pw_salt := actor.create_salt('main');
PERFORM actor.set_passwd(
- pw_usr, 'main', MD5(usr_row.passwd || pw_salt), pw_salt);
+ pw_usr, 'main', MD5(pw_salt || usr_row.passwd), pw_salt);
-- clear the existing password
UPDATE actor.usr SET passwd = '' WHERE id = usr_row.id;
BEGIN
/* Returns TRUE if the password provided matches the in-db password.
* If the password type is salted, we compare the output of CRYPT().
- * NOTE: test_passwd is MD5(MD5(password) || salt) for legacy
+ * NOTE: test_passwd is MD5(salt || MD5(password)) for legacy
* 'main' passwords.
*/
(code, name, login, crypt_algo, iter_count)
VALUES ('main', 'Main Login Password', TRUE, 'bf', 14);
+--COMMIT;
+--BEGIN;
-- INLINE TESTS ---------------
-- TODO: move to new t/ file.
SELECT ok(
(SELECT actor.verify_passwd(187, 'main',
- MD5(MD5('montyc1234') || actor.get_salt(187, 'main')))),
+ MD5(actor.get_salt(187, 'main') || MD5('montyc1234')))),
'verify_passwd should verify migrated password'
);
SELECT ok(
(SELECT NOT (
SELECT actor.verify_passwd(187, 'main',
- MD5(MD5('BADPASSWORD') || actor.get_salt(187, 'main'))))
+ MD5(actor.get_salt(187, 'main') || MD5('BADPASSWORD'))))
),
'verify_passwd should fail with wrong password'
);
-- calls will create a new one.
SELECT INTO new_salt actor.create_salt('main');
PERFORM actor.set_passwd(
- 187, 'main', MD5(MD5('bobblehead') || new_salt), new_salt);
+ 187, 'main', MD5(new_salt || MD5('bobblehead')), new_salt);
END $$;
SELECT ok(
(SELECT actor.verify_passwd(187, 'main',
- MD5(MD5('bobblehead') || actor.get_salt(187, 'main')))),
+ MD5(actor.get_salt(187, 'main') || MD5('bobblehead')))),
'verify_passwd should verify new password'
);
projects / working / Evergreen.git / commitdiff