From a7a861b2c6fc855abc0741691bebf975e255767c Mon Sep 17 00:00:00 2001
From: Frank Karlitschek <frank@owncloud.org>
Date: Fri, 8 Jun 2012 12:42:35 +0200
Subject: backport the password salting fix. a salt is generated during setup
 and used to salt the user password hases in the database backend

---
 lib/setup.php | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lib/setup.php')

diff --git a/lib/setup.php b/lib/setup.php
index 4c8c5670480..e1c1a110b38 100644
--- a/lib/setup.php
+++ b/lib/setup.php
@@ -73,6 +73,10 @@ class OC_Setup {
 				$dbtype='sqlite3';
 			}
 
+			//generate a random salt that is used to salt the local user passwords
+			$salt=mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000);
+			OC_Config::setValue('passwordsalt', $salt);
+
 			//write the config file
 			OC_Config::setValue('datadirectory', $datadir);
  			OC_Config::setValue('dbtype', $dbtype);
-- 
cgit v1.2.3