Diffusion Phabricator 3c9153079f13

Make password hashing modular
3c9153079f13
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

Make password hashing modular

Summary:
Ref T4443. Make hashing algorithms pluggable and extensible so we can deal with the attendant complexities more easily.

This moves "Iterated MD5" to a modular implementation, and adds a tiny bit of hack-glue so we don't need to migrate the DB in this patch. I'll migrate in the next patch, then add bcrypt.

Test Plan:

Verified that the same stuff gets stored in the DB (i.e., no functional changes):
- Logged into an old password account.
- Changed password.
- Registered a new account.
- Changed password.
- Switched back to master.
- Logged in / out, changed password.
- Switched back, logged in.
Ran unit tests (they aren't super extensive, but cover some of the basics).

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, kofalt

Maniphest Tasks: T4443

Differential Revision: https://secure.phabricator.com/D8268

Details

Provenance

epriestley	Authored on
epriestley	Pushed on Feb 18 2014, 10:09 PM

Reviewer

Differential Revision

D8268: Make password hashing modular

Parents

rP2eeef339bf01: Add crumbs to calendar

Branches

Unknown

Tags

Unknown

Tasks

T4443: Use bcrypt / password_hash() to hash passwords if available

Event Timeline

Changes (11)

Path

Size

src/

__phutil_library_map__.php

applications/

auth/

controller/

config/

PhabricatorAuthEditController.php

provider/

PhabricatorAuthProvider.php

PhabricatorAuthProviderPassword.php

people/

storage/

PhabricatorUser.php

infrastructure/

util/

password/

PhabricatorIteratedMD5PasswordHasher.php

PhabricatorPasswordHasher.php

PhabricatorPasswordHasherUnavailableException.php

PhabricatorPasswordHasherTestCase.php

rP3c9153079f13

src/__phutil_library_map__.php

Loading...

src/applications/auth/controller/config/PhabricatorAuthEditController.php

Loading...

src/applications/auth/provider/PhabricatorAuthProvider.php

Loading...

src/applications/auth/provider/PhabricatorAuthProviderPassword.php

Loading...

src/applications/people/storage/PhabricatorUser.php

Loading...

src/infrastructure/util/password/PhabricatorIteratedMD5PasswordHasher.php

Loading...

src/infrastructure/util/password/PhabricatorPasswordHasher.php

Loading...

src/infrastructure/util/password/PhabricatorPasswordHasherUnavailableException.php

Loading...

src/infrastructure/util/password/tests/PhabricatorPasswordHasherTestCase.php

Loading...