added mediawiki password method FS#2559

This should make migrating from MediaWiki a bit easier.
2013-01-26 12:59:15 +01:00 · 2013-01-26 12:59:15 +01:00 · 529b04166c
parent bcc1938ed0
commit 529b04166c
3 changed files with 32 additions and 9 deletions
--- a/_test/tests/inc/auth_password.test.php
+++ b/_test/tests/inc/auth_password.test.php
@ -61,6 +61,11 @@ class auth_password_test extends PHPUnit_Framework_TestCase {
        $this->assertTrue(auth_verifyPassword('test12345','$H$9IQRaTwmfeRo7ud9Fh4E2PdI0S3r.L0'));
    }

+    function test_veryPassword_mediawiki(){
+        $this->assertTrue(auth_verifyPassword('password', ':B:838c83e1:e4ab7024509eef084cdabd03d8b2972c'));
+    }
+
+
    /**
     * pmd5 checking should throw an exception when a hash with a too high
     * iteration count is passed
--- a/inc/PassHash.class.php
+++ b/inc/PassHash.class.php
@ -4,7 +4,7 @@
 *
 * This class implements various mechanisms used to hash passwords
 *
- * @author Andreas Gohr <andi@splitbrain.org>
+ * @author  Andreas Gohr <andi@splitbrain.org>
 * @license LGPL2
 */
 class PassHash {
@ -58,6 +58,9 @@ class PassHash {
        } elseif(substr($hash, 0, 6) == '{SMD5}') {
            $method = 'lsmd5';
            $salt   = substr(base64_decode(substr($hash, 6)), 16);
+        } elseif(preg_match('/^:B:(.+?):.{32}$/', $hash, $m)) {
+            $method = 'mediawiki';
+            $salt   = $m[1];
        } elseif($len == 32) {
            $method = 'md5';
        } elseif($len == 40) {
@ -104,7 +107,7 @@ class PassHash {
     * applied.
     *
     * @param string &$salt The salt, pass null if you want one generated
-     * @param int    $len The length of the salt
+     * @param int    $len   The length of the salt
     */
    public function init_salt(&$salt, $len = 32) {
        if(is_null($salt)) $salt = $this->gen_salt($len);
@ -263,7 +266,7 @@ class PassHash {
     *
     * This method was used by old MySQL systems
     *
-     * @link http://www.php.net/mysql
+     * @link   http://www.php.net/mysql
     * @author <soren at byu dot edu>
     * @param string $clear The clear text to hash
     * @return string Hashed password
@ -327,9 +330,9 @@ class PassHash {
     * an exception.
     *
     * @link  http://www.openwall.com/phpass/
-     * @param string $clear The clear text to hash
-     * @param string $salt  The salt to use, null for random
-     * @param string $magic The hash identifier (P or H)
+     * @param string $clear   The clear text to hash
+     * @param string $salt    The salt to use, null for random
+     * @param string $magic   The hash identifier (P or H)
     * @param int    $compute The iteration count for new passwords
     * @throws Exception
     * @return string Hashed password
@ -430,8 +433,8 @@ class PassHash {
     * will break. When no salt is given, the iteration count can be set
     * through the $compute variable.
     *
-     * @param string $clear The clear text to hash
-     * @param string $salt  The salt to use, null for random
+     * @param string $clear   The clear text to hash
+     * @param string $salt    The salt to use, null for random
     * @param int    $compute The iteration count (between 4 and 31)
     * @throws Exception
     * @return string Hashed password
@ -450,4 +453,19 @@ class PassHash {
        return crypt($clear, $salt);
    }

+    /**
+     * Password hashing method 'mediawiki'
+     *
+     * Uses salted MD5, this is referred to as Method B in MediaWiki docs. Unsalted md5
+     * method 'A' is not supported.
+     *
+     * @link  http://www.mediawiki.org/wiki/Manual_talk:User_table#user_password_column
+     * @param string $clear The clear text to hash
+     * @param string $salt  The salt to use, null for random
+     * @return string Hashed password
+     */
+    public function hash_mediawiki($clear, $salt = null) {
+        $this->init_salt($salt, 8);
+        return ':B:'.$salt.':'.md5($salt.'-'.md5($clear));
+    }
 }
--- a/lib/plugins/config/settings/config.metadata.php
+++ b/lib/plugins/config/settings/config.metadata.php
@ -126,7 +126,7 @@ $meta['_authentication'] = array('fieldset');
 $meta['useacl']      = array('onoff');
 $meta['autopasswd']  = array('onoff');
 $meta['authtype']    = array('authtype');
-$meta['passcrypt']   = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','lsmd5','crypt','mysql','my411','kmd5','pmd5','hmd5','bcrypt'));
+$meta['passcrypt']   = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','lsmd5','crypt','mysql','my411','kmd5','pmd5','hmd5','mediawiki','bcrypt'));
 $meta['defaultgroup']= array('string');
 $meta['superuser']   = array('string');
 $meta['manager']     = array('string');