mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
ENH Deprecate old password encryptors (#10948)
This commit is contained in:
parent
9ccba6bc73
commit
b3b1d07616
@ -2,15 +2,28 @@
|
|||||||
|
|
||||||
namespace SilverStripe\Security;
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use SilverStripe\Dev\Deprecation;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Legacy implementation for SilverStripe 2.1 - 2.3,
|
* Legacy implementation for SilverStripe 2.1 - 2.3,
|
||||||
* which had a design flaw in password hashing that caused
|
* which had a design flaw in password hashing that caused
|
||||||
* the hashes to differ between architectures due to
|
* the hashes to differ between architectures due to
|
||||||
* floating point precision problems in base_convert().
|
* floating point precision problems in base_convert().
|
||||||
* See http://open.silverstripe.org/ticket/3004
|
* See http://open.silverstripe.org/ticket/3004
|
||||||
|
*
|
||||||
|
* @deprecated 5.2.0 Use SilverStripe\Security\PasswordEncryptor_PHPHash instead.
|
||||||
*/
|
*/
|
||||||
class PasswordEncryptor_LegacyPHPHash extends PasswordEncryptor_PHPHash
|
class PasswordEncryptor_LegacyPHPHash extends PasswordEncryptor_PHPHash
|
||||||
{
|
{
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
Deprecation::notice(
|
||||||
|
'5.2.0',
|
||||||
|
'Use SilverStripe\Security\PasswordEncryptor_PHPHash instead.',
|
||||||
|
Deprecation::SCOPE_CLASS
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
public function encrypt($password, $salt = null, $member = null)
|
public function encrypt($password, $salt = null, $member = null)
|
||||||
{
|
{
|
||||||
$password = parent::encrypt($password, $salt, $member);
|
$password = parent::encrypt($password, $salt, $member);
|
||||||
|
@ -2,13 +2,25 @@
|
|||||||
|
|
||||||
namespace SilverStripe\Security;
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use SilverStripe\Dev\Deprecation;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Uses MySQL's OLD_PASSWORD encyrption. Requires an active DB connection.
|
* Uses MySQL's OLD_PASSWORD encyrption. Requires an active DB connection.
|
||||||
|
*
|
||||||
|
* @deprecated 5.2.0 Use another subclass of SilverStripe\Security\PasswordEncryptor instead.
|
||||||
*/
|
*/
|
||||||
class PasswordEncryptor_MySQLOldPassword extends PasswordEncryptor
|
class PasswordEncryptor_MySQLOldPassword extends PasswordEncryptor
|
||||||
{
|
{
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
Deprecation::notice(
|
||||||
|
'5.2.0',
|
||||||
|
'Use another subclass of SilverStripe\Security\PasswordEncryptor instead.',
|
||||||
|
Deprecation::SCOPE_CLASS
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
public function encrypt($password, $salt = null, $member = null)
|
public function encrypt($password, $salt = null, $member = null)
|
||||||
{
|
{
|
||||||
return DB::prepared_query("SELECT OLD_PASSWORD(?)", [$password])->value();
|
return DB::prepared_query("SELECT OLD_PASSWORD(?)", [$password])->value();
|
||||||
|
@ -2,13 +2,25 @@
|
|||||||
|
|
||||||
namespace SilverStripe\Security;
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use SilverStripe\Dev\Deprecation;
|
||||||
use SilverStripe\ORM\DB;
|
use SilverStripe\ORM\DB;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Uses MySQL's PASSWORD encryption. Requires an active DB connection.
|
* Uses MySQL's PASSWORD encryption. Requires an active DB connection.
|
||||||
|
*
|
||||||
|
* @deprecated 5.2.0 Use another subclass of SilverStripe\Security\PasswordEncryptor instead.
