Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
O
Openfire
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Administrator
Openfire
Commits
d27d76ca
Commit
d27d76ca
authored
8 years ago
by
Dave Cridland
Committed by
GitHub
8 years ago
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #700 from FZachlod/master
Add NT hashing for JDBC connections
parents
9e14d4f7
d81561f4
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
26 additions
and
1 deletion
+26
-1
JDBCAuthProvider.java
...java/org/jivesoftware/openfire/auth/JDBCAuthProvider.java
+26
-1
No files found.
src/java/org/jivesoftware/openfire/auth/JDBCAuthProvider.java
View file @
d27d76ca
...
...
@@ -20,6 +20,8 @@
package
org
.
jivesoftware
.
openfire
.
auth
;
import
java.security.SecureRandom
;
import
java.security.MessageDigest
;
import
java.security.Security
;
import
java.sql.Connection
;
import
java.sql.DriverManager
;
import
java.sql.PreparedStatement
;
...
...
@@ -33,6 +35,8 @@ import java.util.Iterator;
import
java.util.List
;
import
java.util.Map
;
import
org.bouncycastle.crypto.generators.OpenBSDBCrypt
;
import
org.bouncycastle.jce.provider.BouncyCastleProvider
;
import
org.bouncycastle.util.encoders.Hex
;
import
org.jivesoftware.database.DbConnectionManager
;
import
org.jivesoftware.openfire.XMPPServer
;
...
...
@@ -99,6 +103,7 @@ import org.slf4j.LoggerFactory;
* <li>{@link PasswordType#sha256 sha256}
* <li>{@link PasswordType#sha512 sha512}
* <li>{@link PasswordType#bcrypt bcrypt}
* <li>{@link PasswordType#nt nt}
* </ul>
*
* @author David Snopek
...
...
@@ -156,6 +161,9 @@ public class JDBCAuthProvider implements AuthProvider, PropertyEventListener {
setPasswordTypes
(
JiveGlobals
.
getProperty
(
"jdbcAuthProvider.passwordType"
,
"plain"
));
bcryptCost
=
JiveGlobals
.
getIntProperty
(
"jdbcAuthProvider.bcrypt.cost"
,
-
1
);
PropertyEventDispatcher
.
addListener
(
this
);
if
(
Security
.
getProvider
(
BouncyCastleProvider
.
PROVIDER_NAME
)
==
null
)
{
java
.
security
.
Security
.
addProvider
(
new
BouncyCastleProvider
());
}
}
private
void
setPasswordTypes
(
String
passwordTypeProperty
){
...
...
@@ -252,6 +260,18 @@ public class JDBCAuthProvider implements AuthProvider, PropertyEventListener {
new
SecureRandom
().
nextBytes
(
salt
);
int
cost
=
(
bcryptCost
<
4
||
bcryptCost
>
31
)
?
DEFAULT_BCRYPT_COST
:
bcryptCost
;
return
OpenBSDBCrypt
.
generate
(
password
.
toCharArray
(),
salt
,
cost
);
case
nt:
byte
[]
digestBytes
;
byte
[]
utf16leBytes
=
null
;
try
{
MessageDigest
md
=
MessageDigest
.
getInstance
(
"MD4"
);
utf16leBytes
=
password
.
getBytes
(
"UTF-16LE"
);
digestBytes
=
md
.
digest
(
utf16leBytes
);
return
new
String
(
new
String
(
Hex
.
encode
(
digestBytes
)));
}
catch
(
Exception
e
)
{
return
null
;
}
case
plain:
default
:
return
password
;
...
...
@@ -416,7 +436,12 @@ public class JDBCAuthProvider implements AuthProvider, PropertyEventListener {
/**
* The password is stored as a bcrypt hash.
*/
bcrypt
;
bcrypt
,
/**
* The password is stored as an nt hash.
*/
nt
;
}
/**
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment