From a4b0a8ceb9e289980aa13a8990a8e00919325caf Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jul 2013 00:00:47 +0200
Subject: [PATCH] [feature/passwords] Do not use specific errors but just
 return false

The authentication system should handle the possible errors for now.
Additional error returns can be added later on if they are needed.

PHPBB3-11610
---
 phpBB/includes/crypto/manager.php | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/phpBB/includes/crypto/manager.php b/phpBB/includes/crypto/manager.php
index 6af8cc840e..7f95bcdf60 100644
--- a/phpBB/includes/crypto/manager.php
+++ b/phpBB/includes/crypto/manager.php
@@ -101,17 +101,18 @@ class phpbb_crypto_manager
 	* @param string $hash Password hash that should be checked
 	*
 	* @return object The hash type object
-	*
-	* @throws RunTimeException If hash type is not supported
 	*/
 	public function get_hashing_algorithm($hash)
 	{
-		// preg_match() will also show hashing algos like $2a\H$, which
-		// is a combination of bcrypt and phpass
+		/*
+		* preg_match() will also show hashing algos like $2a\H$, which
+		* is a combination of bcrypt and phpass. Legacy algorithms
+		* like md5 will not be matched by this and need to be treated
+		* differently.
+		*/
 		if (!preg_match('#^\$([a-zA-Z0-9\\\]*?)\$#', $hash, $match))
 		{
-			// Legacy support needed
-			throw new RunTimeException('NO_LEGACY_SUPPORT');
+			return false;
 		}
 
 		// Be on the lookout for multiple hashing algorithms
@@ -124,15 +125,17 @@ class phpbb_crypto_manager
 			{
 				if (isset($this->type_map["\${$type}\$"]))
 				{
-					while(isset($return_ary[$type]))
+					// we do not support the same hashing
+					// algorithm more than once
+					if (isset($return_ary[$type]))
 					{
-						$type = $type + ' ';
+						return false;
 					}
 					$return_ary[$type] = $this->type_map["\${$type}\$"];
 				}
 				else
 				{
-					throw new \RunTimeException('HASH_TYPE_NOT_SUPPORTED');
+					return false;
 				}
 			}
 			return $return_ary;
@@ -143,7 +146,7 @@ class phpbb_crypto_manager
 		}
 		else
 		{
-			throw new RunTimeException('UNKNOWN_HASH_TYPE');
+			return false;
 		}
 	}
 
@@ -155,8 +158,6 @@ class phpbb_crypto_manager
 	*			none is supplied
 	* @return string|bool Password hash of supplied password or false if
 	*			if something went wrong during hashing
-	*
-	* @throws RunTimeException If hash type is not supported
 	*/
 	public function hash_password($password, $type = '')
 	{