mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
07fc3650a3
BUGFIX Fixed password hashing design flaw in Security::encrypt_password(). Removing base_convert() packing with unsafe precision, but retaining backwards compatibilty through pluggable encryptors: PasswordEncryptor_LegacyPHPHash (#3004) (merged from r90949) API CHANGE Deprecated Security::encrypt_passwords() (merged from r90949) API CHANGE Deprecated Security::$useSalt, use custom PasswordEncryptor implementation (merged from r90949) API CHANGE Removed Security::get_encryption_algorithms() (merged from r90949) API CHANGE MySQL-specific encyrption types 'password' and 'old_password' are no longer included by default. Use PasswordEncryptor_MySQLPassword and PasswordEncryptor_MySQLOldPassword API CHANGE Built-in number of hashing algorithms has been reduced to 'none', 'md5', 'sha1'. Use PasswordEncryptor::register() and PasswordEncryptor_PHPHash to re-add others. (merged from r90949) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@91576 467b73ca-7a2a-4603-9d3b-597d59a354a9 |
||
---|---|---|
.. | ||
Authenticator.php | ||
BasicAuth.php | ||
ChangePasswordForm.php | ||
Group.php | ||
LoginAttempt.php | ||
LoginForm.php | ||
Member.php | ||
MemberAuthenticator.php | ||
MemberLoginForm.php | ||
MemberPassword.php | ||
NZGovtPasswordValidator.php | ||
PasswordValidator.php | ||
Permission.php | ||
PermissionCheckboxSetField.php | ||
PermissionProvider.php | ||
PermissionRole.php | ||
PermissionRoleCode.php | ||
Security.php |