Commit c0ec8d84 authored by Mic Kaczmarczik's avatar Mic Kaczmarczik
Browse files

Avoid rehashing user passwords in {add,update}_global_user()

parent c33f7f04
...@@ -642,9 +642,17 @@ sub update_global_user { ...@@ -642,9 +642,17 @@ sub update_global_user {
## use hash fingerprint to store password ## use hash fingerprint to store password
## hashes that use salts will randomly generate one ## hashes that use salts will randomly generate one
$values->{'password'} = ## avoid rehashing passwords that are already hash strings
Sympa::User::password_fingerprint($values->{'password'}, undef) if ($values->{'password'}) {
if ($values->{'password'}); if (defined(hash_type($values->{'password'}))) {
$log->syslog('debug',
'password is in %s format, not rehashing',
hash_type($values->{'password'}));
} else {
$values->{'password'} =
Sympa::User::password_fingerprint($values->{'password'}, undef);
}
}
## Canonicalize lang if possible. ## Canonicalize lang if possible.
$values->{'lang'} = Sympa::Language::canonic_lang($values->{'lang'}) $values->{'lang'} = Sympa::Language::canonic_lang($values->{'lang'})
...@@ -722,9 +730,17 @@ sub add_global_user { ...@@ -722,9 +730,17 @@ sub add_global_user {
## encrypt password with the configured password hash algorithm ## encrypt password with the configured password hash algorithm
## an salt of 'undef' means generate a new random one ## an salt of 'undef' means generate a new random one
$values->{'password'} = ## avoid rehashing passwords that are already hash strings
Sympa::User::password_fingerprint($values->{'password'}, undef) if ($values->{'password'}) {
if ($values->{'password'}); if (defined(hash_type($values->{'password'}))) {
$log->syslog('debug',
'password is in %s format, not rehashing',
hash_type($values->{'password'}));
} else {
$values->{'password'} =
Sympa::User::password_fingerprint($values->{'password'}, undef);
}
}
## Canonicalize lang if possible ## Canonicalize lang if possible
$values->{'lang'} = Sympa::Language::canonic_lang($values->{'lang'}) $values->{'lang'} = Sympa::Language::canonic_lang($values->{'lang'})
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment