Le samedi 1 mai 2010 20:57:22, Amos Jeffries a écrit : > Luis Daniel Lucio Quiroz wrote: > > Le vendredi 23 avril 2010 00:20:13, Amos Jeffries a écrit : > >> Luis Daniel Lucio Quiroz wrote: > >>> Le jeudi 22 avril 2010 20:09:57, Amos Jeffries a écrit : > >>>> Luis Daniel Lucio Quiroz wrote: > >>>>> Le jeudi 22 avril 2010 15:49:55, Luis Daniel Lucio Quiroz a écrit : > >>>>>> HI all > >>>>>> > >>>>>> As a requirement of one client, he wants to use joomla user database > >>>>>> to let squid authenticate. > >>>>>> > >>>>>> I did patch squid_db_auth that Henrik has written in order to > >>>>>> support joomla hash conditions. > >>>>>> > >>>>>> I did add one usefull option to script > >>>>>> > >>>>>> --joomla > >>>>>> > >>>>>> in order to activate joomla hashing. Other options are identical. > >>>>>> Please test :) > >>>>>> > >>>>>> Ammos, I'd like if you can include this in 3.1.2 > >>>> > >>>> Mumble. > >>>> > >>>> How do other users feel about it? Useful enough to cross the security > >>>> bugs and regressions only freeze? > >>>> > >>>>>> LD > >>>>> > >>>>> I have a typo in > >>>>> my salt > >>>>> > >>>>> should be > >>>>> my $salt > >>>>> > >>>>> sorry > >>>> > >>>> Can you make the option --md5 instead please? > >>>> > >>>> Possibilities are not limited to Joomla and they may change someday. > >>>> > >>>> The option needs to be added to the documentation sections of the > >>>> helper as well. > >>>> > >>>> Amos > >>> > >>> I dont get you about "cross the security", > >> > >> 3.1 is under feature freeze. Anything not a security fix or regression > >> needs to have some good reasons to be committed. > >> > >> I'm trying to stick to the freeze a little more with 3.1 than with 3.0, > >> to get back into the habit of it. Particularly since we look like having > >> a good foothold on the track for 12-month releases now. > >> > >>> what i did is that --joomla flag do diferent sql request and because > >>> joomla hass is like this: > >>> hash:salt > >>> i did split and compare. by default joomla uses md5 (i'm not a joomla > >>> master, i dont know when joomla uses other hashings) > >> > >> I intend to use this auth helper myself for other systems, and there are > >> others who ask about a DB helper occasionally. > >> > >> > >> Taking a better look at your changes ... > >> > >> The first one: db_conf = "block = 0" seems to be useless. All it does > >> is hard-code a different default value for the --cond option. > >> > >> For Joomla the squid.conf should instead contain: > >> --cond " block=0 " > >> > >> Which leaves the salted/non-salted hash change. > >> > >> Adding this: > >> --salt-delimiter D > >> > >> To configure character(s) between the hash and salt values. Will not to > >> lock people into the specific Joomla syntax of colon. There are > >> examples and tutorials out there for app design that use other > >> delimiters. > >> > >> Doing both of those changes Joomla would be configured with: > >> ... --cond " block=0 " --salt-delimiter ":" > >>> > >>> if you want, latter i may add also --md5 to store md5 password, and > >>> --digest- auth to support diggest authentication :) but later jejeje > >> > >> Amos > > > > HI > > i've just update my patch to fit 3.1.2 > > > > > > I hope this could be included since it is based on todays snapshot. > > > > Regards, > > > > LD > > Thank you. > > You still have the --joomla flag. I thought you agreed to call it > something like the --salt and take the delim character ? > > Amos Amos, the fact is that joomla breaks common format in salt
normaly in unix forma should be salt:crypted_password, what ever the seperator is, $ for example but in joomla is quite differente crypted:password:salt (always : as separator), joomla in its code can soppurt diferente crypt schemas but it laks on a gui to change it, i fyou want to change joomla schema you must hack code (i did already to change it, thats whay i know that). I will add --salt separator also, but i'd prefere to keep --joomla because this reason i have told This monday i will publish patch then :) (monday my time, i'm gmt-6) Regards, LD
