[geeklog-cvs] geeklog: Added commenting to SEC functions. Cleaned up two "FIXM...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Tue Feb 14 00:50:05 EST 2012
changeset 8491:b04e162b1868
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/b04e162b1868
user: vinny
date: Mon Feb 13 22:49:59 2012 -0700
description:
Added commenting to SEC functions. Cleaned up two "FIXMEs". All for feature #0001384, password update
diffstat:
language/english.php | 5 +-
language/english_utf-8.php | 5 +-
public_html/admin/configuration_validation.php | 3 +-
public_html/admin/sectest.php | 26 +-----------
system/lib-security.php | 52 ++++++++++++++++++++++++--
5 files changed, 59 insertions(+), 32 deletions(-)
diffs (204 lines):
diff -r 79b7561187a2 -r b04e162b1868 language/english.php
--- a/language/english.php Wed Feb 08 22:09:28 2012 -0700
+++ b/language/english.php Mon Feb 13 22:49:59 2012 -0700
@@ -1587,7 +1587,7 @@
'remove_inst' => 'You should really remove the install directory %s once you have your site up and running without any errors.',
'remove_inst2' => 'Keeping it around would allow malicious users the ability to destroy your current install, take over your site, or retrieve sensitive information.',
'inst_removed' => 'Good! You seem to have removed the install directory already.',
- 'fix_password' => 'You still have not changed the <strong>default password</strong> from "password" on %s Root user account(s).',
+ 'fix_password' => 'You still have not changed the <strong>default password</strong> from "password" on the default Admin user account.',
'password_okay' => 'Good! You seem to have changed the default account password already.'
);
@@ -2197,7 +2197,8 @@
'directory where the binaries from the Netpbm package are kept',
'language' => 'Language file does not exist',
'timezone' => 'Invalid timezone',
- 'single_char' => 'This field must be a single character'
+ 'single_char' => 'This field must be a single character',
+ 'hash' => 'This field must be a hash function supported by your version of PHP'
);
?>
diff -r 79b7561187a2 -r b04e162b1868 language/english_utf-8.php
--- a/language/english_utf-8.php Wed Feb 08 22:09:28 2012 -0700
+++ b/language/english_utf-8.php Mon Feb 13 22:49:59 2012 -0700
@@ -1587,7 +1587,7 @@
'remove_inst' => 'You should really remove the install directory %s once you have your site up and running without any errors.',
'remove_inst2' => 'Keeping it around would allow malicious users the ability to destroy your current install, take over your site, or retrieve sensitive information.',
'inst_removed' => 'Good! You seem to have removed the install directory already.',
- 'fix_password' => 'You still have not changed the <strong>default password</strong> from "password" on %s Root user account(s).',
+ 'fix_password' => 'You still have not changed the <strong>default password</strong> from "password" on the default Admin user account.',
'password_okay' => 'Good! You seem to have changed the default account password already.'
);
@@ -2197,7 +2197,8 @@
'directory where the binaries from the Netpbm package are kept',
'language' => 'Language file does not exist',
'timezone' => 'Invalid timezone',
- 'single_char' => 'This field must be a single character'
+ 'single_char' => 'This field must be a single character',
+ 'hash' => 'This field must be a hash function supported by your version of PHP'
);
?>
diff -r 79b7561187a2 -r b04e162b1868 public_html/admin/configuration_validation.php
--- a/public_html/admin/configuration_validation.php Wed Feb 08 22:09:28 2012 -0700
+++ b/public_html/admin/configuration_validation.php Mon Feb 13 22:49:59 2012 -0700
@@ -308,7 +308,8 @@
/* Subgroup User and Submissions, Tab Login Settings, Fieldset Password */
$_CONF_VALIDATE['Core']['pass_alg'] = array(
'rule' => 'hash_function',
- 'message' => "Unsupported hash function selected" /* FIXME */
+ 'message' => isset($LANG_VALIDATION['hash']) ?
+ $LANG_VALIDATION['hash'] : $LANG_VALIDATION['default']
);
$_CONF_VALIDATE['Core']['pass_stretch'] = array('rule' => array('comparison', '>', 0));
diff -r 79b7561187a2 -r b04e162b1868 public_html/admin/sectest.php
--- a/public_html/admin/sectest.php Wed Feb 08 22:09:28 2012 -0700
+++ b/public_html/admin/sectest.php Mon Feb 13 22:49:59 2012 -0700
@@ -250,10 +250,7 @@
}
/**
-* Check for accounts that still use the default password
-*
-* NOTE: If one of our users is also using "password" as their password, this
-* test will also detect that, as it checks all accounts.
