Add in sha passwd crypt for ldap (requires mhash to configure and use) ...

Concept by Matt Pavlovich <mpav@algx.net>
This commit is contained in:
Miles Lott 2002-05-14 01:02:19 +00:00
parent a057be8a98
commit b08b5717b1
3 changed files with 59 additions and 10 deletions

View File

@ -24,13 +24,13 @@
$algos = @mcrypt_list_algorithms();
$found = False;
while (list ($key, $value) = each ($algos))
while(list($key, $value) = each($algos))
{
$found = True;
/* Only show each once - seems this is a problem in some installs */
if(!in_array($value,$listed))
{
if ($config['mcrypt_algo'] == $value)
if($config['mcrypt_algo'] == $value)
{
$selected = ' selected';
}
@ -69,13 +69,13 @@
$modes = @mcrypt_list_modes();
$found = False;
while (list ($key, $value) = each ($modes))
while(list($key, $value) = each($modes))
{
$found = True;
/* Only show each once - seems this is a problem in some installs */
if(!in_array($value,$listed))
{
if ($config['mcrypt_mode'] == $value)
if($config['mcrypt_mode'] == $value)
{
$selected = ' selected';
}
@ -101,4 +101,32 @@
}
return $out;
}
function passwdhashes($config)
{
$hashes = array(
'des' => 'des',
'md5' => 'md5'
);
if(@function_exists('mhash'))
{
$hashes += array('sha' => 'sha');
}
while(list($key, $value) = each($hashes))
{
if($config['ldap_encryption_type'] == $value)
{
$selected = ' selected';
}
else
{
$selected = '';
}
$descr = strtoupper($value);
$out .= '<option value="' . $value . '"' . $selected . '>' . $descr . '</option>' . "\n";
}
return $out;
}
?>

View File

@ -144,8 +144,7 @@
<td>{lang_LDAP_encryption_type}:</td>
<td>
<select name="newsettings[ldap_encryption_type]">
<option value="DES"{selected_ldap_encryption_type_DES}>DES</option>
<option value="MD5"{selected_ldap_encryption_type_MD5}>MD5</option>
{hook_passwdhashes}
</select>
</td>
</tr>

View File

@ -1156,6 +1156,15 @@
return $ldappassword;
}
function sha_cryptpasswd($userpass)
{
$hash = base64_encode(mhash(MHASH_SHA1, $userpass));
$ldappassword = sprintf('%s%s', '{SHA}', $hash);
return $ldappassword;
}
/*!
@function encrypt_password
@abstract encrypt password
@ -1164,16 +1173,29 @@
*/
function encrypt_password($password)
{
if ($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'DES')
if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'DES')
{
$salt = $this->randomstring(2);
$e_password = $this->des_cryptpasswd($password, $salt);
}
if ($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'MD5')
if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'MD5')
{
$salt = $this->randomstring(8);
$e_password = $this->md5_cryptpasswd($password, $salt);
}
if($GLOBALS['phpgw_info']['server']['ldap_encryption_type'] == 'SHA')
{
if(@function_exists('mhash'))
{
$e_password = $this->sha_cryptpasswd($password);
}
else
{
/* this should error instead... */
$salt = $this->randomstring(8);
$e_password = $this->md5_cryptpasswd($password, $salt);
}
}
return $e_password;
}