Skip to content
Find file Blame History Permalink
  • Christian Kuhn's avatar
    [TASK] Drop salted passwords configuration options · c2cb6fa9
    Christian Kuhn authored and Andreas Kienast's avatar Andreas Kienast committed 
    In order to prepare the saltedpasswords extension to be implemented
as a library into the core directly, a series of configuration
options is dropped from the extension:

* FE.forceSalted & BE.forceSalted (default 0)
  Setting this to 1 disabled upgrading non-salted user password
  to salted passwords and denied login. The option is dropped, but
  only passwords that have been upgraded from simple md5 or plaintext
  in v8 are allowed to login and will get their password upgraded.

* FE.updatePasswd & BE.updatePasswd (default 1)
  Setting this to 0 disabled upgrading one salted password to
  another. This is dropped: Passwords will now always be upgraded
  to the currently configured hash algorithm if the currently used
  algorithm does no match the configured one.

* FE.onlyAuthService & BE.onlyAuthService (default 0)
  Setting this to 1 allowed stopping the authentication chain if
  the salted passwords did not verify a password. This setting is
  pretty useless since it can be expected that any sane authentication
  provider kicks in before the native salted passwords authentication.
  We found not a single usage of that flag in TER.

* checkConfigurationFE & checkConfigurationFE2
  & checkConfigurationBE & checkConfigurationBE2
  These configuration user function have been responsible to check
  various combinations of valid and invalid salted passwords
  combinations. This is obsolete with removing the other options and the
  deprecated rsaauth extension. An install tool preset for sane options
  and according warnings will be set up to establish better usability
  from an administrator point of view as soon as this patch is done.

The only option left is the main "saltedPWHashingMethod". This will
be transferred to an install tool preset including best option selection
during installation in a next step.

Resolves: #85683
Releases: master
Change-Id: I7e8150ba9bc8b36f59d08ca5cadeb547e1301f67
Reviewed-on: https://review.typo3.org/57725


Tested-by: default avatarTYPO3com <no-reply@typo3.com>
Reviewed-by: default avatarMarkus Klein <markus.klein@typo3.org>
Tested-by: default avatarMarkus Klein <markus.klein@typo3.org>
Reviewed-by: default avatarAndreas Fernandez <a.fernandez@scripting-base.de>
Tested-by: default avatarAndreas Fernandez <a.fernandez@scripting-base.de>
    c2cb6fa9