archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Use OpaqueEnvelopes for all passwords in Phabricator

Browse Source 
Summary:
See D2991 / T1526. Two major changes here:

  - PHP just straight-up logs passwords on ldap_bind() failures. Suppress that with "@" and keep them out of DarkConsole by enabling discard mode.
  - Use PhutilOpaqueEnvelope whenever we send a password into a call stack.

Test Plan:
  - Created a new account.
  - Reset password.
  - Changed password.
  - Logged in with valid password.
  - Tried to login with bad password.
  - Changed password via accountadmin.
  - Hit various LDAP errors and made sure nothing appears in the logs.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D2993
This commit is contained in:
epriestley
2012-07-17 12:06:33 -07:00
parent ae2e73ce80
commit dd70c59465
8 changed files with 50 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/applications/auth/controller/PhabricatorLDAPLoginController.php
View File

@@ -37,9 +37,8 @@ final class PhabricatorLDAPLoginController extends PhabricatorAuthController {
if ($request->isFormPost()) {
try {
$this->provider->auth($request->getStr('username'),
$request->getStr('password'));
$envelope = new PhutilOpaqueEnvelope($request->getStr('password'));
$this->provider->auth($request->getStr('username'), $envelope);
} catch (Exception $e) {
$errors[] = $e->getMessage();
}