nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

blowfish encryption

Browse Source
This commit is contained in:
Marc Delisle
2003-07-01 21:33:42 +00:00
parent 384e5acf7c
commit 5ebc9a1caf
2 changed files with 16 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@@ -8,6 +8,11 @@ $Source$
2003-07-01 Marc Delisle <lem9@users.sourceforge.net> 2003-07-01 Marc Delisle <lem9@users.sourceforge.net>
* Documentation.html: faq 8.1 about security alert of 2003-06-18 * Documentation.html: faq 8.1 about security alert of 2003-06-18
* tbl_properties_links.php3: fix missing SQL section for exports * tbl_properties_links.php3: fix missing SQL section for exports
* libraries/auth/cookie.auth.lib.php3, libraries/blowfish.php3,
libraries/common.lib.php3, libraries/config_import.lib.php3,
config.inc.php3, user_password.php3, Documentation.html, lang/*:
now used the blowfish algorithm to encrypt the password in the
temporary cookie
2003-06-30 Marc Delisle <lem9@users.sourceforge.net> 2003-06-30 Marc Delisle <lem9@users.sourceforge.net>
* lang/french: update * lang/french: update

13
Documentation.html
View File

@@ -517,6 +517,14 @@ $cfg['PmaAbsoluteUri'] = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://'
<br /><br /> <br /><br />
</dd> </dd>
<dt>
<b>$cfg['Servers'][$i]['blowfish_secret']</b> string<br />
</dt>
<dd>
If your are using &quot;cookie&quot; auth_type, enter here
a secret passphrase which will be used by the blowfish encryption
mecanism to protect the password stored in the temporary cookie.
</dd>
<dt> <dt>
<b>$cfg['Servers'][$i]['user']</b> string<br /> <b>$cfg['Servers'][$i]['user']</b> string<br />
<b>$cfg['Servers'][$i]['password']</b> string <b>$cfg['Servers'][$i]['password']</b> string
@@ -3326,7 +3334,7 @@ To create a new, empty mimetype please see libraries/transformations/template_ge
[8.1] Security alert, dated 2003-06-18. [8.1] Security alert, dated 2003-06-18.
</h4> </h4>
<p> <p>
Last update of this FAQ: 2003-07-01. Last update of this FAQ: 2003-07-02.
<br /><br /> <br /><br />
The phpMyAdmin's development team received notice of this The phpMyAdmin's development team received notice of this
<a href="http://www.securityfocus.com/archive/1/325641" target="_blank">security alert.</a> <a href="http://www.securityfocus.com/archive/1/325641" target="_blank">security alert.</a>
@@ -3369,7 +3377,8 @@ To create a new, empty mimetype please see libraries/transformations/template_ge
<li>&quot;Information encoding weakness&quot; <li>&quot;Information encoding weakness&quot;
<br /><br /> <br /><br />
We believe that an exploit for this weakness would be difficult We believe that an exploit for this weakness would be difficult
to achieve. However we are currently working to remove this weakness. to achieve. However version 2.5.2-dev now encrypts the password
with the well-known blowfish algorithm.
<br /><br /> <br /><br />
</li> </li>
</ul> </ul>