index 97157804e0f749f8ef3af84d1b0c3e92ca399780..8d9021a4cf8d481fbbd91366dd12bc5787be349a 100644 (file)
class passwordMethod
{
var $config = false;
+ var $attrs= array();
// Konstructor
function passwordMethod($config)
function get_available_methods()
{
$ret =false;
- $all = (get_declared_classes());
+ $all = get_declared_classes();
$i = 0;
foreach($all as $one) {
- if((strstr($one,"passwordmethod" ))&&($one != "passwordmethod")){
- $name = str_replace ("passwordmethod","",$one);
+ if(preg_match('/passwordMethod/i', $one) && !preg_match("/^passwordMethod$/i", $one)){
+ $name = preg_replace ("/passwordMethod/i", "", $one);
$test = new $one(false);
if($test->is_available()) {
- $ret['name'][$i]=str_replace ("passwordmethod","",$one);
+ $plugname= strtolower(preg_replace ("/passwordMethod/i","",$one));
+ $ret['name'][$i]= $plugname;
$ret['class'][$i]=$one;
- $ret[$i]['name']=str_replace ("passwordmethod","",$one);
- $ret[$i]['class']=$one;
- $ret[str_replace ("passwordmethod","",$one)]=$one;
+ $ret[$i]['name']= $plugname;
+ $ret[$i]['class']= $one;
+ $ret[$plugname]=$one;
$i++;
}
}
// change_password, changes the Password, of the given dn
function change_password ($dn, $password, $mode=0, $hash= "")
{
-
global $config;
$newpass= "";
-
// Get all available encryption Methods
- $available = passwordMethod::get_available_methods();
+ // NON STATIC CALL :)
+ $tmp = new passwordMethod($_SESSION['config']);
+ $available = $tmp->get_available_methods();
// read current password entry for $dn, to detect the encryption Method
$ldap = $config->get_ldap_link();
- $ldap->cat ($dn);
+ $ldap->cat ($dn, array("shadowLastChange", "userPassword", "uid"));
$attrs = $ldap->fetch ();
- // Set encryption type to clear if required
- if (isset($attrs['userPassword'][0]) && preg_match('/^[^{}]+$/', $attrs['userPassword'][0]) && $hash == ""){
- $hash= "clear";
+ // Check if user account was deactivated, indicated by ! after } ... {crypt}!###
+ if(isset($attrs['userPassword'][0]) && preg_match("/^[^\}]*+\}!/",$attrs['userPassword'][0])){
+ $deactivated = TRUE;
+ }else{
+ $deactivated = FALSE;
}
+# // Get current password hash method if available
+# if($hash == "" && isset($attrs['userPassword'][0]) && preg_match("/[\{\}]/",$attrs['userPassword'][0])){
+# $hash = preg_replace("/^[^\{]*+\{([^\}]*).*$/","\\1",$attrs['userPassword'][0]);
+# $hash = strtolower($hash);
+# }
+# // Set encryption type to clear if required
+# if (!isset($attrs['userPassword'][0]) || $hash == ""){
+# $hash= "clear";
+# }
+
+ /* Is ensure that clear passwords will stay clear */
+ if($hash == "" && isset($attrs['userPassword'][0]) && !preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0])){
+ $hash = "clear";
+ }
// Detect the encryption Method
if ( (isset($attrs['userPassword'][0]) && preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)) || $hash != ""){
$hash= strtolower($matches[1]);
}
-
// Crypt with the detected Method
$test = new $available[$hash]($config);
+ $test->attrs= $attrs;
$newpass = $test->generate_hash($password);
} else {
$newpass = $test->generate_hash($password);
}
-
-
// Update shadow timestamp?
if (isset($attrs["shadowLastChange"][0])){
$shadow= (int)(date("U") / 86400);
}
// Create SMB Password
- $attrs = generate_smb_nt_hash($password);
+ $attrs= generate_smb_nt_hash($password);
+ }
+
+ /* Readd ! if user was deactivated */
+ if($deactivated){
+ $newpass = preg_replace("/(^[^\}]+\})(.*$)/","\\1!\\2",$newpass);
}
$attrs['userPassword']= array();
$ldap->modify($attrs);
- if ($ldap->error != 'Success')
- {
+ if ($ldap->error != 'Success') {
print_red(sprintf(_("Setting the password failed. LDAP server says '%s'."),
$ldap->get_error()));
+ } else {
+
+ /* Find postmodify entries for this class */
+ $command= search_config($config->data['MENU'], "password", "POSTMODIFY");
+
+ if ($command != ""){
+ /* Walk through attribute list */
+ $command= preg_replace("/%userPassword/", $password, $command);
+ $command= preg_replace("/%dn/", $dn, $command);
+
+ if (check_command($command)){
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
+ exec($command);
+ } else {
+ $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, "password");
+ print_red ($message);
+ }
+ }
}
}
-// Retrun something like array['sambaLMPassword']= "lalla..."
+// Return something like array['sambaLMPassword']= "lalla..."
function generate_smb_nt_hash($password)
{
global $config;
$hash= current($ar);
if ($hash == "")
{
- print_red (_("Setting for SMBHASH in gosa.conf is incorrect! Can't change Samba password."));
+ print_red (sprintf(_("Setting for SMBHASH in %s is incorrect! Can't change Samba password."),CONFIG_FILE));
}
else
{