aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/phpbb/passwords
diff options
context:
space:
mode:
authorMarc Alexander <admin@m-a-styles.de>2014-05-28 20:02:06 +0200
committerMarc Alexander <admin@m-a-styles.de>2014-06-01 21:31:04 +0200
commitd9e49fae235217ea60dc95d91822cf04e5024db5 (patch)
tree8f92cd048787ea3d21252cc214e38c9cc4af7bc8 /phpBB/phpbb/passwords
parentb35ed3bc69ac0cdd63791d89f1941b1bb8c69c0b (diff)
downloadforums-d9e49fae235217ea60dc95d91822cf04e5024db5.tar
forums-d9e49fae235217ea60dc95d91822cf04e5024db5.tar.gz
forums-d9e49fae235217ea60dc95d91822cf04e5024db5.tar.bz2
forums-d9e49fae235217ea60dc95d91822cf04e5024db5.tar.xz
forums-d9e49fae235217ea60dc95d91822cf04e5024db5.zip
[ticket/12352] Check phpBB2 passwords that have been encrypted with phpass
PHPBB3-12352
Diffstat (limited to 'phpBB/phpbb/passwords')
-rw-r--r--phpBB/phpbb/passwords/driver/phpbb2_md5.php19
1 files changed, 13 insertions, 6 deletions
diff --git a/phpBB/phpbb/passwords/driver/phpbb2_md5.php b/phpBB/phpbb/passwords/driver/phpbb2_md5.php
index 7796ff6873..0f2bf74850 100644
--- a/phpBB/phpbb/passwords/driver/phpbb2_md5.php
+++ b/phpBB/phpbb/passwords/driver/phpbb2_md5.php
@@ -19,6 +19,9 @@ class phpbb2_md5 extends base
/** @var \phpbb\request\request phpBB request object */
protected $request;
+ /** @var \phpbb\passwords\driver\salted_md5 */
+ protected $salted_md5;
+
/** @var phpBB root path */
protected $phpbb_root_path;
@@ -28,13 +31,15 @@ class phpbb2_md5 extends base
/**
* Constructor of passwords driver object
*
- * @param \phpbb\request\request $request phpBB request object
- * @param string $phpbb_root_path phpBB root path
- * @param string $php_ext PHP file extension
+ * @param \phpbb\request\request $request phpBB request object
+ * @param \phpbb\passwords\driver\salted_md5 $salted_md5 Salted md5 driver
+ * @param string $phpbb_root_path phpBB root path
+ * @param string $php_ext PHP file extension
*/
- public function __construct($request, $phpbb_root_path, $php_ext)
+ public function __construct($request, \phpbb\passwords\driver\salted_md5 $salted_md5, $phpbb_root_path, $php_ext)
{
$this->request = $request;
+ $this->salted_md5 = $salted_md5;
$this->phpbb_root_path = $phpbb_root_path;
$this->php_ext = $php_ext;
}
@@ -69,7 +74,7 @@ class phpbb2_md5 extends base
*/
public function check($password, $hash, $user_row = array())
{
- if (strlen($hash) != 32)
+ if (strlen($hash) != 32 && strlen($hash) != 34)
{
return false;
}
@@ -99,7 +104,9 @@ class phpbb2_md5 extends base
include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->php_ext);
}
- if (md5($password_old_format) === $hash || md5(\utf8_to_cp1252($password_old_format)) === $hash)
+ if (md5($password_old_format) === $hash || md5(\utf8_to_cp1252($password_old_format)) === $hash
+ || $this->salted_md5->check(md5($password_old_format), $hash) === true
+ || $this->salted_md5->check(md5(\utf8_to_cp1252($password_old_format)), $hash) === true)
{
return true;
}