Commit afc9f4da authored by chris.lewis's avatar chris.lewis
Browse files

removed separate salt. Salt is contained inside the main hash

parent 19cb2f94
......@@ -52,13 +52,6 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
*/
private $hash_column;
/**
* The column holding the password salt.
*/
private $salt_column;
/**
* Constructor for this authentication source.
*
......@@ -93,7 +86,6 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
$this->query = $config['query'];
$this->pepper = $config['pepper'];
$this->hash_column = $config['hash_column'];
$this->salt_column = $config['salt_column'];
}
......@@ -184,9 +176,8 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
/* Validate stored password hash (must be in first row of resultset) */
$password_hash = $data[0][$this->hash_column];
$password_salt = $data[0][$this->salt_column];
if ($password_hash !== crypt($password.$this->pepper, $password_salt)) {
if ($password_hash !== crypt($password.$this->pepper, $password_hash)) {
/* Invalid password */
SimpleSAML_Logger::error('sqlauthBcrypt:' . $this->authId .
': Hash does not match. Wrong password or sqlauthBcrypt is misconfigured.');
......@@ -205,8 +196,8 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
continue;
}
if ($name === $this->hash_column || $name === $this->salt_column) {
/* Don't add password hash and salt to attributes */
if ($name === $this->hash_column) {
/* Don't add password hash to attributes */
continue;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment