index f580eb75882b36879383f893e0e1c56efc38e0d5..2f7db9525d18a74c91c82ed2b4c5618b8ef0e8a7 100644 (file)
class passwordMethod
{
var $config = false;
class passwordMethod
{
var $config = false;
+ var $attrs= array();
// Konstructor
function passwordMethod($config)
// Konstructor
function passwordMethod($config)
// this function returns all loaded classes for password encryption
// this function returns all loaded classes for password encryption
- function get_available_methods()
+ static function get_available_methods()
{
{
+ global $class_mapping;
$ret =false;
$ret =false;
- $all = get_declared_classes();
- $i = 0;
- foreach($all as $one) {
- if(preg_match('/passwordMethod/i', $one) && !preg_match("/^passwordMethod$/i", $one)){
- $name = preg_replace ("/passwordMethod/i", "", $one);
- $test = new $one(false);
+ $i =0;
+ foreach($class_mapping as $class => $path) {
+ if(preg_match('/passwordMethod/i', $class) && !preg_match("/^passwordMethod$/i", $class)){
+ $name = preg_replace ("/passwordMethod/i", "", $class);
+ $test = new $class(false);
if($test->is_available()) {
if($test->is_available()) {
- $ret['name'][$i]= preg_replace ("/passwordMethod/i","",$one);
- $ret['class'][$i]=$one;
- $ret[$i]['name']= preg_replace("/passwordMethod/i","",$one);
- $ret[$i]['class']= $one;
- $ret[preg_replace ("/passwordMethod/i","",$one)]=$one;
+ $plugname= strtolower(preg_replace ("/passwordMethod/i","",$class));
+ $ret['name'][$i]= $plugname;
+ $ret['class'][$i]=$class;
+ $ret[$i]['name']= $plugname;
+ $ret[$i]['class']= $class;
+ $ret[$plugname]=$class;
$i++;
}
}
}
return($ret);
}
$i++;
}
}
}
return($ret);
}
-
-}
-
-// change_password, changes the Password, of the given dn
-function change_password ($dn, $password, $mode=0, $hash= "")
-{
-
- global $config;
- $newpass= "";
-
-
- // Get all available encryption Methods
- $available = passwordMethod::get_available_methods();
-
-
- // read current password entry for $dn, to detect the encryption Method
- $ldap = $config->get_ldap_link();
- $ldap->cat ($dn);
- $attrs = $ldap->fetch ();
-
- // Set encryption type to clear if required
- if (isset($attrs['userPassword'][0]) && preg_match('/^[^{}]+$/', $attrs['userPassword'][0]) && $hash == ""){
- $hash= "clear";
- }
-
-
-
- // Detect the encryption Method
- if ( (isset($attrs['userPassword'][0]) && preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)) || $hash != ""){
-
- /* Check for supported algorithm */
- mt_srand((double) microtime()*1000000);
-
- /* Extract used hash */
- if ($hash == ""){
- $hash= strtolower($matches[1]);
- }
-
-
- // Crypt with the detected Method
- $test = new $available[$hash]($config);
- $newpass = $test->generate_hash($password);
-
- } else {
- // Crypt it by default
- $test = new $available['md5']($config);
- $newpass = $test->generate_hash($password);
- }
-
-
-
- // Update shadow timestamp?
- if (isset($attrs["shadowLastChange"][0])){
- $shadow= (int)(date("U") / 86400);
- } else {
- $shadow= 0;
- }
-
- // Write back modified entry
- $ldap->cd($dn);
- $attrs= array();
-
- // Not for groups
- if ($mode == 0){
-
- if ($shadow != 0){
- $attrs['shadowLastChange']= $shadow;
- }
-
- // Create SMB Password
- $attrs = generate_smb_nt_hash($password);
- }
-
- $attrs['userPassword']= array();
- $attrs['userPassword']= $newpass;
-
-
- $ldap->modify($attrs);
-
-
- if ($ldap->error != 'Success')
- {
- print_red(sprintf(_("Setting the password failed. LDAP server says '%s'."),
- $ldap->get_error()));
- }
}
}
-
-
-// Retrun something like array['sambaLMPassword']= "lalla..."
-function generate_smb_nt_hash($password)
-{
- global $config;
- $tmp= $config->data['MAIN']['SMBHASH']." ".escapeshellarg($password);
- @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute");
-
- exec($tmp, $ar);
- flush();
- reset($ar);
- $hash= current($ar);
- if ($hash == "")
- {
- print_red (_("Setting for SMBHASH in gosa.conf is incorrect! Can't change Samba password."));
- }
- else
- {
- list($lm,$nt)= split (":", trim($hash));
-
- if ($config->current['SAMBAVERSION'] == 3)
- {
- $attrs['sambaLMPassword']= $lm;
- $attrs['sambaNTPassword']= $nt;
- $attrs['sambaPwdLastSet']= date('U');
- $attrs['sambaBadPasswordCount']= "0";
- $attrs['sambaBadPasswordTime']= "0";
- } else {
- $attrs['lmPassword']= $lm;
- $attrs['ntPassword']= $nt;
- $attrs['pwdLastSet']= date('U');
- }
- return($attrs);
- }
-}
-
-function crypt_single($string,$enc_type )
-{
- if(!class_exists("passwordMethod")){
- require_once("class_password-methods.inc");
- }
- return( passwordMethod::crypt_single_str($string,$enc_type));
-}
-
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>