[rt-users] RT::Authen::ExternalAuth with PHPass (phpbb3);

Adrian Stel adisan82 at gmail.com
Thu Nov 17 06:30:59 EST 2011


Hi Ruslan,


I comment in RT_SiteConfig.pm:

#p_enc_pkg =>
#p_enc_sub =>

and put:

p_check => sub {
  my ($hash, $pass) = @_;
  use Authen::Passphrase;
  return Authen::Passphrase->from_crypt($hash || '*')->match($pass);
},



In log I can see:

p_check for My_MySQL failed: unrecognised crypt scheme $H$ at
/opt/rt4/etc/RT_SiteConfig.pm line 154


This is the line:

154   return Authen::Passphrase->from_crypt($hash || '*')->match($pass);


I'm not sure if I put this p_check i right place, or I miss some '' ?


Normal we have:
''p_enc_pkg'                 =>  'Authen::Passphrase','

Should I live this p_check like this:

   151                                                          p_check => sub {
   152                                                           my
($hash, $pass) = @_;
   153                                                           use
Authen::Passphrase;
   154
return Authen::Passphrase->from_crypt($hash || '*')->match($pass);
   155                                                          },
   156


I can send you whole  Set($ExternalSettings,) if it will  help find issues.

Best
Adrian

2011/11/17 Ruslan Zakirov <ruz at bestpractical.com>:
> On Thu, Nov 17, 2011 at 1:49 PM, Adrian Stel <adisan82 at gmail.com> wrote:
>> Hi Ruslan,
>>
>> If I understand well:
>>
>> 1) apply patch - easy to do (just add line to
>> /opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/DBI.pm)
>>
>> 2) Here I have some question because I'm not sure how set 'p_enc_pkg'
>> and 'p_enc_sub'
>
> These are not required when p_check is set. p_check is a code inlined
> right into config that does whole job of checking password user
> entered against the hash.
>
>> I need add this check to RT_SiteConfig.pm: ??
>
> Yes.
>
>> p_check => sub {
>>   my ($hash, $pass) = @_;
>>   use Authen::Passphrase;
>>   return Authen::Passphrase->from_crypt($hash || '*')->match($pass);
>> },
>>
>>
>> then RT_SiteConfig.pm looks like:
>>
>>
>> # The Perl package & subroutine used to encrypt passwords
>> # e.g. if the passwords are stored using the MySQL v3.23 "PASSWORD"
>> # function, then you will need Crypt::MySQL::password, but for the
>> # MySQL4+ password function you will need Crypt::MySQL::password41
>> # Alternatively, you could use Digest::MD5::md5_hex or any other
>> # encryption subroutine you can load in your perl installation
>> 'p_enc_pkg'                 =>  'Authen::Passphrase',   (???????)
>> 'p_enc_sub'                 =>  '$P$',     (????????)
>> p_check => sub {
>>  my ($hash, $pass) = @_;
>>  use Authen::Passphrase;
>>  return Authen::Passphrase->from_crypt($hash || '*')->match($pass);
>> },
>> #'p_enc_pkg'                 =>  'Crypt::MySQL',
>> #'p_enc_sub'                 =>  'password41',
>> # If your p_enc_sub takes a salt as a second parameter,
>> # uncomment this line to add your salt
>> #'p_salt'                    =>  'SALT',
>>
>>
>> If i mix/miss something please correct me.
>
> Leave p_check and options that control how to find user in the DB,
> drop p_salt and p_enc_* options.
>
>> Best Regards
>> Adrian
>
> --
> Best regards, Ruslan.
>



-- 
Pozdrawiam
Adrian Stelmaszyk



More information about the rt-users mailing list