- # Make sure we can use bcrypt authentication in the future with this password.
- # Also remove old-style SHA1 password when we migrate.
- if (!$bcrypt_matches) {
- my $salt = get_pseudorandom_bytes(16); # Doesn't need to be cryptographically secur.
- my $hash = "\$2a\$07\$" . Crypt::Eksblowfish::Bcrypt::en_base64($salt);
- my $cryptpassword = Crypt::Eksblowfish::Bcrypt::bcrypt($pass, $hash);
- $dbh->do('UPDATE users SET sha1password=NULL,cryptpassword=? WHERE username=? AND vhost=?',
- undef, $cryptpassword, $user, Sesse::pr0n::Common::get_server_name($r))
- or die "Couldn't update: " . $dbh->errstr;
- log_info($r, "Updated bcrypt hash for $user");
- }
-