Backupppert/jellyfin
0
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2024-07-03 12:23:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

added justaman notes, fixed new bug from emty has removals

Browse source
This commit is contained in:
Phallacy 2019-02-18 01:26:01 -08:00
parent 9f3aa2cead
commit 48e7274d37
4 changed files with 59 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
View file

@ -1,5 +1,6 @@
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Globalization;
using System.IO; using System.IO;
using System.Security.Cryptography; using System.Security.Cryptography;
using System.Text; using System.Text;
@ -102,12 +103,12 @@ namespace Emby.Server.Implementations.Cryptography
} }
else else
{ {
return PBKDF2(HashMethod, bytes, salt,defaultiterations); return PBKDF2(HashMethod, bytes, salt, defaultiterations);
} }
} }
else else
{ {
throw new CryptographicException($"Requested hash method is not supported: {HashMethod}")); throw new CryptographicException($"Requested hash method is not supported: {HashMethod}");
} }
} }

42
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
View file

@ -37,7 +37,17 @@ namespace Emby.Server.Implementations.Library
if (resolvedUser == null) if (resolvedUser == null)
{ {
throw new Exception("Invalid username or password"); throw new Exception("Invalid username or password");
} }
//As long as jellyfin supports passwordless users, we need this little block here to accomodate
if (IsPasswordEmpty(resolvedUser, password))
{
return Task.FromResult(new ProviderAuthenticationResult
{
Username = username
});
}
ConvertPasswordFormat(resolvedUser); ConvertPasswordFormat(resolvedUser);
byte[] passwordbytes = Encoding.UTF8.GetBytes(password); byte[] passwordbytes = Encoding.UTF8.GetBytes(password);
@ -106,15 +116,30 @@ namespace Emby.Server.Implementations.Library
return Task.FromResult(hasConfiguredPassword); return Task.FromResult(hasConfiguredPassword);
} }
private bool IsPasswordEmpty(User user, string passwordHash) private bool IsPasswordEmpty(User user, string password)
{ {
return string.IsNullOrEmpty(passwordHash); if (string.IsNullOrEmpty(user.Password))
{
return string.IsNullOrEmpty(password);
}
return false;
} }
public Task ChangePassword(User user, string newPassword) public Task ChangePassword(User user, string newPassword)
{ {
//string newPasswordHash = null; ConvertPasswordFormat(user);
ConvertPasswordFormat(user); //This is needed to support changing a no password user to a password user
if (string.IsNullOrEmpty(user.Password))
{
PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider);
newPasswordHash.SaltBytes = _cryptographyProvider.GenerateSalt();
newPasswordHash.Salt = PasswordHash.ConvertToByteString(newPasswordHash.SaltBytes);
newPasswordHash.Id = _cryptographyProvider.DefaultHashMethod;
newPasswordHash.Hash = GetHashedStringChangeAuth(newPassword, newPasswordHash);
user.Password = newPasswordHash.ToString();
return Task.CompletedTask;
}
PasswordHash passwordHash = new PasswordHash(user.Password); PasswordHash passwordHash = new PasswordHash(user.Password);
if (passwordHash.Id == "SHA1" && string.IsNullOrEmpty(passwordHash.Salt)) if (passwordHash.Id == "SHA1" && string.IsNullOrEmpty(passwordHash.Salt))
{ {
@ -143,11 +168,6 @@ namespace Emby.Server.Implementations.Library
return user.Password; return user.Password;
} }
public string GetEmptyHashedString(User user)
{
return null;
}
public string GetHashedStringChangeAuth(string newPassword, PasswordHash passwordHash) public string GetHashedStringChangeAuth(string newPassword, PasswordHash passwordHash)
{ {
passwordHash.HashBytes = Encoding.UTF8.GetBytes(newPassword); passwordHash.HashBytes = Encoding.UTF8.GetBytes(newPassword);

