added password hash setting

This commit is contained in:
Roland Gruber 2003-10-04 12:34:19 +00:00
parent 9bbec43dfa
commit a3a7cf56f5
7 changed files with 57 additions and 4 deletions

View File

@ -71,3 +71,10 @@ scriptServer:
# Set to "yes" only if you use the new Samba 3.x schema. # Set to "yes" only if you use the new Samba 3.x schema.
samba3: no samba3: no
# Number of minutes LAM caches LDAP searches.
cachetimeout: 5
# Password hash algorithm (CRYPT/MD5/SMD5/SHA/SSHA).
pwdhash: SSHA

View File

@ -104,6 +104,8 @@ $helpArray = array (
"</b>"), "</b>"),
"214" => array ("ext" => "FALSE", "Headline" => _("Configuration Wizard") . " - " . _("Cache timeout"), "214" => array ("ext" => "FALSE", "Headline" => _("Configuration Wizard") . " - " . _("Cache timeout"),
"Text" => _("This is the time in minutes which LAM caches its LDAP searches. Shorter times will stress LDAP more but decrease the possibility that changes are not identified.")), "Text" => _("This is the time in minutes which LAM caches its LDAP searches. Shorter times will stress LDAP more but decrease the possibility that changes are not identified.")),
"215" => array ("ext" => "FALSE", "Headline" => _("Configuration Wizard") . " - " . _("Password hash type"),
"Text" => _("LAM supports CRYPT, SHA, SSHA, MD5 and SMD5 to generate the hash value of an user password. SSHA and CRYPT are the most common but CRYPT does not support passwords greater than 8 letters.")),
"230" => array ("ext" => "FALSE", "Headline" => _("Profile management") . " - " . _("Add profile"), "230" => array ("ext" => "FALSE", "Headline" => _("Profile management") . " - " . _("Add profile"),
"Text" => _("Please enter the name of the new profile and the password to change its settings. Profile names may contain letters, numbers and -/_.")), "Text" => _("Please enter the name of the new profile and the password to change its settings. Profile names may contain letters, numbers and -/_.")),
"231" => array ("ext" => "FALSE", "Headline" => _("Profile management") . " - " . _("Rename profile"), "231" => array ("ext" => "FALSE", "Headline" => _("Profile management") . " - " . _("Rename profile"),

