From 73922d2a857614d27ddb9dfa517687b8018e5d39 Mon Sep 17 00:00:00 2001 From: Treeston Date: Sun, 2 Aug 2020 22:52:21 +0200 Subject: Core/Authserver: Re-organize the `accounts` table (PR #25135) - no longer use sha_pass_hash for anything else core-side (.account, SOAP, RA) - salt/verifier/session_key are now binary - old s/v/sha_pass_hash fields kept around for backwards compatibility - sha_pass_hash is still updated (for now), s/v are not - sha_pass_hash is only read if s/v have been manually changed - SRP6 b now uses the full 32 bytes of randomness (instead of randomly only using 19) (cherry picked from commit 3164b58c7d170810b69378950c0891e5f5b8678b) --- sql/base/auth_database.sql | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'sql/base/auth_database.sql') diff --git a/sql/base/auth_database.sql b/sql/base/auth_database.sql index 831129f828a..312ce07c731 100644 --- a/sql/base/auth_database.sql +++ b/sql/base/auth_database.sql @@ -25,10 +25,12 @@ DROP TABLE IF EXISTS `account`; CREATE TABLE `account` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT COMMENT 'Identifier', `username` varchar(32) NOT NULL DEFAULT '', + `salt` BINARY(32), + `verifier` BINARY(32), + `session_key` BINARY(40) DEFAULT NULL, `sha_pass_hash` varchar(40) NOT NULL DEFAULT '', - `sessionkey` varchar(128) NOT NULL DEFAULT '', - `v` varchar(64) NOT NULL DEFAULT '', - `s` varchar(64) NOT NULL DEFAULT '', + `v` varchar(64) NOT NULL DEFAULT 'dummy value, use `verifier` instead', + `s` varchar(64) NOT NULL DEFAULT 'dummy value, use `salt` instead', `token_key` varchar(100) NOT NULL DEFAULT '', `email` varchar(255) NOT NULL DEFAULT '', `reg_mail` varchar(255) NOT NULL DEFAULT '', @@ -2363,7 +2365,8 @@ INSERT INTO `updates` VALUES ('2020_07_03_00_auth.sql','ED7175E51F248ADC5EF60E7CEA9627CC3191ED4C','RELEASED','2020-07-03 20:09:39',0), ('2020_07_23_00_auth.sql','5F47E1CEECA9F837C85C2DAC7ECD47AED321F502','RELEASED','2020-07-23 19:54:42',0), ('2020_07_24_00_auth.sql','06598162E9C84DDF8AA1F83D0410D056C3F7F69E','RELEASED','2020-07-24 00:44:34',0), -('2020_07_25_00_auth.sql','BE376B619ECB6FE827270D5022F311E20AD6E177','RELEASED','2020-07-25 00:00:49',0); +('2020_07_25_00_auth.sql','BE376B619ECB6FE827270D5022F311E20AD6E177','RELEASED','2020-07-25 00:00:49',0), +('2020_08_02_00_auth.sql','B0290F6558C59262D9DDD8071060A8803DD56930','ARCHIVED','2020-08-02 00:00:00',0); /*!40000 ALTER TABLE `updates` ENABLE KEYS */; UNLOCK TABLES; -- cgit v1.2.3