[Tickets #3739] NEW: customsql auth driver does not work with encryption schemes using salt
bugs@bugs.horde.org
bugs at bugs.horde.org
Wed Apr 5 10:31:37 PDT 2006
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/?id=3739
-----------------------------------------------------------------------
Ticket | 3739
Created By | dorm at dorm.org
Summary | customsql auth driver does not work with encryption schemes using salt
Queue | Horde Framework Packages
Version | HEAD
State | Unconfirmed
Priority | 1. Low
Type | Bug
Owners |
-----------------------------------------------------------------------
dorm at dorm.org (2006-04-05 10:31) wrote:
The customsql auth driver does not work with encryption schemes using a
salt. This is because the salt used for the current encrypted password is
required in order to validate the plaintext password entered by the user.
customsql.php calls Auth::getCryptedPassword with a salt value of '', and
then authentication fails.
It needs to query the encrypted password from the DB and use that value in
the Auth::getCryptedPassword call. This adds an extra SQL query, but it is
necessary to get the current salt.
More information about the bugs
mailing list