From 9c10816ad99262c4d72344d0a1e822015ca408b2 Mon Sep 17 00:00:00 2001
From: Rob van Son
Date: Mon, 11 Jun 2012 11:41:15 +0200
Subject: [PATCH] Started new account option
---
CGIscriptor.pl | 19 +++++++++++++++++++
Private/ChangePassword.html | 3 +++
2 files changed, 22 insertions(+)
diff --git a/CGIscriptor.pl b/CGIscriptor.pl
index 1324798..93d5011 100755
--- a/CGIscriptor.pl
+++ b/CGIscriptor.pl
@@ -3108,6 +3108,25 @@ sub copy_challenge_file #($oldchallengefile, $authorizationfile, $sessionpath) -
return $NEWCHALLENGETICKET;
};
+# Create a new account ticket. Do not write to file yet, as that might not be
+# the secure option!
+sub create_account_ticket #($username, $password, $salt)
+{
+ my $username = shift || return 0;
+ my $password = shift || return 0;
+ my $salt = shift || return 0;
+
+ my $ticket = {
+ "Type" => ['PASSWORD'],
+ "Username" => [$username],
+ "Password" => [$password],
+ "Salt" => [$salt],
+ "Expires" => [-1],
+ "Session" => ['SESSION']
+ };
+ return $ticket;
+};
+
sub create_login_file #($PasswordDir, $SessionDir, $IPaddress)
{
my $PasswordDir = shift || "";
diff --git a/Private/ChangePassword.html b/Private/ChangePassword.html
index 2d743d4..b9a80bc 100644
--- a/Private/ChangePassword.html
+++ b/Private/ChangePassword.html
@@ -72,6 +72,9 @@ Say, Sherlock, Curry, or Oleander (or Sherlock ha
That would be more effective than adding a thousand rounds of encryption.
+
+
+
The Salt and Ticket values are all created using SHA256 on 64 Byte of output from /dev/urandom in HEX.
--
2.11.4.GIT