extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-25 01:13:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

using since php<=5.0 available raw_output=true parameter for md5 and sha1 instead of deprecated and in newer distros no longer available mhash extension

Browse Source
This commit is contained in:
Ralf Becker 2010-05-13 10:44:52 +00:00
parent f09f846d4e
commit 209dec4c55
2 changed files with 18 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
phpgwapi/inc/class.auth.inc.php
View File

@ -187,28 +187,16 @@ class auth extends auth_
$e_password = '{md5}' . base64_encode(pack("H*",md5($password)));
break;
case 'smd5':
if(!function_exists('mhash'))
{
return False;
}
$salt = self::randomstring(8);
$hash = mhash(MHASH_MD5, $password . $salt);
$hash = md5($password . $salt,true);
$e_password = '{SMD5}' . base64_encode($hash . $salt);
break;
case 'sha':
if(!function_exists('mhash'))
{
return False;
}
$e_password = '{SHA}' . base64_encode(mhash(MHASH_SHA1, $password));
$e_password = '{SHA}' . base64_encode(sha1($password,true));
break;
case 'ssha':
if(!function_exists('mhash'))
{
return False;
}
$salt = self::randomstring(8);
$hash = mhash(MHASH_SHA1, $password . $salt);
$hash = sha1($password . $salt,true);
$e_password = '{SSHA}' . base64_encode($hash . $salt);
break;
case 'plain':
@ -299,28 +287,14 @@ class auth extends auth_
self::$error = 'no ext crypt';
break;
case 'smd5':
if(!function_exists('mhash'))
{
return False;
}
$salt = self::randomstring(8);
$hash = mhash(MHASH_MD5, $password . $salt);
$hash = md5($password . $salt,true);
return '{SMD5}' . base64_encode($hash . $salt);
case 'sha':
if(!function_exists('mhash'))
{
self::$error = 'no sha';
return False;
}
return '{SHA}' . base64_encode(mhash(MHASH_SHA1,$password));
return '{SHA}' . base64_encode(sha1($password,true));
case 'ssha':
if(!function_exists('mhash'))
{
self::$error = 'no ssha';
return False;
}
$salt = self::randomstring(8);
$hash = mhash(MHASH_SHA1, $password . $salt);
$hash = sha1($password . $salt,true);
return '{SSHA}' . base64_encode($hash . $salt);
case 'md5':
default:
@ -387,7 +361,7 @@ class auth extends auth_
$orig_hash = substr($hash, 0, 16);
$salt = substr($hash, 16);
$new_hash = mhash(MHASH_MD5,$form_val . $salt);
$new_hash = md5($form_val . $salt,true);
//echo '<br> DB: ' . base64_encode($orig_hash) . '<br>FORM: ' . base64_encode($new_hash);
return strcmp($orig_hash,$new_hash) == 0;
@ -404,7 +378,7 @@ class auth extends auth_
{
/* Start with the first char after {SHA} */
$hash = base64_decode(substr($db_val,5));
$new_hash = mhash(MHASH_SHA1,$form_val);
$new_hash = sha1($form_val,true);
//echo '<br> DB: ' . base64_encode($orig_hash) . '<br>FORM: ' . base64_encode($new_hash);
return strcmp($hash,$new_hash) == 0;
@ -425,7 +399,7 @@ class auth extends auth_
// SHA-1 hashes are 160 bits long
$orig_hash = substr($hash, 0, 20);
$salt = substr($hash, 20);
$new_hash = mhash(MHASH_SHA1, $form_val . $salt);
$new_hash = sha1($form_val . $salt,true);
return strcmp($orig_hash,$new_hash) == 0;
}

30
setup/inc/hook_config.inc.php
View File

@ -146,17 +146,10 @@ function passwdhashes($config)
{
$hashes = array(
'des' => 'des',
'md5' => 'md5'
);
if(@function_exists('mhash'))
{
$hashes += array(
'smd5' => 'smd5',
'sha' => 'sha',
'ssha' => 'ssha'
);
}
$hashes += array(
'md5' => 'md5',
'smd5' => 'smd5',
'sha' => 'sha',
'ssha' => 'ssha',
'plain' => 'plain',
);
/* Check for available crypt methods based on what is defined by php */
@ -173,7 +166,7 @@ function passwdhashes($config)
$hashes['ext_crypt'] = 'ext_crypt';
}
while(list($key, $value) = each($hashes))
foreach($hashes as $key => $value)
{
if($config['ldap_encryption_type'] == $value)
{
@ -214,19 +207,14 @@ function sql_passwdhashes($config)
$hashes['crypt'] = 'crypt';
}
if(@function_exists('mhash'))
{
$hashes += array(
'smd5' => 'smd5',
'sha' => 'sha',
'ssha' => 'ssha'
);
}
$hashes += array(
'smd5' => 'smd5',
'sha' => 'sha',
'ssha' => 'ssha',
'plain' => 'plain',
);
while(list($key, $value) = each($hashes))
foreach($hashes as $key => $value)
{
if($config['sql_encryption_type'] == $value)
{