forked from extern/egroupware
Add in sha passwd crypt for ldap (requires mhash to configure and use) ...
Concept by Matt Pavlovich <mpav@algx.net>
This commit is contained in:
parent
a057be8a98
commit
b08b5717b1
@ -24,13 +24,13 @@
|
||||
$algos = @mcrypt_list_algorithms();
|
||||
$found = False;
|
||||
|
||||
while (list ($key, $value) = each ($algos))
|
||||
while(list($key, $value) = each($algos))
|
||||
{
|
||||
$found = True;
|
||||
/* Only show each once - seems this is a problem in some installs */
|
||||
if(!in_array($value,$listed))
|
||||
{
|
||||
if ($config['mcrypt_algo'] == $value)
|
||||
if($config['mcrypt_algo'] == $value)
|
||||
{
|
||||
$selected = ' selected';
|
||||
}
|
||||
@ -69,13 +69,13 @@
|
||||
$modes = @mcrypt_list_modes();
|
||||
$found = False;
|
||||
|
||||
while (list ($key, $value) = each ($modes))
|
||||
while(list($key, $value) = each($modes))
|
||||
{
|
||||
$found = True;
|
||||
/* Only show each once - seems this is a problem in some installs */
|
||||
if(!in_array($value,$listed))
|
||||
{
|
||||
if ($config['mcrypt_mode'] == $value)
|
||||
if($config['mcrypt_mode'] == $value)
|
||||
{
|
||||
$selected = ' selected';
|
||||
}
|
||||
@ -101,4 +101,32 @@
|
||||
}
|
||||
return $out;
|
||||
}
|
||||
|
||||
function passwdhashes($config)
|
||||
{
|
||||
$hashes = array(
|
||||
'des' => 'des',
|
||||
'md5' => 'md5'
|
||||
);
|
||||
if(@function_exists('mhash'))
|
||||
{
|
||||
$hashes += array('sha' => 'sha');
|
||||
}
|
||||
|
||||
while(list($key, $value) = each($hashes))
|
||||
{
|
||||
if($config['ldap_encryption_type'] == $value)
|
||||
{
|
||||
$selected = ' selected';
|
||||
}
|
||||
else
|
||||
{
|
||||
$selected = '';
|
||||
}
|
||||
$descr = strtoupper($value);
|
||||
|
||||
$out .= '<option value="' . $value . '"' . $selected . '>' . $descr . '</option>' . "\n";
|
||||
}
|
||||
return $out;
|
||||
}
|
||||
?>
|
||||
|
@ -144,8 +144,7 @@
|
||||
<td>{lang_LDAP_encryption_type}:</td>
|
||||
<td>
|
||||
<select name="newsettings[ldap_encryption_type]">
|
||||
<option value="DES"{selected_ldap_encryption_type_DES}>DES</option>
|
||||
<option value="MD5"{selected_ldap_encryption_type_MD5}>MD5</option>
|
||||
{hook_passwdhashes}
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
|
@ -1156,6 +1156,15 @@
|
||||
|
||||
return $ldappassword;
|
||||
}
|
||||
|
||||
function sha_cryptpasswd($userpass)
|
||||
{
|
||||
$hash = base64_encode(mhash(MHASH_SHA1, $userpass));
|
||||
$ldappassword = sprintf('%s%s', '{SHA}', $hash);
|
||||
|
||||
return $ldappassword;
|
||||
}
|
||||
|
||||
/*!
|
||||
@function encrypt_password
|
||||
@abstract encrypt password
|
||||
@ -1164,16 +1173,29 @@
|
||||
*/
|
||||
function encrypt_password($password)
|
||||
{
|
||||
if ($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'DES')
|
||||
if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'DES')
|
||||
{
|
||||
$salt = $this->randomstring(2);
|
||||
$e_password = $this->des_cryptpasswd($password, $salt);
|
||||
}
|
||||
if ($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'MD5')
|
||||
if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'MD5')
|
||||
{
|
||||
$salt = $this->randomstring(8);
|
||||
$e_password = $this->md5_cryptpasswd($password, $salt);
|
||||
}
|
||||
if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'SHA')
|
||||
{
|
||||
if(@function_exists('mhash'))
|
||||
{
|
||||
$e_password = $this->sha_cryptpasswd($password);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* this should error instead... */
|
||||
$salt = $this->randomstring(8);
|
||||
$e_password = $this->md5_cryptpasswd($password, $salt);
|
||||
}
|
||||
}
|
||||
return $e_password;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user