summaryrefslogtreecommitdiffstats
path: root/perl-install
diff options
context:
space:
mode:
authorPascal Terjan <pterjan@gmail.com>2016-07-31 15:58:56 +0100
committerPascal Terjan <pterjan@gmail.com>2016-07-31 15:58:56 +0100
commitc0529b4c5858300c0bd9c94fd35540e1f105dfd6 (patch)
tree80b9c1b53846e8523fc0b810df6e1d6d26e239b4 /perl-install
parentbca2d23304c03118e7ec5059c841647af4de10bc (diff)
downloaddrakx-c0529b4c5858300c0bd9c94fd35540e1f105dfd6.tar
drakx-c0529b4c5858300c0bd9c94fd35540e1f105dfd6.tar.gz
drakx-c0529b4c5858300c0bd9c94fd35540e1f105dfd6.tar.bz2
drakx-c0529b4c5858300c0bd9c94fd35540e1f105dfd6.tar.xz
drakx-c0529b4c5858300c0bd9c94fd35540e1f105dfd6.zip
add support for sha256/sha512 and default to sha512
Diffstat (limited to 'perl-install')
-rw-r--r--perl-install/NEWS1
-rw-r--r--perl-install/authentication.pm22
2 files changed, 20 insertions, 3 deletions
diff --git a/perl-install/NEWS b/perl-install/NEWS
index e74a7d043..932903c0b 100644
--- a/perl-install/NEWS
+++ b/perl-install/NEWS
@@ -1,5 +1,6 @@
- drakboot:
o fix .old backup for grub2's grub.cfg
+- authentication: add support for sha256/sha512 and default to sha512
Version 17.52 - 17 July 2016
diff --git a/perl-install/authentication.pm b/perl-install/authentication.pm
index 65d9950fa..6c9bea33d 100644
--- a/perl-install/authentication.pm
+++ b/perl-install/authentication.pm
@@ -272,6 +272,8 @@ sub get() {
my $authentication = {
blowfish => to_bool($system_auth =~ /\$2a\$/),
md5 => to_bool($system_auth =~ /md5/),
+ sha256 => to_bool($system_auth =~ /sha256/),
+ sha512 => to_bool($system_auth =~ /sha512/),
shadow => to_bool($system_auth =~ /shadow/),
};
@@ -810,9 +812,23 @@ sub user_crypted_passwd {
require utf8;
utf8::encode($u->{password}); #- we don't want perl to do "smart" things in crypt()
- crypt($u->{password},
- !$authentication || $authentication->{blowfish} ? '$2a$08$' . salt(60) :
- $authentication->{md5} ? '$1$' . salt(8) : salt(2));
+ # Default to sha512
+ $authentication = { sha512 => 1 } unless $authentication;
+
+ my $salt;
+ if ($authentication->{blowfish}) {
+ $salt = '$2a$08$' . salt(60);
+ } elsif ($authentication->{md5}) {
+ $salt = '$1$' . salt(8);
+ } elsif ($authentication->{sha256}) {
+ $salt = '$5$' . salt(32);
+ } elsif ($authentication->{sha512}) {
+ $salt = '$6$' . salt(64);
+ } else {
+ $salt = salt(2);
+ }
+
+ crypt($u->{password}, $salt);
} else {
$u->{pw} || '';
}