index 023f1d4488ee569b306f83e7687a93161d464706..9696df66d7a2994d09a8379d586fcc76a6904a1e 100644 (file)
class passwordMethod
{
var $config = false;
+ var $attrs= array();
// Konstructor
function passwordMethod($config)
{
}
+
+ function get_hash_name()
+ {
+ }
+
// Loads Methods in annother way as get_available_methods do, (For setup ..)
// and loads them,.
function get_available_methods_if_not_loaded($path_to_load="../include")
-
// Crypts a single string, with given Method
function crypt_single_str($string,$method)
{
// this function returns all loaded classes for password encryption
- function get_available_methods()
+ static function get_available_methods()
{
+ global $class_mapping, $config;
$ret =false;
- $all = get_declared_classes();
- $i = 0;
- foreach($all as $one) {
- if(preg_match('/passwordMethod/i', $one) && !preg_match("/^passwordMethod$/i", $one)){
- $name = preg_replace ("/passwordMethod/i", "", $one);
- $test = new $one(false);
+ $i =0;
+ foreach($class_mapping as $class => $path) {
+ if(preg_match('/passwordMethod/i', $class) && !preg_match("/^passwordMethod$/i", $class)){
+ $name = preg_replace ("/passwordMethod/i", "", $class);
+ $test = new $class($config);
if($test->is_available()) {
- $plugname= strtolower(preg_replace ("/passwordMethod/i","",$one));
+ $plugname= $test->get_hash_name();
$ret['name'][$i]= $plugname;
- $ret['class'][$i]=$one;
+ $ret['class'][$i]=$class;
$ret[$i]['name']= $plugname;
- $ret[$i]['class']= $one;
- $ret[$plugname]=$one;
+ $ret[$i]['class']= $class;
+ $ret[$plugname]=$class;
$i++;
}
}
}
return($ret);
}
+
-}
-
-// change_password, changes the Password, of the given dn
-function change_password ($dn, $password, $mode=0, $hash= "")
-{
-
- global $config;
- $newpass= "";
-
-
- // Get all available encryption Methods
- $available = passwordMethod::get_available_methods();
-
-
- // read current password entry for $dn, to detect the encryption Method
- $ldap = $config->get_ldap_link();
- $ldap->cat ($dn);
- $attrs = $ldap->fetch ();
-
- // Set encryption type to clear if required
- if (isset($attrs['userPassword'][0]) && preg_match('/^[^{}]+$/', $attrs['userPassword'][0]) && $hash == ""){
- $hash= "clear";
- }
-
-
-
- // Detect the encryption Method
- if ( (isset($attrs['userPassword'][0]) && preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)) || $hash != ""){
-
- /* Check for supported algorithm */
- mt_srand((double) microtime()*1000000);
-
- /* Extract used hash */
- if ($hash == ""){
- $hash= strtolower($matches[1]);
- }
-
-
- // Crypt with the detected Method
- $test = new $available[$hash]($config);
- $newpass = $test->generate_hash($password);
-
- } else {
- // Crypt it by default
- $test = new $available['md5']($config);
- $newpass = $test->generate_hash($password);
- }
-
-
-
- // Update shadow timestamp?
- if (isset($attrs["shadowLastChange"][0])){
- $shadow= (int)(date("U") / 86400);
- } else {
- $shadow= 0;
+ // Method to let password backends remove additional information besides
+ // the userPassword attribute
+ function remove_from_parent()
+ {
}
- // Write back modified entry
- $ldap->cd($dn);
- $attrs= array();
- // Not for groups
- if ($mode == 0){
-
- if ($shadow != 0){
- $attrs['shadowLastChange']= $shadow;
- }
-
- // Create SMB Password
- $attrs = generate_smb_nt_hash($password);
+ // Method to let passwords backends manage additional information
+ // besides the userAttribute entry
+ function set_password()
+ {
}
- $attrs['userPassword']= array();
- $attrs['userPassword']= $newpass;
-
- $ldap->modify($attrs);
-
-
- if ($ldap->error != 'Success')
+ // Return true if this password method provides a configuration dialog
+ function is_configurable()
{
- print_red(sprintf(_("Setting the password failed. LDAP server says '%s'."),
- $ldap->get_error()));
+ return FALSE;
}
-}
-// Retrun something like array['sambaLMPassword']= "lalla..."
-function generate_smb_nt_hash($password)
-{
- global $config;
- $tmp= $config->data['MAIN']['SMBHASH']." ".escapeshellarg($password);
- @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute");
-
- exec($tmp, $ar);
- flush();
- reset($ar);
- $hash= current($ar);
- if ($hash == "")
+ // Provide a subdialog to configure a password method
+ function configure()
{
- print_red (_("Setting for SMBHASH in gosa.conf is incorrect! Can't change Samba password."));
+ return "";
}
- else
- {
- list($lm,$nt)= split (":", trim($hash));
- if ($config->current['SAMBAVERSION'] == 3)
- {
- $attrs['sambaLMPassword']= $lm;
- $attrs['sambaNTPassword']= $nt;
- $attrs['sambaPwdLastSet']= date('U');
- $attrs['sambaBadPasswordCount']= "0";
- $attrs['sambaBadPasswordTime']= "0";
- } else {
- $attrs['lmPassword']= $lm;
- $attrs['ntPassword']= $nt;
- $attrs['pwdLastSet']= date('U');
- }
- return($attrs);
- }
-}
-function crypt_single($string,$enc_type )
-{
- if(!class_exists("passwordMethod")){
- require_once("class_password-methods.inc");
- }
- return( passwordMethod::crypt_single_str($string,$enc_type));
}
-
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>