WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

merged password hash settings

This commit is contained in:
Roland Gruber 2006-03-06 17:09:17 +00:00
parent a8e5513218
commit 7bb630c2c7
4 changed files with 36 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lam/HISTORY
View File

@ -1,3 +1,7 @@
??? 1.0.1
- merged password hash settings for Unix users and groups
01.03.2006 1.0.0 01.03.2006 1.0.0
- new architecture with support for more account types - new architecture with support for more account types
- new translations: Traditional Chinese, Dutch - new translations: Traditional Chinese, Dutch

3
lam/lib/baseModule.inc
View File

@ -323,9 +323,10 @@ class baseModule {
* Returns a list of elements for the configuration. * Returns a list of elements for the configuration.
* *
* @param array $scopes account types (user, group, host) * @param array $scopes account types (user, group, host)
* @param array $allScopes list of all modules and active scopes
* @return array configuration elements * @return array configuration elements
*/ */
function get_configOptions($scopes) { function get_configOptions($scopes, $allScopes) {
$return = array(); $return = array();
for ($i = 0; $i < sizeof($scopes); $i++) { for ($i = 0; $i < sizeof($scopes); $i++) {
if (isset($this->meta['config_options'][$scopes[$i]])) $return = array_merge($return, $this->meta['config_options'][$scopes[$i]]); if (isset($this->meta['config_options'][$scopes[$i]])) $return = array_merge($return, $this->meta['config_options'][$scopes[$i]]);

2
lam/lib/modules.inc
View File

@ -302,7 +302,7 @@ function getConfigOptions($scopes) {
$modules = array_keys($scopes); $modules = array_keys($scopes);
for ($i = 0; $i < sizeof($modules); $i++) { for ($i = 0; $i < sizeof($modules); $i++) {
$m = new $modules[$i]('none'); $m = new $modules[$i]('none');
$return[$modules[$i]] = $m->get_configOptions($scopes[$modules[$i]]); $return[$modules[$i]] = $m->get_configOptions($scopes[$modules[$i]], $scopes);
} }
return $return; return $return;
} }

