-
-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Better default authentication #870
Conversation
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
SHA256 is not any better for passwords than SHA1 and MD5, please use bcrypt or Pbkdf2. In the end we should end up here for example: (or using the actual Identity classes) But (alternatively) this is in netstandard2.0: Really, simple hashes were never made for password auth. Good resource: https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use braces
So fun fact. I am thick as a brick this week and missed it. You can see PBKDF2 is already implemented in the crypto provider, it just uses SHA256 as the hash algo that it runs over and over. If you give a salt, it uses PBKDF2 via Rfc2898DeriveBytes |
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
…der.cs fix to styling Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
…der.cs fix to styling Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Style issues.
Newline after a closing brace.
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nitpicking mostly, overall code is good. Should stamp approval when my comments are addressed (fixed or explained me wrong).
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Adding minor stylistic suggestions from Bond-009 Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
Aside from whether or not netstandard vs netcore is appropriate for the models project, all feedback has been addressed by the lastest set of pushes. I have making new users, changing blank user passwords, authenticating existing users, changing existing user passwords, and authenticating blank password users all working on native windows. I see no reason why it shouldn't on *nix, but again, testing would be wise. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No major blockings, so after all my comments are addressed I could approve it.
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My review is all about whitespace. I think it's important because there are a lot of lines changed here that are changed for no reason and it introduces inconsistency. There are more files that my comments apply to but I'm on mobile and wasn't sure I would catch it all anyway. Otherwise, thank you for this, it's a really needed change
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, much better now
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
@Bond-009 can you pls provide new feedback?
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, except for all the style issues.
- Empty lines around properties
- Empty line after closing brace
- private fields are prefixed with
_
and are camelBack - Space after the start of a comment
//
- variables are camelBack
- use
string
notString
- space between
if
and opening bracket
If there are still style issues there I don't see them, then again I don't see them much in the first place... |
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mostly style issues.
https://github.com/jellyfin/jellyfin/pull/870/files#diff-77a2b0931f9792dc15da0970d5453232R103
This still bothers me ;)
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
Outdated
Show resolved
Hide resolved
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
…der.cs Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
{ | ||
// If the user password is the sha1 hash of the empty string, remove it | ||
if (!string.Equals(user.Password, "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", StringComparison.Ordinal) | ||
|| !string.Equals(user.Password, "$SHA1$DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", StringComparison.Ordinal)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should've been &&
This PR changes the default auth method in a few ways to address some security problems that jellyfin has. I need more people on more OS' to test this before it should be merged, but it works on Windows.
Changes
Changed Emby.Server.Implementations to target netcore 2.1 instead of netstandard, this was necessary for the better crypto library
Replaced the dumb not really functional username validation code with a piece of regex that should accomplish the original goal
Added a converter to make it so existing dbs load in cleanly with the changes to the password string.
PLEASE NOTE THAT WHEN YOU RUN A BUILD WITH THIS PR YOU CANNOT GO BACK WITHOUT A BACKUP OF YOUR USERS.DB
Enables SHA256 with Salt authentication. In theory this also enables any other hashing algo you might want to use from the crypto provider in case SHA1 and MD5 aren't cutting it (we might want to start moving away from these as they both have been proven to have collisions)
Issues
Fixes #302 Fixes #545 Addresses #187 because at least they get a salt now.