From 7782e6610b47cc5582531325243ab9e01ead468d Mon Sep 17 00:00:00 2001
From: Mike Olsen <artfulhacker@echovoice.com>
Date: Sun, 19 Mar 2017 21:48:01 -0700
Subject: [PATCH] MDL-58311 cache: Add password support for redis

add password support for redis connects in cache and session
---
 cache/stores/redis/addinstanceform.php          |  6 +++++-
 cache/stores/redis/lang/en/cachestore_redis.php |  4 ++++
 cache/stores/redis/lib.php                      |  9 +++++++--
 cache/stores/redis/settings.php                 |  8 ++++++++
 cache/stores/redis/version.php                  |  2 +-
 config-dist.php                                 |  1 +
 lib/classes/session/redis.php                   | 13 +++++++++++++
 7 files changed, 39 insertions(+), 4 deletions(-)

diff --git a/cache/stores/redis/addinstanceform.php b/cache/stores/redis/addinstanceform.php
index 8da4f1e357722..ad9bc0053594b 100644
--- a/cache/stores/redis/addinstanceform.php
+++ b/cache/stores/redis/addinstanceform.php
@@ -44,6 +44,10 @@ protected function configuration_definition() {
         $form->addHelpButton('server', 'server', 'cachestore_redis');
         $form->addRule('server', get_string('required'), 'required');
 
+        $form->addElement('passwordunmask', 'password', get_string('password', 'cachestore_redis'));
+        $form->setType('password', PARAM_RAW);
+        $form->addHelpButton('password', 'password', 'cachestore_redis');
+
         $form->addElement('text', 'prefix', get_string('prefix', 'cachestore_redis'), array('size' => 16));
         $form->setType('prefix', PARAM_TEXT); // We set to text but we have a rule to limit to alphanumext.
         $form->addHelpButton('prefix', 'prefix', 'cachestore_redis');
@@ -55,4 +59,4 @@ protected function configuration_definition() {
         $form->setDefault('serializer', Redis::SERIALIZER_PHP);
         $form->setType('serializer', PARAM_INT);
     }
-}
\ No newline at end of file
+}
diff --git a/cache/stores/redis/lang/en/cachestore_redis.php b/cache/stores/redis/lang/en/cachestore_redis.php
index a44a1562e376e..26aad4e9aa2a8 100644
--- a/cache/stores/redis/lang/en/cachestore_redis.php
+++ b/cache/stores/redis/lang/en/cachestore_redis.php
@@ -34,8 +34,12 @@
 $string['serializer_php'] = 'The default PHP serializer.';
 $string['server'] = 'Server';
 $string['server_help'] = 'This sets the hostname or IP address of the Redis server to use.';
+$string['password'] = 'Password';
+$string['password_help'] = 'This sets the password of the Redis server.';
 $string['test_server'] = 'Test server';
 $string['test_server_desc'] = 'Redis server to use for testing.';
+$string['test_password'] = 'Test server password';
+$string['test_password_desc'] = 'Redis test server password.';
 $string['test_serializer'] = 'Serializer';
 $string['test_serializer_desc'] = 'Serializer to use for testing.';
 $string['useserializer'] = 'Use serializer';
diff --git a/cache/stores/redis/lib.php b/cache/stores/redis/lib.php
index fd19709ecf67d..d02938bbac4f8 100644
--- a/cache/stores/redis/lib.php
+++ b/cache/stores/redis/lib.php
@@ -134,8 +134,9 @@ public function __construct($name, array $configuration = array()) {
         if (array_key_exists('serializer', $configuration)) {
             $this->serializer = (int)$configuration['serializer'];
         }
+        $password = !empty($configuration['password']) ? $configuration['password'] : '';
         $prefix = !empty($configuration['prefix']) ? $configuration['prefix'] : '';
-        $this->redis = $this->new_redis($configuration['server'], $prefix);
+        $this->redis = $this->new_redis($configuration['server'], $prefix, $password);
     }
 
