I'm working to integrate OTRS in Joomla and my first problem was unify the user. OTRS use a very ugly method with crypt and Joomla use pass in the form "md5_hex(pass+salt):salt" where salt is a 32 bytes random number in hex (a md5hex of a rand) This patch convert de passwd of customer users in Joomla form. ------------------------------------------------------------------------------------------ diff -c /opt/otrs/Kernel/System/CustomerAuth/DB.pm.orig /opt/otrs/Kernel/System/CustomerAuth/DB.pm ---------------------------------------------------------------- *** /opt/otrs/Kernel/System/CustomerAuth/DB.pm.orig 2010-07-09 22:46:03.775934414 -0300 --- /opt/otrs/Kernel/System/CustomerAuth/DB.pm 2010-07-10 12:20:26.468579343 -0300 *************** *** 13,19 **** use strict; use warnings; ! use Crypt::PasswdMD5 qw(unix_md5_crypt); use vars qw($VERSION); --- 13,19 ---- use strict; use warnings; ! use Digest::MD5 qw(md5_hex); use Crypt::PasswdMD5 qw(unix_md5_crypt); use vars qw($VERSION); *************** *** 132,146 **** $CryptedPw = $Pw; } elsif ( $GetPw !~ /^.{13}$/ ) { - # strip salt ! $Salt =~ s/^\$.+?\$(.+?)\$.*$/$1/; ! # encode output, needed by unix_md5_crypt() only non utf8 signs $Self->{EncodeObject}->EncodeOutput( \$Pw ); $Self->{EncodeObject}->EncodeOutput( \$Salt ); ! $CryptedPw = unix_md5_crypt( $Pw, $Salt ); $Self->{EncodeObject}->Encode( \$CryptedPw ); } --- 132,146 ---- $CryptedPw = $Pw; } elsif ( $GetPw !~ /^.{13}$/ ) { # strip salt ! #$Salt =~ s/^\$.+?\$(.+?)\$.*$/$1/; ! $Salt =~ s/^.*:/$1/; # encode output, needed by unix_md5_crypt() only non utf8 signs $Self->{EncodeObject}->EncodeOutput( \$Pw ); $Self->{EncodeObject}->EncodeOutput( \$Salt ); ! #$CryptedPw = unix_md5_crypt( $Pw, $Salt ); ! $CryptedPw = md5_hex($Pw.$Salt).":".$Salt; $Self->{EncodeObject}->Encode( \$CryptedPw ); } *************** *** 148,168 **** else { # strip salt only for (Extended) DES, not for any of modular crypt's ! if ( $Salt !~ /^\$\d\$/ ) { ! $Salt =~ s/^(..).*/$1/; ! } # and do this check only in such case (unfortunately there is a mod_perl2 # bug on RH8 - check if crypt() is working correctly) :-/ ! if ( $Salt =~ /^\$\d\$/ || ( crypt( 'root', 'root@localhost' ) eq 'roK20XGbWEsSM' ) ) { ! $Self->{EncodeObject}->EncodeOutput( \$Pw ); ! $Self->{EncodeObject}->EncodeOutput( \$Salt ); # encode output, needed by crypt() only non utf8 signs ! $CryptedPw = crypt( $Pw, $Salt ); ! $Self->{EncodeObject}->Encode( \$CryptedPw ); ! } ! else { $Self->{LogObject}->Log( Priority => 'notice', Message => --- 148,168 ---- else { # strip salt only for (Extended) DES, not for any of modular crypt's ! #if ( $Salt !~ /^\$\d\$/ ) { ! # $Salt =~ s/^(..).*/$1/; ! #} # and do this check only in such case (unfortunately there is a mod_perl2 # bug on RH8 - check if crypt() is working correctly) :-/ ! #if ( $Salt =~ /^\$\d\$/ || ( crypt( 'root', 'root@localhost' ) eq 'roK20XGbWEsSM' ) ) { ! # $Self->{EncodeObject}->EncodeOutput( \$Pw ); ! # $Self->{EncodeObject}->EncodeOutput( \$Salt ); # encode output, needed by crypt() only non utf8 signs ! # $CryptedPw = crypt( $Pw, $Salt ); ! # $Self->{EncodeObject}->Encode( \$CryptedPw ); ! #} ! #else { $Self->{LogObject}->Log( Priority => 'notice', Message => *************** *** 177,183 **** } close(IO); chomp $CryptedPw; ! } } # just in case! --- 177,183 ---- } close(IO); chomp $CryptedPw; ! #} } # just in case! ------------------------------------------------------------------------------------------- diff -c /opt/otrs/Kernel/System/CustomerUser/DB.pm.orig /opt/otrs/Kernel/System/CustomerUser/DB.pm ----------------------------------------------- *** /opt/otrs/Kernel/System/CustomerUser/DB.pm.orig 2010-07-09 22:53:15.815936292 -0300 --- /opt/otrs/Kernel/System/CustomerUser/DB.pm 2010-07-10 12:20:48.126330149 -0300 *************** *** 13,19 **** use strict; use warnings; ! use Crypt::PasswdMD5 qw(unix_md5_crypt); use Kernel::System::CheckItem; --- 13,19 ---- use strict; use warnings; ! use Digest::MD5 qw(md5_hex); use Crypt::PasswdMD5 qw(unix_md5_crypt); use Kernel::System::CheckItem; *************** *** 786,797 **** # crypt with md5 crypt else { ! # encode output, needed by unix_md5_crypt() only non utf8 signs $Self->{EncodeObject}->EncodeOutput( \$Pw ); ! $Self->{EncodeObject}->EncodeOutput( \$Login ); ! ! $CryptedPw = unix_md5_crypt( $Pw, $Login ); $Self->{EncodeObject}->Encode( \$CryptedPw ); } --- 786,798 ---- # crypt with md5 crypt else { ! my $Salt = md5_hex(rand()); # encode output, needed by unix_md5_crypt() only non utf8 signs $Self->{EncodeObject}->EncodeOutput( \$Pw ); ! #$Self->{EncodeObject}->EncodeOutput( \$Login ); ! $Self->{EncodeObject}->EncodeOutput( \$Salt ); ! #$CryptedPw = unix_md5_crypt( $Pw, $Login ); ! $CryptedPw = md5_hex($Pw.$Salt).":".$Salt; $Self->{EncodeObject}->Encode( \$CryptedPw ); } ------------------------------------------------------------------------------- diff -c /opt/otrs/scripts/database/otrs-schema.mysql.sql.orig /opt/otrs/scripts/database/otrs-schema.mysql.sql ------------------------------------------------------- *** /opt/otrs/scripts/database/otrs-schema.mysql.sql.orig 2010-02-05 20:42:17.000000000 -0300 --- /opt/otrs/scripts/database/otrs-schema.mysql.sql 2010-07-10 12:44:07.190580174 -0300 *************** *** 62,68 **** CREATE TABLE users ( id INTEGER NOT NULL AUTO_INCREMENT, login VARCHAR (100) NOT NULL, ! pw VARCHAR (50) NOT NULL, salutation VARCHAR (50) NULL, first_name VARCHAR (100) NOT NULL, last_name VARCHAR (100) NOT NULL, --- 62,68 ---- CREATE TABLE users ( id INTEGER NOT NULL AUTO_INCREMENT, login VARCHAR (100) NOT NULL, ! pw VARCHAR (65) NOT NULL, salutation VARCHAR (50) NULL, first_name VARCHAR (100) NOT NULL, last_name VARCHAR (100) NOT NULL, *************** *** 908,914 **** login VARCHAR (100) NOT NULL, email VARCHAR (150) NOT NULL, customer_id VARCHAR (200) NOT NULL, ! pw VARCHAR (50) NULL, salutation VARCHAR (50) NULL, first_name VARCHAR (100) NOT NULL, last_name VARCHAR (100) NOT NULL, --- 908,914 ---- login VARCHAR (100) NOT NULL, email VARCHAR (150) NOT NULL, customer_id VARCHAR (200) NOT NULL, ! pw VARCHAR (65) NULL, salutation VARCHAR (50) NULL, first_name VARCHAR (100) NOT NULL, last_name VARCHAR (100) NOT NULL, -- --------------------------------------------- --- Timeo Danaos et dona ferentes --- ---------------------------------------------
These patches convert also users in Joomla password form:
-------------------------------------------------------------------------------------
diff -c /opt/otrs/Kernel/System/User.pm.orig /opt/otrs/Kernel/System/User.pm
------------------------------------------------
*** /opt/otrs/Kernel/System/User.pm.orig 2010-07-10 19:53:42.034580633 -0300
--- /opt/otrs/Kernel/System/User.pm 2010-07-10 19:57:26.201369700 -0300
***************
*** 15,21 ****
use warnings;
use Crypt::PasswdMD5 qw(unix_md5_crypt);
!
