refs #308 - some cleanup; I'll fix the webtest later tonight

git-svn-id: http://dev.piwik.org/svn/trunk@4992 59fd770c-687e-43c8-a1e3-f5a4ff64c105

refs #308 - some cleanup; I'll fix the webtest later tonight
a43812ea · robocoder · 1f22d78b · a43812ea · a43812ea · a43812ea
--- a/config/global.ini.php
+++ b/config/global.ini.php
@@ -139,6 +139,10 @@ minimum_memory_limit = 128
 ; This can be disabled, if for example you wish to import an existing User database in Piwik and your rules are less restrictive
 disable_checks_usernames_attributes = 0

+; Piwik will use the configured hash algorithm where possible.
+; For legacy data, fallback or non-security scenarios, we use md5.
+hash_algorithm = whirlpool
+
 ; by default, Piwik uses relative URLs, so you can login using http:// or https://
 ; (the latter assumes you have a valid SSL certificate).
 ; If set to 1, Piwik redirects the login form to use a secure connection (i.e., https).

--- a/core/Common.php
+++ b/core/Common.php
@@ -801,6 +801,42 @@ class Piwik_Common
 		return $salt;
 	}

+	/**
+	 * Configureable hash() algorithm (defaults to md5)
+	 *
+	 * @param string $str String to be hashed
+	 * @param bool $raw_output
+	 * @return string Hash string
+	 */
+	static function hash($str, $raw_output = false)
+	{
+		static $hashAlgorithm = null;
+		if(is_null($hashAlgorithm))
+		{
+			if(!empty($GLOBALS['PIWIK_TRACKER_MODE']))
+			{
+				$hashAlgorithm = @Piwik_Tracker_Config::getInstance()->General['hash_algorithm'];
+			}
+			else
+			{
+				$config = Zend_Registry::get('config');
+				if($config !== false)
+				{
+					$hashAlgorithm = @$config->General->hash_algorithm;
+				}
+			}
+		}
+
+		if($hashAlgorithm)
+		{
+			$hash = @hash($hashAlgorithm, $str, $raw_output);
+			if($hash !== false)
+				return $hash;
+		}
+
+		return md5($str, $raw_output);
+	}
+
 	/**
 	 * Returns the list of Campaign parameter names that will be read to classify 
 	 * a visit as coming from a Campaign

--- a/plugins/Login/Controller.php
+++ b/plugins/Login/Controller.php
@@ -17,6 +17,24 @@
 */
 class Piwik_Login_Controller extends Piwik_Controller
 {
+	/**
+	 * Generate hash on user info and password
+	 *
+	 * @param string $userinfo User name, email, etc
+	 * @param string $password
+	 * @return string
+	 */
+	private function generateHash($userInfo, $password)
+	{
+		// mitigate rainbow table attack
+		$password = str_split($password, (strlen($password)/2)+1);
+		$hash = Piwik_Common::hash(
+			$userInfo . $password[0]
+			. Piwik_Common::getSalt() . $password[1]
+		);
+		return $hash;
+	}
+
 	/**
 	 * Default action
 	 *
@@ -193,7 +211,7 @@ class Piwik_Login_Controller extends Piwik_Controller
 	 */
 	protected function lostPasswordFormValidated($loginMail)
 	{
-		if( $user === 'anonymous' )
+		if( $loginMail === 'anonymous' )
 		{
 			return Piwik_Translate('Login_InvalidUsernameEmail');
 		}
@@ -379,7 +397,10 @@ class Piwik_Login_Controller extends Piwik_Controller
 		}

 		$expiry = strftime('%Y%m%d%H', $timestamp); 
-		$token = md5(Piwik_Common::getSalt() . md5($expiry . $user['login'] . $user['email'] . $user['password']));
+		$token = $this->generateHash(
+			$expiry . $user['login'] . $user['email'],
+			$user['password']
+		);
 		return $token;
 	}