evolix/evoadmin-mail
22
0
Fork 0
Code Issues 6 Pull requests Releases Activity

Add hashPassword method for password verification and hashing

Browse source
This commit is contained in:
Victor LABORIE 2017-12-17 19:53:53 +01:00
parent a6857a5759
commit c335ab2f27
3 changed files with 11 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
htdocs/lib/class.ldapaccount.php
View file

@ -31,7 +31,7 @@ class LdapAccount extends LdapDomain {
public function update($name=NULL,$password=NULL,$active=NULL,$admin=NULL,$accountactive=NULL,$courieractive=NULL,$webmailactive=NULL,$authsmtpactive=NULL,$amavisBypassSpamChecks=NULL) {
$info["cn"] = (!empty($name)) ? $name : $this->name;
if (!empty($password)) {
$info["userPassword"] = $password;
$info["userPassword"] = LdapServer::hashPassword($password);
}
$info["isActive"] = ($active) ? 'TRUE' : 'FALSE';
$info["isAdmin"] = ($admin) ? 'TRUE' : 'FALSE';

6
htdocs/lib/class.ldapdomain.php
View file

@ -73,11 +73,7 @@ class LdapDomain extends LdapServer {
if (badname($uid)) {
throw new Exception("Erreur, <u>$name</u> est un nom invalide.");
}
if (Auth::badpassword($password)) {
throw new Exception("Erreur, mot de passe invalide.");
}
$mail = $uid.'@'.$this->getName();
$password = "{SSHA}".Ldap::ssha($password);
$info[LdapAccount::$dn] = $mail;
$info["cn"] = $name;
$info["homeDirectory"] = "/home/vmail/" .$this->getName(). "/" .$uid. "/";
@ -93,7 +89,7 @@ class LdapDomain extends LdapServer {
$info["webmailActive"] = ($webmailactive) ? 'TRUE' : 'FALSE';
$info["authsmtpActive"] = ($authsmtpactive) ? 'TRUE' : 'FALSE';
#$info["amavisBypassSpamChecks"] = ($amavisBypassSpamChecks) ? 'TRUE' : 'FALSE';
$info["userPassword"] = $password;
$info["userPassword"] = LdapServer::hashPassword($password);
if (@ldap_add($this->conn, LdapAccount::getBaseDN($this, $mail), $info)) {
mail($name, 'Premier message',"Mail d'initialisation du compte.");

9
htdocs/lib/class.ldapserver.php
View file

@ -45,6 +45,15 @@ class LdapServer {
}
}
static protected function hashPassword($pass) {
if (strlen($pass) > 42 || strlen($pass) < 5 || !preg_match('/^([[:graph:]]*)$/',$pass)) {
throw new Exception("Mot de passe invalide, voir page d'aide");
}
mt_srand((double)microtime()*1000000);
$salt = mhash_keygen_s2k(MHASH_SHA1, $pass, substr(pack('h*', md5(mt_rand())), 0, 8), 4);
return '{SSHA}'.base64_encode(mhash(MHASH_SHA1, $pass.$salt).$salt);
}
public function __construct($login, $base, $adminDN, $adminPass, $uri='ldap://127.0.0.1') {
global $conf;
$this->login = $login;