Add in sha passwd crypt for ldap (requires mhash to configure and use) ...

Concept by Matt Pavlovich <mpav@algx.net>
2002-05-14 01:02:19 +00:00 · 2002-05-14 01:02:19 +00:00 · b08b5717b1
commit b08b5717b1
parent a057be8a98
3 changed files with 59 additions and 10 deletions
--- a/admin/inc/hook_config.inc.php
+++ b/admin/inc/hook_config.inc.php
@ -24,13 +24,13 @@
 			$algos = @mcrypt_list_algorithms();
 			$found = False;

-			while (list ($key, $value) = each ($algos))
+			while(list($key, $value) = each($algos))
 			{
 				$found = True;
 				/* Only show each once - seems this is a problem in some installs */
 				if(!in_array($value,$listed))
 				{
-					if ($config['mcrypt_algo'] == $value)
+					if($config['mcrypt_algo'] == $value)
 					{
 						$selected = ' selected';
 					}
@ -39,7 +39,7 @@
 						$selected = '';
 					}
 					$descr = strtoupper($value);
-	
+
 					$out .= '<option value="' . $value . '"' . $selected . '>' . $descr . '</option>' . "\n";
 					$listed[] = $value;
 				}
@ -69,13 +69,13 @@
 			$modes = @mcrypt_list_modes();
 			$found = False;

-			while (list ($key, $value) = each ($modes))
+			while(list($key, $value) = each($modes))
 			{
 				$found = True;
 				/* Only show each once - seems this is a problem in some installs */
 				if(!in_array($value,$listed))
 				{
-					if ($config['mcrypt_mode'] == $value)
+					if($config['mcrypt_mode'] == $value)
 					{
 						$selected = ' selected';
 					}
@ -84,7 +84,7 @@
 						$selected = '';
 					}
 					$descr = strtoupper($value);
-	
+
 					$out .= '<option value="' . $value . '"' . $selected . '>' . $descr . '</option>' . "\n";
 					$listed[] = $value;
 				}
@ -101,4 +101,32 @@
 		}
 		return $out;
 	}
+
+	function passwdhashes($config)
+	{
+		$hashes = array(
+			'des' => 'des',
+			'md5' => 'md5'
+		);
+		if(@function_exists('mhash'))
+		{
+			$hashes += array('sha' => 'sha');
+		}
+
+		while(list($key, $value) = each($hashes))
+		{
+			if($config['ldap_encryption_type'] == $value)
+			{
+				$selected = ' selected';
+			}
+			else
+			{
+				$selected = '';
+			}
+			$descr = strtoupper($value);
+
+			$out .= '<option value="' . $value . '"' . $selected . '>' . $descr . '</option>' . "\n";
+		}
+		return $out;
+	}
 ?>
--- a/admin/templates/default/config.tpl
+++ b/admin/templates/default/config.tpl
@ -144,8 +144,7 @@
    <td>{lang_LDAP_encryption_type}:</td>
    <td>
     <select name="newsettings[ldap_encryption_type]">
-      <option value="DES"{selected_ldap_encryption_type_DES}>DES</option>
-      <option value="MD5"{selected_ldap_encryption_type_MD5}>MD5</option>
+{hook_passwdhashes}
     </select>
    </td>
   </tr>
--- a/phpgwapi/inc/class.common.inc.php
+++ b/phpgwapi/inc/class.common.inc.php
@ -1156,6 +1156,15 @@

 			return $ldappassword;
 		}
+
+		function sha_cryptpasswd($userpass)
+		{
+			$hash = base64_encode(mhash(MHASH_SHA1, $userpass));
+			$ldappassword = sprintf('%s%s', '{SHA}', $hash);
+
+			return $ldappassword;
+		}
+
 		/*!
 		@function encrypt_password
 		@abstract encrypt password
@ -1164,16 +1173,29 @@
 		*/
 		function encrypt_password($password)
 		{
-			if ($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'DES')
+			if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'DES')
 			{
 				$salt       = $this->randomstring(2);
 				$e_password = $this->des_cryptpasswd($password, $salt);
 			}
-			if ($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'MD5')
+			if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'MD5')
 			{
 				$salt       = $this->randomstring(8);
 				$e_password = $this->md5_cryptpasswd($password, $salt);
 			}
+			if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'SHA')
+			{
+				if(@function_exists('mhash'))
+				{
+					$e_password = $this->sha_cryptpasswd($password);
+				}
+				else
+				{
+					/* this should error instead... */
+					$salt       = $this->randomstring(8);
+					$e_password = $this->md5_cryptpasswd($password, $salt);
+				}
+			}
 			return $e_password;
 		}