DB uses a tinyblob field. With layered encrypted passwords, the
length gets close to 255 and can exceed if you use a long name
for the password type. Previously these would be silently inserted
into the DB and truncated, which would lock user out of their
account.
Change-Id: Idf0d0248b181f42d92e3ad6c3220b5331cd4d4d0
Deprecated the old User::crypt, et. al password hashing
system and implemented an extensible password hashing
API.
The new Password class allows registering of child classes
and provides factory functions for creating new Password
objects. The built-in hash types are the old MediaWiki MD5
types, which are for backwards-compatibility only, and bcrypt.
Also included is support for wrapping existing hashes as well
as encrypting passwords with a configured encryption key.
Bug: 54948
Bug: 28419
Change-Id: I0a9c972931a0eff0cfb2619cef3ddffd03710285
