[Rt-commit] [svn] r746 - in rt: . branches/rt-3.1/lib/RT branches/rt-3.3/lib/RT

autrijus at pallas.eruditorum.org autrijus at pallas.eruditorum.org
Mon Apr 26 15:11:33 EDT 2004


Author: autrijus
Date: Mon Apr 26 15:11:33 2004
New Revision: 746

Modified:
   rt/   (props changed)
   rt/branches/rt-3.1/lib/RT/Tickets_Overlay.pm
   rt/branches/rt-3.3/lib/RT/User_Overlay.pm
Log:
 ----------------------------------------------------------------------
 r4176 at not:  autrijus | 2004-04-26T19:09:53.594445Z
 
 * switch password format from base64 to hex; maintaining legacy
   compatibility by upgrading passwords in-place upon successful auth
 ----------------------------------------------------------------------


Modified: rt/branches/rt-3.1/lib/RT/Tickets_Overlay.pm
==============================================================================
--- rt/branches/rt-3.1/lib/RT/Tickets_Overlay.pm	(original)
+++ rt/branches/rt-3.1/lib/RT/Tickets_Overlay.pm	Mon Apr 26 15:11:33 2004
@@ -862,14 +862,20 @@
 Returns a frozen string suitable for handing back to ThawLimits.
 
 =cut
+
+sub _FreezeThawKeys {
+    'TicketRestrictions',
+    'restriction_index',
+    'looking_at_effective_id',
+    'looking_at_type'
+}
+
 # {{{ sub FreezeLimits
 
 sub FreezeLimits {
 	my $self = shift;
 	require FreezeThaw;
-	return (FreezeThaw::freeze($self->{'TicketRestrictions'},
-				   $self->{'restriction_index'}
-				  ));
+	return (FreezeThaw::freeze(@{$self}{$self->_FreezeThawKeys}));
 }
 
 # }}}
@@ -896,9 +902,7 @@
 	#We don't need to die if the thaw fails.
 	
 	eval {
-		($self->{'TicketRestrictions'},
-		$self->{'restriction_index'}
-		) = FreezeThaw::thaw($in);
+		@{$self}{$self->_FreezeThawKeys} = FreezeThaw::thaw($in);
 	};
 	$RT::Logger->error( $@ ) if $@;
 

Modified: rt/branches/rt-3.3/lib/RT/User_Overlay.pm
==============================================================================
--- rt/branches/rt-3.3/lib/RT/User_Overlay.pm	(original)
+++ rt/branches/rt-3.3/lib/RT/User_Overlay.pm	Mon Apr 26 15:11:33 2004
@@ -986,7 +986,7 @@
 
 =head2 _GeneratePassword PASSWORD
 
-returns an MD5 hash of the password passed in, in base64 encoding.
+returns an MD5 hash of the password passed in, in hexadecimal encoding.
 
 =cut
 
@@ -996,6 +996,23 @@
 
     my $md5 = Digest::MD5->new();
     $md5->add($password);
+    return ($md5->hexdigest);
+
+}
+
+=head2 _GeneratePasswordBase64 PASSWORD
+
+returns an MD5 hash of the password passed in, in base64 encoding
+(obsoleted now).
+
+=cut
+
+sub _GeneratePasswordBase64 {
+    my $self = shift;
+    my $password = shift;
+
+    my $md5 = Digest::MD5->new();
+    $md5->add($password);
     return ($md5->b64digest);
 
 }
@@ -1039,9 +1056,12 @@
     }
 
     #  if it's a historical password we say ok.
-
-    if ( $self->__Value('Password') eq crypt( $value, $self->__Value('Password') ) ) {
-        return (1);
+    if ($self->__Value('Password') eq crypt($value, $self->__Value('Password'))
+        or $self->_GeneratePasswordBase64($value) eq $self->__Value('Password'))
+    {
+        # ...but upgrade the legacy password inplace.
+        $self->SUPER::SetPassword( $self->_GeneratePassword($value) );
+        return(1);
     }
 
     # no password check has succeeded. get out


More information about the Rt-commit mailing list