3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-22 20:09:41 +01:00
Commit Graph

6 Commits

Author SHA1 Message Date
Shivaram Lingamneni
8d80cb52e6 include a fixed test vector in password tests 2023-12-20 23:28:55 -05:00
Shivaram Lingamneni
dfb0a57040 refactor the password hashing / password autoupgrade system 2018-08-06 02:26:21 -04:00
Daniel Oaks
6260869068 Upgrade password hashing.
Previously, we generated and prepended a long salt before generating
password hashes. This resulted in the hash verification cutting off long
before it should do. This form of salting is also not necessary with
bcrypt as it's provided by the password hashing and verification
functions themselves, so totally rip it out.

This commit also adds the functionality for the server to automagically
upgrade users to use the new hashing system, which means better
security and more assurance that people can't bruteforce passwords.

No need to apply a database upgrade to do this, whoo! \o/
2018-08-05 22:51:15 -04:00
Daniel Oaks
34987ba53a Allow WEBIRC from specified hosts 2017-10-15 16:18:14 +10:00
Daniel Oaks
378d55af65 Add tests to subpackages 2017-10-07 22:19:37 +10:00
Daniel Oaks
68b1dc9e72 Split passwd into its' own subpackage 2017-10-06 00:03:53 +10:00