From ea4959a6ed5e679cf8a352a26cec8c37b2212e3f Mon Sep 17 00:00:00 2001 From: hickert Date: Thu, 19 Jul 2007 05:50:58 +0000 Subject: [PATCH] Applied patch from Ticket 112. Updated password method hash names to uppercase : {crypt} to {CRYPT} and so on TICKET DESC : Currently some password classes use a lowercase password hashing scheme string in the userPassword attribute whilst others use an uppercase hashing string. rfc2307 and rfc2307bis do not dictate a standard but the uppercase string is a representation that is being used historically by different vendors, including OpenLDAP itself. I propose to use uppercase everywhere (see attached patch). Since openldap/slapppaswd uses the uppercase notation itself I do not suspect any regressions on any deployed systems will occur. I know of an application that syncs passwords from LDAP for internal usage and trips over lowercase representation (which is a bug in that program ;-) ). That bug showed me that GOsa didn't handle this consistently. git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@6915 594d385d-05f5-0310-b6e9-bd551577e9d8 --- include/class_password-methods-crypt.inc | 2 +- include/class_password-methods-md5.inc | 2 +- include/class_password-methods-ssha.inc | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/class_password-methods-crypt.inc b/include/class_password-methods-crypt.inc index c3d21c8b4..28cda87e0 100644 --- a/include/class_password-methods-crypt.inc +++ b/include/class_password-methods-crypt.inc @@ -36,7 +36,7 @@ class passwordMethodCrypt extends passwordMethod function generate_hash($pwd) { - return "{crypt}".crypt($pwd, substr(session_id(),0,2)); + return "{CRYPT}".crypt($pwd, substr(session_id(),0,2)); } } diff --git a/include/class_password-methods-md5.inc b/include/class_password-methods-md5.inc index caf714753..43b3ec74c 100644 --- a/include/class_password-methods-md5.inc +++ b/include/class_password-methods-md5.inc @@ -38,7 +38,7 @@ class passwordMethodMd5 extends passwordMethod function generate_hash($pwd) { - return "{md5}".base64_encode( pack('H*', md5($pwd))); + return "{MD5}".base64_encode( pack('H*', md5($pwd))); } } diff --git a/include/class_password-methods-ssha.inc b/include/class_password-methods-ssha.inc index e80e56651..1f6819272 100644 --- a/include/class_password-methods-ssha.inc +++ b/include/class_password-methods-ssha.inc @@ -42,11 +42,11 @@ class passwordMethodssha extends passwordMethod if (function_exists("sha1")) { $salt= substr(pack("h*", md5(mt_rand())), 0, 8); $salt= substr(pack("H*", sha1($salt.$pwd)), 0, 4); - $pwd= "{ssha}".base64_encode(pack("H*", sha1($pwd.$salt)).$salt); + $pwd= "{SSHA}".base64_encode(pack("H*", sha1($pwd.$salt)).$salt); return $pwd; } elseif(function_exists("mhash")) { $salt=mhash_keygen_s2k(MHASH_SHA1,$pwd, substr(pack("h*",md5(mt_rand())),0,8),4); - $pwd= "{ssha}".base64_encode(mhash(MHASH_SHA1, $pwd.$salt).$salt); + $pwd= "{SSHA}".base64_encode(mhash(MHASH_SHA1, $pwd.$salt).$salt); } else { print_red(_("Can't use ssha for encryption. (Missing function mhash / sha1)")); return(false); -- 2.30.2