mirrors/flexisip-account-manager
1
0
Fork 0
mirror of https://gitlab.linphone.org/BC/public/flexisip-account-manager.git synced 2026-01-17 10:08:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Removed SHA256 auto password creation

Browse source
This commit is contained in:
Sylvain Berfini 2019-11-07 10:20:40 +01:00
parent 6342f98656
commit 3c99551f40
2 changed files with 0 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
src/xmlrpc/accounts.php
View file

@ -120,23 +120,6 @@ function xmlrpc_recover_account_from_confirmation_key($method, $args) {
return $result;
}
if ($algo == SHA256) {
// When trying to log in with a phone account on an app that only supports SHA-256, create a new password for it if it doesn't exists
// This won't prevent already logged in users with MD5 password to use their account
$pwd = generate_password();
$sha256_password = new Password($db);
$sha256_password->account_id = $account->id;
$sha256_password->password = hash_password($account->username, $pwd, $domain, SHA256);
$sha256_password->algorithm = SHA256;
$sha256_password->create();
$result = array(
"password" => $sha256_password->password,
"algorithm" => $sha256_password->algorithm
);
return $result;
}
return PASSWORD_NOT_FOUND;
}

13
src/xmlrpc/accounts_phone.php
View file

@ -208,19 +208,6 @@ function xmlrpc_activate_phone_account($method, $args) {
return $password->password;
}
if ($algo == SHA256) {
// When trying to log in with a phone account on an app that only supports SHA-256, create a new password for it if it doesn't exists
// This won't prevent already logged in users with MD5 password to use their account
$pwd = generate_password();
$sha256_password = new Password($db);
$sha256_password->account_id = $account->id;
$sha256_password->password = hash_password($account->username, $pwd, $domain, SHA256);
$sha256_password->algorithm = SHA256;
$sha256_password->create();
return $sha256_password->password;
}
return PASSWORD_NOT_FOUND;
}