From 9b9f35f8e57464ead49be0a8e2aa64b0d8a6573c Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 21 Aug 2012 17:48:09 -0700 Subject: NaCl passwords - (db update) --- database.sql | 18 +++++++++++------- include/account.php | 31 ++++++++++++++++++++++++++++--- version.inc | 2 +- 3 files changed, 40 insertions(+), 11 deletions(-) diff --git a/database.sql b/database.sql index 00b3dc122..345d8cfbf 100644 --- a/database.sql +++ b/database.sql @@ -9,6 +9,7 @@ SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; CREATE TABLE IF NOT EXISTS `account` ( `account_id` int(11) NOT NULL AUTO_INCREMENT, `account_parent` int(10) unsigned NOT NULL, + `account_salt` char(32) NOT NULL, `account_password` char(255) NOT NULL, `account_email` char(255) NOT NULL, `account_language` char(16) NOT NULL DEFAULT 'en', @@ -21,7 +22,6 @@ CREATE TABLE IF NOT EXISTS `account` ( `account_expire_notified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `account_service_class` char(32) NOT NULL, PRIMARY KEY (`account_id`), - KEY `account_password` (`account_password`), KEY `account_email` (`account_email`), KEY `account_service_class` (`account_service_class`), KEY `account_parent` (`account_parent`), @@ -29,7 +29,7 @@ CREATE TABLE IF NOT EXISTS `account` ( KEY `account_roles` (`account_roles`), KEY `account_lastlog` (`account_lastlog`), KEY `account_expires` (`account_expires`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8; +) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE IF NOT EXISTS `addon` ( `id` int(11) NOT NULL AUTO_INCREMENT, @@ -111,6 +111,8 @@ CREATE TABLE IF NOT EXISTS `contact` ( `id` int(11) NOT NULL AUTO_INCREMENT, `uid` int(11) NOT NULL COMMENT 'owner uid', `created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', + `my_perms` int(10) unsigned NOT NULL DEFAULT '0', + `their_perms` int(10) unsigned NOT NULL DEFAULT '0', `self` tinyint(1) NOT NULL DEFAULT '0' COMMENT 'boolean 1 == info for local UID, primarily name and photo to use in item displays.', `remote_self` tinyint(1) NOT NULL DEFAULT '0', `rel` tinyint(1) NOT NULL DEFAULT '0', @@ -183,7 +185,9 @@ CREATE TABLE IF NOT EXISTS `contact` ( KEY `hidden` (`hidden`), KEY `archive` (`archive`), KEY `forum` (`forum`), - KEY `notify` (`notify`) + KEY `notify` (`notify`), + KEY `my_perms` (`my_perms`), + KEY `their_perms` (`their_perms`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE IF NOT EXISTS `conv` ( @@ -395,7 +399,7 @@ CREATE TABLE IF NOT EXISTS `group_member` ( KEY `uid` (`uid`), KEY `gid` (`gid`), KEY `contact-id` (`contact-id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8; +) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE IF NOT EXISTS `guid` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, @@ -510,7 +514,6 @@ CREATE TABLE IF NOT EXISTS `item` ( KEY `contact-id` (`contact-id`), KEY `type` (`type`), KEY `parent` (`parent`), - KEY `parent_uri` (`parent_uri`), KEY `created` (`created`), KEY `edited` (`edited`), KEY `visible` (`visible`), @@ -529,6 +532,7 @@ CREATE TABLE IF NOT EXISTS `item` ( KEY `uid_commented` (`uid`,`commented`), KEY `uid_created` (`uid`,`created`), KEY `uid_unseen` (`uid`,`unseen`), + KEY `parent_uri` (`parent_uri`), FULLTEXT KEY `title` (`title`), FULLTEXT KEY `body` (`body`), FULLTEXT KEY `allow_cid` (`allow_cid`), @@ -579,11 +583,11 @@ CREATE TABLE IF NOT EXISTS `mail` ( KEY `guid` (`guid`), KEY `seen` (`seen`), KEY `uri` (`uri`), - KEY `parent_uri` (`parent_uri`), KEY `created` (`created`), KEY `convid` (`convid`), KEY `unknown` (`unknown`), - KEY `contact-id` (`contact-id`) + KEY `contact-id` (`contact-id`), + KEY `parent_uri` (`parent_uri`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE IF NOT EXISTS `mailacct` ( diff --git a/include/account.php b/include/account.php index 283a7a8dc..b2835b48b 100644 --- a/include/account.php +++ b/include/account.php @@ -117,14 +117,16 @@ function create_account($arr) { return $result; } - $password_encoded = hash('whirlpool',$password); + $salt = random_string(32); + $password_encoded = hash('whirlpool', $salt . $password); $r = q("INSERT INTO account - ( account_parent, account_password, account_email, account_language, + ( account_parent, account_salt, account_password, account_email, account_language, account_created, account_flags, account_roles, account_expires, account_service_class ) - VALUES ( %d, '%s', '%s', '%s', '%s', %d, %d, '%s', '%s' )", + VALUES ( %d, '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s' )", intval($parent), + dbesc($salt), dbesc($password_encoded), dbesc($email), dbesc(get_best_language()), @@ -159,3 +161,26 @@ function create_account($arr) { return $result; } + +/** + * Verify login credentials + * + * Returns account record on success, null on failure + * + */ + +function account_verify_password($email,$pass) { + $r = q("select * from account where email = '%s'", + dbesc($email) + ); + if(! ($r && count($r))) + return null; + foreach($r as $record) { + if(hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password']) { + return $record; + } + } + return null; +} + + diff --git a/version.inc b/version.inc index f7be7ef5c..38008a10f 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2012-08-19.51 +2012-08-21.53 -- cgit v1.2.3