View File

@ -132,6 +132,9 @@ class Config {
// LDAP cache timeout // LDAP cache timeout
var $cachetimeout; var $cachetimeout;
// password hash algorithm
var $pwdhash;
// name of configuration file // name of configuration file
var $file; var $file;
@ -139,7 +142,7 @@ class Config {
var $settings = array("ServerURL", "Passwd", "Admins", "usersuffix", "groupsuffix", "hostsuffix", var $settings = array("ServerURL", "Passwd", "Admins", "usersuffix", "groupsuffix", "hostsuffix",
"domainsuffix", "MinUID", "MaxUID", "MinGID", "MaxGID", "MinMachine", "MaxMachine", "domainsuffix", "MinUID", "MaxUID", "MinGID", "MaxGID", "MinMachine", "MaxMachine",
"userlistAttributes", "grouplistAttributes", "hostlistAttributes", "maxlistentries", "userlistAttributes", "grouplistAttributes", "hostlistAttributes", "maxlistentries",
"defaultLanguage", "scriptPath", "scriptServer", "samba3", "cachetimeout"); "defaultLanguage", "scriptPath", "scriptServer", "samba3", "cachetimeout", "pwdhash");
// constructor, loads preferences from config file // constructor, loads preferences from config file
@ -236,6 +239,7 @@ class Config {
if (!in_array("scriptServer", $saved)) array_push($file_array, "\n\n# Server of external Script\n" . "scriptServer: " . $this->scriptServer . "\n"); if (!in_array("scriptServer", $saved)) array_push($file_array, "\n\n# Server of external Script\n" . "scriptServer: " . $this->scriptServer . "\n");
if (!in_array("samba3", $saved)) array_push($file_array, "\n\n# Set to \"yes\" only if you use the new Samba 3.x schema.\n" . "samba3: " . $this->samba3 . "\n"); if (!in_array("samba3", $saved)) array_push($file_array, "\n\n# Set to \"yes\" only if you use the new Samba 3.x schema.\n" . "samba3: " . $this->samba3 . "\n");
if (!in_array("cachetimeout", $saved)) array_push($file_array, "\n\n# Number of minutes LAM caches LDAP searches.\n" . "cacheTimeout: " . $this->cachetimeout . "\n"); if (!in_array("cachetimeout", $saved)) array_push($file_array, "\n\n# Number of minutes LAM caches LDAP searches.\n" . "cacheTimeout: " . $this->cachetimeout . "\n");
if (!in_array("pwdhash", $saved)) array_push($file_array, "\n\n# Password hash algorithm (CRYPT/MD5/SMD5/SHA/SSHA).\n" . "pwdhash: " . $this->pwdhash . "\n");
$file = fopen($conffile, "w"); $file = fopen($conffile, "w");
if ($file) { if ($file) {
for ($i = 0; $i < sizeof($file_array); $i++) fputs($file, $file_array[$i]); for ($i = 0; $i < sizeof($file_array); $i++) fputs($file, $file_array[$i]);
@ -252,6 +256,7 @@ class Config {
// prints current preferences // prints current preferences
function printconf() { function printconf() {
echo "<b>" . _("Server address") . ": </b>" . $this->ServerURL . "<br>"; echo "<b>" . _("Server address") . ": </b>" . $this->ServerURL . "<br>";
echo "<b>" . _("Password hash type") . ": </b>" . $this->pwdhash . "<br>";
echo "<b>" . _("Cache timeout") . ": </b>" . $this->cachetimeout . "<br>"; echo "<b>" . _("Cache timeout") . ": </b>" . $this->cachetimeout . "<br>";
echo "<b>" . _("Samba 3.x schema") . ": </b>" . $this->samba3 . "<br>"; echo "<b>" . _("Samba 3.x schema") . ": </b>" . $this->samba3 . "<br>";
echo "<b>" . _("UserSuffix") . ": </b>" . $this->usersuffix . "<br>"; echo "<b>" . _("UserSuffix") . ": </b>" . $this->usersuffix . "<br>";
@ -565,7 +570,8 @@ class Config {
// returns the LDAP cache timeout in minutes // returns the LDAP cache timeout in minutes
function get_cacheTimeout() { function get_cacheTimeout() {
return $this->cachetimeout; if ($this->cachetimeout) return $this->cachetimeout;
else return 5;
} }
// returns the LDAP cache timeout in seconds // returns the LDAP cache timeout in seconds
@ -573,7 +579,7 @@ class Config {
return $this->cachetimeout * 60; return $this->cachetimeout * 60;
} }
// sets the LDAP cache timeout in minutes // sets the LDAP cache timeout in minutes (0,1,2,5,10,15)
function set_cacheTimeout($value) { function set_cacheTimeout($value) {
if (is_numeric($value) && ($value > -1)) { if (is_numeric($value) && ($value > -1)) {
$this->cachetimeout = $value; $this->cachetimeout = $value;
@ -582,6 +588,21 @@ class Config {
return true; return true;
} }
// returns the password hash type
function get_pwdhash() {
if ($this->pwdhash) return strtoupper($this->pwdhash);
else return "SSHA";
}
// set the password hash type (CRYPT/SHA/SSHA/MD5/SMD5)
function set_pwdhash($value) {
if (is_string($value) && eregi("^(crypt|sha|ssha|md5|smd5)$", $value)) {
$this->pwdhash = $value;
}
else return false;
return true;
}
} }
/* /*

View File

@ -55,7 +55,7 @@ unset($_SESSION['conf_lang']);
unset($_SESSION['conf_scriptpath']); unset($_SESSION['conf_scriptpath']);
unset($_SESSION['conf_scriptserver']); unset($_SESSION['conf_scriptserver']);
unset($_SESSION['conf_samba3']); unset($_SESSION['conf_samba3']);
unset($_SESSION['conf_domainSID']); unset($_SESSION['conf_pwdhash']);
unset($_SESSION['conf_filename']); unset($_SESSION['conf_filename']);
echo $_SESSION['header']; echo $_SESSION['header'];

