X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Fclass_password-methods.inc;h=2f7db9525d18a74c91c82ed2b4c5618b8ef0e8a7;hb=b6ceb3ba053010e9a0559d2569e29c229bafeeaa;hp=f580eb75882b36879383f893e0e1c56efc38e0d5;hpb=4f9cffb729176413f627caa29815f02646d157df;p=gosa.git diff --git a/include/class_password-methods.inc b/include/class_password-methods.inc index f580eb758..2f7db9525 100644 --- a/include/class_password-methods.inc +++ b/include/class_password-methods.inc @@ -22,6 +22,7 @@ class passwordMethod { var $config = false; + var $attrs= array(); // Konstructor function passwordMethod($config) @@ -63,157 +64,28 @@ class passwordMethod // this function returns all loaded classes for password encryption - function get_available_methods() + static function get_available_methods() { + global $class_mapping; $ret =false; - $all = get_declared_classes(); - $i = 0; - foreach($all as $one) { - if(preg_match('/passwordMethod/i', $one) && !preg_match("/^passwordMethod$/i", $one)){ - $name = preg_replace ("/passwordMethod/i", "", $one); - $test = new $one(false); + $i =0; + foreach($class_mapping as $class => $path) { + if(preg_match('/passwordMethod/i', $class) && !preg_match("/^passwordMethod$/i", $class)){ + $name = preg_replace ("/passwordMethod/i", "", $class); + $test = new $class(false); if($test->is_available()) { - $ret['name'][$i]= preg_replace ("/passwordMethod/i","",$one); - $ret['class'][$i]=$one; - $ret[$i]['name']= preg_replace("/passwordMethod/i","",$one); - $ret[$i]['class']= $one; - $ret[preg_replace ("/passwordMethod/i","",$one)]=$one; + $plugname= strtolower(preg_replace ("/passwordMethod/i","",$class)); + $ret['name'][$i]= $plugname; + $ret['class'][$i]=$class; + $ret[$i]['name']= $plugname; + $ret[$i]['class']= $class; + $ret[$plugname]=$class; $i++; } } } return($ret); } - -} - -// change_password, changes the Password, of the given dn -function change_password ($dn, $password, $mode=0, $hash= "") -{ - - global $config; - $newpass= ""; - - - // Get all available encryption Methods - $available = passwordMethod::get_available_methods(); - - - // read current password entry for $dn, to detect the encryption Method - $ldap = $config->get_ldap_link(); - $ldap->cat ($dn); - $attrs = $ldap->fetch (); - - // Set encryption type to clear if required - if (isset($attrs['userPassword'][0]) && preg_match('/^[^{}]+$/', $attrs['userPassword'][0]) && $hash == ""){ - $hash= "clear"; - } - - - - // Detect the encryption Method - if ( (isset($attrs['userPassword'][0]) && preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)) || $hash != ""){ - - /* Check for supported algorithm */ - mt_srand((double) microtime()*1000000); - - /* Extract used hash */ - if ($hash == ""){ - $hash= strtolower($matches[1]); - } - - - // Crypt with the detected Method - $test = new $available[$hash]($config); - $newpass = $test->generate_hash($password); - - } else { - // Crypt it by default - $test = new $available['md5']($config); - $newpass = $test->generate_hash($password); - } - - - - // Update shadow timestamp? - if (isset($attrs["shadowLastChange"][0])){ - $shadow= (int)(date("U") / 86400); - } else { - $shadow= 0; - } - - // Write back modified entry - $ldap->cd($dn); - $attrs= array(); - - // Not for groups - if ($mode == 0){ - - if ($shadow != 0){ - $attrs['shadowLastChange']= $shadow; - } - - // Create SMB Password - $attrs = generate_smb_nt_hash($password); - } - - $attrs['userPassword']= array(); - $attrs['userPassword']= $newpass; - - - $ldap->modify($attrs); - - - if ($ldap->error != 'Success') - { - print_red(sprintf(_("Setting the password failed. LDAP server says '%s'."), - $ldap->get_error())); - } } - - -// Retrun something like array['sambaLMPassword']= "lalla..." -function generate_smb_nt_hash($password) -{ - global $config; - $tmp= $config->data['MAIN']['SMBHASH']." ".escapeshellarg($password); - @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute"); - - exec($tmp, $ar); - flush(); - reset($ar); - $hash= current($ar); - if ($hash == "") - { - print_red (_("Setting for SMBHASH in gosa.conf is incorrect! Can't change Samba password.")); - } - else - { - list($lm,$nt)= split (":", trim($hash)); - - if ($config->current['SAMBAVERSION'] == 3) - { - $attrs['sambaLMPassword']= $lm; - $attrs['sambaNTPassword']= $nt; - $attrs['sambaPwdLastSet']= date('U'); - $attrs['sambaBadPasswordCount']= "0"; - $attrs['sambaBadPasswordTime']= "0"; - } else { - $attrs['lmPassword']= $lm; - $attrs['ntPassword']= $nt; - $attrs['pwdLastSet']= date('U'); - } - return($attrs); - } -} - -function crypt_single($string,$enc_type ) -{ - if(!class_exists("passwordMethod")){ - require_once("class_password-methods.inc"); - } - return( passwordMethod::crypt_single_str($string,$enc_type)); -} - // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?>