summaryrefslogtreecommitdiffstats
path: root/src/main/java/com/gitblit/manager/AuthenticationManager.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/gitblit/manager/AuthenticationManager.java')
-rw-r--r--src/main/java/com/gitblit/manager/AuthenticationManager.java10
1 files changed, 10 insertions, 0 deletions
diff --git a/src/main/java/com/gitblit/manager/AuthenticationManager.java b/src/main/java/com/gitblit/manager/AuthenticationManager.java
index 0a4d8ed7..7a1fd9f2 100644
--- a/src/main/java/com/gitblit/manager/AuthenticationManager.java
+++ b/src/main/java/com/gitblit/manager/AuthenticationManager.java
@@ -52,6 +52,7 @@ import com.gitblit.models.UserModel;
import com.gitblit.transport.ssh.SshKey;
import com.gitblit.utils.Base64;
import com.gitblit.utils.HttpUtils;
+import com.gitblit.utils.SecurePasswordHashUtils;
import com.gitblit.utils.StringUtils;
import com.gitblit.utils.X509Utils.X509Metadata;
import com.google.inject.Inject;
@@ -518,6 +519,7 @@ public class AuthenticationManager implements IAuthenticationManager {
*/
protected UserModel authenticateLocal(UserModel user, char [] password) {
UserModel returnedUser = null;
+ //weak password hash
if (user.password.startsWith(StringUtils.MD5_TYPE)) {
// password digest
String md5 = StringUtils.MD5_TYPE + StringUtils.getMD5(new String(password));
@@ -534,7 +536,15 @@ public class AuthenticationManager implements IAuthenticationManager {
} else if (user.password.equals(new String(password))) {
// plain-text password
returnedUser = user;
+ } else if (user.password.startsWith(SecurePasswordHashUtils.PBKDF2WITHHMACSHA256_TYPE)){
+ //strong hash
+ SecurePasswordHashUtils hashUtils = SecurePasswordHashUtils.get();
+ boolean isPasswordValid = hashUtils.isPasswordCorrect(password, user.password);
+ if(isPasswordValid){
+ returnedUser = user;
+ }
}
+
return validateAuthentication(returnedUser, AuthenticationType.CREDENTIALS);
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-29 00:28:37 +0000