[rt-users] RT::Authen::ExternalAuth with PHPass (phpbb3);

[Ruslan Zakirov]

On Thu, Nov 17, 2011 at 1:49 PM, Adrian Stel <adisan82 at gmail.com> wrote:
> Hi Ruslan,
>
> If I understand well:
>
> 1) apply patch - easy to do (just add line to
> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/DBI.pm)
>
> 2) Here I have some question because I'm not sure how set 'p_enc_pkg'
> and 'p_enc_sub'

These are not required when p_check is set. p_check is a code inlined
right into config that does whole job of checking password user
entered against the hash.

> I need add this check to RT_SiteConfig.pm: ??

Yes.

> p_check => sub {
>   my ($hash, $pass) = @_;
>   use Authen::Passphrase;
>   return Authen::Passphrase->from_crypt($hash || '*')->match($pass);
> },
>
>
> then RT_SiteConfig.pm looks like:
>
>
> # The Perl package & subroutine used to encrypt passwords
> # e.g. if the passwords are stored using the MySQL v3.23 "PASSWORD"
> # function, then you will need Crypt::MySQL::password, but for the
> # MySQL4+ password function you will need Crypt::MySQL::password41
> # Alternatively, you could use Digest::MD5::md5_hex or any other
> # encryption subroutine you can load in your perl installation
> 'p_enc_pkg'                 =>  'Authen::Passphrase',   (???????)
> 'p_enc_sub'                 =>  '$P$',     (????????)
> p_check => sub {
>  my ($hash, $pass) = @_;
>  use Authen::Passphrase;
>  return Authen::Passphrase->from_crypt($hash || '*')->match($pass);
> },
> #'p_enc_pkg'                 =>  'Crypt::MySQL',
> #'p_enc_sub'                 =>  'password41',
> # If your p_enc_sub takes a salt as a second parameter,
> # uncomment this line to add your salt
> #'p_salt'                    =>  'SALT',
>
>
> If i mix/miss something please correct me.

Leave p_check and options that control how to find user in the DB,
drop p_salt and p_enc_* options.

> Best Regards
> Adrian

-- 
Best regards, Ruslan.