Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
  #1  
Old 08-27-2002, 02:10 PM
ducasi ducasi is offline
 
Join Date: Aug 2002
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Importing Unix users and passwords?

Hi,

I'm about to start hacking vBulletin (and the mysql databases) to allow me to ...

1) import a large group of users from our unix password file
2) allow vbulletin to use the unix passwords from same.
3) syncronise passwords from unix password file.

An alternative would be to ...

1) import a large group of users from our unix password file
2) allow vbulletin to authenticate using the password file, or equivalent, rather than the sql database.

I'm interested in hearing any previous experiences or pointers to existing hacks that I may have missed in my searches...

Thanks!
Reply With Quote
  #2  
Old 08-27-2002, 06:43 PM
Logician's Avatar
Logician Logician is offline
 
Join Date: Nov 2001
Location: inside vb code
Posts: 4,449
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm quite experienced in vb-integration projects. Here is my advice:

Shape your new user db design so that it will use vb's default design from now on. It's always much more easier to adapt third party user database to use vbulletin user database instead of doing otherwise.. So convert your users/passwords to vb and from now on use vb database in your entire site. I wouldnt recommend hacking vb to force it use another login scheme of another software, it will be time consuming and awkard. In most cases it's easier to forget about your third party software and use/code an alternative of that if necessary..

My 2 cents..
Reply With Quote
  #3  
Old 08-28-2002, 08:29 AM
ducasi ducasi is offline
 
Join Date: Aug 2002
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by Logician
Shape your new user db design so that it will use vb's default design from now on. It's always much more easier to adapt third party user database to use vbulletin user database instead of doing otherwise.. So convert your users/passwords to vb and from now on use vb database in your entire site.
Thanks for the reply....

Unfortunately this isn't a new user db design, this is a failry large department in a university dealing with hundreds of users and hundreds of computers, adding vb to allow a number of students to communicate with each other and with staff.

These users are managed through a single unix password file and that isn't going to change.

I reckon my best bet is to change the vb password encryption to be "crypt" and just feed the passwords into the mysql database behind vb's back.

Anyone else got ideas or suggestions?

Cheers!
Reply With Quote
  #4  
Old 08-28-2002, 08:42 AM
Logician's Avatar
Logician Logician is offline
 
Join Date: Nov 2001
Location: inside vb code
Posts: 4,449
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If unix passwords is in MD5, insert them as they are. If they are in plain text while inserting into vb database MD5 them so you wont need to hack vbulletin in anyway..

After converting the existing users, you also need to write a script that will update the vb user table whenever a new unix user added/deleted from the system or whenever an existing user's unix password is changed (by Admin or by himself).

And this approach is what I was already suggesting: Dont touch vb and adapt your other tools to work with vb's existing system. It seems that what you planned is exactly this.. IMO sound design..
Reply With Quote
  #5  
Old 08-28-2002, 09:42 AM
ducasi ducasi is offline
 
Join Date: Aug 2002
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by Logician
If unix passwords is in MD5, insert them as they are. If they are in plain text while inserting into vb database MD5 them so you wont need to hack vbulletin in anyway..
Unfortunately, they are in unix "crypt" (DES) format for compatibility across unix platforms that can't use MD5 passwords. And, of course, to make it harder we don't have the plain-text passwords...
Quote:
After converting the existing users, you also need to write a script that will update the vb user table whenever a new unix user added/deleted from the system or whenever an existing user's unix password is changed (by Admin or by himself).
I plan to run a nightly script to do this as the password file is auto-updated on a nightly basis anyway...
Quote:
And this approach is what I was already suggesting: Dont touch vb and adapt your other tools to work with vb's existing system. It seems that what you planned is exactly this.. IMO sound design..
I'm trying my best, but I still think I'll need to make vb use crypt-style passwords rather than md5...
Reply With Quote
  #6  
Old 08-28-2002, 11:22 AM
Scott MacVicar Scott MacVicar is offline
 
Join Date: Oct 2001
Location: Glasgow, Scotland
Posts: 1,199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Not actually that hard to do but will require some changes in a couple of the primary files.

/member.php

PHP Code:
if ($user['password']!=md5($password)) {  // check password 
changes to

PHP Code:
if ($user['password']!=crypt($passwordsubstr($password02))) {  // check password 
then in /admin/sessions.php

PHP Code:
    if (md5($loginpassword)!=$bbuserinfo[password]) { 
becomes
PHP Code:
if (crypt($loginpasswordsubstr($loginpassword02))!=$bbuserinfo[password]) { 
PHP Code:
$bbpassword=md5($loginpassword); 
becomes

PHP Code:
$bbpassword=crypt($loginpasswordsubstr($loginpassword02)); 
Thats the basics to make it work, you will need to change the lost password function as well.

If you need more help contact me at scott.macvicar@vbulletin.org and I'll give you a hand.
Reply With Quote
  #7  
Old 08-28-2002, 11:42 AM
ducasi ducasi is offline
 
Join Date: Aug 2002
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thank PPN, I have just completed hacks to change all the "md5"s to "crypt"s, while still allowing old md5 passwords to work... (total of 16 lines changed)

I found to my amusement that my php's crypt defaults to md5 passwords anyway! But that's ok, as vb should never be creating the encrypted form of the password. This is cool, as it would allow for a future change to md5 if required, but you need to make sure and pass whole encrypted password as "salt", not just the first two characters!

I now have two major things and one minor thing to do...

1. Figure out how to import users from my password file into the user table. Anybody got any sample code? (maybe I could use unix uids for vb user ids?)

2. Figure out how to update changed passwords (really easy one I figure out part 1.)

3. Minor hacking to block off or redirect password changing, etc... (have yet to figure out best way of doing this.)

Cheers!
Reply With Quote
  #8  
Old 08-28-2002, 12:47 PM
Scott MacVicar Scott MacVicar is offline
 
Join Date: Oct 2001
Location: Glasgow, Scotland
Posts: 1,199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I am sure that DES encryption uses the first two characters of the password as the salt.
Reply With Quote
  #9  
Old 08-28-2002, 01:44 PM
ducasi ducasi is offline
 
Join Date: Aug 2002
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally posted by PPN
I am sure that DES encryption uses the first two characters of the password as the salt.
Yep, but the crypt function is smart and will take the whole string and only use what is needed.

On systems that allow alternative crypts like md5 or blowfish, the crypt function must be given the whole password as salt. This allows it to figure out what encryption system is in use and to extract the larger salt from the password.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 07:44 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04807 seconds
  • Memory Usage 2,256KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (6)bbcode_php
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (9)post_thanks_box
  • (9)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (9)post_thanks_postbit_info
  • (9)postbit
  • (9)postbit_onlinestatus
  • (9)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete