Merge pull request #12003 from owncloud/password-migration
Use new hashing API for OC_User_Database
This commit is contained in:
commit
d383c45c13
|
@ -457,7 +457,8 @@ class OC {
|
|||
// setup 3rdparty autoloader
|
||||
$vendorAutoLoad = OC::$THIRDPARTYROOT . '/3rdparty/autoload.php';
|
||||
if (file_exists($vendorAutoLoad)) {
|
||||
require_once $vendorAutoLoad;
|
||||
$loader = require_once $vendorAutoLoad;
|
||||
$loader->add('PasswordHash', OC::$THIRDPARTYROOT . '/3rdparty/phpass');
|
||||
} else {
|
||||
OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
|
||||
OC_Template::printErrorPage('Composer autoloader not found, unable to continue.');
|
||||
|
|
|
@ -33,28 +33,12 @@
|
|||
*
|
||||
*/
|
||||
|
||||
require_once 'phpass/PasswordHash.php';
|
||||
|
||||
/**
|
||||
* Class for user management in a SQL Database (e.g. MySQL, SQLite)
|
||||
*/
|
||||
class OC_User_Database extends OC_User_Backend {
|
||||
/**
|
||||
* @var PasswordHash
|
||||
*/
|
||||
private static $hasher = null;
|
||||
|
||||
private $cache = array();
|
||||
|
||||
private function getHasher() {
|
||||
if (!self::$hasher) {
|
||||
//we don't want to use DES based crypt(), since it doesn't return a hash with a recognisable prefix
|
||||
$forcePortable = (CRYPT_BLOWFISH != 1);
|
||||
self::$hasher = new PasswordHash(8, $forcePortable);
|
||||
}
|
||||
return self::$hasher;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new user
|
||||
* @param string $uid The username of the user to create
|
||||
|
@ -66,10 +50,8 @@ class OC_User_Database extends OC_User_Backend {
|
|||
*/
|
||||
public function createUser($uid, $password) {
|
||||
if (!$this->userExists($uid)) {
|
||||
$hasher = $this->getHasher();
|
||||
$hash = $hasher->HashPassword($password . OC_Config::getValue('passwordsalt', ''));
|
||||
$query = OC_DB::prepare('INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )');
|
||||
$result = $query->execute(array($uid, $hash));
|
||||
$result = $query->execute(array($uid, \OC::$server->getHasher()->hash($password)));
|
||||
|
||||
return $result ? true : false;
|
||||
}
|
||||
|
@ -106,10 +88,8 @@ class OC_User_Database extends OC_User_Backend {
|
|||
*/
|
||||
public function setPassword($uid, $password) {
|
||||
if ($this->userExists($uid)) {
|
||||
$hasher = $this->getHasher();
|
||||
$hash = $hasher->HashPassword($password . OC_Config::getValue('passwordsalt', ''));
|
||||
$query = OC_DB::prepare('UPDATE `*PREFIX*users` SET `password` = ? WHERE `uid` = ?');
|
||||
$result = $query->execute(array($hash, $uid));
|
||||
$result = $query->execute(array(\OC::$server->getHasher()->hash($password), $uid));
|
||||
|
||||
return $result ? true : false;
|
||||
}
|
||||
|
@ -159,7 +139,6 @@ class OC_User_Database extends OC_User_Backend {
|
|||
. ' WHERE LOWER(`displayname`) LIKE LOWER(?) OR '
|
||||
. 'LOWER(`uid`) LIKE LOWER(?) ORDER BY `uid` ASC', $limit, $offset);
|
||||
$result = $query->execute(array('%' . $search . '%', '%' . $search . '%'));
|
||||
$users = array();
|
||||
while ($row = $result->fetchRow()) {
|
||||
$displayNames[$row['uid']] = $row['displayname'];
|
||||
}
|
||||
|
@ -183,18 +162,14 @@ class OC_User_Database extends OC_User_Backend {
|
|||
$row = $result->fetchRow();
|
||||
if ($row) {
|
||||
$storedHash = $row['password'];
|
||||
if ($storedHash[0] === '$') { //the new phpass based hashing
|
||||
$hasher = $this->getHasher();
|
||||
if ($hasher->CheckPassword($password . OC_Config::getValue('passwordsalt', ''), $storedHash)) {
|
||||
$newHash = '';
|
||||
if(\OC::$server->getHasher()->verify($password, $storedHash, $newHash)) {
|
||||
if(!empty($newHash)) {
|
||||
$this->setPassword($uid, $password);
|
||||
}
|
||||
return $row['uid'];
|
||||
}
|
||||
|
||||
//old sha1 based hashing
|
||||
} elseif (sha1($password) === $storedHash) {
|
||||
//upgrade to new hashing
|
||||
$this->setPassword($row['uid'], $password);
|
||||
return $row['uid'];
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
|
|
Loading…
Reference in New Issue