86 return row.user_password; |
86 return row.user_password; |
87 end |
87 end |
88 end |
88 end |
89 end |
89 end |
90 |
90 |
|
91 |
91 local itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; |
92 local itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; |
92 |
|
93 local function hashEncode64(input, count) |
93 local function hashEncode64(input, count) |
94 local output = ""; |
94 local output = ""; |
95 local i, value = 0, 0; |
95 local i, value = 0, 0; |
96 |
96 |
97 while true do |
97 while true do |
160 output = output .. itoa64:sub(idx, idx); |
160 output = output .. itoa64:sub(idx, idx); |
161 output = output .. hashEncode64(input, 6); |
161 output = output .. hashEncode64(input, 6); |
162 return output; |
162 return output; |
163 end |
163 end |
164 local function phpbbCheckHash(password, hash) |
164 local function phpbbCheckHash(password, hash) |
|
165 if #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash |
165 return #hash == 34 and hashCryptPrivate(password, hash) == hash; |
166 return #hash == 34 and hashCryptPrivate(password, hash) == hash; |
166 end |
167 end |
167 local function phpbbHash(password) |
168 local function phpbbCreateHash(password) |
168 local random = uuid_gen():sub(-6); |
169 local random = uuid_gen():sub(-6); |
169 local salt = hashGensaltPrivate(random); |
170 local salt = hashGensaltPrivate(random); |
170 local hash = hashCryptPrivate(password, salt); |
171 local hash = hashCryptPrivate(password, salt); |
171 if #hash == 34 then return hash; end |
172 if #hash == 34 then return hash; end |
172 return md5(password, true); |
173 return md5(password, true); |
174 |
175 |
175 |
176 |
176 provider = { name = "phpbb3" }; |
177 provider = { name = "phpbb3" }; |
177 |
178 |
178 function provider.test_password(username, password) |
179 function provider.test_password(username, password) |
179 --module:log("debug", "test_password '%s' for user %s", tostring(password), tostring(username)); |
|
180 local hash = get_password(username); |
180 local hash = get_password(username); |
181 if hash and #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash |
|
182 return hash and phpbbCheckHash(password, hash); |
181 return hash and phpbbCheckHash(password, hash); |
183 end |
182 end |
184 function provider.user_exists(username) |
183 function provider.user_exists(username) |
185 module:log("debug", "test user %s existence", username); |
184 module:log("debug", "test user %s existence", username); |
186 return get_password(username) and true; |
185 return get_password(username) and true; |
188 |
187 |
189 function provider.get_password(username) |
188 function provider.get_password(username) |
190 return nil, "Getting password is not supported."; |
189 return nil, "Getting password is not supported."; |
191 end |
190 end |
192 function provider.set_password(username, password) |
191 function provider.set_password(username, password) |
193 local hash = phpbbHash(password); |
192 local hash = phpbbCreateHash(password); |
194 local stmt, err = setsql("UPDATE `phpbb_users` SET `user_password`=? WHERE `username`=?", hash, username); |
193 local stmt, err = setsql("UPDATE `phpbb_users` SET `user_password`=? WHERE `username`=?", hash, username); |
195 return stmt and true, err; |
194 return stmt and true, err; |
196 end |
195 end |
197 function provider.create_user(username, password) |
196 function provider.create_user(username, password) |
198 return nil, "Account creation/modification not supported."; |
197 return nil, "Account creation/modification not supported."; |