Commit 6342f986 authored by Sylvain Berfini's avatar Sylvain Berfini 🎩

Added upgrade password from MD5 to SHA256 method

parent c8e40310
Pipeline #9304 passed with stage
in 13 seconds
......@@ -71,7 +71,12 @@ define ("MAX_SMS_ALLOWED_EXCEEDED", "ERROR_MAX_SMS_EXCEEDED");
define ("SMS_API_FAILURE", "ERROR_CANT_SEND_SMS");
/* Geoloc error */
define ("GEOLOC_FAILED", "ERROR_GEOLOC_FAILED");
/* Other error */
define ('SHA256_PASSWORD_ALREADY_EXISTS', 'ERROR_SHA256_PASSWORD_ALREADY_EXISTS');
?>
......@@ -128,6 +128,59 @@ function xmlrpc_update_passwords($method, $args) {
return OK;
}
// args = [username, old md5 hash, sha256 hash, [domain]]
function xmlrpc_upgrade_password($method, $args) {
$username = $args[0];
$md5_hash = $args[1];
$sha256_hash = $args[2];
$domain = get_domain($args[3]);
Logger::getInstance()->message("[XMLRPC] xmlrpc_upgrade_password(" . $username . ", " . $domain . ")");
if (!check_parameter($username)) {
return MISSING_USERNAME_PARAM;
}
$database = new Database();
$db = $database->getConnection();
$account = new Account($db);
$account->username = $username;
$account->domain = $domain;
if (!$account->getOne()) {
return ACCOUNT_NOT_FOUND;
}
$sha256_password = new Password($db);
$sha256_password->account_id = $account->id;
$sha256_password->algorithm = SHA256;
// There is already a SHA-256 password for this account, abort upgrade
if ($sha256_password->getOne()) {
return SHA256_PASSWORD_ALREADY_EXISTS;
}
$md5_password = new Password($db);
$md5_password->account_id = $account->id;
$md5_password->password = $md5_hash;
$md5_password->algorithm = MD5;
// No MD5 or wrong hash, abort
if (!$md5_password->getOne()) {
return PASSWORD_DOESNT_MATCH;
}
// Upgrade MD5 to SHA-256
$md5_password->password = $sha256_hash;
$md5_password->algorithm = SHA256;
if ($md5_password->update()) {
Logger::getInstance()->message("Password upgraded successfully");
return OK;
}
return NOK;
}
// args = [username, hash, [domain]]
function xmlrpc_check_authentication($method, $args) {
$username = $args[0];
......@@ -208,6 +261,7 @@ function xmlrpc_passwords_register_methods($server) {
xmlrpc_server_register_method($server, 'update_hash', 'xmlrpc_update_password');// args = [username, old hash, new hash, [domain], [algo]], return OK
xmlrpc_server_register_method($server, 'update_password', 'xmlrpc_update_password');// args = [username, old hash, new hash, [domain], [algo]], return OK
xmlrpc_server_register_method($server, 'update_passwords', 'xmlrpc_update_passwords');// args = [username, old hash, md5_hash, sha256_hash, [domain]]
xmlrpc_server_register_method($server, 'upgrade_password', 'xmlrpc_upgrade_password');// args = [username, old md5 hash, sha256 hash, [domain]]
xmlrpc_server_register_method($server, 'check_authentication', 'xmlrpc_check_authentication');// args = [username, hash, [domain]]
xmlrpc_server_register_method($server, 'check_authentication_and_upgrade_password', 'xmlrpc_check_authentication_and_upgrade_password');// args = [username, md5_hash, sha256_hash, [domain]]
......
......@@ -69,8 +69,8 @@ function xmlrpc_get_email_account($method, $args) {
$user_info->getOne();
$result = array(
"id" => $account->id,
"username" => $account->username,
"id" => $account->id,
"username" => $account->username,
"domain" => $account->domain,
"email" => $account->email,
"alias" => $account->alias,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment