tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3061 from ss23/crypt_fix 

Modify authentication function to support alternative algorithms
This commit is contained in:
lippserd 2017-11-06 11:06:06 +01:00 committed by GitHub
parent 2d9b6ea538 c196a7c7c4
commit 94922ade25
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
library/Icinga/Authentication/User/DbUserBackend.php
View File

@ -225,9 +225,7 @@ class DbUserBackend extends DbRepository implements UserBackendInterface, Inspec
{
try {
$passwordHash = $this->getPasswordHash($user->getUsername());
$passwordSalt = $this->getSalt($passwordHash);
$hashToCompare = $this->hashPassword($password, $passwordSalt);
return $hashToCompare === $passwordHash;
return crypt($password, $passwordHash) === $passwordHash;
} catch (Exception $e) {
throw new AuthenticationException(
'Failed to authenticate user "%s" against backend "%s". An exception was thrown:',
@ -238,18 +236,6 @@ class DbUserBackend extends DbRepository implements UserBackendInterface, Inspec
}
}
/**
* Extract salt from the given password hash
*
* @param string $hash The hashed password
*
* @return string
*/
protected function getSalt($hash)
{
return substr($hash, strlen(self::HASH_ALGORITHM), self::SALT_LENGTH);
}
/**
* Return a random salt
*