[vhffs-dev] [2126] now using crypt sha512 for users passwords, removed

[vhffs-dev] [2126] now using crypt sha512 for users passwords, removed dependency to Crypt::PasswdMD5, removed Vhffs::Functions::Vhffs:: Functions::password_encrypt

[ Thread Index | Date Index | More vhffs.org/vhffs-dev Archives ]

To: vhffs-dev@xxxxxxxxx
Subject: [vhffs-dev] [2126] now using crypt sha512 for users passwords, removed dependency to Crypt::PasswdMD5, removed Vhffs::Functions::Vhffs:: Functions::password_encrypt
From: subversion@xxxxxxxxxxxxx
Date: Wed, 07 Mar 2012 00:45:48 +0100

Revision: 2126
Author:   gradator
Date:     2012-03-07 00:45:47 +0100 (Wed, 07 Mar 2012)
Log Message:
-----------
now using crypt sha512 for users passwords, removed dependency to Crypt::PasswdMD5, removed Vhffs::Functions::Vhffs::Functions::password_encrypt

Modified Paths:
--------------
    trunk/vhffs-api/src/Vhffs/Functions.pm
    trunk/vhffs-api/src/Vhffs/User.pm
    trunk/vhffs-backend/src/pgsql/initdb.sql.in
    trunk/vhffs-compat/Makefile.am
    trunk/vhffs-test-dependencies.in

Added Paths:
-----------
    trunk/vhffs-compat/from-4.4-to-4.5.sql

Modified: trunk/vhffs-api/src/Vhffs/Functions.pm
===================================================================
--- trunk/vhffs-api/src/Vhffs/Functions.pm	2012-03-06 00:20:13 UTC (rev 2125)
+++ trunk/vhffs-api/src/Vhffs/Functions.pm	2012-03-06 23:45:47 UTC (rev 2126)
@@ -238,23 +238,6 @@
 
 =pod
 
-=head2 password_encrypt
-
-my $encryptedpass = Vhffs::Functions::password_encrypt( $pass );
-
-Returns a md5 crypt password from plain text password. Salt is randomized.
-
-=cut
-sub password_encrypt {
-	use Crypt::PasswdMD5;
-	my $password = shift;
-
-	my $salt = join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[map {rand 64} (1..8)];
-	return unix_md5_crypt($password, $salt);
-}
-
-=pod
-
 =head2 valid_mail
 
 die "mail is invalid" unless Vhffs::Functions::valid_mail( $mail );

Modified: trunk/vhffs-api/src/Vhffs/User.pm
===================================================================
--- trunk/vhffs-api/src/Vhffs/User.pm	2012-03-06 00:20:13 UTC (rev 2125)
+++ trunk/vhffs-api/src/Vhffs/User.pm	2012-03-06 23:45:47 UTC (rev 2126)
@@ -82,6 +82,20 @@
 
 =pod
 
+=head2 password_encrypt
+
+my $encryptedpass = Vhffs::User::password_encrypt( $pass );
+
+Returns a sha512 crypt password from plain text password. Salt is randomized.
+
+=cut
+sub password_encrypt {
+	my $password = shift;
+	return crypt($password, '$6$'.join( '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[map {rand 64} (1..16)]) );
+}
+
+=pod
+
 =head2 _new
 
 	Self constructor, almost private, please use get_by_* methods instead.
@@ -170,7 +184,7 @@
 		my $homedir = $vhffs->get_config->get_datadir.'/home/'.substr( $username, 0, 1 ).'/'.substr( $username, 1, 1 ).'/'.$username;
 
 		my $sth = $dbh->prepare('INSERT INTO vhffs_users (uid, gid, username, shell, passwd, homedir, admin, firstname, lastname, address, zipcode, city, country, mail, gpg_key, note, language, theme, lastloginpanel, object_id) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 0, ?, NULL, NULL, ?)');
-		$sth->execute($uid, $gid, $username, $userconf->{'default_shell'}, Vhffs::Functions::password_encrypt($password), $homedir, $admin, $firstname, $lastname, $address, $zipcode, $city, $country, $mail, $gpg_key, $vhffs->get_config->get_default_language, $parent->get_oid);
+		$sth->execute($uid, $gid, $username, $userconf->{'default_shell'}, password_encrypt($password), $homedir, $admin, $firstname, $lastname, $address, $zipcode, $city, $country, $mail, $gpg_key, $vhffs->get_config->get_default_language, $parent->get_oid);
 
 		my $group = Vhffs::Group::create($vhffs, $username, undef, $uid, $gid);
 		die('Error creating group') unless (defined $group);
@@ -459,18 +473,15 @@
 
 	my $ret = $user->check_password( $plaintext_password );
 
-Check user password against crypt md5 password stored in the database.
+Check user password against crypt sha512 password stored in the database.
 
