Modify

Opened 13 years ago

Closed 12 years ago

#8791 closed enhancement (fixed)

[patch] Obsolete patch needed for authentication against Jira

Reported by: Steffen Hoffmann Owned by: Steffen Hoffmann
Priority: normal Component: AccountManagerPlugin
Severity: major Keywords: auth jira hash htpasswd
Cc: Thijs Triemstra Trac Release: 0.11

Description

JiraToTracIntegration has an patch removing all other htpasswd hash type support and an own ticket #5464 regarding this issue, but it should be done here.

Attachments (1)

20110625_acct-mgr_sha512.patch (3.1 KB) - added by Steffen Hoffmann 13 years ago.
suggested changeset for adding sha512 hash algorithm (Python>=2.5)

Download all attachments as: .zip

Change History (8)

comment:1 Changed 13 years ago by Steffen Hoffmann

Keywords: hash htpasswd added
Status: newassigned
Summary: Obsolete patch needed for authentication against Jira[patch] Obsolete patch needed for authentication against Jira

I've prepared an alternative patch, that will go into trunk after acct_mgr-0.3 has been released.

  • cleanly applies to r10371
  • Python2.5 strictly required for sha512 algo - implements error for older versions
  • new corresponding htpasswd_hash_type is 'sha512' - don't throw away alternative hash types deleted by old patch
  • adds common hash identifier '$6$' for sha512 (see http://wiki.call-cc.org/eggref/4/crypt for details)
  • includes unit test for new hash type too ()
  • untested with any

Changed 13 years ago by Steffen Hoffmann

suggested changeset for adding sha512 hash algorithm (Python>=2.5)

comment:2 Changed 13 years ago by Steffen Hoffmann

Priority: lownormal

Push priority because of existing solution. Test with real data (I don't have that Jira stuff) and report back here, please.

comment:3 Changed 13 years ago by Steffen Hoffmann

(In [10492]) AccountManagerPlugin: Add sha512 hash type support for HtPasswdStore files, refs #5464 and #8791.

Python2.5 or later is strictly required to use sha512 algo, error implemented for older versions. New htpasswd_hash_type is sha512 with common hash identifier $6$ (see http://wiki.call-cc.org/eggref/4/crypt for details). Last but not least a unit test extension of test_create_hash for the new hash type is provided too.

comment:4 Changed 13 years ago by Steffen Hoffmann

(In [10496]) AccountManagerPlugin: Denote recent changes in message strings, refs #4677 and #8791.

The generic option password_file is now explicitly depreciated.

comment:5 Changed 13 years ago by Steffen Hoffmann

(In [10523]) AccountManagerPlugin: Forget about pure sha512, refs #5464, #8791 and #8933.

sha512_crypt is the module, which we need for conformant hash calculation. However, this is not a Python standard, so try to import from passlib and fallback to crypt as last resort, if this is capable at all.

comment:6 Changed 13 years ago by Steffen Hoffmann

See details about the relevant SHA2 implementations i.e. in Ulrich Drepper's "Unix crypt using SHA-256 and SHA-512" 1

1 http://www.akkadia.org/drepper/SHA-crypt.txt

comment:7 Changed 12 years ago by Steffen Hoffmann

Resolution: fixed
Status: assignedclosed

(In [12398]) AccountManagerPlugin: Releasing version 0.4, pushing development to acct_mgr-0.5dev.

Availability of that code as stable release closes #874, #3459, #4677, #5295, #5691, #6616, #7577, #8076, #8685, #8770, #8791, #8990, #9052, #9079, #9090, #9139, #9246, #9252, #9547, #9618, #9676, #9843, #9852, #9940, #10023, #10028, #10123, #10142, #10204, #10276, #10397, #10412, #10594, #10625 and #10644.

Some more issues have been worked-on, yet without confirmed resolution, refs #5464 (for JiraToTracIntegration), #8927 and #10134.

And finally there are some issues and enhancement requests showing progress, but known to require more work to resolve them satisfactorily, refs #843, #1600, #5964, #8217, #8933.

Thanks to all contributors and followers, that enabled and encouraged a good portion of this development work.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Steffen Hoffmann.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.