OpencachingDeutschland/oc-server3
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Stärkere Passwortverschlüsselung ; update #223

Browse Source
This commit is contained in:
Christian Matzat
2013-08-08 21:49:25 +02:00
parent a09ed40b46
commit 0c5779915f
7 changed files with 134 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files
local/maintenance/update_passwords.php
+48
View File
@@ -0,0 +1,48 @@
<?php
/***************************************************************************
* For license information see doc/license.txt
*
* This script converts all md5-passwords to salted hash passwords.
*
* Unicode Reminder メモ
***************************************************************************/
global $opt;
$opt['rootpath'] = '../htdocs/';
require($opt['rootpath'] . 'lib2/web.inc.php');
require($opt['rootpath'] . 'lib2/logic/crypt.class.php');
if (!isset($opt['logic']['password_salt']) || strlen($opt['logic']['password_salt']) < 32)
{
echo "Warning!\nPassword Salt not set or too short!\n\n";
return;
}
if (!$opt['logic']['password_hash'])
{
echo "Warning!\nHashed Passwords not enabled!\n\n";
return;
}
$rs = sql("SELECT * FROM user where password is not null");
while ($r = sql_fetch_array($rs))
{
$password = $r['password'];
if (strlen($password) == 128)
{
echo "Password seems to be already converted, ommit this password\n";
continue;
}
if (strlen($password) < 32)
{
$password = crypt::firstStagePasswordEncryption($password);
}
$pwhash = crypt::secondStagePasswordEncryption($password);
sql("UPDATE `user` SET `password`='&1' WHERE `user_id`='&2'", $pwhash, $r['user_id']);
}
mysql_free_result($rs);
echo "Update of passwords finished.\n";
?>
local/test/lib2/logic/PasswordEncryptionTest.php
+31
View File
@@ -0,0 +1,31 @@
<?php
/****************************************************************************
Unicode Reminder メモ
Password Encryption Test
****************************************************************************/
require '../../../../htdocs/lib2/logic/crypt.class.php';
class PasswordEncryptionTest extends PHPUnit_Framework_TestCase {
function testPasswordEncryption()
{
global $opt;
$opt['logic']['password_hash'] = false;
$plain_text = 'very important data';
$md5HashedPassword = crypt::encryptPassword($plain_text);
$this->assertEquals('c75ac45eabed45d667359462b6a8e93e', $md5HashedPassword);
$opt['logic']['password_hash'] = true;
$opt['logic']['password_salt'] = '?S<,XyB1Y[y_Gz>b';
$encryptedPassword = crypt::encryptPassword($plain_text);
$this->assertEquals('8b1d376a76e6430738d8322a6e3f4ebd5e8632f67052de7b74c8ca745bda6f11c7ea05db7de0c14bb097d3033557eb81d7fae21de988efc5353ed2f77dab504b', $encryptedPassword);
}
}