From: Steinar H. Gunderson Date: Fri, 20 Nov 2015 00:47:21 +0000 (+0100) Subject: Remove support for the old unsalted SHA-1 passwords. X-Git-Url: https://git.sesse.net/?p=pr0n;a=commitdiff_plain;h=9b0484cc963ef4d7056d644b418ba03cce579bca Remove support for the old unsalted SHA-1 passwords. --- diff --git a/doc/modules.txt b/doc/modules.txt index c0b88a6..4ac0745 100644 --- a/doc/modules.txt +++ b/doc/modules.txt @@ -7,8 +7,6 @@ PerlMagick perlmagick Scaling etc. MIME::Types libmime-types-perl Sending the right MIME types DBD::Pg libdbd-pg-perl PostgreSQL connection Image::ExifTool libimage-exiftool-perl Parsing EXIF data -Digest::SHA1 libdigest-sha1-perl Verifying passwords -Digest::HMAC_SHA1 libdigest-hmac-perl Verifying digest passwords Crypt::Eksblowfish::Bcrypt libcrypt-eksblowfish-perl Verifying passwords HTML::TagCloud libhtml-tagcloud-perl Tag cloud on /+tags/ jpegtran libjpeg-progs Lossless JPEG rotation diff --git a/perl/Sesse/pr0n/Common.pm b/perl/Sesse/pr0n/Common.pm index f98d16f..a6a8de4 100644 --- a/perl/Sesse/pr0n/Common.pm +++ b/perl/Sesse/pr0n/Common.pm @@ -13,8 +13,6 @@ use DBD::Pg; use Image::Magick; use IO::String; use POSIX; -use Digest::SHA; -use Digest::HMAC_SHA1; use MIME::Base64; use MIME::Types; use LWP::Simple; @@ -342,35 +340,16 @@ sub check_basic_auth { my ($raw_user, $pass) = split /:/, MIME::Base64::decode_base64($auth); my ($user, $takenby) = extract_takenby($raw_user); - my $ref = $dbh->selectrow_hashref('SELECT sha1password,cryptpassword FROM users WHERE username=? AND vhost=?', + my $ref = $dbh->selectrow_hashref('SELECT cryptpassword FROM users WHERE username=? AND vhost=?', undef, $user, Sesse::pr0n::Common::get_server_name($r)); - my ($sha1_matches, $bcrypt_matches) = (0, 0); - if (defined($ref) && defined($ref->{'sha1password'})) { - $sha1_matches = (Digest::SHA::sha1_base64($pass) eq $ref->{'sha1password'}); - } - if (defined($ref) && defined($ref->{'cryptpassword'})) { - $bcrypt_matches = (Crypt::Eksblowfish::Bcrypt::bcrypt($pass, $ref->{'cryptpassword'}) eq $ref->{'cryptpassword'}); - } - - if (!defined($ref) || (!$sha1_matches && !$bcrypt_matches)) { + my $bcrypt_matches = 0; + if (!defined($ref) || Crypt::Eksblowfish::Bcrypt::bcrypt($pass, $ref->{'cryptpassword'}) ne $ref->{'cryptpassword'}) { $r->content_type('text/plain; charset=utf-8'); log_warn($r, "Authentication failed for $user/$takenby"); return undef; } log_info($r, "Authentication succeeded for $user/$takenby"); - # Make sure we can use bcrypt authentication in the future with this password. - # Also remove old-style SHA1 password when we migrate. - if (!$bcrypt_matches) { - my $salt = get_pseudorandom_bytes(16); # Doesn't need to be cryptographically secur. - my $hash = "\$2a\$07\$" . Crypt::Eksblowfish::Bcrypt::en_base64($salt); - my $cryptpassword = Crypt::Eksblowfish::Bcrypt::bcrypt($pass, $hash); - $dbh->do('UPDATE users SET sha1password=NULL,cryptpassword=? WHERE username=? AND vhost=?', - undef, $cryptpassword, $user, Sesse::pr0n::Common::get_server_name($r)) - or die "Couldn't update: " . $dbh->errstr; - log_info($r, "Updated bcrypt hash for $user"); - } - return ($user, $takenby); } diff --git a/sql/pr0n.sql b/sql/pr0n.sql index 36d82d6..10cca1c 100644 --- a/sql/pr0n.sql +++ b/sql/pr0n.sql @@ -73,9 +73,8 @@ CREATE TABLE shadow_files ( CREATE TABLE users ( username character varying NOT NULL, - sha1password character(27), vhost character varying NOT NULL, - cryptpassword character varying + cryptpassword character varying NOT NULL ); -- Mainly used for manual queries -- usually too slow to be very useful