Skip Menu |

This queue is for tickets about the Bot-BasicBot-Pluggable CPAN distribution.

Report information
The Basics
Id: 63232
Status: resolved
Priority: 0/
Queue: Bot-BasicBot-Pluggable
People
Owner: Nobody in particular
Requestors: davidp [...] preshweb.co.uk
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Mon Nov 22 08:55:10 2010 davidp [...] preshweb.co.uk - Ticket created
Subject: B::BB::P::Module::Auth stores passwords in plain text
Bot::BasicBot::Pluggable::Module::Auth stores the passwords for users in plain text in the bot's store. Granted, nobody should be using an important password for their account on an IRC bot, but I still think it makes sense to store salted hashes instead. I've written a patch which does exactly that - it continues to recognise old plain-text passwords, but whenever someone changes their password or a new user is added, a salted hash of the password is stored instead. I'd be happy to contribute this patch - should I supply it here, or send a pull request to a Github repo? Whatever is easier for you...
  Fri Dec 03 20:07:49 2010 davidp [...] preshweb.co.uk - Correspondence added
I'm closing this ticket, since I've submitted the patch via a pull request on Github.
  Fri Dec 03 20:07:49 2010 davidp [...] preshweb.co.uk - Status changed from 'new' to 'resolved'