 =cut
 sub check_password {
-	use Crypt::PasswdMD5;
-
 	my $self = shift;
 	my $clearpass = shift;
 
 	my $dbpass = $self->get_password;
-	return 1 if( $dbpass eq unix_md5_crypt($clearpass, $dbpass) );
-	return 0;
+	return $dbpass eq crypt($clearpass, $dbpass) ? 1 : 0;
 }
 
 =pod
@@ -598,7 +609,7 @@
 
 	$user->get_password;
 
-Returns user hashed password (using crypt-md5).
+Returns user hashed password (using crypt-sha512).
 
 =cut
 sub get_password {
@@ -928,7 +939,7 @@
 
 	my $self = shift;
 	my $value = shift;
-	$self->{'passwd'} = Vhffs::Functions::password_encrypt( $value );
+	$self->{'passwd'} = password_encrypt( $value );
 }
 
 =pod

Modified: trunk/vhffs-backend/src/pgsql/initdb.sql.in
===================================================================
--- trunk/vhffs-backend/src/pgsql/initdb.sql.in	2012-03-06 00:20:13 UTC (rev 2125)
+++ trunk/vhffs-backend/src/pgsql/initdb.sql.in	2012-03-06 23:45:47 UTC (rev 2126)
@@ -107,7 +107,7 @@
 -- Shell for the user
 	shell varchar(20) NOT NULL,
 -- Crypt'ed password
-	passwd varchar(40) NOT NULL,
+	passwd varchar NOT NULL,
 -- Home path
 	homedir varchar(40) NOT NULL,
 -- Access rights (user, moderator, administrator)

Modified: trunk/vhffs-compat/Makefile.am
===================================================================
--- trunk/vhffs-compat/Makefile.am	2012-03-06 00:20:13 UTC (rev 2125)
+++ trunk/vhffs-compat/Makefile.am	2012-03-06 23:45:47 UTC (rev 2126)
@@ -4,7 +4,8 @@
 dist_compat_DATA = \
 	from-4.1-to-4.2.sql \
 	from-4.2-to-4.3.sql \
-	from-4.3-to-4.4.sql
+	from-4.3-to-4.4.sql \
+	from-4.4-to-4.5.sql
 
 dist_compat_SCRIPTS = \
 	updatedb.pl

Added: trunk/vhffs-compat/from-4.4-to-4.5.sql
===================================================================
--- trunk/vhffs-compat/from-4.4-to-4.5.sql	                        (rev 0)
+++ trunk/vhffs-compat/from-4.4-to-4.5.sql	2012-03-06 23:45:47 UTC (rev 2126)
@@ -0,0 +1,13 @@
+-- Removed vhffs_users.passwd varchar limit in order to accept crypt sha512 strings
+BEGIN;
+DROP VIEW vhffs_forum;
+DROP VIEW vhffs_shadow;
+ALTER TABLE vhffs_users ALTER COLUMN passwd TYPE varchar;
+CREATE VIEW vhffs_forum AS
+SELECT users.username, users.passwd, users.firstname, users.lastname, users.mail, object.date_creation, object.state
+FROM vhffs_users users, vhffs_object object
+WHERE object.object_id=users.object_id;
+CREATE VIEW vhffs_shadow AS
+SELECT uid, gid, username, shell, passwd, '0'::int4 as newtok , '0'::int4 as expired , homedir
+FROM vhffs_users;
+COMMIT;

Modified: trunk/vhffs-test-dependencies.in
===================================================================
--- trunk/vhffs-test-dependencies.in	2012-03-06 00:20:13 UTC (rev 2125)
+++ trunk/vhffs-test-dependencies.in	2012-03-06 23:45:47 UTC (rev 2126)
@@ -14,7 +14,6 @@
 	('CGI::Session', ''),
 	('Config::General', ''),
 	('Crypt::GPG', ''),
-	('Crypt::PasswdMD5', ''),
 	('DateTime', ''),
 	('DateTime::Locale', ''),
 	('DBI', ''),

Messages sorted by: [ date | thread ]
Prev by Date: [vhffs-dev] [2125] added CGI::Fast dependancy
Next by Date: [vhffs-dev] [2127] fixed, there is no more bug form
Previous by thread: [vhffs-dev] [2125] added CGI::Fast dependancy
Next by thread: [vhffs-dev] [2127] fixed, there is no more bug form

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/