This is a well isolated area of code, without functions that are
likely to receive PHP's trademark "garbage in, garbage out" data
as parameters. Capitalize on this and require strict types there.
Change-Id: I9f1c172e737018d058ddc1700d8234832b58efa6
DB uses a tinyblob field. With layered encrypted passwords, the
length gets close to 255 and can exceed if you use a long name
for the password type. Previously these would be silently inserted
into the DB and truncated, which would lock user out of their
account.
Change-Id: Idf0d0248b181f42d92e3ad6c3220b5331cd4d4d0
I noticed MWOldPassword is broken while working on
I7024b287a7. When generating new passwords for it,
a superfluous : is being added to the serialized hash
within the database (and that breaks parsing so that
people can't ever log in).
As this is not really relevant in the real world (as
nobody is hopefully using plain MD5 passwords anymore),
this doesn't need any backward compatibility handling
for the broken hashes.
Change-Id: I753c135a6de39008488bd7462c2bfcda2cbac116
Deprecated the old User::crypt, et. al password hashing
system and implemented an extensible password hashing
API.
The new Password class allows registering of child classes
and provides factory functions for creating new Password
objects. The built-in hash types are the old MediaWiki MD5
types, which are for backwards-compatibility only, and bcrypt.
Also included is support for wrapping existing hashes as well
as encrypting passwords with a configured encryption key.
Bug: 54948
Bug: 28419
Change-Id: I0a9c972931a0eff0cfb2619cef3ddffd03710285
