From 2525e73caacd272ca0e7833f9a5b60d15cd1bfea Mon Sep 17 00:00:00 2001
From: Ferdinand Thiessen <opensource@fthiessen.de>
Date: Thu, 21 Mar 2024 18:59:36 +0100
Subject: [PATCH] fix(DB): Sanitize `host` parameter for postgres databases
 when IPv6 address is passed

Doctrine is using `pg_connect` with the `host` parameter, this does not allow IPv6 addresses in URI notation.
So we need to extract the IP address and pass it directly

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
---
 config/config.sample.php             | 6 +++---
 lib/private/DB/ConnectionFactory.php | 9 +++++++++
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/config/config.sample.php b/config/config.sample.php
index e09b09048087e..3fe70e8d783ee 100644
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -112,9 +112,9 @@
 
 /**
  * Your host server name, for example ``localhost``, ``hostname``,
- * ``hostname.example.com``, or the IP address. To specify a port use
- * ``hostname:####``; to specify a Unix socket use
- * ``/path/to/directory/containing/socket`` e.g. ``/run/postgresql/``.
+ * ``hostname.example.com``, or the IP address.
+ * To specify a port use ``hostname:####``, for IPv6 addresses use the URI notation ``[ip]:port``.
+ * To specify a Unix socket use ``/path/to/directory/containing/socket``, e.g. ``/run/postgresql/``.
  */
 'dbhost' => '',
 
diff --git a/lib/private/DB/ConnectionFactory.php b/lib/private/DB/ConnectionFactory.php
index e868f18ec34c5..c7a558e587940 100644
--- a/lib/private/DB/ConnectionFactory.php
+++ b/lib/private/DB/ConnectionFactory.php
@@ -128,6 +128,15 @@ public function getConnection($type, $additionalConnectionParams) {
 		$eventManager->addEventSubscriber(new SetTransactionIsolationLevel());
 		$additionalConnectionParams = array_merge($this->createConnectionParams(), $additionalConnectionParams);
 		switch ($normalizedType) {
+			case 'pgsql':
+				// pg_connect used by Doctrine DBAL does not support URI notation (enclosed in brackets)
+				$matches = [];
+				if (preg_match('/^\[([^\]]+)\]$/', $additionalConnectionParams['host'], $matches)) {
+					// Host variable carries a port or socket.
+					$additionalConnectionParams['host'] = $matches[1];
+				}
+				break;
+
 			case 'oci':
 				$eventManager->addEventSubscriber(new OracleSessionInit);
 				// the driverOptions are unused in dbal and need to be mapped to the parameters