Ticket #228 (closed enhancement: fixed)

Opened 7 weeks ago

Last modified 7 weeks ago

incomplete crypt implementation

Reported by: shino Owned by: smoku
Priority: minor Component: c2s
Version: 2.2.0 Keywords:
Cc: shino@… Tracforge_linkmap:
Blocking: Blocked By:

Description

The current crypt() implementation works only for login - if a user changes his password or creates a new account the password will be stored in plaintext (also makes it impossible to use the account anymore).

I've created a patch for the set_password function so that it crypts the new password using a random salt (therefore fixes both issues).

Attachments

jabberd2-2.2.0-crypt.patch (1.0 kB) - added by shino 7 weeks ago.

Change History

Changed 7 weeks ago by shino

Changed 7 weeks ago by smoku

  • status changed from new to closed
  • resolution set to fixed

In [618]: Merged MySQL crypt()ed password full implementation. Closes #228

Note: See TracTickets for help on using tickets.