From: cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Mon, 15 Oct 2007 15:19:34 +0000 (+0000)
Subject: Updated password methods to announce their hash
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=76cba442805ef41ad0e0e48e27fb82377ca1451e;p=gosa.git

Updated password methods to announce their hash


git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@7558 594d385d-05f5-0310-b6e9-bd551577e9d8
---

diff --git a/include/class_location.inc b/include/class_location.inc
index c5bab8115..07ef318d0 100644
--- a/include/class_location.inc
+++ b/include/class_location.inc
@@ -28,7 +28,6 @@ $class_mapping= array(
                 "passwordMethodssha" => "include/class_password-methods-ssha.inc",
                 "ppdManager" => "include/class_ppdManager.inc",
                 "passwordMethodkerberos" => "include/class_password-methods-kerberos.inc",
-                "passwordMethodsasl" => "include/class_password-methods-kerberos.inc",
                 "mailMethodSendmailCyrus" => "include/class_mail-methods-sendmail-cyrus.inc",
                 "LDAP" => "include/class_ldap.inc",
                 "mailMethod" => "include/class_mail-methods.inc",
@@ -47,6 +46,7 @@ $class_mapping= array(
                 "pluglist" => "include/class_pluglist.inc",
                 "divSelectBox" => "include/class_divSelectBox.inc",
                 "userinfo" => "include/class_userinfo.inc",
+                "passwordMethodheimdal" => "include/class_password-methods-heimdal.inc",
                 "sieve_block_start" => "include/sieve/class_sieveElement_Block_Start.inc",
                 "Semantics" => "include/sieve/class_semantics.inc",
                 "sieve_keep" => "include/sieve/class_sieveElement_Keep.inc",
diff --git a/include/class_password-methods-clear.inc b/include/class_password-methods-clear.inc
index e4d28e993..89e6c7b9e 100644
--- a/include/class_password-methods-clear.inc
+++ b/include/class_password-methods-clear.inc
@@ -35,6 +35,13 @@ class passwordMethodClear extends passwordMethod
 	{
 		return $pwd;       
 	}
+
+  
+  function get_hash_name()
+  {
+    return ("clear");
+  }
+
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
diff --git a/include/class_password-methods-crypt.inc b/include/class_password-methods-crypt.inc
index 28cda87e0..2c979aa9e 100644
--- a/include/class_password-methods-crypt.inc
+++ b/include/class_password-methods-crypt.inc
@@ -38,6 +38,13 @@ class passwordMethodCrypt extends passwordMethod
   {
     return "{CRYPT}".crypt($pwd, substr(session_id(),0,2));
   }
+
+
+  function get_hash_name()
+  {
+    return "crypt";
+  }
+
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
diff --git a/include/class_password-methods-heimdal.inc b/include/class_password-methods-heimdal.inc
new file mode 100644
index 000000000..4a83d26b2
--- /dev/null
+++ b/include/class_password-methods-heimdal.inc
@@ -0,0 +1,72 @@
+<?php
+/*
+   This code is part of GOsa (https://gosa.gonicus.de)
+   Copyright (C) 2004  Fabian Hickert 
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+
+class passwordMethodheimdal extends passwordMethod
+{
+	function passwordMethodheimdal(&$config)  
+	{
+    $this->config= $config;
+	}
+
+
+	function is_available()
+	{
+    # Check if heimdal information is available
+    # in configuration and return true/false
+    return true;
+	}
+
+
+	function generate_hash($pwd)
+	{
+    $mode= "kerberos";
+    if (isset($this->config->current['KRBSASL']) && preg_match('/^true$/i', $this->config->current['KRBSASL'])){
+      $mode= "sasl";
+    }
+
+    return "{".$mode."}".$this->attrs['uid'][0]."@".$cfg= $this->config->data['SERVERS']['KERBEROS']['REALM'];
+	}
+
+
+  function remove_from_parent()
+  {
+    # Find and remove kerberos entry below $this->dn
+  }
+
+
+  function set_password()
+  {
+    # Add or modify kerberos entry below $this->dn
+  }
+
+
+  function get_hash_name()
+  {
+    $mode= "kerberos";
+    if (isset($this->config->current['KRBSASL']) && preg_match('/^true$/i', $this->config->current['KRBSASL'])){
+      $mode= "sasl";
+    }
+    return "$mode";
+  }
+}
+
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>
diff --git a/include/class_password-methods-kerberos.inc b/include/class_password-methods-kerberos.inc
index af48ee998..24240bad5 100644
--- a/include/class_password-methods-kerberos.inc
+++ b/include/class_password-methods-kerberos.inc
@@ -66,7 +66,7 @@ class passwordMethodkerberos extends passwordMethod
       if (isset($this->config->current['KRBSASL']) && preg_match('/^true$/i', $this->config->current['KRBSASL'])){
         $mode= "sasl";
       }
-			$newpass= "{$mode}".$this->attrs['uid'][0]."@".$cfg['REALM'];
+			$newpass= "{".$mode."}".$this->attrs['uid'][0]."@".$cfg['REALM'];
 
 			return $newpass;       
 		}
@@ -110,11 +110,15 @@ class passwordMethodkerberos extends passwordMethod
     }
   }
 
