mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-25 09:23:28 +01:00
using since php<=5.0 available raw_output=true parameter for md5 and sha1 instead of deprecated and in newer distros no longer available mhash extension
This commit is contained in:
parent
30976817b8
commit
e91b0f0cb5
@ -232,28 +232,16 @@ class auth
|
||||
$e_password = '{md5}' . base64_encode(pack("H*",md5($password)));
|
||||
break;
|
||||
case 'smd5':
|
||||
if(!function_exists('mhash'))
|
||||
{
|
||||
return False;
|
||||
}
|
||||
$salt = self::randomstring(8);
|
||||
$hash = mhash(MHASH_MD5, $password . $salt);
|
||||
$hash = md5($password . $salt,true);
|
||||
$e_password = '{SMD5}' . base64_encode($hash . $salt);
|
||||
break;
|
||||
case 'sha':
|
||||
if(!function_exists('mhash'))
|
||||
{
|
||||
return False;
|
||||
}
|
||||
$e_password = '{SHA}' . base64_encode(mhash(MHASH_SHA1, $password));
|
||||
$e_password = '{SHA}' . base64_encode(sha1($password,true));
|
||||
break;
|
||||
case 'ssha':
|
||||
if(!function_exists('mhash'))
|
||||
{
|
||||
return False;
|
||||
}
|
||||
$salt = self::randomstring(8);
|
||||
$hash = mhash(MHASH_SHA1, $password . $salt);
|
||||
$hash = sha1($password . $salt,true);
|
||||
$e_password = '{SSHA}' . base64_encode($hash . $salt);
|
||||
break;
|
||||
case 'plain':
|
||||
@ -301,6 +289,7 @@ class auth
|
||||
*/
|
||||
static function encrypt_sql($password)
|
||||
{
|
||||
error_log(__METHOD__."('$password') \$GLOBALS['egw_info']['server']['sql_encryption_type']=".array2string($GLOBALS['egw_info']['server']['sql_encryption_type']));
|
||||
/* Grab configured type, or default to md5() (old method) */
|
||||
$type = @$GLOBALS['egw_info']['server']['sql_encryption_type']
|
||||
? strtolower($GLOBALS['egw_info']['server']['sql_encryption_type'])
|
||||
@ -344,28 +333,14 @@ class auth
|
||||
self::$error = 'no ext crypt';
|
||||
break;
|
||||
case 'smd5':
|
||||
if(!function_exists('mhash'))
|
||||
{
|
||||
return False;
|
||||
}
|
||||
$salt = self::randomstring(8);
|
||||
$hash = mhash(MHASH_MD5, $password . $salt);
|
||||
$hash = md5($password . $salt,true);
|
||||
return '{SMD5}' . base64_encode($hash . $salt);
|
||||
case 'sha':
|
||||
if(!function_exists('mhash'))
|
||||
{
|
||||
self::$error = 'no sha';
|
||||
return False;
|
||||
}
|
||||
return '{SHA}' . base64_encode(mhash(MHASH_SHA1,$password));
|
||||
return '{SHA}' . base64_encode(sha1($password,true));
|
||||
case 'ssha':
|
||||
if(!function_exists('mhash'))
|
||||
{
|
||||
self::$error = 'no ssha';
|
||||
return False;
|
||||
}
|
||||
$salt = self::randomstring(8);
|
||||
$hash = mhash(MHASH_SHA1, $password . $salt);
|
||||
$hash = sha1($password . $salt,true);
|
||||
return '{SSHA}' . base64_encode($hash . $salt);
|
||||
case 'md5':
|
||||
default:
|
||||
@ -432,7 +407,7 @@ class auth
|
||||
$orig_hash = substr($hash, 0, 16);
|
||||
$salt = substr($hash, 16);
|
||||
|
||||
$new_hash = mhash(MHASH_MD5,$form_val . $salt);
|
||||
$new_hash = md5($form_val . $salt,true);
|
||||
//echo '<br> DB: ' . base64_encode($orig_hash) . '<br>FORM: ' . base64_encode($new_hash);
|
||||
|
||||
return strcmp($orig_hash,$new_hash) == 0;
|
||||
@ -449,7 +424,7 @@ class auth
|
||||
{
|
||||
/* Start with the first char after {SHA} */
|
||||
$hash = base64_decode(substr($db_val,5));
|
||||
$new_hash = mhash(MHASH_SHA1,$form_val);
|
||||
$new_hash = sha1($form_val,true);
|
||||
//echo '<br> DB: ' . base64_encode($orig_hash) . '<br>FORM: ' . base64_encode($new_hash);
|
||||
|
||||
return strcmp($hash,$new_hash) == 0;
|
||||
@ -470,7 +445,7 @@ class auth
|
||||
// SHA-1 hashes are 160 bits long
|
||||
$orig_hash = substr($hash, 0, 20);
|
||||
$salt = substr($hash, 20);
|
||||
$new_hash = mhash(MHASH_SHA1, $form_val . $salt);
|
||||
$new_hash = sha1($form_val . $salt,true);
|
||||
|
||||
return strcmp($orig_hash,$new_hash) == 0;
|
||||
}
|
||||
|
@ -146,17 +146,10 @@ function passwdhashes($config)
|
||||
{
|
||||
$hashes = array(
|
||||
'des' => 'des',
|
||||
'md5' => 'md5'
|
||||
);
|
||||
if(@function_exists('mhash'))
|
||||
{
|
||||
$hashes += array(
|
||||
'md5' => 'md5',
|
||||
'smd5' => 'smd5',
|
||||
'sha' => 'sha',
|
||||
'ssha' => 'ssha'
|
||||
);
|
||||
}
|
||||
$hashes += array(
|
||||
'ssha' => 'ssha',
|
||||
'plain' => 'plain',
|
||||
);
|
||||
/* Check for available crypt methods based on what is defined by php */
|
||||
@ -173,7 +166,7 @@ function passwdhashes($config)
|
||||
$hashes['ext_crypt'] = 'ext_crypt';
|
||||
}
|
||||
|
||||
while(list($key, $value) = each($hashes))
|
||||
foreach($hashes as $key => $value)
|
||||
{
|
||||
if($config['ldap_encryption_type'] == $value)
|
||||
{
|
||||
@ -214,19 +207,14 @@ function sql_passwdhashes($config)
|
||||
$hashes['crypt'] = 'crypt';
|
||||
}
|
||||
|
||||
if(@function_exists('mhash'))
|
||||
{
|
||||
$hashes += array(
|
||||
'smd5' => 'smd5',
|
||||
'sha' => 'sha',
|
||||
'ssha' => 'ssha'
|
||||
);
|
||||
}
|
||||
$hashes += array(
|
||||
'ssha' => 'ssha',
|
||||
'plain' => 'plain',
|
||||
);
|
||||
|
||||
while(list($key, $value) = each($hashes))
|
||||
foreach($hashes as $key => $value)
|
||||
{
|
||||
if($config['sql_encryption_type'] == $value)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user