[Koha-bugs] [Bug 9611] Changing the password hashing algorithm from MD5 to more secure Bcrypt
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Feb 14 16:14:50 CET 2013
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9611
Bernardo Gonzalez Kriegel <bgkriegel at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bgkriegel at gmail.com
--- Comment #2 from Bernardo Gonzalez Kriegel <bgkriegel at gmail.com> ---
This patch add new perl dependencies,
Crypt::Eksblowfish::Bcrypt
Crypt::Random::Source
They are not installed by default, so I think must be included in
koha_perl_deps.pl.
Also, Crypt::Eksblowfish::Bcrypt is present on Ubuntu 12.04, but not the second
which must be installed via cpan.
With those solved, koha-qa complains about tabulations.
Test with patch applied:
1) Old user can login
2) New user has "new" type of password
3) Old user with password update has "new" type of password
4) Old (updated) or New user CAN'T LOGIN
Log:
opac-user.pl: Use of uninitialized value in string ne at
.../kohaclone/C4/Auth.pm line 671., referer: ...
opac-user.pl: Use of uninitialized value $pki_field in string eq at
.../kohaclone/C4/Auth.pm line 757., referer: ...
opac-user.pl: Use of uninitialized value $pki_field in string eq at
.../kohaclone/C4/Auth.pm line 757., referer: ...
opac-user.pl: Use of uninitialized value $retuserid in string ne at
.../kohaclone/C4/Auth.pm line 793., referer: ...
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list