Additional password crypt types for ldap:

- MD5_CRYPT (9 char salt prefixed with $1$)
- BLOWFISH_CRYPT (16 char salt prefixed with $2$)
- EXT_CRYPT (9 char salt, no prefix)

phpgwapi/inc/class.auth.inc.php

@@ -146,6 +146,33 @@ class auth extends auth_
 				$_password  = crypt($password, $salt);
 				$e_password = '{crypt}'.$_password;
 				break;
+			case 'blowfish_crypt':
+				if(@defined('CRYPT_BLOWFISH') && CRYPT_BLOWFISH == 1)
+				{
+					$salt = '$2$' . self::randomstring(13);
+					$e_password = '{crypt}'.crypt($password,$salt);
+					break;
+				}
+				self::$error = 'no blowfish crypt';
+				break;
+			case 'md5_crypt':
+				if(@defined('CRYPT_MD5') && CRYPT_MD5 == 1)
+				{
+					$salt = '$1$' . self::randomstring(9);
+					$e_password = '{crypt}'.crypt($password,$salt);
+					break;
+				}
+				self::$error = 'no md5 crypt';
+				break;
+			case 'ext_crypt':
+				if(@defined('CRYPT_EXT_DES') && CRYPT_EXT_DES == 1)
+				{
+					$salt = self::randomstring(9);
+					$e_password = '{crypt}'.crypt($password,$salt);
+					break;
+				}
+				self::$error = 'no ext crypt';
+				break;
 			case 'md5':
 				/* New method taken from the openldap-software list as recommended by
 				 * Kervin L. Pierre" <kervin@blueprint-tech.com>
@@ -356,11 +383,7 @@ class auth extends auth_
 		$new_hash = mhash(MHASH_MD5,$form_val . $salt);
 		//echo '<br>  DB: ' . base64_encode($orig_hash) . '<br>FORM: ' . base64_encode($new_hash);
 
-		if(strcmp($orig_hash,$new_hash) == 0)
+		return strcmp($orig_hash,$new_hash) == 0;
-		{
-			return True;
-		}
-		return False;
 	}
 
 	/**
@@ -377,11 +400,7 @@ class auth extends auth_
 		$new_hash = mhash(MHASH_SHA1,$form_val);
 		//echo '<br>  DB: ' . base64_encode($orig_hash) . '<br>FORM: ' . base64_encode($new_hash);
 
-		if(strcmp($hash,$new_hash) == 0)
+		return strcmp($hash,$new_hash) == 0;
-		{
-			return True;
-		}
-		return False;
 	}
 
 	/**
@@ -401,11 +420,7 @@ class auth extends auth_
 		$salt = substr($hash, 20);
 		$new_hash = mhash(MHASH_SHA1, $form_val . $salt);
 
-		if(strcmp($orig_hash,$new_hash) == 0)
+		return strcmp($orig_hash,$new_hash) == 0;
-		{
-			return True;
-		}
-		return False;
 	}
 
 	/**
@@ -430,11 +445,7 @@ class auth extends auth_
 		$salt = substr($db_val, 0, (int)$saltlen[$type]);
 		$new_hash = crypt($form_val, $salt);
 
-		if(strcmp($db_val,$new_hash) == 0)
+		return strcmp($db_val,$new_hash) == 0;
-		{
-			return True;
-		}
-		return False;
 	}
 
 	/**
@@ -449,10 +460,7 @@ class auth extends auth_
 	{
 		$key = str_pad(strlen($key) <= 64 ? $key : pack('H*', md5($key)), 64, chr(0x00));
 		$md5_hmac = md5(($key ^ str_repeat(chr(0x5c), 64)) . pack('H*', md5(($key ^ str_repeat(chr(0x36), 64)). $form_val)));
-		if(strcmp($md5_hmac,$db_val) == 0)
+
-		{
+		return strcmp($md5_hmac,$db_val) == 0;
-			return True;
-		}
-		return False;
 	}
 }

setup/inc/hook_config.inc.php

@@ -121,6 +121,19 @@
 		$hashes += array(
 			'plain' => 'plain',
 		);
+		/* Check for available crypt methods based on what is defined by php */
+		if(@defined('CRYPT_BLOWFISH') && CRYPT_BLOWFISH == 1)
+		{
+			$hashes['blowish_crypt'] = 'blowish_crypt';
+		}
+		if(@defined('CRYPT_MD5') && CRYPT_MD5 == 1)
+		{
+			$hashes['md5_crypt'] = 'md5_crypt';
+		}
+		if(@defined('CRYPT_EXT_DES') && CRYPT_EXT_DES == 1)
+		{
+			$hashes['ext_crypt'] = 'ext_crypt';
+		}
 
 		while(list($key, $value) = each($hashes))
 		{