allow to specify the hash type to prefix the hash, to easy migrate passwords from ldap

This commit is contained in:
Ralf Becker 2006-06-07 22:08:13 +00:00
parent fdebc495f5
commit 9eca4904e0

View File

@ -48,13 +48,6 @@
'M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z' 'M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z'
); );
if(!$this->seeded && phpversion() < '4.2.0')
{
list($usec, $sec) = explode(' ', microtime());
mt_srand((float)$sec + ((float)$usec * 100000));
$this->seeded = True;
}
for ($i=0; $i<$size; $i++) for ($i=0; $i<$size; $i++)
{ {
$s .= $random_char[mt_rand(1,61)]; $s .= $random_char[mt_rand(1,61)];
@ -84,12 +77,29 @@
* encryption type set in setup and calls the appropriate encryption functions * encryption type set in setup and calls the appropriate encryption functions
* *
* @param $cleartext cleartext password * @param $cleartext cleartext password
* @param $encrypted encrypted password * @param $encrypted encrypted password, can have a {hash} prefix, which overrides $type
* @param $type type of encryption * @param $type type of encryption
* @param $username used as optional key of encryption for md5_hmac * @param $username used as optional key of encryption for md5_hmac
*/ */
function compare_password($cleartext,$encrypted,$type,$username='') function compare_password($cleartext,$encrypted,$type,$username='')
{ {
// allow to specify the hash type to prefix the hash, to easy migrate passwords from ldap
if (preg_match('/^\\{([a-z_5]+)\\}(.+)$/i',$encrypted,$matches))
{
$type = strtolower($matches[1]);
$encrypted = $matches[2];
switch($type) // some hashs are specially "packed" in ldap
{
case 'md5':
$encrypted = implode('',unpack('H*',base64_decode($encrypted)));
break;
case 'crypt':
// nothing to do
break;
// ToDo: the others ...
}
}
switch($type) switch($type)
{ {
case 'smd5': case 'smd5':
@ -127,7 +137,7 @@
case 'des': case 'des':
$salt = $this->randomstring(2); $salt = $this->randomstring(2);
$_password = crypt($password, $salt); $_password = crypt($password, $salt);
$e_password = sprintf('%s%s', '{crypt}', $_password); $e_password = '{crypt}'.$_password;
break; break;
case 'md5': case 'md5':
/* New method taken from the openldap-software list as recommended by /* New method taken from the openldap-software list as recommended by