Skip to content

Instantly share code, notes, and snippets.

@ss23
Created November 6, 2017 05:33
Show Gist options
  • Select an option

  • Save ss23/25e0052a24057403a132cf304fd2afe6 to your computer and use it in GitHub Desktop.

Select an option

Save ss23/25e0052a24057403a132cf304fd2afe6 to your computer and use it in GitHub Desktop.
diff --git a/library/Icinga/Authentication/User/DbUserBackend.php b/library/Icinga/Authentication/User/DbUserBackend.php
index 6d6e11c52..0a1f30215 100644
--- a/library/Icinga/Authentication/User/DbUserBackend.php
+++ b/library/Icinga/Authentication/User/DbUserBackend.php
@@ -225,9 +225,7 @@ class DbUserBackend extends DbRepository implements UserBackendInterface, Inspec
{
try {
$passwordHash = $this->getPasswordHash($user->getUsername());
- $passwordSalt = $this->getSalt($passwordHash);
- $hashToCompare = $this->hashPassword($password, $passwordSalt);
- return $hashToCompare === $passwordHash;
+ return (crypt($password, $passwordHash) == $passwordHash);
} catch (Exception $e) {
throw new AuthenticationException(
'Failed to authenticate user "%s" against backend "%s". An exception was thrown:',
@@ -239,18 +237,6 @@ class DbUserBackend extends DbRepository implements UserBackendInterface, Inspec
}
/**
- * Extract salt from the given password hash
- *
- * @param string $hash The hashed password
- *
- * @return string
- */
- protected function getSalt($hash)
- {
- return substr($hash, strlen(self::HASH_ALGORITHM), self::SALT_LENGTH);
- }
-
- /**
* Return a random salt
*
* The returned salt is safe to be used for hashing a user's password
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment