[Mediawiki-l] How to export user password from Mediawiki MySQL database to OpenLDAP

Yifan (Eric) Jiang e.jiang at auckland.ac.nz
Thu Aug 23 21:18:12 UTC 2007


Hi Alexis and Daniel,

Thanks so much for your responds.

So is there means it is almost impossible to export the user password from Mediawiki to OpenLDAP by just copy and paste the hash string?

Thanks

Kind Regards

Eric Jiang

-----Original Message-----
From: mediawiki-l-bounces at lists.wikimedia.org [mailto:mediawiki-l-bounces at lists.wikimedia.org] On Behalf Of DanTMan
Sent: Thursday, 23 August 2007 7:40 p.m.
To: MediaWiki announcements and site admin list
Subject: Re: [Mediawiki-l] How to export user password from Mediawiki MySQL database to OpenLDAP

That 1 is mostly accurate... but your 2 isn't explained enough. The 
method for coming up with the password in  that case is something like
md5( $user_id . '-' . md5( $password ) )
The password is hashed, the user_id is added to the start separated by a 
- then hashed again.
But please, for all sake of sanity... Don't go creating the passwords on 
your own if there isn't some strict reason you need to do this manually. 
Encrypting the passwords in the right way is what wfEncryptPassword( 
$userid, $password ); is for. The only case where you don't use that, is 
if you're coming up with an extension to do something like converting 
the old passwords to new ones (Though, you can't do it the other way 
around), or accessing information and needing to use the old password. 
(ie: An extension that lets a user with an old password format verify 
themselves using that old password, and enter in a new password that 
will be encrypted and saved in the new format. But as you can see, the 
only valid reasons I can find for doing this on your own in MediaWiki 
(ie: excluding someone who is manually changing passwords using MySQL 
only, that's not in MediaWiki) is some method of extension for letting 
people convert passwords if they have upgraded from an old version and 
want to start using the new formats.
So in simple terms... "$hash = wfEncryptPassword( $userid, $password );" 
is all you need to know.

~Daniel Friesen(Dantman) of The Gaiapedia, Wikia Graphical Entertainment Project, and Wiki-Tools.com

Alexis Moinet wrote:
> Yifan (Eric) Jiang a écrit :
>   
>> Hi all,
>>
>> I am currently working in a project which requires to exporting user
>> information from Mediawiki MySQL database to OpenLDAP directory (with
>> Berkeley database). Everything is fine except the password issue. I am
>> not sure what hash algorithm does Mediawiki use to hash user password,
>> (But I guess it may be MD5). However, I can't get the same hash value by
>> using OpenLDAP slappasswd with {MD5}, {SHA}, {SMD5}, {CRYPT} AND {SSHA}
>> algorithms. Therefore I am wondering if any one has similar experience
>> that can share with me. Any hints, tips would be much appreciated!
>>
>> Thanks
>>
>> Eric Jiang
>>     
>
> the password stored in the database is something close to :
>
> 1. md5 (password)
> 2. md5 (1. and user id)
>
> though it might actually act a little bit differently, it was the idea when I last looked at it
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l at lists.wikimedia.org
> http://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>
>   

_______________________________________________
MediaWiki-l mailing list
MediaWiki-l at lists.wikimedia.org
http://lists.wikimedia.org/mailman/listinfo/mediawiki-l



More information about the MediaWiki-l mailing list