Better default authentication #870
Conversation
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
|
SHA256 is not any better for passwords than SHA1 and MD5, please use bcrypt or Pbkdf2. In the end we should end up here for example: (or using the actual Identity classes) But (alternatively) this is in netstandard2.0: Really, simple hashes were never made for password auth. Good resource: https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet |
So fun fact. I am thick as a brick this week and missed it. You can see PBKDF2 is already implemented in the crypto provider, it just uses SHA256 as the hash algo that it runs over and over. If you give a salt, it uses PBKDF2 via Rfc2898DeriveBytes |
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
…der.cs fix to styling Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
…der.cs fix to styling Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Adding minor stylistic suggestions from Bond-009 Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
|
Aside from whether or not netstandard vs netcore is appropriate for the models project, all feedback has been addressed by the lastest set of pushes. I have making new users, changing blank user passwords, authenticating existing users, changing existing user passwords, and authenticating blank password users all working on native windows. I see no reason why it shouldn't on *nix, but again, testing would be wise. |
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
My review is all about whitespace. I think it's important because there are a lot of lines changed here that are changed for no reason and it introduces inconsistency. There are more files that my comments apply to but I'm on mobile and wasn't sure I would catch it all anyway. Otherwise, thank you for this, it's a really needed change
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Looks good, except for all the style issues.
- Empty lines around properties
- Empty line after closing brace
- private fields are prefixed with
_and are camelBack - Space after the start of a comment
// - variables are camelBack
- use
stringnotString - space between
ifand opening bracket
|
If there are still style issues there I don't see them, then again I don't see them much in the first place... |
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Mostly style issues.
https://github.com/jellyfin/jellyfin/pull/870/files#diff-77a2b0931f9792dc15da0970d5453232R103
This still bothers me ;)
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
…der.cs Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
| { | ||
| // If the user password is the sha1 hash of the empty string, remove it | ||
| if (!string.Equals(user.Password, "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", StringComparison.Ordinal) | ||
| || !string.Equals(user.Password, "$SHA1$DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", StringComparison.Ordinal)) |
This PR changes the default auth method in a few ways to address some security problems that jellyfin has. I need more people on more OS' to test this before it should be merged, but it works on Windows.
Changes
Changed Emby.Server.Implementations to target netcore 2.1 instead of netstandard, this was necessary for the better crypto library
Replaced the dumb not really functional username validation code with a piece of regex that should accomplish the original goal
Added a converter to make it so existing dbs load in cleanly with the changes to the password string.
PLEASE NOTE THAT WHEN YOU RUN A BUILD WITH THIS PR YOU CANNOT GO BACK WITHOUT A BACKUP OF YOUR USERS.DB
Enables SHA256 with Salt authentication. In theory this also enables any other hashing algo you might want to use from the crypto provider in case SHA1 and MD5 aren't cutting it (we might want to start moving away from these as they both have been proven to have collisions)
Issues
Fixes #302 Fixes #545 Addresses #187 because at least they get a salt now.