentSecret;create(Injector)unchanged for Form V3 BC)Step 2
In TokenServiceFactoryUpgrade from using the$conf global in the Token factory→ refactor(Core): migrate Cache/Session/Token to modern HashTable + factory named methods #132 (now reads viaConfigLoader).create(Injector)path still uses the$sessionglobal for Form V3 / whups BC. The new named methods (createForSession,createFromDeploymentSecret,createFromSecret) do not touch any globals.Step 3
Add a Session Admin interface for listing/reading/invalidating sessions which are not currently active.→Horde\SessionHandler\SessionAdministratorin refactor(SessionHandler): migrate to modern HashTable and add cross-session admin SessionHandler#8.Wire factory for DI if needed.→ Resolved in refactor(SessionHandler): SessionAdministrator decorates SessionHandler instead of holding components SessionHandler#9:SessionAdministratorwas reshaped as a decorator overSessionHandler, so it is autowired via the existingSessionHandler::classbinding. No separate factory or binding needed.Step 4
Upgrade consumers.
Foundation work landed alongside Steps 1–3
These coordinated changes ship with the same migration:
ModernHashtableBackend(PSR-4Horde\HashTable\LockableHashTableconsumer) andSessionAdministrator.SessionAdministratorreshaped as aSessionHandlerdecorator (single dependency, autowire-ready, all admin pass-throughs proxied).Horde_HashTable_*classes deprecated, pointing at PSR-4Horde\HashTable\Driver\*.Horde_Cache_Storage_Hashtableaccepts the modern HashTable interface and delegates toHorde\Cache\HashtableStorage.Cache_Backend_Hashtabledeprecated in favor ofCache_Backend_Cache(which can wrap the modern HashTable transparently viaHorde_Cache).admin/hashtable.phpmigrated to the PSR-4Horde\HashTable\HashTableinterface.HordeSession/SessionLifecycle/Horde_Core_Secret_Cbc/ a newHorde_Core_Alarm_Handler_Mail: defensive decrypt inHordeSession::getEncryptedreturnsnullon failure rather than crashing; newHordeSession::reEncryptAll(\Closure $rotate)drains plaintexts, runs the rotation, and refills under the new key, used bySessionLifecycle::regenerate(); the per-session Blowfish key is now persisted at_secret/keyin the session payload (cookie still written for BC); the alarm handler defersHorde_Mailresolution until the firstnotify()call so portal renders no longer crash on a latent decrypt failure.In flight (not yet merged)
$conf['session']['key_format']switch:hkdf-with-legacy-fallback(default, migrates PR-fix(core): keep encrypted session slots readable across key drift (imp #66) #174-shape sessions on first rotation),hkdf-only(post-migration),legacy-only(operator rollback path for a severe HKDF-side bug). NewHorde\Core\Session\SessionEncryptionCoordinatormediates the drain / rotate / refill ceremony shared bySessionLifecycle::regenerate()andHordeSessionMiddleware::finaliseRegenerated(), converging the legacy and modern rotation paths on identical encryption work.