Revision 38a4efa7
Von Moritz Bunkus vor mehr als 13 Jahren hinzugefügt
SL/Auth.pm | ||
---|---|---|
137 | 137 |
sub authenticate_root { |
138 | 138 |
$main::lxdebug->enter_sub(); |
139 | 139 |
|
140 |
my $self = shift; |
|
141 |
my $password = shift; |
|
142 |
my $is_crypted = shift; |
|
140 |
my ($self, $password) = @_; |
|
143 | 141 |
|
144 |
$password = crypt $password, 'ro' if (!$password || !$is_crypted);
|
|
145 |
my $admin_password = crypt "$self->{admin_password}", 'ro';
|
|
142 |
$password = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $password);
|
|
143 |
my $admin_password = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $self->{admin_password});
|
|
146 | 144 |
|
147 | 145 |
$main::lxdebug->leave_sub(); |
148 | 146 |
|
... | ... | |
173 | 171 |
$self->set_session_value(login => $params{login}, password => $params{password}); |
174 | 172 |
} |
175 | 173 |
|
174 |
sub store_root_credentials_in_session { |
|
175 |
my ($self, $rpw) = @_; |
|
176 |
|
|
177 |
$rpw = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $rpw) |
|
178 |
unless $self->{authenticator}->requires_cleartext_password; |
|
179 |
|
|
180 |
$self->set_session_value(rpw => $rpw); |
|
181 |
} |
|
182 |
|
|
176 | 183 |
sub dbconnect { |
177 | 184 |
$main::lxdebug->enter_sub(2); |
178 | 185 |
|
Auch abrufbar als: Unified diff
Das Admin-Passwort nicht im Klartext in Session-Tabelle ablegen