Add hashPassword method for password verification and hashing
This commit is contained in:
parent
a6857a5759
commit
c335ab2f27
|
@ -31,7 +31,7 @@ class LdapAccount extends LdapDomain {
|
||||||
public function update($name=NULL,$password=NULL,$active=NULL,$admin=NULL,$accountactive=NULL,$courieractive=NULL,$webmailactive=NULL,$authsmtpactive=NULL,$amavisBypassSpamChecks=NULL) {
|
public function update($name=NULL,$password=NULL,$active=NULL,$admin=NULL,$accountactive=NULL,$courieractive=NULL,$webmailactive=NULL,$authsmtpactive=NULL,$amavisBypassSpamChecks=NULL) {
|
||||||
$info["cn"] = (!empty($name)) ? $name : $this->name;
|
$info["cn"] = (!empty($name)) ? $name : $this->name;
|
||||||
if (!empty($password)) {
|
if (!empty($password)) {
|
||||||
$info["userPassword"] = $password;
|
$info["userPassword"] = LdapServer::hashPassword($password);
|
||||||
}
|
}
|
||||||
$info["isActive"] = ($active) ? 'TRUE' : 'FALSE';
|
$info["isActive"] = ($active) ? 'TRUE' : 'FALSE';
|
||||||
$info["isAdmin"] = ($admin) ? 'TRUE' : 'FALSE';
|
$info["isAdmin"] = ($admin) ? 'TRUE' : 'FALSE';
|
||||||
|
|
|
@ -73,11 +73,7 @@ class LdapDomain extends LdapServer {
|
||||||
if (badname($uid)) {
|
if (badname($uid)) {
|
||||||
throw new Exception("Erreur, <u>$name</u> est un nom invalide.");
|
throw new Exception("Erreur, <u>$name</u> est un nom invalide.");
|
||||||
}
|
}
|
||||||
if (Auth::badpassword($password)) {
|
|
||||||
throw new Exception("Erreur, mot de passe invalide.");
|
|
||||||
}
|
|
||||||
$mail = $uid.'@'.$this->getName();
|
$mail = $uid.'@'.$this->getName();
|
||||||
$password = "{SSHA}".Ldap::ssha($password);
|
|
||||||
$info[LdapAccount::$dn] = $mail;
|
$info[LdapAccount::$dn] = $mail;
|
||||||
$info["cn"] = $name;
|
$info["cn"] = $name;
|
||||||
$info["homeDirectory"] = "/home/vmail/" .$this->getName(). "/" .$uid. "/";
|
$info["homeDirectory"] = "/home/vmail/" .$this->getName(). "/" .$uid. "/";
|
||||||
|
@ -93,7 +89,7 @@ class LdapDomain extends LdapServer {
|
||||||
$info["webmailActive"] = ($webmailactive) ? 'TRUE' : 'FALSE';
|
$info["webmailActive"] = ($webmailactive) ? 'TRUE' : 'FALSE';
|
||||||
$info["authsmtpActive"] = ($authsmtpactive) ? 'TRUE' : 'FALSE';
|
$info["authsmtpActive"] = ($authsmtpactive) ? 'TRUE' : 'FALSE';
|
||||||
#$info["amavisBypassSpamChecks"] = ($amavisBypassSpamChecks) ? 'TRUE' : 'FALSE';
|
#$info["amavisBypassSpamChecks"] = ($amavisBypassSpamChecks) ? 'TRUE' : 'FALSE';
|
||||||
$info["userPassword"] = $password;
|
$info["userPassword"] = LdapServer::hashPassword($password);
|
||||||
|
|
||||||
if (@ldap_add($this->conn, LdapAccount::getBaseDN($this, $mail), $info)) {
|
if (@ldap_add($this->conn, LdapAccount::getBaseDN($this, $mail), $info)) {
|
||||||
mail($name, 'Premier message',"Mail d'initialisation du compte.");
|
mail($name, 'Premier message',"Mail d'initialisation du compte.");
|
||||||
|
|
|
@ -45,6 +45,15 @@ class LdapServer {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static protected function hashPassword($pass) {
|
||||||
|
if (strlen($pass) > 42 || strlen($pass) < 5 || !preg_match('/^([[:graph:]]*)$/',$pass)) {
|
||||||
|
throw new Exception("Mot de passe invalide, voir page d'aide");
|
||||||
|
}
|
||||||
|
mt_srand((double)microtime()*1000000);
|
||||||
|
$salt = mhash_keygen_s2k(MHASH_SHA1, $pass, substr(pack('h*', md5(mt_rand())), 0, 8), 4);
|
||||||
|
return '{SSHA}'.base64_encode(mhash(MHASH_SHA1, $pass.$salt).$salt);
|
||||||
|
}
|
||||||
|
|
||||||
public function __construct($login, $base, $adminDN, $adminPass, $uri='ldap://127.0.0.1') {
|
public function __construct($login, $base, $adminDN, $adminPass, $uri='ldap://127.0.0.1') {
|
||||||
global $conf;
|
global $conf;
|
||||||
$this->login = $login;
|
$this->login = $login;
|
||||||
|
|
Loading…
Reference in a new issue