[interchange] * If we are going to allow bcrypt routines to silently fail and
Mike Heins
interchange-cvs at icdevgroup.org
Thu Feb 2 16:42:35 UTC 2017
commit f7e2d722a6ac980bc60f9ab67323ec374581a208
Author: Mike Heins <mikeh at endpoint.com>
Date: Thu Feb 2 11:41:41 2017 -0500
* If we are going to allow bcrypt routines to silently fail and
return zero-length password in Vend::UserDB, we should put a Require
in any catalog that forces bcrypt.
dist/strap/catalog.cfg | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
---
diff --git a/dist/strap/catalog.cfg b/dist/strap/catalog.cfg
index 1e10caa..57210fd 100644
--- a/dist/strap/catalog.cfg
+++ b/dist/strap/catalog.cfg
@@ -31,6 +31,8 @@ VariableDatabase site
# Warn if any important modules or usertags are missing.
Require module Digest::MD5 "Need %s %s for better cache keys."
+Require module Digest::Bcrypt "Required if you are going to use bcrypt passwords for UserDB."
+Require module Crypt::Random "Required if you are going to use bcrypt passwords for UserDB."
Require module Safe::Hole "Need %s %s for embedded perl object access."
# Encoding
More information about the interchange-cvs
mailing list