4
Emby.Server.Implementations/Library/UserManager.cs
View file

@ -475,13 +475,13 @@ namespace Emby.Server.Implementations.Library
private string GetLocalPasswordHash(User user) private string GetLocalPasswordHash(User user)
{ {
return string.IsNullOrEmpty(user.EasyPassword) return string.IsNullOrEmpty(user.EasyPassword)
? _defaultAuthenticationProvider.GetEmptyHashedString(user) ? null
: user.EasyPassword; : user.EasyPassword;
} }
private bool IsPasswordEmpty(User user, string passwordHash) private bool IsPasswordEmpty(User user, string passwordHash)
{ {
return string.Equals(passwordHash, _defaultAuthenticationProvider.GetEmptyHashedString(user), StringComparison.OrdinalIgnoreCase); return string.IsNullOrEmpty(passwordHash);
} }
/// <summary> /// <summary>

42
MediaBrowser.Model/Cryptography/PasswordHash.cs
View file

@ -18,48 +18,52 @@ namespace MediaBrowser.Model.Cryptography
public byte[] HashBytes; public byte[] HashBytes;
public PasswordHash(string storageString) public PasswordHash(string storageString)
{ {
string[] SplitStorageString = storageString.Split('$'); string[] splitted = storageString.Split('$');
Id = SplitStorageString[1]; Id = splitted[1];
if (SplitStorageString[2].Contains("=")) if (splitted[2].Contains("="))
{ {
foreach (string paramset in (SplitStorageString[2].Split(','))) foreach (string paramset in (splitted[2].Split(',')))
{ {
if (!String.IsNullOrEmpty(paramset)) if (!String.IsNullOrEmpty(paramset))
{ {
string[] fields = paramset.Split('='); string[] fields = paramset.Split('=');
if(fields.Length == 2) if (fields.Length == 2)
{ {
Parameters.Add(fields[0], fields[1]); Parameters.Add(fields[0], fields[1]);
}
else
{
throw new Exception($"Malformed parameter in password hash string {paramset}");
} }
} }
} }
if (SplitStorageString.Length == 5) if (splitted.Length == 5)
{ {
Salt = SplitStorageString[3]; Salt = splitted[3];
SaltBytes = ConvertFromByteString(Salt); SaltBytes = ConvertFromByteString(Salt);
Hash = SplitStorageString[4]; Hash = splitted[4];
HashBytes = ConvertFromByteString(Hash); HashBytes = ConvertFromByteString(Hash);
} }
else else
{ {
Salt = string.Empty; Salt = string.Empty;
Hash = SplitStorageString[3]; Hash = splitted[3];
HashBytes = ConvertFromByteString(Hash); HashBytes = ConvertFromByteString(Hash);
} }
} }
else else
{ {
if (SplitStorageString.Length == 4) if (splitted.Length == 4)
{ {
Salt = SplitStorageString[2]; Salt = splitted[2];
SaltBytes = ConvertFromByteString(Salt); SaltBytes = ConvertFromByteString(Salt);
Hash = SplitStorageString[3]; Hash = splitted[3];
HashBytes = ConvertFromByteString(Hash); HashBytes = ConvertFromByteString(Hash);
} }
else else
{ {
Salt = string.Empty; Salt = string.Empty;
Hash = SplitStorageString[2]; Hash = splitted[2];
HashBytes = ConvertFromByteString(Hash); HashBytes = ConvertFromByteString(Hash);
} }
@ -83,6 +87,7 @@ namespace MediaBrowser.Model.Cryptography
} }
return Bytes.ToArray(); return Bytes.ToArray();
} }
public static string ConvertToByteString(byte[] bytes) public static string ConvertToByteString(byte[] bytes)
{ {
return BitConverter.ToString(bytes).Replace("-", ""); return BitConverter.ToString(bytes).Replace("-", "");
@ -104,19 +109,18 @@ namespace MediaBrowser.Model.Cryptography
public override string ToString() public override string ToString()
{ {
string OutString = "$"; string outString = "$" +Id;
OutString += Id;
string paramstring = SerializeParameters(); string paramstring = SerializeParameters();
if (!string.IsNullOrEmpty(paramstring)) if (!string.IsNullOrEmpty(paramstring))
{ {
OutString += $"${paramstring}"; outString += $"${paramstring}";
} }
if (!string.IsNullOrEmpty(Salt)) if (!string.IsNullOrEmpty(Salt))
{ {
OutString += $"${Salt}"; outString += $"${Salt}";
} }
OutString += $"${Hash}"; outString += $"${Hash}";
return OutString; return outString;
} }
} }