dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
(from parent 1:
e75b1f2
)
Merge "(bug 35961) Hash comparison should always be strict."
author
Aaron Schulz
<aschulz@wikimedia.org>
Fri, 20 Apr 2012 08:03:42 +0000
(08:03 +0000)
committer
Gerrit Code Review
<gerrit@wikimedia.org>
Fri, 20 Apr 2012 08:03:42 +0000
(08:03 +0000)
includes/User.php
patch
|
blob
|
history
diff --git
a/includes/User.php
b/includes/User.php
index
af923ff
..
d3332fd
100644
(file)
--- a/
includes/User.php
+++ b/
includes/User.php
@@
-3924,7
+3924,7
@@
class User {
} elseif ( $type == ':B:' ) {
# Salted
list( $salt, $realHash ) = explode( ':', substr( $hash, 3 ), 2 );
- return md5( $salt.'-'.md5( $password ) ) == $realHash;
+ return md5( $salt.'-'.md5( $password ) ) ==
=
$realHash;
} else {
# Old-style
return self::oldCrypt( $password, $userId ) === $hash;