From e90053fe8400893190f6b91bb4b78abe481f2e7f Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Sun, 22 Jan 2012 11:48:08 +0400 Subject: [PATCH] improve password storage (use sha256 and long random salt) bump schema --- include/functions.php | 82 ++++++++++++++++++++++------------- include/sanity_check.php | 2 +- schema/ttrss_schema_mysql.sql | 3 +- schema/ttrss_schema_pgsql.sql | 3 +- schema/versions/mysql/88.sql | 10 +++++ schema/versions/pgsql/88.sql | 10 +++++ 6 files changed, 76 insertions(+), 34 deletions(-) create mode 100644 schema/versions/mysql/88.sql create mode 100644 schema/versions/pgsql/88.sql diff --git a/include/functions.php b/include/functions.php index f0b90b6f6..357fff787 100644 --- a/include/functions.php +++ b/include/functions.php @@ -701,20 +701,59 @@ // First login ? if (db_num_rows($result) == 0) { - $pwd_hash = encrypt_password(make_password(), $login); + $salt = substr(bin2hex(openssl_random_pseudo_bytes(125)), 0, 250); + $pwd_hash = encrypt_password($password, $salt, true); $query2 = "INSERT INTO ttrss_users - (login,access_level,last_login,created,pwd_hash) - VALUES ('$login', 0, null, NOW(), '$pwd_hash')"; + (login,access_level,last_login,created,pwd_hash,salt) + VALUES ('$login', 0, null, NOW(), '$pwd_hash','$salt')"; db_query($link, $query2); } } } else { - $query = "SELECT id,login,access_level,pwd_hash - FROM ttrss_users WHERE - login = '$login' AND (pwd_hash = '$pwd_hash1' OR + $result = db_query($link, "SELECT salt FROM ttrss_users WHERE + login = '$login'"); + + $salt = db_fetch_result($result, 0, "salt"); + + if ($salt == "") { + + $query = "SELECT id,login,access_level,pwd_hash + FROM ttrss_users WHERE + login = '$login' AND (pwd_hash = '$pwd_hash1' OR pwd_hash = '$pwd_hash2')"; + + // verify and upgrade password to new salt base + + $result = db_query($link, $query); + + if (db_num_rows($result) == 1) { + // upgrade password to MODE2 + + $salt = substr(bin2hex(openssl_random_pseudo_bytes(125)), 0, 250); + $pwd_hash = encrypt_password($password, $salt, true); + + db_query($link, "UPDATE ttrss_users SET + pwd_hash = '$pwd_hash', salt = '$salt' WHERE login = '$login'"); + + $query = "SELECT id,login,access_level,pwd_hash + FROM ttrss_users WHERE + login = '$login' AND pwd_hash = '$pwd_hash'"; + + } else { + return false; + } + + } else { + + $pwd_hash = encrypt_password($password, $salt, true); + + $query = "SELECT id,login,access_level,pwd_hash + FROM ttrss_users WHERE + login = '$login' AND pwd_hash = '$pwd_hash'"; + + } } $result = db_query($link, $query); @@ -774,20 +813,7 @@ function make_password($length = 8) { - $password = ""; - $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ"; - - $i = 0; - - while ($i < $length) { - $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); - - if (!strstr($password, $char)) { - $password .= $char; - $i++; - } - } - return $password; + return substr(bin2hex(openssl_random_pseudo_bytes($length / 2)), 0, $length); } // this is called after user is created to initialize default feeds, labels @@ -3448,22 +3474,16 @@ return $url_path; } // function add_feed_url - /** - * Encrypt a password in SHA1. - * - * @param string $pass The password to encrypt. - * @param string $login A optionnal login. - * @return string The encrypted password. - */ - function encrypt_password($pass, $login = '') { - if ($login) { - return "SHA1X:" . sha1("$login:$pass"); + function encrypt_password($pass, $salt = '', $mode2 = false) { + if ($salt && $mode2) { + return "MODE2:" . hash('sha256', $salt . $pass); + } else if ($salt) { + return "SHA1X:" . sha1("$salt:$pass"); } else { return "SHA1:" . sha1($pass); } } // function encrypt_password - function sanitize_article_content($text) { # we don't support CDATA sections in articles, they break our own escaping $text = preg_replace("/\[\[CDATA/", "", $text); diff --git a/include/sanity_check.php b/include/sanity_check.php index 4fe28c307..1cd2873df 100644 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -6,7 +6,7 @@ } else { define('EXPECTED_CONFIG_VERSION', 25); - define('SCHEMA_VERSION', 87); + define('SCHEMA_VERSION', 88); require_once "config.php"; require_once "sanity_config.php"; diff --git a/schema/ttrss_schema_mysql.sql b/schema/ttrss_schema_mysql.sql index 04fa7f0de..e2815bf8b 100644 --- a/schema/ttrss_schema_mysql.sql +++ b/schema/ttrss_schema_mysql.sql @@ -44,6 +44,7 @@ create table ttrss_users (id integer primary key not null auto_increment, full_name varchar(250) not null default '', email_digest bool not null default false, last_digest_sent datetime default null, + salt varchar(250) not null default '', created datetime default null, twitter_oauth longtext default null, index (theme_id)) ENGINE=InnoDB DEFAULT CHARSET=UTF8; @@ -259,7 +260,7 @@ create table ttrss_tags (id integer primary key auto_increment, create table ttrss_version (schema_version int not null) ENGINE=InnoDB DEFAULT CHARSET=UTF8; -insert into ttrss_version values (87); +insert into ttrss_version values (88); create table ttrss_enclosures (id integer primary key auto_increment, content_url text not null, diff --git a/schema/ttrss_schema_pgsql.sql b/schema/ttrss_schema_pgsql.sql index 917b48400..ba239fc69 100644 --- a/schema/ttrss_schema_pgsql.sql +++ b/schema/ttrss_schema_pgsql.sql @@ -41,6 +41,7 @@ create table ttrss_users (id serial not null primary key, full_name varchar(250) not null default '', email_digest boolean not null default false, last_digest_sent timestamp default null, + salt varchar(250) not null default '', twitter_oauth text default null, created timestamp default null); @@ -228,7 +229,7 @@ create index ttrss_tags_post_int_id_idx on ttrss_tags(post_int_id); create table ttrss_version (schema_version int not null); -insert into ttrss_version values (87); +insert into ttrss_version values (88); create table ttrss_enclosures (id serial not null primary key, content_url text not null, diff --git a/schema/versions/mysql/88.sql b/schema/versions/mysql/88.sql new file mode 100644 index 000000000..0abb2ab33 --- /dev/null +++ b/schema/versions/mysql/88.sql @@ -0,0 +1,10 @@ +begin; + +alter table ttrss_users add column salt varchar(250); +update ttrss_users set salt = ''; +alter table ttrss_users change salt salt varchar(250) not null; +alter table ttrss_users alter column salt set default ''; + +update ttrss_version set schema_version = 88; + +commit; diff --git a/schema/versions/pgsql/88.sql b/schema/versions/pgsql/88.sql new file mode 100644 index 000000000..df6ec8fb7 --- /dev/null +++ b/schema/versions/pgsql/88.sql @@ -0,0 +1,10 @@ +begin; + +alter table ttrss_users add column salt varchar(250); +update ttrss_users set salt = ''; +alter table ttrss_users alter column salt set not null; +alter table ttrss_users alter column salt set default ''; + +update ttrss_version set schema_version = 88; + +commit;