[FEATURE] Enable saltedpasswords by default
authorHelmut Hummel <helmut.hummel@typo3.org>
Sun, 17 Jul 2011 18:00:35 +0000 (20:00 +0200)
committerHelmut Hummel <typo3@helmut-hummel.de>
Tue, 19 Jul 2011 06:50:37 +0000 (08:50 +0200)
Implement auto-activation of saltedpasswords and rsaauth extension.

Resolves: #28273
Releases: 4.6

Change-Id: If96cbbffec59f436748e331783bc6fc94fb2b87d
Reviewed-on: http://review.typo3.org/3389
Reviewed-by: Jigal van Hemert
Tested-by: Jigal van Hemert
Reviewed-by: Kay Strobach
Tested-by: Kay Strobach
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
t3lib/stddb/tables.sql
typo3/sysext/cms/ext_tables.sql
typo3/sysext/install/mod/class.tx_install.php
typo3/sysext/saltedpasswords/classes/class.tx_saltedpasswords_autoloader.php [new file with mode: 0644]
typo3/sysext/saltedpasswords/ext_tables.sql [deleted file]

index 130ecfd..6833337 100644 (file)
@@ -57,7 +57,7 @@ CREATE TABLE be_users (
   pid int(11) unsigned DEFAULT '0' NOT NULL,
   tstamp int(11) unsigned DEFAULT '0' NOT NULL,
   username varchar(50) DEFAULT '' NOT NULL,
-  password varchar(40) DEFAULT '' NOT NULL,
+  password varchar(60) DEFAULT '' NOT NULL,
   admin tinyint(4) unsigned DEFAULT '0' NOT NULL,
   usergroup varchar(255) DEFAULT '' NOT NULL,
   disable tinyint(1) unsigned DEFAULT '0' NOT NULL,
index c5f33d6..ff64878 100755 (executable)
@@ -109,7 +109,7 @@ CREATE TABLE fe_users (
   pid int(11) unsigned DEFAULT '0' NOT NULL,
   tstamp int(11) unsigned DEFAULT '0' NOT NULL,
   username varchar(50) DEFAULT '' NOT NULL,
-  password varchar(40) DEFAULT '' NOT NULL,
+  password varchar(60) DEFAULT '' NOT NULL,
   usergroup tinytext,
   disable tinyint(4) unsigned DEFAULT '0' NOT NULL,
   starttime int(11) unsigned DEFAULT '0' NOT NULL,
index 0657e64..693fec1 100755 (executable)
@@ -146,6 +146,7 @@ class tx_install extends t3lib_install {
                'session',
                'SPL',
                'standard',
+               'openssl',
                'xml',
                'zlib'
        );
@@ -204,6 +205,11 @@ class tx_install extends t3lib_install {
                                        1294587482
                                );
                        }
+                               // Load saltedpasswords if possible
+                       $saltedpasswordsLoaderFile = $this->backPath . 'sysext/saltedpasswords/classes/class.tx_saltedpasswords_autoloader.php';
+                       if (@is_file($saltedpasswordsLoaderFile)) {
+                               include($saltedpasswordsLoaderFile);
+                       }
                }
                $this->redirect_url = t3lib_div::sanitizeLocalUrl(t3lib_div::_GP('redirect_url'));
 
diff --git a/typo3/sysext/saltedpasswords/classes/class.tx_saltedpasswords_autoloader.php b/typo3/sysext/saltedpasswords/classes/class.tx_saltedpasswords_autoloader.php
new file mode 100644 (file)
index 0000000..9ed4aff
--- /dev/null
@@ -0,0 +1,130 @@
+<?php
+/***************************************************************
+ *  Copyright notice
+ *
+ *  (c) 2011 Helmut Hummel <helmut.hummel@typo3.org>
+ *  All rights reserved
+ *
+ *  This script is part of the TYPO3 project. The TYPO3 project is
+ *  free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  The GNU General Public License can be found at
+ *  http://www.gnu.org/copyleft/gpl.html.
+ *  A copy is found in the textfile GPL.txt and important notices to the license
+ *  from the author is found in LICENSE.txt distributed with these scripts.
+ *
+ *
+ *  This script is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  This copyright notice MUST APPEAR in all copies of the script!
+ ***************************************************************/
+
+/**
+ * Autoloader included from Install Tool that lets saltedpasswords load itself
+ *
+ * @author Helmut Hummel <helmut.hummel@typo3.org>
+ *
+ * @package TYPO3
+ * @subpackage saltedpasswords
+ */
+class tx_saltedpasswords_autoloader {
+
+       /**
+        * Activates saltedpasswords if it is supported.
+        *
+        * @param tx_install $instObj
+        * @return void
+        */
+       public function execute(tx_install $instObj) {
+               switch ($instObj->step) {
+                       case 4:
+                               if (!t3lib_extMgm::isLoaded('saltedpasswords') && $this->isSaltedPasswordsSupported()) {
+                                       $this->activateSaltedPasswords();
+                               }
+                               break;
+               }
+       }
+
+       /**
+        * Returns TRUE if PHP modules to run saltedpasswords are loaded and working.
+        *
+        * @return boolean
+        */
+       protected function isSaltedPasswordsSupported() {
+                       //FIXME: needs to be implemented!
+               return TRUE;
+       }
+
+       /**
+        * Activates saltedpasswords.
+        *
+        * @return void
+        */
+       protected function activateSaltedPasswords() {
+               $extList = t3lib_div::trimExplode(',', $GLOBALS['TYPO3_CONF_VARS']['EXT']['extList']);
+               if (!t3lib_div::inArray($extList, 'rsaauth')) {
+                       $extList[] = 'rsaauth';
+               }
+               if (!t3lib_div::inArray($extList, 'saltedpasswords')) {
+                       $extList[] = 'saltedpasswords';
+               }
+               $this->updateExtensionList(implode(',', $extList));
+               $GLOBALS['typo3CacheManager']->getCache('cache_phpcode')->flushByTag('t3lib_autoloader');
+       }
+
+       /**
+        * Updates the list of extensions.
+        *
+        * @param string $newExtList
+        * @return void
+        */
+       protected function updateExtensionList($newExtList) {
+                       // Instance of install tool
+               $instObj = t3lib_div::makeInstance('t3lib_install');
+               $instObj->allowUpdateLocalConf = 1;
+               $instObj->updateIdentity = 'TYPO3 Core Update Manager';
+
+                       // Get lines from localconf file
+               $lines = $instObj->writeToLocalconf_control();
+               $saltedPasswordDefaultConfiguration =
+                               'a:2:{s:3:"FE.";a:2:{s:7:"enabled";s:1:"1";s:21:"saltedPWHashingMethod";s:28:"tx_saltedpasswords_salts_md5";}s:3:"BE.";a:2:{s:7:"enabled";s:1:"1";s:21:"saltedPWHashingMethod";s:28:"tx_saltedpasswords_salts_md5";}}';
+
+               $instObj->setValueInLocalconfFile($lines, '$TYPO3_CONF_VARS[\'EXT\'][\'extList\']', $newExtList);
+               $instObj->setValueInLocalconfFile($lines, '$TYPO3_CONF_VARS[\'EXT\'][\'extConf\'][\'saltedpasswords\']', $saltedPasswordDefaultConfiguration);
+               $instObj->setValueInLocalconfFile($lines, '$TYPO3_CONF_VARS[\'BE\'][\'loginSecurityLevel\'] ', 'rsa');
+               $instObj->setValueInLocalconfFile($lines, '$TYPO3_CONF_VARS[\'FE\'][\'loginSecurityLevel\'] ', 'rsa');
+
+               $result = $instObj->writeToLocalconf_control($lines);
+               if ($result === 'nochange') {
+                       $message = 'Saltedpasswords was not loaded.';
+                       if (!@is_writable(PATH_typo3conf)) {
+                               $message .= ' ' . PATH_typo3conf . ' is not writable!';
+                       }
+                       throw new RuntimeException($message, 1310931362);
+               }
+
+               $GLOBALS['TYPO3_CONF_VARS']['EXT']['extList'] = $newExtList;
+
+                       // Make sure to get cache file for backend, not frontend
+               $cacheFilePrefix = t3lib_extMgm::getCacheFilePrefix();
+               $GLOBALS['TYPO3_LOADED_EXT']['_CACHEFILE'] = str_replace('temp_CACHED_FE', 'temp_CACHED', $cacheFilePrefix);
+               t3lib_extMgm::removeCacheFiles();
+       }
+
+}
+
+
+if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/saltedpasswords/classes/class.tx_saltedpasswords_autoloader.php'])) {
+       include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/saltedpasswords/classes/class.tx_saltedpasswords_autoloader.php']);
+}
+
+// Make instance:
+$SOBE = t3lib_div::makeInstance('tx_saltedpasswords_autoloader');
+$SOBE->execute($this);
+?>
\ No newline at end of file
diff --git a/typo3/sysext/saltedpasswords/ext_tables.sql b/typo3/sysext/saltedpasswords/ext_tables.sql
deleted file mode 100644 (file)
index b0de93a..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-CREATE TABLE fe_users (
-       password varchar(60) DEFAULT '' NOT NULL
-);
-
-CREATE TABLE be_users (
-       password varchar(60) DEFAULT '' NOT NULL
-);
\ No newline at end of file