+* Check if the Admin account is still using the default password
*
* @return string text explaining the result of the test
*
@@ -264,25 +261,8 @@
$retval = '';
- // check to see if any account still has 'password' as its password.
- $pwdRoot = 0;
- $pwdUser = 0;
- /* FIXME? the following will only work as long as the default admin password is stored in the DB using md5, no salt, and no (1) stretch */
- $result = DB_query("SELECT uid FROM {$_TABLES['users']} WHERE passwd='" . SEC_encryptPassword('password', '', 0, 1) . "'");
- $numPwd = DB_numRows($result);
- if ($numPwd > 0) {
- for ($i = 0; $i < $numPwd; $i++) {
- list($uid) = DB_fetchArray($result);
- if (SEC_inGroup('Root', $uid)) {
- $pwdRoot++;
- } else {
- $pwdUser++;
- }
- }
- }
- if ($pwdRoot > 0) {
- $retval .= '<li>' . sprintf($LANG_SECTEST['fix_password'], $pwdRoot)
- . '</li>';
+ if (SEC_encryptUserPassword('password', 2) == 0) {
+ $retval .= '<li>' . $LANG_SECTEST['fix_password'] . '</li>';
$failed_tests++;
} else {
$retval .= '<li>' . $LANG_SECTEST['password_okay'] . '</li>';
diff -r 79b7561187a2 -r b04e162b1868 system/lib-security.php
--- a/system/lib-security.php Wed Feb 08 22:09:28 2012 -0700
+++ b/system/lib-security.php Mon Feb 13 22:49:59 2012 -0700
@@ -729,7 +729,7 @@
$U = DB_fetchArray($result);
$uid = $U['uid'];
if ($U['status'] == USER_ACCOUNT_DISABLED) {
- // banned, jump to here to save an md5 calc.
+ // banned, jump to here to save an password hash calc.
return USER_ACCOUNT_DISABLED;
} elseif (SEC_encryptUserPassword($password, $uid) < 0) {
return -1; // failed login
@@ -1071,6 +1071,11 @@
return $groupdd;
}
+/**
+ * Class defining constants for encryptions algorithms. These values are stored
+ * in the user database to indicate the hash function the user's password is
+ * encrypted with.
+ */
class HashFunction {
const md5 = 0;
const sha1 = 1;
@@ -1082,11 +1087,14 @@
/**
* Encrypt password
*
-* For now, this is only a wrapper function to get all the direct calls to
-* md5() out of the core code so that we can switch to another method of
-* encoding / encrypting our passwords in some future release ...
+* Encrypts $password using the specified salt, hash algorithm, and stretch
+* count.
*
* @param string $password the password to encrypt, in clear text
+* @param string $salt salt to prepend to the password prior to hashing
+* @param int $algorithm hash algorithm to use to encrypt the password
+* @param int $stretch number of times hash function should be applied
+* to the password.
* @return string encrypted password
*
*/
@@ -1150,6 +1158,15 @@
return $hash;
}
+/**
+ * Generate password salt
+ *
+ * This function produces a random string of 22 characters from a 64 character set.
+ * The size is needed for password salting, but is useful any function that needs a
+ * random set of human readable characters.
+ *
+ * @return string generated salt
+ */
function SEC_generateSalt() {
static $charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890';
@@ -1161,6 +1178,16 @@
return $salt;
}
+/**
+ * Encrypt User Password
+ *
+ * Verify that the provided password authenticates the specified user (defualts
+ * to the current user).
+ *
+ * @param string $password password to verify
+ * @param int $uid user id to authenticate
+ * @return int 0 for success, non-zero for failure or error
+ */
function SEC_encryptUserPassword($password, $uid = '') {
global $_USER, $_CONF, $_TABLES;
@@ -1209,11 +1236,28 @@
}
}
+/**
+ * Generate Random Password
+ *
+ * Generates a random string of human readable characters.
+ *
+ * @return string generated random password
+ */
function SEC_generateRandomPassword() {
// SEC_generateSalt is used here as it creates a random string using readable characters
return substr(SEC_generateSalt(), 0, 12);
}
+/**
+ * Update User Password
+ *
+ * Updates the users password for current hash algorithm and stretch site settings.
+ * If not password is specified, a random password will be generated.
+ *
+ * @param string $password Password to encrypt
+ * @param int $uid User id to update
+ * @return int 0 for success, non-zero indicates error.
+ */
function SEC_updateUserPassword(&$password = '', $uid = '') {
global $_TABLES, $_CONF, $_USER;
More information about the geeklog-cvs
mailing list