[Phpmyadmin-git] [phpmyadmin/phpmyadmin] cd4d54: Remove another reference to Blowfish
Michal Čihař
michal at cihar.com
Thu Jun 12 14:43:43 CEST 2014
Branch: refs/heads/master
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: cd4d54395b13e612d351363b72550a36306ed4fa
https://github.com/phpmyadmin/phpmyadmin/commit/cd4d54395b13e612d351363b72550a36306ed4fa
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
-----------
Remove another reference to Blowfish
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 5f3b69908af021c20e8f5c8520a7b90f58ea67dd
https://github.com/phpmyadmin/phpmyadmin/commit/5f3b69908af021c20e8f5c8520a7b90f58ea67dd
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M doc/config.rst
Log Message:
-----------
Document that we are using AES for encryption
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 5e51f178dd57e64e2cdad25b0e7f2f240c5227be
https://github.com/phpmyadmin/phpmyadmin/commit/5e51f178dd57e64e2cdad25b0e7f2f240c5227be
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
-----------
Remove some blowfish mentions
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: da047efbd14a95ba20973efd829c73df5f9d2650
https://github.com/phpmyadmin/phpmyadmin/commit/da047efbd14a95ba20973efd829c73df5f9d2650
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
-----------
Use random per session key for encrypting password
This makes it impossible to decrypt cookies later if the key would be
compromised.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: e433d8189bb9cf00a17602cf183334bbf8684fc9
https://github.com/phpmyadmin/phpmyadmin/commit/e433d8189bb9cf00a17602cf183334bbf8684fc9
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
-----------
Use phpseclib for generating session encryption key
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 51d4d514f988f5d1461e03e6da6fd249b8354742
https://github.com/phpmyadmin/phpmyadmin/commit/51d4d514f988f5d1461e03e6da6fd249b8354742
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M index.php
M test/classes/plugin/auth/PMA_AuthenticationCookie_test.php
Log Message:
-----------
Adjust tests to new encryption
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 234cfbf73f23027617c1c9764c61da9f118532d4
https://github.com/phpmyadmin/phpmyadmin/commit/234cfbf73f23027617c1c9764c61da9f118532d4
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M doc/setup.rst
M libraries/config.default.php
Log Message:
-----------
Document AES usage
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 92a10d09683ffc9e3874ad5c1ed8298f73ec620e
https://github.com/phpmyadmin/phpmyadmin/commit/92a10d09683ffc9e3874ad5c1ed8298f73ec620e
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
Log Message:
-----------
Factor out cookie storing to separate methods
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 209390c3f213558847bc88b93245f55a5d334016
https://github.com/phpmyadmin/phpmyadmin/commit/209390c3f213558847bc88b93245f55a5d334016
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M user_password.php
Log Message:
-----------
Properly store password in cookie when changing it
Use auth plugin method to do that, otherwise it could not work properly
with autogenerated blowfish_secret.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: bd4cccc03913111f1d0502ae1366ad00da4be275
https://github.com/phpmyadmin/phpmyadmin/commit/bd4cccc03913111f1d0502ae1366ad00da4be275
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M libraries/plugins/AuthenticationPlugin.class.php
M libraries/plugins/auth/AuthenticationCookie.class.php
M libraries/plugins/auth/AuthenticationHttp.class.php
M user_password.php
Log Message:
-----------
Move password change handling to authenticaton plugins
We should not care about plugin type while changing password, we should
just notify it and the plugin should be responsible for anything needed.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: a7bc3a73a3375e58df0f263bd44c4f4ad6db767b
https://github.com/phpmyadmin/phpmyadmin/commit/a7bc3a73a3375e58df0f263bd44c4f4ad6db767b
Author: Michal Čihař <michal at cihar.com>
Date: 2014-06-12 (Thu, 12 Jun 2014)
Changed paths:
M user_password.php
Log Message:
-----------
Do not pas arround empty $_url_params variable
Signed-off-by: Michal Čihař <michal at cihar.com>
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/ceb77ce6d4fc...a7bc3a73a337
More information about the Git
mailing list