Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F14052982
D10325.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
4 KB
Referenced Files
None
Subscribers
None
D10325.diff
View Options
diff --git a/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php b/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php
--- a/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php
+++ b/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php
@@ -74,16 +74,23 @@
if (!$errors) {
$envelope = new PhutilOpaqueEnvelope($new_password);
+ try {
+ // NOTE: This test is against $viewer (not $user), so that the error
+ // message below makes sense in the case that the two are different,
+ // and because an admin reusing their own password is bad, while
+ // system agents generally do not have passwords anyway.
+
+ $same_password = $viewer->comparePassword($envelope);
+ } catch (PhabricatorPasswordHasherUnavailableException $ex) {
+ // If we're missing the hasher, just let the user continue.
+ $same_password = false;
+ }
+
if ($new_password !== $confirm) {
$e_password = pht('Does Not Match');
$e_confirm = pht('Does Not Match');
$errors[] = pht('Password and confirmation do not match.');
- } else if ($viewer->comparePassword($envelope)) {
- // NOTE: The above test is against $viewer (not $user), so that the
- // error message below makes sense in the case that the two are
- // different, and because an admin reusing their own password is bad,
- // while system agents generally do not have passwords anyway.
-
+ } else if ($same_password) {
$e_password = pht('Not Unique');
$e_confirm = pht('Not Unique');
$errors[] = pht(
@@ -197,7 +204,22 @@
->setValue(PhabricatorPasswordHasher::getBestAlgorithmName()));
if (strlen($hash_envelope->openEnvelope())) {
- if (PhabricatorPasswordHasher::canUpgradeHash($hash_envelope)) {
+ try {
+ $can_upgrade = PhabricatorPasswordHasher::canUpgradeHash(
+ $hash_envelope);
+ } catch (PhabricatorPasswordHasherUnavailableException $ex) {
+ $can_upgrade = false;
+ $errors[] = pht(
+ 'Your VCS password is currently hashed using an algorithm which is '.
+ 'no longer available on this install.');
+ $errors[] = pht(
+ 'Because the algorithm implementation is missing, your password '.
+ 'can not be used.');
+ $errors[] = pht(
+ 'You can set a new password to replace the old password.');
+ }
+
+ if ($can_upgrade) {
$errors[] = pht(
'The strength of your stored VCS password hash can be upgraded. '.
'To upgrade, either: use the password to authenticate with a '.
diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php b/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
--- a/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
+++ b/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
@@ -126,7 +126,28 @@
$hash_envelope = new PhutilOpaqueEnvelope($user->getPasswordHash());
if (strlen($hash_envelope->openEnvelope())) {
- if (PhabricatorPasswordHasher::canUpgradeHash($hash_envelope)) {
+ try {
+ $can_upgrade = PhabricatorPasswordHasher::canUpgradeHash(
+ $hash_envelope);
+ } catch (PhabricatorPasswordHasherUnavailableException $ex) {
+ $can_upgrade = false;
+
+ // Only show this stuff if we aren't on the reset workflow. We can
+ // do resets regardless of the old hasher's availability.
+ if (!$token) {
+ $errors[] = pht(
+ 'Your password is currently hashed using an algorithm which is '.
+ 'no longer available on this install.');
+ $errors[] = pht(
+ 'Because the algorithm implementation is missing, your password '.
+ 'can not be used or updated.');
+ $errors[] = pht(
+ 'To set a new password, request a password reset link from the '.
+ 'login screen and then follow the instructions.');
+ }
+ }
+
+ if ($can_upgrade) {
$errors[] = pht(
'The strength of your stored password hash can be upgraded. '.
'To upgrade, either: log out and log in using your password; or '.
diff --git a/src/infrastructure/util/password/PhabricatorPasswordHasher.php b/src/infrastructure/util/password/PhabricatorPasswordHasher.php
--- a/src/infrastructure/util/password/PhabricatorPasswordHasher.php
+++ b/src/infrastructure/util/password/PhabricatorPasswordHasher.php
@@ -407,7 +407,9 @@
$current_hasher = PhabricatorPasswordHasher::getHasherForHash($hash);
return $current_hasher->getHumanReadableName();
} catch (Exception $ex) {
- return pht('Unknown');
+ $info = self::parseHashFromStorage($hash);
+ $name = $info['name'];
+ return pht('Unknown ("%s")', $name);
}
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sat, Nov 16, 11:52 AM (2 d, 22 h ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6752933
Default Alt Text
D10325.diff (4 KB)
Attached To
Mode
D10325: Allow users to recover from a missing password hasher
Attached
Detach File
Event Timeline
Log In to Comment