diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1bb2cda..4fdf3a6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,10 +7,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
## [Unreleased]
### Added
- Support for Nextcloud 15
-- SHA-256, SHA-512 hash algorithm
+- Redmine, SHA-256, SHA-512 hash algorithms
### Fixed
- Loading user list when display name is null
- Hide "password change form" when "Allow password change" not set
+### Changed
+- Append salt only when checked. Not by default
## [4.1.0] - 2018-10-28
### Added
diff --git a/README.md b/README.md
index fca9177..87061c4 100644
--- a/README.md
+++ b/README.md
@@ -73,7 +73,8 @@ Name | Description | Details
**Active** | Flag indicating if user can log in. | Optional.
Default: true.
**Provide avatar** | Flag indicating if user can change its avatar. | Optional.
Default: false.
**Salt** | Salt which is appended to password when checking or changing the password. | Optional.
-**Prepend salt** | Prepend a salt to the password instead of appending it. | Optional.
Default: false.
+**Append salt** | Append a salt to the password. | Optional.
Default: false.
+**Prepend salt** | Prepend a salt to the password. | Optional.
Default: false.
#### Group table
@@ -196,6 +197,7 @@ Drupal 7 | See [phpass](http://www.openwall.com/phpass/). | $S$DC7eCpJQ3SUQtW4Bp
Joomla MD5 Encryption | Generates 32 chars salt. | 14d21b49b0f13e2acba962b6b0039edd:haJK0yTvBXTNMh76xwEw5RYEVpJsN8us
MD5 | No salt supported. | 5f4dcc3b5aa765d61d8327deb882cf99
Portable PHP password | See [phpass](http://www.openwall.com/phpass/). | $P$BxrwraqNTi4as0EI.IpiA/K.muk9ke/
+Redmine | Requires salt. Salt value for hash in the next column is 'salt'. | 48b75edeffd8e413341d7734f0f3391e7a5da994
SHA-1 | No salt supported. | 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
SHA-256 | No salt supported. | 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8
SHA-512 | No salt supported. | b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86
diff --git a/lib/Backend/UserBackend.php b/lib/Backend/UserBackend.php
index 73da238..27927e4 100644
--- a/lib/Backend/UserBackend.php
+++ b/lib/Backend/UserBackend.php
@@ -307,7 +307,7 @@ final class UserBackend extends ABackend implements
$password = $this->addSalt($user, $password);
$isCorrect = $passwordAlgorithm->checkPassword(
- $password, $user->password
+ $password, $user->password, $user->salt
);
if ($user->active == false) {
@@ -366,9 +366,9 @@ final class UserBackend extends ABackend implements
private function addSalt(User $user, string $password): string
{
if ($user->salt !== null) {
- if (empty($this->properties[Opt::PREPEND_SALT])) {
+ if (!empty($this->properties[Opt::APPEND_SALT])) {
return $password . $user->salt;
- } else {
+ } elseif (!empty($this->properties[Opt::PREPEND_SALT])) {
return $user->salt . $password;
}
}
diff --git a/lib/Constant/Opt.php b/lib/Constant/Opt.php
index 75b0da6..5093210 100644
--- a/lib/Constant/Opt.php
+++ b/lib/Constant/Opt.php
@@ -28,6 +28,7 @@ namespace OCA\UserSQL\Constant;
*/
final class Opt
{
+ const APPEND_SALT = "opt.append_salt";
const CASE_INSENSITIVE_USERNAME = "opt.case_insensitive_username";
const CRYPTO_CLASS = "opt.crypto_class";
const EMAIL_SYNC = "opt.email_sync";
diff --git a/lib/Crypto/Redmine.php b/lib/Crypto/Redmine.php
new file mode 100644
index 0000000..81a80c9
--- /dev/null
+++ b/lib/Crypto/Redmine.php
@@ -0,0 +1,50 @@
+
+ * @author Marcin Łojewski
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+namespace OCA\UserSQL\Crypto;
+
+/**
+ * Redmine MD5 hash implementation.
+ *
+ * @author Marcin Łojewski
+ */
+class Redmine extends AbstractAlgorithm
+{
+ /**
+ * @inheritdoc
+ */
+ public function getPasswordHash($password, $salt = null)
+ {
+ if (is_null($salt)) {
+ return false;
+ }
+
+ return sha1($salt . sha1($password));
+ }
+
+ /**
+ * @inheritdoc
+ */
+ protected function getAlgorithmName()
+ {
+ return "Redmine";
+ }
+}
diff --git a/templates/admin.php b/templates/admin.php
index b722b8b..c00b06e 100644
--- a/templates/admin.php
+++ b/templates/admin.php
@@ -153,6 +153,7 @@ function print_select_options(
print_text_input($l, "db-table-user-column-active", "Active", $_["db.table.user.column.active"]);
print_text_input($l, "db-table-user-column-avatar", "Provide avatar", $_["db.table.user.column.avatar"]);
print_text_input($l, "db-table-user-column-salt", "Salt", $_["db.table.user.column.salt"]);
+ print_checkbox_input($l, "opt-append_salt", "Append salt", $_["opt.append_salt"]);
print_checkbox_input($l, "opt-prepend_salt", "Prepend salt", $_["opt.prepend_salt"]); ?>
diff --git a/tests/Crypto/PhpassTest.php b/tests/Crypto/PhpassTest.php
index 6ef9c42..16e4a0e 100644
--- a/tests/Crypto/PhpassTest.php
+++ b/tests/Crypto/PhpassTest.php
@@ -27,7 +27,7 @@ use OCP\IL10N;
use Test\TestCase;
/**
- * Unit tests for class PhpassTest.
+ * Unit tests for class Phpass.
*
* @author Marcin Łojewski
*/
diff --git a/tests/Crypto/RedmineTest.php b/tests/Crypto/RedmineTest.php
new file mode 100644
index 0000000..8dfeee2
--- /dev/null
+++ b/tests/Crypto/RedmineTest.php
@@ -0,0 +1,61 @@
+
+ * @author Marcin Łojewski
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+namespace Tests\UserSQL\Crypto;
+
+use OCA\UserSQL\Crypto\IPasswordAlgorithm;
+use OCA\UserSQL\Crypto\Redmine;
+use OCP\IL10N;
+use Test\TestCase;
+
+/**
+ * Unit tests for class Redmine.
+ *
+ * @author Marcin Łojewski
+ */
+class RedmineTest extends TestCase
+{
+ /**
+ * @var IPasswordAlgorithm
+ */
+ private $crypto;
+
+ public function testCheckPassword()
+ {
+ $this->assertTrue(
+ $this->crypto->checkPassword(
+ "password", "48b75edeffd8e413341d7734f0f3391e7a5da994", "salt"
+ )
+ );
+ }
+
+ public function testPasswordHash()
+ {
+ $hash = $this->crypto->getPasswordHash("password", "salt");
+ $this->assertTrue($this->crypto->checkPassword("password", $hash, "salt"));
+ }
+
+ protected function setUp()
+ {
+ parent::setUp();
+ $this->crypto = new Redmine($this->createMock(IL10N::class));
+ }
+}