forked from extern/egroupware
Add in sha passwd crypt for ldap (requires mhash to configure and use) ...
Concept by Matt Pavlovich <mpav@algx.net>
This commit is contained in:
parent
a057be8a98
commit
b08b5717b1
@ -24,13 +24,13 @@
|
|||||||
$algos = @mcrypt_list_algorithms();
|
$algos = @mcrypt_list_algorithms();
|
||||||
$found = False;
|
$found = False;
|
||||||
|
|
||||||
while (list ($key, $value) = each ($algos))
|
while(list($key, $value) = each($algos))
|
||||||
{
|
{
|
||||||
$found = True;
|
$found = True;
|
||||||
/* Only show each once - seems this is a problem in some installs */
|
/* Only show each once - seems this is a problem in some installs */
|
||||||
if(!in_array($value,$listed))
|
if(!in_array($value,$listed))
|
||||||
{
|
{
|
||||||
if ($config['mcrypt_algo'] == $value)
|
if($config['mcrypt_algo'] == $value)
|
||||||
{
|
{
|
||||||
$selected = ' selected';
|
$selected = ' selected';
|
||||||
}
|
}
|
||||||
@ -69,13 +69,13 @@
|
|||||||
$modes = @mcrypt_list_modes();
|
$modes = @mcrypt_list_modes();
|
||||||
$found = False;
|
$found = False;
|
||||||
|
|
||||||
while (list ($key, $value) = each ($modes))
|
while(list($key, $value) = each($modes))
|
||||||
{
|
{
|
||||||
$found = True;
|
$found = True;
|
||||||
/* Only show each once - seems this is a problem in some installs */
|
/* Only show each once - seems this is a problem in some installs */
|
||||||
if(!in_array($value,$listed))
|
if(!in_array($value,$listed))
|
||||||
{
|
{
|
||||||
if ($config['mcrypt_mode'] == $value)
|
if($config['mcrypt_mode'] == $value)
|
||||||
{
|
{
|
||||||
$selected = ' selected';
|
$selected = ' selected';
|
||||||
}
|
}
|
||||||
@ -101,4 +101,32 @@
|
|||||||
}
|
}
|
||||||
return $out;
|
return $out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function passwdhashes($config)
|
||||||
|
{
|
||||||
|
$hashes = array(
|
||||||
|
'des' => 'des',
|
||||||
|
'md5' => 'md5'
|
||||||
|
);
|
||||||
|
if(@function_exists('mhash'))
|
||||||
|
{
|
||||||
|
$hashes += array('sha' => 'sha');
|
||||||
|
}
|
||||||
|
|
||||||
|
while(list($key, $value) = each($hashes))
|
||||||
|
{
|
||||||
|
if($config['ldap_encryption_type'] == $value)
|
||||||
|
{
|
||||||
|
$selected = ' selected';
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$selected = '';
|
||||||
|
}
|
||||||
|
$descr = strtoupper($value);
|
||||||
|
|
||||||
|
$out .= '<option value="' . $value . '"' . $selected . '>' . $descr . '</option>' . "\n";
|
||||||
|
}
|
||||||
|
return $out;
|
||||||
|
}
|
||||||
?>
|
?>
|
||||||
|
@ -144,8 +144,7 @@
|
|||||||
<td>{lang_LDAP_encryption_type}:</td>
|
<td>{lang_LDAP_encryption_type}:</td>
|
||||||
<td>
|
<td>
|
||||||
<select name="newsettings[ldap_encryption_type]">
|
<select name="newsettings[ldap_encryption_type]">
|
||||||
<option value="DES"{selected_ldap_encryption_type_DES}>DES</option>
|
{hook_passwdhashes}
|
||||||
<option value="MD5"{selected_ldap_encryption_type_MD5}>MD5</option>
|
|
||||||
</select>
|
</select>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
@ -1156,6 +1156,15 @@
|
|||||||
|
|
||||||
return $ldappassword;
|
return $ldappassword;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function sha_cryptpasswd($userpass)
|
||||||
|
{
|
||||||
|
$hash = base64_encode(mhash(MHASH_SHA1, $userpass));
|
||||||
|
$ldappassword = sprintf('%s%s', '{SHA}', $hash);
|
||||||
|
|
||||||
|
return $ldappassword;
|
||||||
|
}
|
||||||
|
|
||||||
/*!
|
/*!
|
||||||
@function encrypt_password
|
@function encrypt_password
|
||||||
@abstract encrypt password
|
@abstract encrypt password
|
||||||
@ -1164,16 +1173,29 @@
|
|||||||
*/
|
*/
|
||||||
function encrypt_password($password)
|
function encrypt_password($password)
|
||||||
{
|
{
|
||||||
if ($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'DES')
|
if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'DES')
|
||||||
{
|
{
|
||||||
$salt = $this->randomstring(2);
|
$salt = $this->randomstring(2);
|
||||||
$e_password = $this->des_cryptpasswd($password, $salt);
|
$e_password = $this->des_cryptpasswd($password, $salt);
|
||||||
}
|
}
|
||||||
if ($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'MD5')
|
if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'MD5')
|
||||||
{
|
{
|
||||||
$salt = $this->randomstring(8);
|
$salt = $this->randomstring(8);
|
||||||
$e_password = $this->md5_cryptpasswd($password, $salt);
|
$e_password = $this->md5_cryptpasswd($password, $salt);
|
||||||
}
|
}
|
||||||
|
if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'SHA')
|
||||||
|
{
|
||||||
|
if(@function_exists('mhash'))
|
||||||
|
{
|
||||||
|
$e_password = $this->sha_cryptpasswd($password);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* this should error instead... */
|
||||||
|
$salt = $this->randomstring(8);
|
||||||
|
$e_password = $this->md5_cryptpasswd($password, $salt);
|
||||||
|
}
|
||||||
|
}
|
||||||
return $e_password;
|
return $e_password;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user