[Phpmyadmin-git] [phpmyadmin/phpmyadmin] cd4d54: Remove another reference to Blowfish

Thu, 12 Jun 2014 05:44:17 -0700 

  Branch: refs/heads/master
  Home:   https://github.com/phpmyadmin/phpmyadmin
  Commit: cd4d54395b13e612d351363b72550a36306ed4fa
      
https://github.com/phpmyadmin/phpmyadmin/commit/cd4d54395b13e612d351363b72550a36306ed4fa
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M libraries/plugins/auth/AuthenticationCookie.class.php

  Log Message:
  -----------
  Remove another reference to Blowfish

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 5f3b69908af021c20e8f5c8520a7b90f58ea67dd
      
https://github.com/phpmyadmin/phpmyadmin/commit/5f3b69908af021c20e8f5c8520a7b90f58ea67dd
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M doc/config.rst

  Log Message:
  -----------
  Document that we are using AES for encryption

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 5e51f178dd57e64e2cdad25b0e7f2f240c5227be
      
https://github.com/phpmyadmin/phpmyadmin/commit/5e51f178dd57e64e2cdad25b0e7f2f240c5227be
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M libraries/plugins/auth/AuthenticationCookie.class.php

  Log Message:
  -----------
  Remove some blowfish mentions

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: da047efbd14a95ba20973efd829c73df5f9d2650
      
https://github.com/phpmyadmin/phpmyadmin/commit/da047efbd14a95ba20973efd829c73df5f9d2650
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M libraries/plugins/auth/AuthenticationCookie.class.php

  Log Message:
  -----------
  Use random per session key for encrypting password

This makes it impossible to decrypt cookies later if the key would be
compromised.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: e433d8189bb9cf00a17602cf183334bbf8684fc9
      
https://github.com/phpmyadmin/phpmyadmin/commit/e433d8189bb9cf00a17602cf183334bbf8684fc9
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M libraries/plugins/auth/AuthenticationCookie.class.php

  Log Message:
  -----------
  Use phpseclib for generating session encryption key

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 51d4d514f988f5d1461e03e6da6fd249b8354742
      
https://github.com/phpmyadmin/phpmyadmin/commit/51d4d514f988f5d1461e03e6da6fd249b8354742
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M index.php
    M test/classes/plugin/auth/PMA_AuthenticationCookie_test.php

  Log Message:
  -----------
  Adjust tests to new encryption

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 234cfbf73f23027617c1c9764c61da9f118532d4
      
https://github.com/phpmyadmin/phpmyadmin/commit/234cfbf73f23027617c1c9764c61da9f118532d4
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M doc/setup.rst
    M libraries/config.default.php

  Log Message:
  -----------
  Document AES usage

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 92a10d09683ffc9e3874ad5c1ed8298f73ec620e
      
https://github.com/phpmyadmin/phpmyadmin/commit/92a10d09683ffc9e3874ad5c1ed8298f73ec620e
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M libraries/plugins/auth/AuthenticationCookie.class.php

  Log Message:
  -----------
  Factor out cookie storing to separate methods

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 209390c3f213558847bc88b93245f55a5d334016
      
https://github.com/phpmyadmin/phpmyadmin/commit/209390c3f213558847bc88b93245f55a5d334016
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M user_password.php

  Log Message:
  -----------
  Properly store password in cookie when changing it

Use auth plugin method to do that, otherwise it could not work properly
with autogenerated blowfish_secret.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: bd4cccc03913111f1d0502ae1366ad00da4be275
      
https://github.com/phpmyadmin/phpmyadmin/commit/bd4cccc03913111f1d0502ae1366ad00da4be275
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M libraries/plugins/AuthenticationPlugin.class.php
    M libraries/plugins/auth/AuthenticationCookie.class.php
    M libraries/plugins/auth/AuthenticationHttp.class.php
    M user_password.php

  Log Message:
  -----------
  Move password change handling to authenticaton plugins

We should not care about plugin type while changing password, we should
just notify it and the plugin should be responsible for anything needed.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: a7bc3a73a3375e58df0f263bd44c4f4ad6db767b
      
https://github.com/phpmyadmin/phpmyadmin/commit/a7bc3a73a3375e58df0f263bd44c4f4ad6db767b
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2014-06-12 (Thu, 12 Jun 2014)

  Changed paths:
    M user_password.php

  Log Message:
  -----------
  Do not pas arround empty $_url_params variable

Signed-off-by: Michal Čihař <mic...@cihar.com>


Compare: 
https://github.com/phpmyadmin/phpmyadmin/compare/ceb77ce6d4fc...a7bc3a73a337
------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Phpmyadmin-git mailing list
Phpmyadmin-git@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-git

Reply via email to