Modify

Opened 3 years ago

Closed 20 months ago

#8791 closed enhancement (fixed)

[patch] Obsolete patch needed for authentication against Jira

Reported by: hasienda Owned by: hasienda
Priority: normal Component: AccountManagerPlugin
Severity: major Keywords: auth jira hash htpasswd
Cc: thijs Trac Release: 0.11

Description

JiraToTracIntegration has an patch removing all other htpasswd hash type support and an own ticket #5464 regarding this issue, but it should be done here.

Attachments (1)

20110625_acct-mgr_sha512.patch (3.1 KB) - added by hasienda 3 years ago.
suggested changeset for adding sha512 hash algorithm (Python>=2.5)

Download all attachments as: .zip

Change History (8)

comment:1 Changed 3 years ago by hasienda

  • Keywords hash htpasswd added
  • Status changed from new to assigned
  • Summary changed from Obsolete patch needed for authentication against Jira to [patch] Obsolete patch needed for authentication against Jira

I've prepared an alternative patch, that will go into trunk after acct_mgr-0.3 has been released.

  • cleanly applies to r10371
  • Python2.5 strictly required for sha512 algo - implements error for older versions
  • new corresponding htpasswd_hash_type is 'sha512' - don't throw away alternative hash types deleted by old patch
  • adds common hash identifier '$6$' for sha512 (see http://wiki.call-cc.org/eggref/4/crypt for details)
  • includes unit test for new hash type too ()
  • untested with any

Changed 3 years ago by hasienda

suggested changeset for adding sha512 hash algorithm (Python>=2.5)

comment:2 Changed 3 years ago by hasienda

  • Priority changed from low to normal

Push priority because of existing solution. Test with real data (I don't have that Jira stuff) and report back here, please.

comment:3 Changed 3 years ago by hasienda

(In [10492]) AccountManagerPlugin: Add sha512 hash type support for HtPasswdStore files, refs #5464 and #8791.

Python2.5 or later is strictly required to use sha512 algo, error implemented
for older versions. New htpasswd_hash_type is sha512 with common hash
identifier $6$ (see http://wiki.call-cc.org/eggref/4/crypt for details).
Last but not least a unit test extension of test_create_hash for the new
hash type is provided too.

comment:4 Changed 3 years ago by hasienda

(In [10496]) AccountManagerPlugin: Denote recent changes in message strings, refs #4677 and #8791.

The generic option password_file is now explicitly depreciated.

comment:5 Changed 3 years ago by hasienda

(In [10523]) AccountManagerPlugin: Forget about pure sha512, refs #5464, #8791 and #8933.

sha512_crypt is the module, which we need for conformant hash calculation.
However, this is not a Python standard, so try to import from passlib
and fallback to crypt as last resort, if this is capable at all.

comment:6 Changed 3 years ago by hasienda

See details about the relevant SHA2 implementations i.e. in Ulrich Drepper's "Unix crypt using SHA-256 and SHA-512" 1

1 http://www.akkadia.org/drepper/SHA-crypt.txt

comment:7 Changed 20 months ago by hasienda

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [12398]) AccountManagerPlugin: Releasing version 0.4, pushing development to acct_mgr-0.5dev.

Availability of that code as stable release
closes #874, #3459, #4677, #5295, #5691, #6616, #7577, #8076, #8685, #8770, #8791, #8990, #9052, #9079, #9090, #9139, #9246, #9252, #9547, #9618, #9676, #9843, #9852, #9940, #10023, #10028, #10123, #10142, #10204, #10276, #10397, #10412, #10594, #10625 and #10644.

Some more issues have been worked-on, yet without confirmed resolution,
refs #5464 (for JiraToTracIntegration), #8927 and #10134.

And finally there are some issues and enhancement requests showing progress,
but known to require more work to resolve them satisfactorily,
refs #843, #1600, #5964, #8217, #8933.

Thanks to all contributors and followers, that enabled and encouraged a good
portion of this development work.

Add Comment

Modify Ticket

Action
as closed .
as The resolution will be set. Next status will be 'closed'.
to The owner will be changed from hasienda. Next status will be 'closed'.
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.