v0.9.6 -- single class -- checking if this helps us with a couple of issues
This commit is contained in:
parent
bea57091b2
commit
ccc85e3856
27
plugin.rb
27
plugin.rb
@ -4,7 +4,7 @@
|
||||
|
||||
# name: discourse-md5_authentication
|
||||
# about: A plugin to authenticate users with MD5 passwords from legacy systems
|
||||
# version: 0.9.5
|
||||
# version: 0.9.6
|
||||
# authors: saint
|
||||
# url: https://gitea.federated.computer/saint/discourse-md5_authentication.git
|
||||
|
||||
@ -38,15 +38,20 @@ after_initialize do
|
||||
|
||||
# Check for MD5 password in custom field
|
||||
if custom_password_md5.present?
|
||||
Rails.logger.debug "MD6 password is present. custom_password_md5: #{custom_password_md5}, password: #{password}"
|
||||
Rails.logger.debug "MD5 password is present. custom_password_md5: #{custom_password_md5}, password: #{password}"
|
||||
|
||||
# Extract the salt from the legacy hash
|
||||
parts = custom_password_md5.split('$')
|
||||
Rails.logger.debug "MD7"
|
||||
salt = parts[2][0, 8]
|
||||
Rails.logger.debug "MD8"
|
||||
Rails.logger.debug "Split parts: #{parts.inspect}"
|
||||
|
||||
if parts.length >= 3
|
||||
salt = parts[2][0, 8]
|
||||
else
|
||||
Rails.logger.debug "Invalid MD5 format for custom_password_md5: #{custom_password_md5}"
|
||||
return invalid_credentials
|
||||
end
|
||||
|
||||
magic = "$GT$"
|
||||
Rails.logger.debug "MD9"
|
||||
Rails.logger.debug "MD5 magic: #{magic}, salt: #{salt}"
|
||||
|
||||
# Create initial MD5 context
|
||||
@ -60,7 +65,7 @@ after_initialize do
|
||||
final.update(password)
|
||||
final.update(salt)
|
||||
final.update(password)
|
||||
final_digest = final.digest
|
||||
final_digest = final.digest.dup # Ensure final_digest is not frozen
|
||||
|
||||
# Perform password length operations
|
||||
password_length = password.length
|
||||
@ -79,7 +84,7 @@ after_initialize do
|
||||
password_length >>= 1
|
||||
end
|
||||
|
||||
final_digest = ctx.digest
|
||||
final_digest = ctx.digest.dup # Ensure final_digest is not frozen
|
||||
Rails.logger.debug "MD5 final_digest after initial operations: #{final_digest}"
|
||||
|
||||
# Perform 1000 iterations of MD5 hashing
|
||||
@ -88,16 +93,16 @@ after_initialize do
|
||||
if i & 1 != 0
|
||||
ctx1.update(password)
|
||||
else
|
||||
ctx1.update(final_digest)
|
||||
ctx1.update(final_digest.dup) # Ensure final_digest is not frozen
|
||||
end
|
||||
ctx1.update(salt) if i % 3 != 0
|
||||
ctx1.update(password) if i % 7 != 0
|
||||
if i & 1 != 0
|
||||
ctx1.update(final_digest)
|
||||
ctx1.update(final_digest.dup) # Ensure final_digest is not frozen
|
||||
else
|
||||
ctx1.update(password)
|
||||
end
|
||||
final_digest = ctx1.digest
|
||||
final_digest = ctx1.digest.dup # Ensure final_digest is not frozen
|
||||
end
|
||||
|
||||
# Convert final digest to the hashed password format
|
||||
|
Loading…
Reference in New Issue
Block a user