     /**
@@ -144,9 +145,10 @@ public function __construct($name, array $configuration = array()) {
      *
      * @param string $server The server connection string
      * @param string $prefix The key prefix
+     * @param string $password The server connection password
      * @return Redis
      */
-    protected function new_redis($server, $prefix = '') {
+    protected function new_redis($server, $prefix = '', $password = '') {
         $redis = new Redis();
         $port = null;
         if (strpos($server, ':')) {
@@ -155,6 +157,9 @@ protected function new_redis($server, $prefix = '') {
             $port = $serverconf[1];
         }
         if ($redis->connect($server, $port)) {
+            if (!empty($password)) {
+                $redis->auth($password);
+            }
             $redis->setOption(Redis::OPT_SERIALIZER, $this->serializer);
             if (!empty($prefix)) {
                 $redis->setOption(Redis::OPT_PREFIX, $prefix);
diff --git a/cache/stores/redis/settings.php b/cache/stores/redis/settings.php
index 078781511b400..67f651cfa24e5 100644
--- a/cache/stores/redis/settings.php
+++ b/cache/stores/redis/settings.php
@@ -34,6 +34,14 @@
         16
     )
 );
+$settings->add(
+    new admin_setting_configpasswordunmask(
+        'cachestore_redis/test_password',
+        get_string('test_password', 'cachestore_redis'),
+        get_string('test_password_desc', 'cachestore_redis'),
+        ''
+    )
+);
 
 if (class_exists('Redis')) { // Only if Redis is available.
 
diff --git a/cache/stores/redis/version.php b/cache/stores/redis/version.php
index 432a85a0639ed..3a8afba6229e4 100644
--- a/cache/stores/redis/version.php
+++ b/cache/stores/redis/version.php
@@ -24,7 +24,7 @@
 
 defined('MOODLE_INTERNAL') || die();
 
-$plugin->version    = 2016120500;
+$plugin->version    = 2017031900;
 $plugin->requires   = 2016112900; // Requires this Moodle version (3.0.4).
 $plugin->maturity   = MATURITY_STABLE;
 $plugin->component  = 'cachestore_redis';
diff --git a/config-dist.php b/config-dist.php
index 41fd9509b850f..a6882a05a230b 100644
--- a/config-dist.php
+++ b/config-dist.php
@@ -265,6 +265,7 @@
 //      $CFG->session_redis_host = '127.0.0.1';
 //      $CFG->session_redis_port = 6379;  // Optional.
 //      $CFG->session_redis_database = 0;  // Optional, default is db 0.
+//      $CFG->session_redis_auth = ''; // Optional, default is don't set one.
 //      $CFG->session_redis_prefix = ''; // Optional, default is don't set one.
 //      $CFG->session_redis_acquire_lock_timeout = 120;
 //      $CFG->session_redis_lock_expire = 7200;
diff --git a/lib/classes/session/redis.php b/lib/classes/session/redis.php
index d90ed8b200179..780a3f4b836cd 100644
--- a/lib/classes/session/redis.php
+++ b/lib/classes/session/redis.php
@@ -44,6 +44,8 @@ class redis extends handler {
     protected $host = '';
     /** @var int $port The port to connect to */
     protected $port = 6379;
+    /** @var string $auth redis password  */
+    protected $auth = '';
     /** @var int $database the Redis database to store sesions in */
     protected $database = 0;
     /** @var array $servers list of servers parsed from save_path */
@@ -81,6 +83,10 @@ public function __construct() {
             $this->port = (int)$CFG->session_redis_port;
         }
 
+        if (isset($CFG->session_redis_auth)) {
+            $this->auth = $CFG->session_redis_auth;
+        }
+
         if (isset($CFG->session_redis_database)) {
             $this->database = (int)$CFG->session_redis_database;
         }
@@ -156,6 +162,13 @@ public function init() {
             if (!$this->connection->connect($this->host, $this->port, 1)) {
                 throw new RedisException('Unable to connect to host.');
             }
+
+            if ($this->auth !== '') {
+                if (!$this->connection->auth($this->auth)) {
+                    throw new RedisException('Unable to authenticate.');
+                }
+            }
+
             if (!$this->connection->setOption(\Redis::OPT_SERIALIZER, $this->serializer)) {
                 throw new RedisException('Unable to set Redis PHP Serializer option.');
             }