added justaman notes, fixed new bug from emty has removals

This commit is contained in:
Phallacy 2019-02-18 01:26:01 -08:00
parent 9f3aa2cead
commit 48e7274d37
4 changed files with 59 additions and 34 deletions

View File

@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
using System.Globalization;
using System.IO;
using System.Security.Cryptography;
using System.Text;
@ -102,12 +103,12 @@ namespace Emby.Server.Implementations.Cryptography
}
else
{
return PBKDF2(HashMethod, bytes, salt,defaultiterations);
return PBKDF2(HashMethod, bytes, salt, defaultiterations);
}
}
else
{
throw new CryptographicException($"Requested hash method is not supported: {HashMethod}"));
throw new CryptographicException($"Requested hash method is not supported: {HashMethod}");
}
}

View File

@ -37,7 +37,17 @@ namespace Emby.Server.Implementations.Library
if (resolvedUser == null)
{
throw new Exception("Invalid username or password");
}
}
//As long as jellyfin supports passwordless users, we need this little block here to accomodate
if (IsPasswordEmpty(resolvedUser, password))
{
return Task.FromResult(new ProviderAuthenticationResult
{
Username = username
});
}
ConvertPasswordFormat(resolvedUser);
byte[] passwordbytes = Encoding.UTF8.GetBytes(password);
@ -106,15 +116,30 @@ namespace Emby.Server.Implementations.Library
return Task.FromResult(hasConfiguredPassword);
}
private bool IsPasswordEmpty(User user, string passwordHash)
{
return string.IsNullOrEmpty(passwordHash);
private bool IsPasswordEmpty(User user, string password)
{
if (string.IsNullOrEmpty(user.Password))
{
return string.IsNullOrEmpty(password);
}
return false;
}
public Task ChangePassword(User user, string newPassword)
{
//string newPasswordHash = null;
ConvertPasswordFormat(user);
ConvertPasswordFormat(user);
//This is needed to support changing a no password user to a password user
if (string.IsNullOrEmpty(user.Password))
{
PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider);
newPasswordHash.SaltBytes = _cryptographyProvider.GenerateSalt();
newPasswordHash.Salt = PasswordHash.ConvertToByteString(newPasswordHash.SaltBytes);
newPasswordHash.Id = _cryptographyProvider.DefaultHashMethod;
newPasswordHash.Hash = GetHashedStringChangeAuth(newPassword, newPasswordHash);
user.Password = newPasswordHash.ToString();
return Task.CompletedTask;
}
PasswordHash passwordHash = new PasswordHash(user.Password);
if (passwordHash.Id == "SHA1" && string.IsNullOrEmpty(passwordHash.Salt))
{
@ -143,11 +168,6 @@ namespace Emby.Server.Implementations.Library
return user.Password;
}
public string GetEmptyHashedString(User user)
{
return null;
}
public string GetHashedStringChangeAuth(string newPassword, PasswordHash passwordHash)
{
passwordHash.HashBytes = Encoding.UTF8.GetBytes(newPassword);

View File

@ -475,13 +475,13 @@ namespace Emby.Server.Implementations.Library
private string GetLocalPasswordHash(User user)
{
return string.IsNullOrEmpty(user.EasyPassword)
? _defaultAuthenticationProvider.GetEmptyHashedString(user)
? null
: user.EasyPassword;
}
private bool IsPasswordEmpty(User user, string passwordHash)
{
return string.Equals(passwordHash, _defaultAuthenticationProvider.GetEmptyHashedString(user), StringComparison.OrdinalIgnoreCase);
return string.IsNullOrEmpty(passwordHash);
}
/// <summary>

View File

@ -18,48 +18,52 @@ namespace MediaBrowser.Model.Cryptography
public byte[] HashBytes;
public PasswordHash(string storageString)
{
string[] SplitStorageString = storageString.Split('$');
Id = SplitStorageString[1];
if (SplitStorageString[2].Contains("="))
string[] splitted = storageString.Split('$');
Id = splitted[1];
if (splitted[2].Contains("="))
{
foreach (string paramset in (SplitStorageString[2].Split(',')))
foreach (string paramset in (splitted[2].Split(',')))
{
if (!String.IsNullOrEmpty(paramset))
{
string[] fields = paramset.Split('=');
if(fields.Length == 2)
if (fields.Length == 2)
{
Parameters.Add(fields[0], fields[1]);
}
else
{
throw new Exception($"Malformed parameter in password hash string {paramset}");
}
}
}
if (SplitStorageString.Length == 5)
if (splitted.Length == 5)
{
Salt = SplitStorageString[3];
Salt = splitted[3];
SaltBytes = ConvertFromByteString(Salt);
Hash = SplitStorageString[4];
Hash = splitted[4];
HashBytes = ConvertFromByteString(Hash);
}
else
{
Salt = string.Empty;
Hash = SplitStorageString[3];
Hash = splitted[3];
HashBytes = ConvertFromByteString(Hash);
}
}
else
{
if (SplitStorageString.Length == 4)
if (splitted.Length == 4)
{
Salt = SplitStorageString[2];
Salt = splitted[2];
SaltBytes = ConvertFromByteString(Salt);
Hash = SplitStorageString[3];
Hash = splitted[3];
HashBytes = ConvertFromByteString(Hash);
}
else
{
Salt = string.Empty;
Hash = SplitStorageString[2];
Hash = splitted[2];
HashBytes = ConvertFromByteString(Hash);
}
@ -83,6 +87,7 @@ namespace MediaBrowser.Model.Cryptography
}
return Bytes.ToArray();
}
public static string ConvertToByteString(byte[] bytes)
{
return BitConverter.ToString(bytes).Replace("-", "");
@ -104,19 +109,18 @@ namespace MediaBrowser.Model.Cryptography
public override string ToString()
{
string OutString = "$";
OutString += Id;
string outString = "$" +Id;
string paramstring = SerializeParameters();
if (!string.IsNullOrEmpty(paramstring))
{
OutString += $"${paramstring}";
outString += $"${paramstring}";
}
if (!string.IsNullOrEmpty(Salt))
{
OutString += $"${Salt}";
outString += $"${Salt}";
}
OutString += $"${Hash}";
return OutString;
outString += $"${Hash}";
return outString;
}
}