Page MenuHomePhabricator

D10325.diff
No OneTemporary

D10325.diff

diff --git a/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php b/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php
--- a/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php
+++ b/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php
@@ -74,16 +74,23 @@
if (!$errors) {
$envelope = new PhutilOpaqueEnvelope($new_password);
+ try {
+ // NOTE: This test is against $viewer (not $user), so that the error
+ // message below makes sense in the case that the two are different,
+ // and because an admin reusing their own password is bad, while
+ // system agents generally do not have passwords anyway.
+
+ $same_password = $viewer->comparePassword($envelope);
+ } catch (PhabricatorPasswordHasherUnavailableException $ex) {
+ // If we're missing the hasher, just let the user continue.
+ $same_password = false;
+ }
+
if ($new_password !== $confirm) {
$e_password = pht('Does Not Match');
$e_confirm = pht('Does Not Match');
$errors[] = pht('Password and confirmation do not match.');
- } else if ($viewer->comparePassword($envelope)) {
- // NOTE: The above test is against $viewer (not $user), so that the
- // error message below makes sense in the case that the two are
- // different, and because an admin reusing their own password is bad,
- // while system agents generally do not have passwords anyway.
-
+ } else if ($same_password) {
$e_password = pht('Not Unique');
$e_confirm = pht('Not Unique');
$errors[] = pht(
@@ -197,7 +204,22 @@
->setValue(PhabricatorPasswordHasher::getBestAlgorithmName()));
if (strlen($hash_envelope->openEnvelope())) {
- if (PhabricatorPasswordHasher::canUpgradeHash($hash_envelope)) {
+ try {
+ $can_upgrade = PhabricatorPasswordHasher::canUpgradeHash(
+ $hash_envelope);
+ } catch (PhabricatorPasswordHasherUnavailableException $ex) {
+ $can_upgrade = false;
+ $errors[] = pht(
+ 'Your VCS password is currently hashed using an algorithm which is '.
+ 'no longer available on this install.');
+ $errors[] = pht(
+ 'Because the algorithm implementation is missing, your password '.
+ 'can not be used.');
+ $errors[] = pht(
+ 'You can set a new password to replace the old password.');
+ }
+
+ if ($can_upgrade) {
$errors[] = pht(
'The strength of your stored VCS password hash can be upgraded. '.
'To upgrade, either: use the password to authenticate with a '.
diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php b/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
--- a/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
+++ b/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
@@ -126,7 +126,28 @@
$hash_envelope = new PhutilOpaqueEnvelope($user->getPasswordHash());
if (strlen($hash_envelope->openEnvelope())) {
- if (PhabricatorPasswordHasher::canUpgradeHash($hash_envelope)) {
+ try {
+ $can_upgrade = PhabricatorPasswordHasher::canUpgradeHash(
+ $hash_envelope);
+ } catch (PhabricatorPasswordHasherUnavailableException $ex) {
+ $can_upgrade = false;
+
+ // Only show this stuff if we aren't on the reset workflow. We can
+ // do resets regardless of the old hasher's availability.
+ if (!$token) {
+ $errors[] = pht(
+ 'Your password is currently hashed using an algorithm which is '.
+ 'no longer available on this install.');
+ $errors[] = pht(
+ 'Because the algorithm implementation is missing, your password '.
+ 'can not be used or updated.');
+ $errors[] = pht(
+ 'To set a new password, request a password reset link from the '.
+ 'login screen and then follow the instructions.');
+ }
+ }
+
+ if ($can_upgrade) {
$errors[] = pht(
'The strength of your stored password hash can be upgraded. '.
'To upgrade, either: log out and log in using your password; or '.
diff --git a/src/infrastructure/util/password/PhabricatorPasswordHasher.php b/src/infrastructure/util/password/PhabricatorPasswordHasher.php
--- a/src/infrastructure/util/password/PhabricatorPasswordHasher.php
+++ b/src/infrastructure/util/password/PhabricatorPasswordHasher.php
@@ -407,7 +407,9 @@
$current_hasher = PhabricatorPasswordHasher::getHasherForHash($hash);
return $current_hasher->getHumanReadableName();
} catch (Exception $ex) {
- return pht('Unknown');
+ $info = self::parseHashFromStorage($hash);
+ $name = $info['name'];
+ return pht('Unknown ("%s")', $name);
}
}

File Metadata

Mime Type
text/plain
Expires
Tue, Nov 12, 1:10 PM (6 d, 21 h ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6752933
Default Alt Text
D10325.diff (4 KB)

Event Timeline