-}
+  function get_hash_name()
+  {
+    $mode= "kerberos";
+    if (isset($this->config->current['KRBSASL']) && preg_match('/^true$/i', $this->config->current['KRBSASL'])){
+      $mode= "sasl";
+    }
+    return "$mode";
+  }
 
-/* Dummy class for OpenLDAP Kerberos/SASL change  */
-class passwordMethodsasl extends passwordMethodkerberos
-{
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
diff --git a/include/class_password-methods-md5.inc b/include/class_password-methods-md5.inc
index 43b3ec74c..ea16ce99c 100644
--- a/include/class_password-methods-md5.inc
+++ b/include/class_password-methods-md5.inc
@@ -40,6 +40,12 @@ class passwordMethodMd5 extends passwordMethod
 	{
 		return  "{MD5}".base64_encode( pack('H*', md5($pwd)));
 	}
+
+
+  function get_hash_name()
+  {
+    return "md5";
+  }
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
diff --git a/include/class_password-methods-sha.inc b/include/class_password-methods-sha.inc
index 0780a76e0..5a6d266ab 100644
--- a/include/class_password-methods-sha.inc
+++ b/include/class_password-methods-sha.inc
@@ -30,8 +30,6 @@ class passwordMethodsha extends passwordMethod
       return(true);
     }elseif(function_exists('mhash')){
       return true;
-    }elseif(function_exists('crypt')){
-      return true;
     }else{
       return false;
     }
@@ -44,15 +42,20 @@ class passwordMethodsha extends passwordMethod
       $hash = "{SHA}" . base64_encode(pack("H*",sha1($password)));
     }elseif (function_exists('mhash')) {
       $hash = "{SHA}" . base64_encode(mHash(MHASH_SHA1, $password));
-    }elseif(function_exists('crypt')) {
-      $hash = "{CRYPT}" . crypt($password);
     }else{
-      print_red(_("Can't use sha for encryption, missing function sha1 / mhash / crypt"));
+      print_red(_("Can't use sha for encryption, missing function sha1 / mhash"));
       return false;
     }
 
     return $hash; 
   }
+
+
+  function get_hash_name()
+  {
+    return "sha";
+  }
+
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
diff --git a/include/class_password-methods-smd5.inc b/include/class_password-methods-smd5.inc
index fea58f699..dff236255 100644
--- a/include/class_password-methods-smd5.inc
+++ b/include/class_password-methods-smd5.inc
@@ -42,6 +42,12 @@ class passwordMethodsmd5 extends passwordMethod
     $hash = "{SMD5}".base64_encode(pack("H*",md5($pwd . $salt)) . $salt);
     return $hash;       
   }
+
+  function get_hash_name()
+  {
+    return "smd5";
+  }
+
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
diff --git a/include/class_password-methods-ssha.inc b/include/class_password-methods-ssha.inc
index 1f6819272..34cb303fe 100644
--- a/include/class_password-methods-ssha.inc
+++ b/include/class_password-methods-ssha.inc
@@ -53,6 +53,13 @@ class passwordMethodssha extends passwordMethod
     }
     return $pwd;
   }
+
+
+  function get_hash_name()
+  {
+    return "ssha";
+  }
+
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
diff --git a/include/class_password-methods.inc b/include/class_password-methods.inc
index a23e55e07..f4a3c0b72 100644
--- a/include/class_password-methods.inc
+++ b/include/class_password-methods.inc
@@ -29,6 +29,11 @@ class passwordMethod
   {
   }
 
+
+  function get_hash_name()
+  {
+  }
+
   // Loads Methods in annother way as  get_available_methods do, (For setup ..)
   // and loads them,.
   function get_available_methods_if_not_loaded($path_to_load="../include")
@@ -47,7 +52,6 @@ class passwordMethod
 
 
 
-
   // Crypts a single string, with given Method
   function crypt_single_str($string,$method)
   {
@@ -66,15 +70,15 @@ class passwordMethod
   // this function returns all loaded classes for password encryption
   static function get_available_methods()
   {
-    global $class_mapping;
+    global $class_mapping, $config;
     $ret =false;
     $i =0;
     foreach($class_mapping as $class => $path) {
       if(preg_match('/passwordMethod/i', $class) && !preg_match("/^passwordMethod$/i", $class)){
         $name = preg_replace ("/passwordMethod/i", "", $class);
-        $test = new $class(false);
+        $test = new $class($config);
         if($test->is_available()) {
-          $plugname= strtolower(preg_replace ("/passwordMethod/i","",$class));
+          $plugname= $test->get_hash_name();
           $ret['name'][$i]= $plugname;
           $ret['class'][$i]=$class;
           $ret[$i]['name']= $plugname;
diff --git a/include/functions.inc b/include/functions.inc
index 2d5dd7b6d..7b36499ab 100644
--- a/include/functions.inc
+++ b/include/functions.inc
@@ -2429,18 +2429,17 @@ function change_password ($dn, $password, $mode=0, $hash= "")
     }
 
     $test = new  $available[$hash]($config);
-    $newpass =  $test->generate_hash($password);
 
   } else {
     // User MD5 by default
     $hash= "md5";
     $test = new  $available['md5']($config);
-    $newpass =  $test->generate_hash($password);
   }
 
   /* Feed password backends with information */
   $test->dn= $dn;
   $test->attrs= $attrs;
+  $newpass= $test->generate_hash($password);
 
   // Update shadow timestamp?
   if (isset($attrs["shadowLastChange"][0])){