makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-21 18:58:53 +00:00
Code Issues Projects Releases Packages Wiki Activity
17938 commits 18 branches 192 tags 207 MiB
Commit graph

12 commits

Author SHA1 Message Date
Marc Alexander
a4b0a8ceb9 [feature/passwords] Do not use specific errors but just return false 
The authentication system should handle the possible errors for now.
Additional error returns can be added later on if they are needed.

PHPBB3-11610
 2013-09-14 13:54:53 +02:00
Marc Alexander
dbd6d33e9f [feature/passwords] NULL should be null according to coding guidelines 
PHPBB3-11610
 2013-09-14 13:54:48 +02:00
Marc Alexander
8f863d1d49 [feature/passwords] Do not check if type_map is empty 
If the type map is empty the service container is incomplete or broken.
There is no need to check this as other components would probably be broken
at the same time.

PHPBB3-11610
 2013-09-14 13:54:39 +02:00
Marc Alexander
cfbd858bd7 [feature/passwords] Properly treat duplicates in combined hashes 
PHPBB3-11610
 2013-09-14 13:54:21 +02:00
Marc Alexander
556048177f [feature/passwords] Make method get_hashing_public_algorithm public 
Combined hashing requires it for checking the supplied password hash for
its hashing algorithm.

PHPBB3-11610
 2013-09-14 13:54:13 +02:00
Marc Alexander
dc76146cef [feature/passwords] Add combined hashing method to helper 
This will allow to hash a previously hashed password with another hashing
method, i.e. as upgrade path from phpBB 3.0 to 3.1.

PHPBB3-11610
 2013-09-14 13:53:58 +02:00
Marc Alexander
ab068799b1 [feature/passwords] Pass phpbb_container to passwords helper 
PHPBB3-11610
 2013-09-14 13:53:31 +02:00
Marc Alexander
7ddf004489 [feature/passwords] Make method get_hashing_algorithm() protected 
There is currently no use for it being public.

PHPBB3-11610
 2013-09-14 13:53:03 +02:00
Marc Alexander
f8bcf99c7f [feature/passwords] Do not support 8-bit characters with $2a$ bcrypt 
8-bit unicode characters might reduce the security of the password hash
when using the $2a$ bcrypt prefix. Those types of characters are usually
not used in passwords but we should prevent this possible issue anyway.

PHPBB3-11610
 2013-09-14 13:52:09 +02:00
Marc Alexander
8795fe9c77 [feature/passwords] Add convert flag for converting to default 
PHPBB3-11610
 2013-09-14 13:52:04 +02:00
Marc Alexander
7a526284d3 [feature/passwords] Default to bcrypt with $2y$ prefix if possible 
PHPBB3-11610
 2013-09-14 13:51:31 +02:00
Marc Alexander
3a0dd248d0 [feature/passwords] Add basic implementation of passwords manager 
The passwords manager is capable of checking and hashing passwords.
It will support different hashing algorithms.

PHPBB3-11610
 2013-09-14 13:50:07 +02:00