use Kernel::System::CheckItem;
use Kernel::System::Valid;
--- 15,21 ----
use warnings;
use Crypt::PasswdMD5 qw(unix_md5_crypt);
! use Digest::MD5 qw(md5_hex);
use Kernel::System::CheckItem;
use Kernel::System::Valid;
***************
*** 616,627 ****
# crypt with md5
else {
!
# encode output, needed by unix_md5_crypt() only non utf8 signs
$Self->{EncodeObject}->EncodeOutput( \$Pw );
! $Self->{EncodeObject}->EncodeOutput( \$Param{UserLogin} );
! $CryptedPw = unix_md5_crypt( $Pw, $Param{UserLogin} );
}
# md5 sum of pw, needed for password history
--- 616,629 ----
# crypt with md5
else {
! my $Salt = md5_hex(rand());
# encode output, needed by unix_md5_crypt() only non utf8 signs
$Self->{EncodeObject}->EncodeOutput( \$Pw );
! #$Self->{EncodeObject}->EncodeOutput( \$Param{UserLogin} );
! $Self->{EncodeObject}->EncodeOutput( \$Salt );
! #$CryptedPw = unix_md5_crypt( $Pw, $Param{UserLogin} );
! $CryptedPw = md5_hex($Pw.$Salt).":".$Salt;
}
# md5 sum of pw, needed for password history
----------------------------------------------------------------------------------
diff -c /opt/otrs/Kernel/System/Auth/DB.pm.orig
/opt/otrs/Kernel/System/Auth/DB.pm
-----------------------------------
*** /opt/otrs/Kernel/System/Auth/DB.pm.orig 2010-07-10 19:53:50.634576892 -0300
--- /opt/otrs/Kernel/System/Auth/DB.pm 2010-07-10 20:03:23.920604245 -0300
***************
*** 15,21 ****
use warnings;
use Crypt::PasswdMD5 qw(unix_md5_crypt);
!
use Kernel::System::Valid;
use vars qw($VERSION);
--- 15,21 ----
use warnings;
use Crypt::PasswdMD5 qw(unix_md5_crypt);
! use Digest::MD5 qw(md5_hex);
use Kernel::System::Valid;
use vars qw($VERSION);
***************
*** 112,144 ****
elsif ( $GetPw !~ /^.{13}$/ ) {
# strip Salt
! $Salt =~ s/^\$.+?\$(.+?)\$.*$/$1/;
# encode output, needed by unix_md5_crypt() only non utf8 signs
$Self->{EncodeObject}->EncodeOutput( \$Pw );
$Self->{EncodeObject}->EncodeOutput( \$Salt );
! $CryptedPw = unix_md5_crypt( $Pw, $Salt );
}
# crypt pw
else {
# strip Salt only for (Extended) DES, not for any of Modular crypt's
! if ( $Salt !~ /^\$\d\$/ ) {
! $Salt =~ s/^(..).*/$1/;
! }
# and do this check only in such case (unfortunately there
is a mod_perl2
# bug on RH8 - check if crypt() is working correctly) :-/
! if ( ( $Salt =~ /^\$\d\$/ ) || ( crypt( 'root',
'root@localhost' ) eq 'roK20XGbWEsSM' ) ) {
# encode output, needed by crypt() only non utf8 signs
! $Self->{EncodeObject}->EncodeOutput( \$Pw );
! $Self->{EncodeObject}->EncodeOutput( \$Salt );
! $CryptedPw = crypt( $Pw, $Salt );
! }
! else {
$Self->{LogObject}->Log(
Priority => 'notice',
Message =>
--- 112,146 ----
elsif ( $GetPw !~ /^.{13}$/ ) {
# strip Salt
! #$Salt =~ s/^\$.+?\$(.+?)\$.*$/$1/;
! $Salt =~ s/^.*:/$1/;
# encode output, needed by unix_md5_crypt() only non utf8 signs
$Self->{EncodeObject}->EncodeOutput( \$Pw );
$Self->{EncodeObject}->EncodeOutput( \$Salt );
! #$CryptedPw = unix_md5_crypt( $Pw, $Salt );
