[interchange] * If we are going to allow bcrypt routines to silently fail and

Mike Heins interchange-cvs at icdevgroup.org
Thu Feb 2 16:42:35 UTC 2017


commit f7e2d722a6ac980bc60f9ab67323ec374581a208
Author: Mike Heins <mikeh at endpoint.com>
Date:   Thu Feb 2 11:41:41 2017 -0500

    * If we are going to allow bcrypt routines to silently fail and
      return zero-length password in Vend::UserDB, we should put a Require
      in any catalog that forces bcrypt.

 dist/strap/catalog.cfg |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)
---
diff --git a/dist/strap/catalog.cfg b/dist/strap/catalog.cfg
index 1e10caa..57210fd 100644
--- a/dist/strap/catalog.cfg
+++ b/dist/strap/catalog.cfg
@@ -31,6 +31,8 @@ VariableDatabase site
 # Warn if any important modules or usertags are missing.
 
 Require module Digest::MD5    "Need %s %s for better cache keys."
+Require module Digest::Bcrypt "Required if you are going to use bcrypt passwords for UserDB."
+Require module Crypt::Random  "Required if you are going to use bcrypt passwords for UserDB."
 Require module Safe::Hole     "Need %s %s for embedded perl object access."
 
 # Encoding



More information about the interchange-cvs mailing list