Accept salted password hashes with :A: prefixes

Partially reverting Icb809274f9f63.

The broken :A: prefixed passwords generated by MW before that change
were apparently written back to the database -- there are 2.5M in enwiki
alone. Accepting them should not depend on $wgPasswordSalt, which is a
deprecated global and should soon be removed.

Change-Id: I772de0fb17245d080eb15a7d5df6bf3125e1f71a

diff --git a/includes/password/MWOldPassword.php b/includes/password/MWOldPassword.php
index 360485e..c48b6e6 100644 (file)
--- a/includes/password/MWOldPassword.php
+++ b/includes/password/MWOldPassword.php
@@ -36,8 +36,16 @@ class MWOldPassword extends ParameterizedPassword {
        }
 
        public function crypt( $plaintext ) {
-               $this->args = [];
-               $this->hash = md5( $plaintext );
+               if ( count( $this->args ) === 1 ) {
+                       // Accept (but do not generate) salted passwords with :A: prefix.
+                       // These are actually B-type passwords, but an error in a previous
+                       // version of MediaWiki caused them to be written with an :A:
+                       // prefix.
+                       $this->hash = md5( $this->args[0] . '-' . md5( $plaintext ) );
+               } else {
+                       $this->args = [];
+                       $this->hash = md5( $plaintext );
+               }
 
                if ( !is_string( $this->hash ) || strlen( $this->hash ) < 32 ) {
                        throw new PasswordError( 'Error when hashing password.' );