Mailing List Archive

commit f7e2d722a6ac980bc60f9ab67323ec374581a208
Author: Mike Heins <mikeh@endpoint.com>
Date: Thu Feb 2 11:41:41 2017 -0500

* If we are going to allow bcrypt routines to silently fail and
return zero-length password in Vend::UserDB, we should put a Require
in any catalog that forces bcrypt.

dist/strap/catalog.cfg | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
---
diff --git a/dist/strap/catalog.cfg b/dist/strap/catalog.cfg
index 1e10caa..57210fd 100644
--- a/dist/strap/catalog.cfg
+++ b/dist/strap/catalog.cfg
@@ -31,6 +31,8 @@ VariableDatabase site
# Warn if any important modules or usertags are missing.

Require module Digest::MD5 "Need %s %s for better cache keys."
+Require module Digest::Bcrypt "Required if you are going to use bcrypt passwords for UserDB."
+Require module Crypt::Random "Required if you are going to use bcrypt passwords for UserDB."
Require module Safe::Hole "Need %s %s for embedded perl object access."

# Encoding

_______________________________________________
interchange-cvs mailing list
interchange-cvs@icdevgroup.org
http://www.icdevgroup.org/mailman/listinfo/interchange-cvs