comparison mod_auth_phpbb3/mod_auth_phpbb3.lua @ 2168:28d99ffa3c06

mod_auth_phpbb3: Add support for verifying bcrypt hashes (thanks bios)
author Kim Alvefur <zash@zash.se>
date Sat, 30 Apr 2016 19:09:45 +0200
parents 7dbde05b48a9
children
comparison
equal deleted inserted replaced
2167:24dcf496df6b 2168:28d99ffa3c06
8 local nodeprep = require "util.encodings".stringprep.nodeprep; 8 local nodeprep = require "util.encodings".stringprep.nodeprep;
9 local saslprep = require "util.encodings".stringprep.saslprep; 9 local saslprep = require "util.encodings".stringprep.saslprep;
10 local DBI = require "DBI" 10 local DBI = require "DBI"
11 local md5 = require "util.hashes".md5; 11 local md5 = require "util.hashes".md5;
12 local uuid_gen = require "util.uuid".generate; 12 local uuid_gen = require "util.uuid".generate;
13 local have_bcrypt, bcrypt = pcall(require, "bcrypt"); -- available from luarocks
13 14
14 local connection; 15 local connection;
15 local params = module:get_option("sql"); 16 local params = module:get_option("sql");
16 17
17 local resolve_relative_path = require "core.configmanager".resolve_relative_path; 18 local resolve_relative_path = require "core.configmanager".resolve_relative_path;
174 output = output .. hashEncode64(input, 6); 175 output = output .. hashEncode64(input, 6);
175 return output; 176 return output;
176 end 177 end
177 local function phpbbCheckHash(password, hash) 178 local function phpbbCheckHash(password, hash)
178 if #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash 179 if #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash
179 return #hash == 34 and hashCryptPrivate(password, hash) == hash; 180 if #hash == 34 then return hashCryptPrivate(password, hash) == hash; end
181 if #hash == 60 and have_bcrypt then return bcrypt.verify(password, hash); end
182 module:log("error", "Unsupported hash: %s", hash);
183 return false;
180 end 184 end
181 local function phpbbCreateHash(password) 185 local function phpbbCreateHash(password)
182 local random = uuid_gen():sub(-6); 186 local random = uuid_gen():sub(-6);
183 local salt = hashGensaltPrivate(random); 187 local salt = hashGensaltPrivate(random);
184 local hash = hashCryptPrivate(password, salt); 188 local hash = hashCryptPrivate(password, salt);