|
||||||
*/
|
*/
|
||||||
class PasswordEncryptor_MySQLPassword extends PasswordEncryptor
|
class PasswordEncryptor_MySQLPassword extends PasswordEncryptor
|
||||||
{
|
{
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
Deprecation::notice(
|
||||||
|
'5.2.0',
|
||||||
|
'Use another subclass of SilverStripe\Security\PasswordEncryptor instead.',
|
||||||
|
Deprecation::SCOPE_CLASS
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
public function encrypt($password, $salt = null, $member = null)
|
public function encrypt($password, $salt = null, $member = null)
|
||||||
{
|
{
|
||||||
return DB::prepared_query("SELECT PASSWORD(?)", [$password])->value();
|
return DB::prepared_query("SELECT PASSWORD(?)", [$password])->value();
|
||||||
|
@ -2,13 +2,25 @@
|
|||||||
|
|
||||||
namespace SilverStripe\Security;
|
namespace SilverStripe\Security;
|
||||||
|
|
||||||
|
use SilverStripe\Dev\Deprecation;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Cleartext passwords (used in SilverStripe 2.1).
|
* Cleartext passwords (used in SilverStripe 2.1).
|
||||||
* Also used when Security::$encryptPasswords is set to FALSE.
|
|
||||||
* Not recommended.
|
* Not recommended.
|
||||||
|
*
|
||||||
|
* @deprecated 5.2.0 Use another subclass of SilverStripe\Security\PasswordEncryptor instead.
|
||||||
*/
|
*/
|
||||||
class PasswordEncryptor_None extends PasswordEncryptor
|
class PasswordEncryptor_None extends PasswordEncryptor
|
||||||
{
|
{
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
Deprecation::notice(
|
||||||
|
'5.2.0',
|
||||||
|
'Use another subclass of SilverStripe\Security\PasswordEncryptor instead.',
|
||||||
|
Deprecation::SCOPE_CLASS
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
public function encrypt($password, $salt = null, $member = null)
|
public function encrypt($password, $salt = null, $member = null)
|
||||||
{
|
{
|
||||||
return $password;
|
return $password;
|
||||||
|
@ -5,6 +5,7 @@ namespace SilverStripe\Security\Tests;
|
|||||||
use SilverStripe\Security\PasswordEncryptor_Blowfish;
|
use SilverStripe\Security\PasswordEncryptor_Blowfish;
|
||||||
use SilverStripe\Security\PasswordEncryptor;
|
use SilverStripe\Security\PasswordEncryptor;
|
||||||
use SilverStripe\Core\Config\Config;
|
use SilverStripe\Core\Config\Config;
|
||||||
|
use SilverStripe\Dev\Deprecation;
|
||||||
use SilverStripe\Dev\SapphireTest;
|
use SilverStripe\Dev\SapphireTest;
|
||||||
use SilverStripe\Security\PasswordEncryptor_LegacyPHPHash;
|
use SilverStripe\Security\PasswordEncryptor_LegacyPHPHash;
|
||||||
use SilverStripe\Security\PasswordEncryptor_NotFoundException;
|
use SilverStripe\Security\PasswordEncryptor_NotFoundException;
|
||||||
@ -155,7 +156,7 @@ class PasswordEncryptorTest extends SapphireTest
|
|||||||
'encryptors',
|
'encryptors',
|
||||||
['test_sha1legacy' => [PasswordEncryptor_LegacyPHPHash::class => 'sha1']]
|
['test_sha1legacy' => [PasswordEncryptor_LegacyPHPHash::class => 'sha1']]
|
||||||
);
|
);
|
||||||
$e = PasswordEncryptor::create_for_algorithm('test_sha1legacy');
|
$e = Deprecation::withNoReplacement(fn() => PasswordEncryptor::create_for_algorithm('test_sha1legacy'));
|
||||||
// precomputed hashes for 'mypassword' from different architectures
|
// precomputed hashes for 'mypassword' from different architectures
|
||||||
$amdHash = 'h1fj0a6m4o6k0sosks88oo08ko4gc4s';
|
$amdHash = 'h1fj0a6m4o6k0sosks88oo08ko4gc4s';
|
||||||
$intelHash = 'h1fj0a6m4o0g04ocg00o4kwoc4wowws';
|
$intelHash = 'h1fj0a6m4o0g04ocg00o4kwoc4wowws';
|
||||||
|
Loading…
Reference in New Issue
Block a user