v0.9.6 -- single class -- checking if this helps us with a couple of issues
This commit is contained in:
parent
bea57091b2
commit
ccc85e3856
25
plugin.rb
25
plugin.rb
@ -4,7 +4,7 @@
|
|||||||
|
|
||||||
# name: discourse-md5_authentication
|
# name: discourse-md5_authentication
|
||||||
# about: A plugin to authenticate users with MD5 passwords from legacy systems
|
# about: A plugin to authenticate users with MD5 passwords from legacy systems
|
||||||
# version: 0.9.5
|
# version: 0.9.6
|
||||||
# authors: saint
|
# authors: saint
|
||||||
# url: https://gitea.federated.computer/saint/discourse-md5_authentication.git
|
# url: https://gitea.federated.computer/saint/discourse-md5_authentication.git
|
||||||
|
|
||||||
@ -38,15 +38,20 @@ after_initialize do
|
|||||||
|
|
||||||
# Check for MD5 password in custom field
|
# Check for MD5 password in custom field
|
||||||
if custom_password_md5.present?
|
if custom_password_md5.present?
|
||||||
Rails.logger.debug "MD6 password is present. custom_password_md5: #{custom_password_md5}, password: #{password}"
|
Rails.logger.debug "MD5 password is present. custom_password_md5: #{custom_password_md5}, password: #{password}"
|
||||||
|
|
||||||
# Extract the salt from the legacy hash
|
# Extract the salt from the legacy hash
|
||||||
parts = custom_password_md5.split('$')
|
parts = custom_password_md5.split('$')
|
||||||
Rails.logger.debug "MD7"
|
Rails.logger.debug "Split parts: #{parts.inspect}"
|
||||||
|
|
||||||
|
if parts.length >= 3
|
||||||
salt = parts[2][0, 8]
|
salt = parts[2][0, 8]
|
||||||
Rails.logger.debug "MD8"
|
else
|
||||||
|
Rails.logger.debug "Invalid MD5 format for custom_password_md5: #{custom_password_md5}"
|
||||||
|
return invalid_credentials
|
||||||
|
end
|
||||||
|
|
||||||
magic = "$GT$"
|
magic = "$GT$"
|
||||||
Rails.logger.debug "MD9"
|
|
||||||
Rails.logger.debug "MD5 magic: #{magic}, salt: #{salt}"
|
Rails.logger.debug "MD5 magic: #{magic}, salt: #{salt}"
|
||||||
|
|
||||||
# Create initial MD5 context
|
# Create initial MD5 context
|
||||||
@ -60,7 +65,7 @@ after_initialize do
|
|||||||
final.update(password)
|
final.update(password)
|
||||||
final.update(salt)
|
final.update(salt)
|
||||||
final.update(password)
|
final.update(password)
|
||||||
final_digest = final.digest
|
final_digest = final.digest.dup # Ensure final_digest is not frozen
|
||||||
|
|
||||||
# Perform password length operations
|
# Perform password length operations
|
||||||
password_length = password.length
|
password_length = password.length
|
||||||
@ -79,7 +84,7 @@ after_initialize do
|
|||||||
password_length >>= 1
|
password_length >>= 1
|
||||||
end
|
end
|
||||||
|
|
||||||
final_digest = ctx.digest
|
final_digest = ctx.digest.dup # Ensure final_digest is not frozen
|
||||||
Rails.logger.debug "MD5 final_digest after initial operations: #{final_digest}"
|
Rails.logger.debug "MD5 final_digest after initial operations: #{final_digest}"
|
||||||
|
|
||||||
# Perform 1000 iterations of MD5 hashing
|
# Perform 1000 iterations of MD5 hashing
|
||||||
@ -88,16 +93,16 @@ after_initialize do
|
|||||||
if i & 1 != 0
|
if i & 1 != 0
|
||||||
ctx1.update(password)
|
ctx1.update(password)
|
||||||
else
|
else
|
||||||
ctx1.update(final_digest)
|
ctx1.update(final_digest.dup) # Ensure final_digest is not frozen
|
||||||
end
|
end
|
||||||
ctx1.update(salt) if i % 3 != 0
|
ctx1.update(salt) if i % 3 != 0
|
||||||
ctx1.update(password) if i % 7 != 0
|
ctx1.update(password) if i % 7 != 0
|
||||||
if i & 1 != 0
|
if i & 1 != 0
|
||||||
ctx1.update(final_digest)
|
ctx1.update(final_digest.dup) # Ensure final_digest is not frozen
|
||||||
else
|
else
|
||||||
ctx1.update(password)
|
ctx1.update(password)
|
||||||
end
|
end
|
||||||
final_digest = ctx1.digest
|
final_digest = ctx1.digest.dup # Ensure final_digest is not frozen
|
||||||
end
|
end
|
||||||
|
|
||||||
# Convert final digest to the hashed password format
|
# Convert final digest to the hashed password format
|
||||||
|
Loading…
Reference in New Issue
Block a user