Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

story #8059: Use salted SHA-512 instead of salted MD5 to store UNIX passwords

Download Browse

For legacy reasons, PHP 5.1 still use salted MD5 to store all the passwords Change-Id: Iaa92fddba2e19db0034e09165aa30e5ec2ea274b

+109 −46
Thomas Gerbet (tgerbet) 2015-06-01 16:56
Thomas Gerbet (tgerbet) 2015-06-10 08:51
6a76e0c36666b850df1d3c8424103c07289d2021
834e442680de4b8f58ec73a1a34b3457fed4e57e
git #tuleap/stable/6a76e0c36666b850df1d3c8424103c07289d2021

Modified Files

Side by side diff
Inline diff
Name
M src/common/user/Password/PasswordHandler.class.php +4 −38 Go to diff View file
M src/common/user/Password/StandardPasswordHandler.class.php +9 −0 Go to diff View file
M src/common/user/Password/WeakPasswordHandler.class.php +7 −0 Go to diff View file
M src/common/user/TokenGenerator.class.php +9 −5 Go to diff View file
M src/db/mysql/database_structure.sql +1 −1 Go to diff View file
A src/db/mysql/updates/2015/201506011450_increase_unix_password_field_size.php +38 −0 Go to diff View file
M src/www/my/index.php +1 −1 Go to diff View file
M tests/simpletest/common/user/StandardPasswordHandlerTestPHP53.php +8 −0 Go to diff View file
A tests/simpletest/common/user/TokenGeneratorTest.php +31 −0 Go to diff View file
M tests/simpletest/common/user/WeakPasswordHandlerTest.php +1 −1 Go to diff View file