Modify

Opened 3 years ago

Closed 22 months ago

#8791 closed enhancement (fixed)

[patch] Obsolete patch needed for authentication against Jira

Reported by: hasienda Owned by: hasienda
Priority: normal Component: AccountManagerPlugin
Severity: major Keywords: auth jira hash htpasswd
Cc: thijs Trac Release: 0.11

Description

JiraToTracIntegration has an patch removing all other htpasswd hash type support and an own ticket #5464 regarding this issue, but it should be done here.

Attachments (1)

20110625_acct-mgr_sha512.patch (3.1 KB) - added by hasienda 3 years ago.
suggested changeset for adding sha512 hash algorithm (Python>=2.5)

Download all attachments as: .zip

Change History (8)

comment:1 Changed 3 years ago by hasienda

  • Keywords hash htpasswd added
  • Status changed from new to assigned
  • Summary changed from Obsolete patch needed for authentication against Jira to [patch] Obsolete patch needed for authentication against Jira

I've prepared an alternative patch, that will go into trunk after acct_mgr-0.3 has been released.

  • cleanly applies to r10371
  • Python2.5 strictly required for sha512 algo - implements error for older versions
  • new corresponding htpasswd_hash_type is 'sha512' - don't throw away alternative hash types deleted by old patch
  • adds common hash identifier '$6$' for sha512 (see http://wiki.call-cc.org/eggref/4/crypt for details)
  • includes unit test for new hash type too ()
  • untested with any

Changed 3 years ago by hasienda

suggested changeset for adding sha512 hash algorithm (Python>=2.5)

comment:2 Changed 3 years ago by hasienda

  • Priority changed from low to normal

Push priority because of existing solution. Test with real data (I don't have that Jira stuff) and report back here, please.

comment:3 Changed 3 years ago by hasienda

(In [10492]) AccountManagerPlugin: Add sha512 hash type support for HtPasswdStore files, refs #5464 and #8791.

Python2.5 or later is strictly required to use sha512 algo, error implemented
for older versions. New htpasswd_hash_type is sha512 with common hash
identifier $6$ (see http://wiki.call-cc.org/eggref/4/crypt for details).
Last but not least a unit test extension of test_create_hash for the new
hash type is provided too.

comment:4 Changed 3 years ago by hasienda

(In [10496]) AccountManagerPlugin: Denote recent changes in message strings, refs #4677 and #8791.

The generic option password_file is now explicitly depreciated.

comment:5 Changed 3 years ago by hasienda

(In [10523]) AccountManagerPlugin: Forget about pure sha512, refs #5464, #8791 and #8933.

sha512_crypt is the module, which we need for conformant hash calculation.
However, this is not a Python standard, so try to import from passlib
and fallback to crypt as last resort, if this is capable at all.

comment:6 Changed 3 years ago by hasienda

See details about the relevant SHA2 implementations i.e. in Ulrich Drepper's "Unix crypt using SHA-256 and SHA-512" 1

1 http://www.akkadia.org/drepper/SHA-crypt.txt

comment:7 Changed 22 months ago by hasienda

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [12398]) AccountManagerPlugin: Releasing version 0.4, pushing development to acct_mgr-0.5dev.

Availability of that code as stable release
closes #874, #3459, #4677, #5295, #5691, #6616, #7577, #8076, #8685, #8770, #8791, #8990, #9052, #9079, #9090, #9139, #9246, #9252, #9547, #9618, #9676, #9843, #9852, #9940, #10023, #10028, #10123, #10142, #10204, #10276, #10397, #10412, #10594, #10625 and #10644.

Some more issues have been worked-on, yet without confirmed resolution,
refs #5464 (for JiraToTracIntegration), #8927 and #10134.

And finally there are some issues and enhancement requests showing progress,
but known to require more work to resolve them satisfactorily,
refs #843, #1600, #5964, #8217, #8933.

Thanks to all contributors and followers, that enabled and encouraged a good
portion of this development work.

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.