diff --git a/lam/config/lam.conf_sample b/lam/config/lam.conf_sample
index 69156de0..547d9504 100644
--- a/lam/config/lam.conf_sample
+++ b/lam/config/lam.conf_sample
@@ -71,3 +71,10 @@ scriptServer:
# Set to "yes" only if you use the new Samba 3.x schema.
samba3: no
+
+# Number of minutes LAM caches LDAP searches.
+cachetimeout: 5
+
+# Password hash algorithm (CRYPT/MD5/SMD5/SHA/SSHA).
+pwdhash: SSHA
+
diff --git a/lam/help/help.inc b/lam/help/help.inc
index 9b9fa3c1..ba8e291e 100644
--- a/lam/help/help.inc
+++ b/lam/help/help.inc
@@ -104,6 +104,8 @@ $helpArray = array (
""),
"214" => array ("ext" => "FALSE", "Headline" => _("Configuration Wizard") . " - " . _("Cache timeout"),
"Text" => _("This is the time in minutes which LAM caches its LDAP searches. Shorter times will stress LDAP more but decrease the possibility that changes are not identified.")),
+ "215" => array ("ext" => "FALSE", "Headline" => _("Configuration Wizard") . " - " . _("Password hash type"),
+ "Text" => _("LAM supports CRYPT, SHA, SSHA, MD5 and SMD5 to generate the hash value of an user password. SSHA and CRYPT are the most common but CRYPT does not support passwords greater than 8 letters.")),
"230" => array ("ext" => "FALSE", "Headline" => _("Profile management") . " - " . _("Add profile"),
"Text" => _("Please enter the name of the new profile and the password to change its settings. Profile names may contain letters, numbers and -/_.")),
"231" => array ("ext" => "FALSE", "Headline" => _("Profile management") . " - " . _("Rename profile"),
diff --git a/lam/lib/config.inc b/lam/lib/config.inc
index 23f083c9..97be6833 100644
--- a/lam/lib/config.inc
+++ b/lam/lib/config.inc
@@ -132,6 +132,9 @@ class Config {
// LDAP cache timeout
var $cachetimeout;
+ // password hash algorithm
+ var $pwdhash;
+
// name of configuration file
var $file;
@@ -139,7 +142,7 @@ class Config {
var $settings = array("ServerURL", "Passwd", "Admins", "usersuffix", "groupsuffix", "hostsuffix",
"domainsuffix", "MinUID", "MaxUID", "MinGID", "MaxGID", "MinMachine", "MaxMachine",
"userlistAttributes", "grouplistAttributes", "hostlistAttributes", "maxlistentries",
- "defaultLanguage", "scriptPath", "scriptServer", "samba3", "cachetimeout");
+ "defaultLanguage", "scriptPath", "scriptServer", "samba3", "cachetimeout", "pwdhash");
// constructor, loads preferences from config file
@@ -236,6 +239,7 @@ class Config {
if (!in_array("scriptServer", $saved)) array_push($file_array, "\n\n# Server of external Script\n" . "scriptServer: " . $this->scriptServer . "\n");
if (!in_array("samba3", $saved)) array_push($file_array, "\n\n# Set to \"yes\" only if you use the new Samba 3.x schema.\n" . "samba3: " . $this->samba3 . "\n");
if (!in_array("cachetimeout", $saved)) array_push($file_array, "\n\n# Number of minutes LAM caches LDAP searches.\n" . "cacheTimeout: " . $this->cachetimeout . "\n");
+ if (!in_array("pwdhash", $saved)) array_push($file_array, "\n\n# Password hash algorithm (CRYPT/MD5/SMD5/SHA/SSHA).\n" . "pwdhash: " . $this->pwdhash . "\n");
$file = fopen($conffile, "w");
if ($file) {
for ($i = 0; $i < sizeof($file_array); $i++) fputs($file, $file_array[$i]);
@@ -252,6 +256,7 @@ class Config {
// prints current preferences
function printconf() {
echo "" . _("Server address") . ": " . $this->ServerURL . "
";
+ echo "" . _("Password hash type") . ": " . $this->pwdhash . "
";
echo "" . _("Cache timeout") . ": " . $this->cachetimeout . "
";
echo "" . _("Samba 3.x schema") . ": " . $this->samba3 . "
";
echo "" . _("UserSuffix") . ": " . $this->usersuffix . "
";
@@ -565,7 +570,8 @@ class Config {
// returns the LDAP cache timeout in minutes
function get_cacheTimeout() {
- return $this->cachetimeout;
+ if ($this->cachetimeout) return $this->cachetimeout;
+ else return 5;
}
// returns the LDAP cache timeout in seconds
@@ -573,7 +579,7 @@ class Config {
return $this->cachetimeout * 60;
}
- // sets the LDAP cache timeout in minutes
+ // sets the LDAP cache timeout in minutes (0,1,2,5,10,15)
function set_cacheTimeout($value) {
if (is_numeric($value) && ($value > -1)) {
$this->cachetimeout = $value;
@@ -582,6 +588,21 @@ class Config {
return true;
}
+ // returns the password hash type
+ function get_pwdhash() {
+ if ($this->pwdhash) return strtoupper($this->pwdhash);
+ else return "SSHA";
+ }
+
+ // set the password hash type (CRYPT/SHA/SSHA/MD5/SMD5)
+ function set_pwdhash($value) {
+ if (is_string($value) && eregi("^(crypt|sha|ssha|md5|smd5)$", $value)) {
+ $this->pwdhash = $value;
+ }
+ else return false;
+ return true;
+ }
+
}
/*
diff --git a/lam/templates/config/conflogin.php b/lam/templates/config/conflogin.php
index d544876c..66f89935 100644
--- a/lam/templates/config/conflogin.php
+++ b/lam/templates/config/conflogin.php
@@ -55,7 +55,7 @@ unset($_SESSION['conf_lang']);
unset($_SESSION['conf_scriptpath']);
unset($_SESSION['conf_scriptserver']);
unset($_SESSION['conf_samba3']);
-unset($_SESSION['conf_domainSID']);
+unset($_SESSION['conf_pwdhash']);
unset($_SESSION['conf_filename']);
echo $_SESSION['header'];
diff --git a/lam/templates/config/confmain.php b/lam/templates/config/confmain.php
index a875a93e..63d5a75e 100644
--- a/lam/templates/config/confmain.php
+++ b/lam/templates/config/confmain.php
@@ -60,6 +60,7 @@ if ($_POST['back'] || $_POST['submitconf']){
if ($_POST['maxlistentries']) $_SESSION['conf_maxlistentries'] = $_POST['maxlistentries'];
if ($_POST['lang']) $_SESSION['conf_lang'] = $_POST['lang'];
if ($_POST['samba3']) $_SESSION['conf_samba3'] = $_POST['samba3'];
+ if ($_POST['pwdhash']) $_SESSION['conf_pwdhash'] = $_POST['pwdhash'];
if ($_POST['scriptpath']) $_SESSION['conf_scriptpath'] = $_POST['scriptpath'];
else $_SESSION['conf_scriptpath'] = "";
if ($_POST['scriptserver']) $_SESSION['conf_scriptserver'] = $_POST['scriptserver'];
@@ -140,6 +141,21 @@ echo ("