! $CryptedPw = md5_hex($Pw.$Salt).":".$Salt;
}
# crypt pw
else {
# strip Salt only for (Extended) DES, not for any of Modular crypt's
! #if ( $Salt !~ /^\$\d\$/ ) {
! # $Salt =~ s/^(..).*/$1/;
! #}
# and do this check only in such case (unfortunately there
is a mod_perl2
# bug on RH8 - check if crypt() is working correctly) :-/
! #if ( ( $Salt =~ /^\$\d\$/ ) || ( crypt( 'root',
'root@localhost' ) eq 'roK20XGbWEsSM' ) ) {
# encode output, needed by crypt() only non utf8 signs
! #$Self->{EncodeObject}->EncodeOutput( \$Pw );
! #$Self->{EncodeObject}->EncodeOutput( \$Salt );
! #$CryptedPw = crypt( $Pw, $Salt );
! #}
! #else {
$Self->{LogObject}->Log(
Priority => 'notice',
Message =>
***************
*** 153,159 ****
}
close(IO);
chomp $CryptedPw;
! }
}
# just in case for debug!
--- 155,161 ----
}
close(IO);
chomp $CryptedPw;
! #}
}
# just in case for debug!
-----------------------------------------------------------------------------------
diff -c /opt/otrs/scripts/database/otrs-initial_insert.mysql.sql.orig
/opt/otrs/scripts/database/otrs-initial_insert.mysql.sql
---------------------------------
*** /opt/otrs/scripts/database/otrs-initial_insert.mysql.sql.orig 2010-02-05
20:42:17.000000000 -0300
--- /opt/otrs/scripts/database/otrs-initial_insert.mysql.sql 2010-07-10
20:05:58.569580719 -0300
***************
*** 24,30 ****
# ----------------------------------------------------------
INSERT INTO users (id, first_name, last_name, login, pw, valid_id,
create_by, create_time, change_by, change_time)
VALUES
! (1, 'Admin', 'OTRS', 'root@localhost', 'roK20XGbWEsSM', 1, 1,
current_timestamp, 1, current_timestamp);
# ----------------------------------------------------------
# insert into table groups
# ----------------------------------------------------------
--- 24,30 ----
# ----------------------------------------------------------
INSERT INTO users (id, first_name, last_name, login, pw, valid_id,
create_by, create_time, change_by, change_time)
VALUES
! (1, 'Admin', 'OTRS', 'root@localhost',
'73876873b6e0c23bc90b24227f7784e5:ff10491742010de973a1a11737a6ed0c',
1, 1, current_timestamp, 1, current_timestamp);
# ----------------------------------------------------------
# insert into table groups
# ----------------------------------------------------------
2010/7/10 emigonza@gmail.com
I'm working to integrate OTRS in Joomla and my first problem was unify the user.
OTRS use a very ugly method with crypt and Joomla use pass in the form "md5_hex(pass+salt):salt" where salt is a 32 bytes random number in hex (a md5hex of a rand)
This patch convert de passwd of customer users in Joomla form. ------------------------------------------------------------------------------------------
--------------------------------------------- --- Timeo Danaos et dona ferentes --- ---------------------------------------------
participants (1)
-
emigonza@gmail.com