From b0b3b70580baaec973eb0711ac56944679e3b932 Mon Sep 17 00:00:00 2001 From: Rob van Son Date: Thu, 21 Jun 2012 15:02:18 +0200 Subject: [PATCH] Setting Salt in set_password --- CGIscriptor.pl | 4 ---- Private/.Passwords/admin | 2 +- Private/.Passwords/test | 2 +- Private/.Passwords/testchallenge | 2 +- Private/.Passwords/testip | 2 +- 5 files changed, 4 insertions(+), 8 deletions(-) diff --git a/CGIscriptor.pl b/CGIscriptor.pl index 4d06db6..8ae1ec1 100755 --- a/CGIscriptor.pl +++ b/CGIscriptor.pl @@ -3909,11 +3909,7 @@ sub TicketSignature # ($ticket, $serversalt [, $masterkey]) -> $Signature $SignText .= "Expires: @tmp\n"; @tmp = sort(@{$ticket->{'Capabilities'}}); $SignText .= "Capabilities: @tmp\n"; -print STDERR "${serversalt}.$masterkey\n"; -print STDERR $SignText; -print STDERR $hash1,"\n"; $Signature = hash_string(${hash1}.$SignText); -print STDERR $Signature,"\n\n"; }; }; return $Signature; diff --git a/Private/.Passwords/admin b/Private/.Passwords/admin index a45bad8..ad56acd 100644 --- a/Private/.Passwords/admin +++ b/Private/.Passwords/admin @@ -7,7 +7,7 @@ AllowedPaths: ^/Private/?$ Capabilities: CreateUser Salt: e93cf858a1d5626bf095ea5c25df990dfa969ff5a5dc908b22c9a5229b525f65 Session: CHALLENGE -Signature: 8736e7dfb2260c698c51b5e8a00260a44f62ba8611bac561920d35f6e27bee38 +Signature: 51cceb9c47c0fadc9466a105ade3ee8bcffa84a690268a6154bffe8f1e2341a1 Comment: 1 Replace 'INACTIVE PASSWORD' by 'PASSWORD' Comment: 2 Run CGIscriptor.pl --managelogin masterkey='' Private/.Password/admin Comment: 3 to get a new signature diff --git a/Private/.Passwords/test b/Private/.Passwords/test index b13f646..124a172 100644 --- a/Private/.Passwords/test +++ b/Private/.Passwords/test @@ -8,5 +8,5 @@ AllowedPaths: ^/Private/[^/]+\.html$ AllowedPaths: ^/Private/?$ Salt: e93cf858a1d5626bf095ea5c25df990dfa969ff5a5dc908b22c9a5229b525f65 Session: SESSION -Signature: 407a88734a934d697eeb0ea949bb195dbc9f09e1c14d5c545588f7f939172f61 +Signature: c8c6eb7a3b56f43f348411dfdf055cf6e161cb0e298f450ccec0e19f1128417e MaxLifetime: +12h diff --git a/Private/.Passwords/testchallenge b/Private/.Passwords/testchallenge index b85b1c6..b097807 100644 --- a/Private/.Passwords/testchallenge +++ b/Private/.Passwords/testchallenge @@ -7,5 +7,5 @@ AllowedPaths: ^/Private/[^/]+\.html$ AllowedPaths: ^/Private/?$ Salt: e93cf858a1d5626bf095ea5c25df990dfa969ff5a5dc908b22c9a5229b525f65 Session: CHALLENGE -Signature: b871b57138519bc37d8079ac589cd277dc4229cebdc0d14aafa04addcd827d75 +Signature: f39f00410256f7b37598258cd18999babd99ab2a59ba3f8f3251b6523c6459ff MaxLifetime: +45m diff --git a/Private/.Passwords/testip b/Private/.Passwords/testip index 6247aec..53fe1fd 100644 --- a/Private/.Passwords/testip +++ b/Private/.Passwords/testip @@ -8,5 +8,5 @@ AllowedPaths: ^/Private/?$ DeniedPaths: ^/Private/CreateUser.html.*$ Salt: e93cf858a1d5626bf095ea5c25df990dfa969ff5a5dc908b22c9a5229b525f65 Session: IPADDRESS -Signature: 427693f5983f04f254d619e01cca07d7a85c128f404b1b0c757d552fe280c2f6 +Signature: ae68a7f63847e5540a77888863e3169ca1b4710f4f0f6e83ac5a48bf737d3248 MaxLifetime: +6h -- 2.11.4.GIT