43
lam/lib/modules/posixGroup.inc
View File

@ -105,7 +105,7 @@ class posixGroup extends baseModule {
// password // password
if ($rawAccounts[$i][$ids['posixGroup_password']] != "") { if ($rawAccounts[$i][$ids['posixGroup_password']] != "") {
if (get_preg($rawAccounts[$i][$ids['posixGroup_password']], 'password')) { if (get_preg($rawAccounts[$i][$ids['posixGroup_password']], 'password')) {
$partialAccounts[$i]['userPassword'] = pwd_hash($rawAccounts[$i][$ids['posixGroup_password']], true, $this->moduleSettings['posixGroup_pwdHash'][0]); $partialAccounts[$i]['userPassword'] = pwd_hash($rawAccounts[$i][$ids['posixGroup_password']], true, $this->moduleSettings['posixAccount_pwdHash'][0]);
} }
else { else {
$error_messages[] = $this->messages['userPassword'][1]; $error_messages[] = $this->messages['userPassword'][1];
@ -315,15 +315,7 @@ class posixGroup extends baseModule {
2 => array('kind' => 'text', 'value' => '&nbsp;'), 2 => array('kind' => 'text', 'value' => '&nbsp;'),
3 => array('kind' => 'text', 'text' => '<b>' . _('Maximum GID number') . " *: </b>"), 3 => array('kind' => 'text', 'text' => '<b>' . _('Maximum GID number') . " *: </b>"),
4 => array('kind' => 'input', 'name' => 'posixGroup_maxGID', 'type' => 'text', 'size' => '10', 'maxlength' => '255'), 4 => array('kind' => 'input', 'name' => 'posixGroup_maxGID', 'type' => 'text', 'size' => '10', 'maxlength' => '255'),
5 => array('kind' => 'help', 'value' => 'minMaxGID')), 5 => array('kind' => 'help', 'value' => 'minMaxGID'))
array(
0 => array('kind' => 'text', 'text' => '<b>' . _("Password hash type") . ': &nbsp;</b>'),
1 => array('kind' => 'select', 'name' => 'posixGroup_pwdHash', 'size' => '1',
'options' => array("CRYPT", "SHA", "SSHA", "MD5", "SMD5", "PLAIN"), 'options_selected' => array('SSHA')),
2 => array('kind' => 'text', 'value' => '&nbsp;'),
3 => array('kind' => 'text', 'value' => '&nbsp;'),
4 => array('kind' => 'text', 'value' => '&nbsp;'),
5 => array('kind' => 'help', 'value' => 'pwdHash'))
); );
// configuration descriptions // configuration descriptions
$return['config_descriptions'] = array( $return['config_descriptions'] = array(
@ -331,7 +323,7 @@ class posixGroup extends baseModule {
'descriptions' => array( 'descriptions' => array(
'posixGroup_minGID' => _("Minimum GID number for Unix groups"), 'posixGroup_minGID' => _("Minimum GID number for Unix groups"),
'posixGroup_maxGID' => _("Maximum GID number for Unix groups"), 'posixGroup_maxGID' => _("Maximum GID number for Unix groups"),
'posixGroup_pwdHash' => _("Password hash type for Unix groups"), 'posixAccount_pwdHash' => _("Password hash type for Unix groups"),
) )
); );
// configuration checks // configuration checks
@ -446,6 +438,29 @@ class posixGroup extends baseModule {
} }
/**
* Returns a list of elements for the configuration.
*
* @param array $scopes account types (user, group, host)
* @param array $allScopes list of all modules and active scopes
* @return array configuration elements
*/
function get_configOptions($scopes, $allScopes) {
$return = parent::get_configOptions($scopes, $allScopes);
$pwdHash = array(
0 => array('kind' => 'text', 'text' => '<b>' . _("Password hash type") . ': &nbsp;</b>'),
1 => array('kind' => 'select', 'name' => 'posixAccount_pwdHash', 'size' => '1',
'options' => array("CRYPT", "SHA", "SSHA", "MD5", "SMD5", "PLAIN"), 'options_selected' => array('SSHA')),
2 => array('kind' => 'text', 'value' => '&nbsp;'),
3 => array('kind' => 'text', 'value' => '&nbsp;'),
4 => array('kind' => 'text', 'value' => '&nbsp;'),
5 => array('kind' => 'help', 'value' => 'pwdHash')
);
// display password hash option only if posixAccount module is not used
if (!isset($allScopes['posixAccount'])) $return[] = $pwdHash;
return $return;
}
/** /**
* Returns the PDF entries for this module. * Returns the PDF entries for this module.
* *
@ -754,7 +769,7 @@ class posixGroup extends baseModule {
$return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = '*'; $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = '*';
// password changed // password changed
elseif (($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) && $this->attributes['userPassword'][0] != '') elseif (($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) && $this->attributes['userPassword'][0] != '')
$return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash($this->attributes['userPassword'][0], !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]); $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash($this->attributes['userPassword'][0], !$this->userPassword_lock, $this->moduleSettings['posixAccount_pwdHash'][0]);
// lock account if required // lock account if required
elseif ($this->userPassword_lock && (pwd_disable($this->orig['userPassword'][0]) != $this->orig['userPassword'][0])) elseif ($this->userPassword_lock && (pwd_disable($this->orig['userPassword'][0]) != $this->orig['userPassword'][0]))
$return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_disable($this->orig['userPassword'][0]); $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_disable($this->orig['userPassword'][0]);
@ -768,11 +783,11 @@ class posixGroup extends baseModule {
else { else {
// New user or no old password set // New user or no old password set
if ($this->userPassword_nopassword) // use no password if ($this->userPassword_nopassword) // use no password
$return[$_SESSION[$this->base]->dn]['add']['userPassword'][0] = pwd_hash('', !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]); $return[$_SESSION[$this->base]->dn]['add']['userPassword'][0] = pwd_hash('', !$this->userPassword_lock, $this->moduleSettings['posixAccount_pwdHash'][0]);
else if ($this->userPassword_invalid) // use '*' as password else if ($this->userPassword_invalid) // use '*' as password
$return[$_SESSION[$this->base]->dn]['add']['userPassword'][0] = '*'; $return[$_SESSION[$this->base]->dn]['add']['userPassword'][0] = '*';
else if ($this->attributes['userPassword'][0] != '') // set password if set else if ($this->attributes['userPassword'][0] != '') // set password if set
$return[$_SESSION[$this->base]->dn]['add']['userPassword'][0] = pwd_hash($this->attributes['userPassword'][0], !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]); $return[$_SESSION[$this->base]->dn]['add']['userPassword'][0] = pwd_hash($this->attributes['userPassword'][0], !$this->userPassword_lock, $this->moduleSettings['posixAccount_pwdHash'][0]);
} }
// Remove primary group from users from memberUid // Remove primary group from users from memberUid