From: Tim Starling <tstarling@wikimedia.org>
Date: Mon, 14 Nov 2016 05:47:03 +0000 (+1100)
Subject: Fix interpretation of "A-type" password hashes
X-Git-Tag: 1.31.0-rc.0~4878^2
X-Git-Url: https://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/comptes/ajouter.php?a=commitdiff_plain;h=7a157e0bea41b7b17c9b4395c6668d9b5b341a96;p=lhc%2Fweb%2Fwiklou.git

Fix interpretation of "A-type" password hashes

An A-type hash is an unsalted hash. A B-type hash is a salted hash of
the form md5(salt "-" md5(password)). So it's not correct to have an
A-type hash with a salt. User::comparePasswords() and
CentralAuthUser::getPasswordFromString() already get this right, they
generate :B: prefixes for legacy salted hashes where the salt is not
specified in the database.

Change-Id: Icb809274f9f63641e54daf98332a5646fd58b550
---

diff --git a/includes/auth/LocalPasswordPrimaryAuthenticationProvider.php b/includes/auth/LocalPasswordPrimaryAuthenticationProvider.php
index 88df68d310..b68c368cf6 100644
--- a/includes/auth/LocalPasswordPrimaryAuthenticationProvider.php
+++ b/includes/auth/LocalPasswordPrimaryAuthenticationProvider.php
@@ -104,7 +104,7 @@ class LocalPasswordPrimaryAuthenticationProvider
 		// The old hash format was just an md5 hex hash, with no type information
 		if ( preg_match( '/^[0-9a-f]{32}$/', $row->user_password ) ) {
 			if ( $this->config->get( 'PasswordSalt' ) ) {
-				$row->user_password = ":A:{$row->user_id}:{$row->user_password}";
+				$row->user_password = ":B:{$row->user_id}:{$row->user_password}";
 			} else {
 				$row->user_password = ":A:{$row->user_password}";
 			}
diff --git a/includes/password/MWOldPassword.php b/includes/password/MWOldPassword.php
index 84675c16d6..360485e364 100644
--- a/includes/password/MWOldPassword.php
+++ b/includes/password/MWOldPassword.php
@@ -36,14 +36,8 @@ class MWOldPassword extends ParameterizedPassword {
 	}
 
 	public function crypt( $plaintext ) {
-		global $wgPasswordSalt;
-
-		if ( $wgPasswordSalt && count( $this->args ) === 1 ) {
-			$this->hash = md5( $this->args[0] . '-' . md5( $plaintext ) );
-		} else {
-			$this->args = [];
-			$this->hash = md5( $plaintext );
-		}
+		$this->args = [];
+		$this->hash = md5( $plaintext );
 
 		if ( !is_string( $this->hash ) || strlen( $this->hash ) < 32 ) {
 			throw new PasswordError( 'Error when hashing password.' );