X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Fclass_password-methods.inc;h=9696df66d7a2994d09a8379d586fcc76a6904a1e;hb=7c4b2a414b0cb8f1cfd04713969d7e9b8c78d2f0;hp=97571da7900f3e6d51f3190319cc0ba9508d6e64;hpb=9661305ec872b58877cee3ac6b772134dcf7282c;p=gosa.git diff --git a/include/class_password-methods.inc b/include/class_password-methods.inc index 97571da79..9696df66d 100644 --- a/include/class_password-methods.inc +++ b/include/class_password-methods.inc @@ -22,12 +22,18 @@ class passwordMethod { var $config = false; + var $attrs= array(); // Konstructor function passwordMethod($config) { } + + function get_hash_name() + { + } + // Loads Methods in annother way as get_available_methods do, (For setup ..) // and loads them,. function get_available_methods_if_not_loaded($path_to_load="../include") @@ -46,7 +52,6 @@ class passwordMethod - // Crypts a single string, with given Method function crypt_single_str($string,$method) { @@ -63,171 +68,58 @@ class passwordMethod // this function returns all loaded classes for password encryption - function get_available_methods() + static function get_available_methods() { + global $class_mapping, $config; $ret =false; - $all = get_declared_classes(); - $i = 0; - foreach($all as $one) { - if(preg_match('/passwordMethod/i', $one) && !preg_match("/^passwordMethod$/i", $one)){ - $name = preg_replace ("/passwordMethod/i", "", $one); - $test = new $one(false); + $i =0; + foreach($class_mapping as $class => $path) { + if(preg_match('/passwordMethod/i', $class) && !preg_match("/^passwordMethod$/i", $class)){ + $name = preg_replace ("/passwordMethod/i", "", $class); + $test = new $class($config); if($test->is_available()) { - $plugname= strtolower(preg_replace ("/passwordMethod/i","",$one)); + $plugname= $test->get_hash_name(); $ret['name'][$i]= $plugname; - $ret['class'][$i]=$one; + $ret['class'][$i]=$class; $ret[$i]['name']= $plugname; - $ret[$i]['class']= $one; - $ret[$plugname]=$one; + $ret[$i]['class']= $class; + $ret[$plugname]=$class; $i++; } } } return($ret); } + -} - -// change_password, changes the Password, of the given dn -function change_password ($dn, $password, $mode=0, $hash= "") -{ - global $config; - $newpass= ""; - - // Get all available encryption Methods - - // NON STATIC CALL :) - $tmp = new passwordMethod($_SESSION['config']); - $available = $tmp->get_available_methods(); - - // read current password entry for $dn, to detect the encryption Method - $ldap = $config->get_ldap_link(); - $ldap->cat ($dn, array("shadowLastChange", "userPassword")); - $attrs = $ldap->fetch (); - - // Set encryption type to clear if required - if (isset($attrs['userPassword'][0]) && preg_match('/^[^{}]+$/', $attrs['userPassword'][0]) && $hash == ""){ - $hash= "clear"; - } - - // Detect the encryption Method - if ( (isset($attrs['userPassword'][0]) && preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)) || $hash != ""){ - - /* Check for supported algorithm */ - mt_srand((double) microtime()*1000000); - - /* Extract used hash */ - if ($hash == ""){ - $hash= strtolower($matches[1]); - } - - - // Crypt with the detected Method - $test = new $available[$hash]($config); - $newpass = $test->generate_hash($password); - - } else { - // Crypt it by default - $test = new $available['md5']($config); - $newpass = $test->generate_hash($password); - } - - // Update shadow timestamp? - if (isset($attrs["shadowLastChange"][0])){ - $shadow= (int)(date("U") / 86400); - } else { - $shadow= 0; + // Method to let password backends remove additional information besides + // the userPassword attribute + function remove_from_parent() + { } - // Write back modified entry - $ldap->cd($dn); - $attrs= array(); - // Not for groups - if ($mode == 0){ - - if ($shadow != 0){ - $attrs['shadowLastChange']= $shadow; - } - - // Create SMB Password - $attrs= generate_smb_nt_hash($password); + // Method to let passwords backends manage additional information + // besides the userAttribute entry + function set_password() + { } - $attrs['userPassword']= array(); - $attrs['userPassword']= $newpass; - - - $ldap->modify($attrs); - - if ($ldap->error != 'Success') { - print_red(sprintf(_("Setting the password failed. LDAP server says '%s'."), - $ldap->get_error())); - } else { - - /* Find postmodify entries for this class */ - $command= search_config($config->data['MENU'], "password", "POSTMODIFY"); - - if ($command != ""){ - /* Walk through attribute list */ - $command= preg_replace("/%userPassword/", $password, $command); - $command= preg_replace("/%dn/", $dn, $command); - - if (check_command($command)){ - @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute"); - exec($command); - } else { - $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, "password"); - print_red ($message); - } - } + // Return true if this password method provides a configuration dialog + function is_configurable() + { + return FALSE; } -} -// Return something like array['sambaLMPassword']= "lalla..." -function generate_smb_nt_hash($password) -{ - global $config; - $tmp= $config->data['MAIN']['SMBHASH']." ".escapeshellarg($password); - @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute"); - - exec($tmp, $ar); - flush(); - reset($ar); - $hash= current($ar); - if ($hash == "") + // Provide a subdialog to configure a password method + function configure() { - print_red (_("Setting for SMBHASH in gosa.conf is incorrect! Can't change Samba password.")); + return ""; } - else - { - list($lm,$nt)= split (":", trim($hash)); - if ($config->current['SAMBAVERSION'] == 3) - { - $attrs['sambaLMPassword']= $lm; - $attrs['sambaNTPassword']= $nt; - $attrs['sambaPwdLastSet']= date('U'); - $attrs['sambaBadPasswordCount']= "0"; - $attrs['sambaBadPasswordTime']= "0"; - } else { - $attrs['lmPassword']= $lm; - $attrs['ntPassword']= $nt; - $attrs['pwdLastSet']= date('U'); - } - return($attrs); - } -} -function crypt_single($string,$enc_type ) -{ - if(!class_exists("passwordMethod")){ - require_once("class_password-methods.inc"); - } - return( passwordMethod::crypt_single_str($string,$enc_type)); } - // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?>