ukamnya
/
Redmine-mod-perl-auth
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use Digest::SHA instead of Digest::SHA1.

1.x
Adirelle 2012-04-04 16:20:47 +02:00
parent 1003b40d9d
commit 42c493b6d4
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Redmine.pm
View File

@ -135,7 +135,7 @@ use strict;
use warnings FATAL => 'all', NONFATAL => 'redefine'; use warnings FATAL => 'all', NONFATAL => 'redefine';
use DBI; use DBI;
use Digest::SHA1; use Digest::SHA;
# optional module for LDAP authentication # optional module for LDAP authentication
my $CanUseLDAPAuth = eval("use Authen::Simple::LDAP; 1"); my $CanUseLDAPAuth = eval("use Authen::Simple::LDAP; 1");
@ -398,9 +398,9 @@ sub check_login {
} else { } else {
# Database authentication # Database authentication
my $pass_digest = Digest::SHA1::sha1_hex($password); my $pass_digest = Digest::SHA::sha1_hex($password);
return (AUTH_REQUIRED, "wrong password for '$user'") return (AUTH_REQUIRED, "wrong password for '$user'")
unless $hashed_password eq Digest::SHA1::sha1_hex($salt.$pass_digest); unless $hashed_password eq Digest::SHA::sha1_hex($salt.$pass_digest);
} }
# Password is ok, check if account if locked # Password is ok, check if account if locked
@ -576,7 +576,7 @@ sub is_true {
# build credential cache key # build credential cache key
sub get_cache_key { sub get_cache_key {
my ($r, $password) = @_; my ($r, $password) = @_;
return Digest::SHA1::sha1_hex(join(':', get_project_identifier($r), $r->user, $password, is_read_request($r) ? 'read' : 'write')); return Digest::SHA::sha1_hex(join(':', get_project_identifier($r), $r->user, $password, is_read_request($r) ? 'read' : 'write'));
} }
# check if credentials exist in cache # check if credentials exist in cache