2
# BEGIN BPS TAGGED BLOCK {{{
6
# This software is Copyright (c) 1996-2011 Best Practical Solutions, LLC
7
# <sales@bestpractical.com>
9
# (Except where explicitly superseded by other copyright notices)
14
# This work is made available to you under the terms of Version 2 of
15
# the GNU General Public License. A copy of that license should have
16
# been provided with this software, but in any event can be snarfed
19
# This work is distributed in the hope that it will be useful, but
20
# WITHOUT ANY WARRANTY; without even the implied warranty of
21
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22
# General Public License for more details.
24
# You should have received a copy of the GNU General Public License
25
# along with this program; if not, write to the Free Software
26
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
27
# 02110-1301 or visit their web page on the internet at
28
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
31
# CONTRIBUTION SUBMISSION POLICY:
33
# (The following paragraph is not intended to limit the rights granted
34
# to you to modify and distribute this software under the terms of
35
# the GNU General Public License and is only of importance to you if
36
# you choose to contribute your changes and enhancements to the
37
# community by submitting them to Best Practical Solutions, LLC.)
39
# By intentionally submitting any modifications, corrections or
40
# derivatives to this work, or any other work intended for use with
41
# Request Tracker, to Best Practical Solutions, LLC, you confirm that
42
# you are the copyright holder for those contributions and you grant
43
# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
44
# royalty-free, perpetual, license to use, copy, create derivative
45
# works based on those contributions, and sublicense and distribute
46
# those contributions and any derivatives thereof.
48
# END BPS TAGGED BLOCK }}}
64
GetOptions("fix!" => \$fix);
67
my $users = RT::Users->new( $RT::SystemUser );
72
ENTRYAGGREGATOR => 'AND',
77
VALUE => '*NO-PASSWORD*',
78
ENTRYAGGREGATOR => 'AND',
82
OPERATOR => 'NOT STARTSWITH',
84
ENTRYAGGREGATOR => 'AND',
86
push @{$users->{'restrictions'}{ "main.Password" }}, "AND", {
87
field => 'LENGTH(main.Password)',
92
my $count = $users->Count;
94
print "No users with unsalted or weak cryptography found.\n";
99
print "Upgrading $count users...\n";
100
while (my $u = $users->Next) {
101
my $stored = $u->__Value("Password");
103
if (length $stored == 32) {
104
$raw = pack("H*",$stored);
105
} elsif (length $stored == 22) {
106
$raw = MIME::Base64::decode_base64($stored);
107
} elsif (length $stored == 13) {
108
printf "%20s => Old crypt() format, cannot upgrade\n", $u->Name;
110
printf "%20s => Unknown password format!\n", $u->Name;
114
my $salt = pack("C4",map{int rand(256)} 1..4);
115
my $sha = Digest::SHA::sha256(
120
Value => MIME::Base64::encode_base64(
121
$salt . substr($sha,0,26), ""),
128
print "$count users found with unsalted or weak-cryptography passwords:\n";
129
print " Id | Name\n", "-"x9, "+", "-"x9, "\n";
130
while (my $u = $users->Next) {
131
printf "%8d | %s\n", $u->Id, $u->Name;
134
print "$count users found with unsalted or weak-cryptography passwords\n";
137
print "\n", "Run again with --fix to upgrade.\n";