[Bps-public-commit] r17871 - in RT-Authen-ExternalAuth/trunk: lib/RT/Authen/ExternalAuth

Wed Jan 21 15:52:21 EST 2009

Author: zordrak
Date: Wed Jan 21 15:52:21 2009
New Revision: 17871

Modified:
   RT-Authen-ExternalAuth/trunk/etc/RT_SiteConfig.pm
   RT-Authen-ExternalAuth/trunk/lib/RT/Authen/ExternalAuth/DBI.pm

Log:
RT::Authen::ExternalAuth v0.08_02 -- Added ability to specify salt for DBI password encryption.

Modified: RT-Authen-ExternalAuth/trunk/etc/RT_SiteConfig.pm
==============================================================================

--- RT-Authen-ExternalAuth/trunk/etc/RT_SiteConfig.pm	(original)
+++ RT-Authen-ExternalAuth/trunk/etc/RT_SiteConfig.pm	Wed Jan 21 15:52:21 2009
@@ -68,6 +68,10 @@
                                                         # encryption subroutine you can load in your perl installation
                                                         'p_enc_pkg'                 =>  'Crypt::MySQL',
                                                         'p_enc_sub'                 =>  'password',
+                                                        # If your p_enc_sub takes a salt as a second parameter, 
+                                                        # uncomment this line to add your salt
+                                                        #'p_salt'                    =>  'SALT',
+                                                        #
                                                         # The field and values in the table that determines if a user should
                                                         # be disabled. For example, if the field is 'user_status' and the values
                                                         # are ['0','1','2','disabled'] then the user will be disabled if their

Modified: RT-Authen-ExternalAuth/trunk/lib/RT/Authen/ExternalAuth/DBI.pm
==============================================================================
--- RT-Authen-ExternalAuth/trunk/lib/RT/Authen/ExternalAuth/DBI.pm	(original)
+++ RT-Authen-ExternalAuth/trunk/lib/RT/Authen/ExternalAuth/DBI.pm	Wed Jan 21 15:52:21 2009
@@ -17,6 +17,7 @@
     my $db_p_field 	    = $config->{'p_field'};
     my $db_p_enc_pkg    = $config->{'p_enc_pkg'};
     my $db_p_enc_sub    = $config->{'p_enc_sub'};
+    my $db_p_salt       = $config->{'p_salt'};
 
     # Set SQL query and bind parameters
     my $query = "SELECT $db_u_field,$db_p_field FROM $db_table WHERE $db_u_field=?";
@@ -74,12 +75,23 @@
         # If the package given can perform the subroutine given, then use it to compare the
         # password given with the password pulled from the database.
         # Jump to the next external authentication service if they don't match
-        if(${encrypt}->($password) ne $pass_from_db){
-            $RT::Logger->info(  $service,
-                                "AUTH FAILED", 
-                                $username, 
-                                "Password Incorrect");
-            return 0;
+        if(defined($db_p_salt)) {
+            $RT::Logger->debug("Using salt:",$db_p_salt);
+            if(${encrypt}->($password,$db_p_salt) ne $pass_from_db){
+                $RT::Logger->info(  $service,
+                                    "AUTH FAILED", 
+                                    $username, 
+                                    "Password Incorrect");
+                return 0;
+            }
+        } else {
+            if(${encrypt}->($password) ne $pass_from_db){
+                $RT::Logger->info(  $service,
+                                    "AUTH FAILED", 
+                                    $username, 
+                                    "Password Incorrect");
+                return 0;
+            }
         }
     } else {
         # If the encryption package can't perform the request subroutine,

