<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
I should also clarify that I'm not expecting this to be merged in, I
just wanted to test & demonstrate if it was technically possible
to seamlessly migrate from one algorithm to another without
maintaining two tables.<br>
<br>
~ Marv.<br>
<br>
On 10/06/2012 11:32, Gudule Lapointe wrote:
<blockquote
cite="mid:6F2EAE4D-FF43-4E7A-B790-4F18E575FE05@spekuloos.be"
type="cite">
<div>Not only does this force to change all third party modules
using authentication (for this, changing the hash method should
be an option, not an arbitrary change)</div>
<div><br>
</div>
<div>This also means the update process is not immediate, it
relies on every single user login via OpenSim.</div>
<div>It could take months before all the passwords are
updated. Practically, they won't ever, probably.</div>
<div>In the meantime, the authentication via third party module
will be broken for a part of the users (the ones already
updated, or the other ones, depending of the web module being
patched or not).</div>
<div><br>
</div>
<div>
<div><br>
<div apple-content-edited="true"> <span
class="Apple-style-span" style="border-collapse: separate;
color: rgb(0, 0, 0); font-family: Helvetica; font-style:
normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; line-height: normal; orphans: 2;
text-align: -webkit-auto; text-indent: 0px;
text-transform: none; white-space: normal; widows: 2;
word-spacing: 0px; -webkit-border-horizontal-spacing: 0px;
-webkit-border-vertical-spacing: 0px;
-webkit-text-decorations-in-effect: none;
-webkit-text-size-adjust: auto; -webkit-text-stroke-width:
0px; font-size: medium; "><span class="Apple-style-span"
style="border-collapse: separate; color: rgb(0, 0, 0);
font-family: Helvetica; font-style: normal;
font-variant: normal; font-weight: normal;
letter-spacing: normal; line-height: normal; orphans: 2;
text-align: -webkit-auto; text-indent: 0px;
text-transform: none; white-space: normal; widows: 2;
word-spacing: 0px; -webkit-border-horizontal-spacing:
0px; -webkit-border-vertical-spacing: 0px;
-webkit-text-decorations-in-effect: none;
-webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; font-size: medium; ">
<div style="word-wrap: break-word; -webkit-nbsp-mode:
space; -webkit-line-break: after-white-space; "><span
class="Apple-style-span" style="border-collapse:
separate; color: rgb(0, 0, 0); font-family:
Helvetica; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal;
line-height: normal; orphans: 2; text-align:
-webkit-auto; text-indent: 0px; text-transform:
none; white-space: normal; widows: 2; word-spacing:
0px; -webkit-border-horizontal-spacing: 0px;
-webkit-border-vertical-spacing: 0px;
-webkit-text-decorations-in-effect: none;
-webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; font-size: medium; ">
<div style="word-wrap: break-word;
-webkit-nbsp-mode: space; -webkit-line-break:
after-white-space; "><span
class="Apple-style-span" style="border-collapse:
separate; color: rgb(0, 0, 0); font-family:
Helvetica; font-style: normal; font-variant:
normal; font-weight: normal; letter-spacing:
normal; line-height: normal; orphans: 2;
text-align: -webkit-auto; text-indent: 0px;
text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px;
-webkit-border-horizontal-spacing: 0px;
-webkit-border-vertical-spacing: 0px;
-webkit-text-decorations-in-effect: none;
-webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; font-size:
medium; ">
<div style="word-wrap: break-word;
-webkit-nbsp-mode: space; -webkit-line-break:
after-white-space; "><span
class="Apple-style-span"
style="border-collapse: separate; color:
rgb(0, 0, 0); font-family: Helvetica;
font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal;
line-height: normal; orphans: 2; text-align:
-webkit-auto; text-indent: 0px;
text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px;
-webkit-border-horizontal-spacing: 0px;
-webkit-border-vertical-spacing: 0px;
-webkit-text-decorations-in-effect: none;
-webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; font-size:
medium; ">
<div style="word-wrap: break-word;
-webkit-nbsp-mode: space;
-webkit-line-break: after-white-space; "><span
class="Apple-style-span"
style="border-collapse: separate; color:
rgb(0, 0, 0); font-family: Helvetica;
font-style: normal; font-variant:
normal; font-weight: normal;
letter-spacing: normal; line-height:
normal; orphans: 2; text-align:
-webkit-auto; text-indent: 0px;
text-transform: none; white-space:
normal; widows: 2; word-spacing: 0px;
-webkit-border-horizontal-spacing: 0px;
-webkit-border-vertical-spacing: 0px;
-webkit-text-decorations-in-effect:
none; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px;
font-size: medium; ">
<div style="word-wrap: break-word;
-webkit-nbsp-mode: space;
-webkit-line-break: after-white-space;
">
<div>--</div>
<div><a moz-do-not-send="true"
href="http://www.speculoos.net/">http://www.speculoos.net/</a></div>
<div><a moz-do-not-send="true"
href="secondlife://speculoos.net:8002/">secondlife://speculoos.net:8002/</a></div>
<div>Speculoos, the belgian
cookie-flavored metaverse</div>
</div>
</span></div>
</span></div>
</span></div>
</span></div>
</span></span> </div>
<br>
<div>
<div>Le 10 juin 2012 à 07:15, SignpostMarv Martin a écrit :</div>
<br class="Apple-interchange-newline">
<blockquote type="cite">
<div>clarification; I missed out the phrase "the patch
simply checks when authentication occurs"<br>
<br>
On 10/06/2012 05:52, SignpostMarv Martin wrote:<br>
<blockquote type="cite">Earlier I decided to see if it
was feasible to seamlessly migrate the password hash
& salt from md5 to sha-512- turns out it is :D<br>
</blockquote>
<blockquote type="cite"><br>
</blockquote>
<blockquote type="cite">By seamless I mean the grid
operator needs take no action- the patch simply checks
if the salt in the db is of length 32 &uses md5
checking if it is, sha-512 if it isn't; if it is md5
and the submitted password is valid, the stored hash
& salt are updated with new sha-512 values.<br>
</blockquote>
<blockquote type="cite"><br>
</blockquote>
<blockquote type="cite">As mentioned on the mantis ( <a
moz-do-not-send="true"
href="http://opensimulator.org/mantis/view.php?id=6046">http://opensimulator.org/mantis/view.php?id=6046</a>
), any third-party software which directly reads the
database would need to be updated to do similar salt
length checks.<br>
</blockquote>
<blockquote type="cite"><br>
</blockquote>
<blockquote type="cite">Additionally, the provided patch
is incomplete as I'm unsure of the migration syntax
for MSSQL/SQLite.<br>
</blockquote>
<blockquote type="cite"><br>
</blockquote>
<blockquote type="cite"><br>
</blockquote>
<blockquote type="cite">~ Marv.<br>
</blockquote>
_______________________________________________<br>
Opensim-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:Opensim-dev@lists.berlios.de">Opensim-dev@lists.berlios.de</a><br>
<a class="moz-txt-link-freetext"
href="https://lists.berlios.de/mailman/listinfo/opensim-dev">https://lists.berlios.de/mailman/listinfo/opensim-dev</a><br>
</div>
</blockquote>
</div>
<br>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Opensim-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Opensim-dev@lists.berlios.de">Opensim-dev@lists.berlios.de</a>
<a class="moz-txt-link-freetext" href="https://lists.berlios.de/mailman/listinfo/opensim-dev">https://lists.berlios.de/mailman/listinfo/opensim-dev</a></pre>
</blockquote>
</body>
</html>