On Sep 11, 2008, at 10:58 AM, Platonides wrote:
Richard K Miller wrote:
Thanks for this update.
Would it make sense to introduce a new configuration directive to
indicate the the password is unsalted AND unprefixed? For example,
$wgPasswordPrefix = false ?
Work-arounds for connecting mod_auth_mysql to MediaWiki 1.13 include
these:
1. Modify crypt() in User.php (not ideal)
2. Modify and recompile mod_auth_mysql (not ideal)
3. Create a MySQL VIEW that returns user_name and the latter portion
of user_password (my current solution)
4. Introduce a new configuration directive, such as $wgPasswordPrefix
The change to the passwords was precisely to avoid trouble with
password
formats. IMHO the best fit would be #2 adding some new directives and
applied to official mod_auth_mysql
"Trouble with password formats" is relative. For my wiki, it was more
trouble to have to deal with the new user_password prefix. :)
I wouldn't expect mod_auth_mysql to support an option for working
specifically with MediaWiki, and even a more general "ignore x
characters prefix" option wouldn't be widely used.
For backward compatibility, a $wgPasswordBackwardCompatibility could
be set to true. The patch would look like this:
http://pastebin.com/f18b27dc0
(Additional code would be needed for wikis that have already migrated
passwords to the new format.)