Hi Alexis and Daniel,
Thanks so much for your responds.
So is there means it is almost impossible to export the user password from Mediawiki to
OpenLDAP by just copy and paste the hash string?
Thanks
Kind Regards
Eric Jiang
-----Original Message-----
From: mediawiki-l-bounces(a)lists.wikimedia.org
[mailto:mediawiki-l-bounces@lists.wikimedia.org] On Behalf Of DanTMan
Sent: Thursday, 23 August 2007 7:40 p.m.
To: MediaWiki announcements and site admin list
Subject: Re: [Mediawiki-l] How to export user password from Mediawiki MySQL database to
OpenLDAP
That 1 is mostly accurate... but your 2 isn't explained enough. The
method for coming up with the password in that case is something like
md5( $user_id . '-' . md5( $password ) )
The password is hashed, the user_id is added to the start separated by a
- then hashed again.
But please, for all sake of sanity... Don't go creating the passwords on
your own if there isn't some strict reason you need to do this manually.
Encrypting the passwords in the right way is what wfEncryptPassword(
$userid, $password ); is for. The only case where you don't use that, is
if you're coming up with an extension to do something like converting
the old passwords to new ones (Though, you can't do it the other way
around), or accessing information and needing to use the old password.
(ie: An extension that lets a user with an old password format verify
themselves using that old password, and enter in a new password that
will be encrypted and saved in the new format. But as you can see, the
only valid reasons I can find for doing this on your own in MediaWiki
(ie: excluding someone who is manually changing passwords using MySQL
only, that's not in MediaWiki) is some method of extension for letting
people convert passwords if they have upgraded from an old version and
want to start using the new formats.
So in simple terms... "$hash = wfEncryptPassword( $userid, $password );"
is all you need to know.
~Daniel Friesen(Dantman) of The Gaiapedia, Wikia Graphical Entertainment Project, and
Wiki-Tools.com
Alexis Moinet wrote:
Yifan (Eric) Jiang a écrit :
Hi all,
I am currently working in a project which requires to exporting user
information from Mediawiki MySQL database to OpenLDAP directory (with
Berkeley database). Everything is fine except the password issue. I am
not sure what hash algorithm does Mediawiki use to hash user password,
(But I guess it may be MD5). However, I can't get the same hash value by
using OpenLDAP slappasswd with {MD5}, {SHA}, {SMD5}, {CRYPT} AND {SSHA}
algorithms. Therefore I am wondering if any one has similar experience
that can share with me. Any hints, tips would be much appreciated!
Thanks
Eric Jiang
the password stored in the database is something close to :
1. md5 (password)
2. md5 (1. and user id)
though it might actually act a little bit differently, it was the idea when I last looked
at it
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l