View File

@ -60,6 +60,7 @@ if ($_POST['back'] || $_POST['submitconf']){
if ($_POST['maxlistentries']) $_SESSION['conf_maxlistentries'] = $_POST['maxlistentries']; if ($_POST['maxlistentries']) $_SESSION['conf_maxlistentries'] = $_POST['maxlistentries'];
if ($_POST['lang']) $_SESSION['conf_lang'] = $_POST['lang']; if ($_POST['lang']) $_SESSION['conf_lang'] = $_POST['lang'];
if ($_POST['samba3']) $_SESSION['conf_samba3'] = $_POST['samba3']; if ($_POST['samba3']) $_SESSION['conf_samba3'] = $_POST['samba3'];
if ($_POST['pwdhash']) $_SESSION['conf_pwdhash'] = $_POST['pwdhash'];
if ($_POST['scriptpath']) $_SESSION['conf_scriptpath'] = $_POST['scriptpath']; if ($_POST['scriptpath']) $_SESSION['conf_scriptpath'] = $_POST['scriptpath'];
else $_SESSION['conf_scriptpath'] = ""; else $_SESSION['conf_scriptpath'] = "";
if ($_POST['scriptserver']) $_SESSION['conf_scriptserver'] = $_POST['scriptserver']; if ($_POST['scriptserver']) $_SESSION['conf_scriptserver'] = $_POST['scriptserver'];
@ -140,6 +141,21 @@ echo ("<td><a href=\"../help.php?HelpNumber=202\" target=\"lamhelp\">" . _("Help
echo ("<tr><td align=\"right\"><b>". echo ("<tr><td align=\"right\"><b>".
_("DomainSuffix") . " **: </b></td>". _("DomainSuffix") . " **: </b></td>".
"<td><input size=50 type=\"text\" name=\"suffdomains\" value=\"" . $conf->get_DomainSuffix() . "\"></td>\n"); "<td><input size=50 type=\"text\" name=\"suffdomains\" value=\"" . $conf->get_DomainSuffix() . "\"></td>\n");
echo ("<td><a href=\"../help.php?HelpNumber=202\" target=\"lamhelp\">" . _("Help") . "</a></td></tr>\n");
// new line
echo ("<tr><td colspan=3>&nbsp</td></tr>");
// LDAP password hash type
echo ("<tr><td align=\"right\"><b>".
_("Password hash type") . " *: </b></td>".
"<td><select name=\"pwdhash\">\n<option selected>" . $conf->get_pwdhash() . "</option>\n");
if ($conf->get_pwdhash() != "CRYPT") echo("<option>CRYPT</option>\n");
if ($conf->get_pwdhash() != "SHA") echo("<option>SHA</option>\n");
if ($conf->get_pwdhash() != "SSHA") echo("<option>SSHA</option>\n");
if ($conf->get_pwdhash() != "MD5") echo("<option>MD5</option>\n");
if ($conf->get_pwdhash() != "SMD5") echo("<option>SMD5</option>\n");
echo ("</select></td>\n");
echo ("<td><a href=\"../help.php?HelpNumber=215\" target=\"lamhelp\">" . _("Help") . "</a></td></tr>\n"); echo ("<td><a href=\"../help.php?HelpNumber=215\" target=\"lamhelp\">" . _("Help") . "</a></td></tr>\n");
// new line // new line

View File

@ -58,6 +58,7 @@ if ($_SESSION['conf_lang']) $lang = $_SESSION['conf_lang'];
if ($_SESSION['conf_scriptpath']) $scriptpath = $_SESSION['conf_scriptpath']; if ($_SESSION['conf_scriptpath']) $scriptpath = $_SESSION['conf_scriptpath'];
if ($_SESSION['conf_scriptserver']) $scriptserver = $_SESSION['conf_scriptserver']; if ($_SESSION['conf_scriptserver']) $scriptserver = $_SESSION['conf_scriptserver'];
if ($_SESSION['conf_samba3']) $samba3 = $_SESSION['conf_samba3']; if ($_SESSION['conf_samba3']) $samba3 = $_SESSION['conf_samba3'];
if ($_SESSION['conf_pwdhash']) $pwdhash = $_SESSION['conf_pwdhash'];
if ($_SESSION['conf_filename']) $filename = $_SESSION['conf_filename']; if ($_SESSION['conf_filename']) $filename = $_SESSION['conf_filename'];
// check if password is correct // check if password is correct
@ -209,6 +210,7 @@ $conf->set_defaultLanguage($lang);
$conf->set_samba3($samba3); $conf->set_samba3($samba3);
$conf->set_scriptpath($scriptpath); $conf->set_scriptpath($scriptpath);
$conf->set_scriptserver($scriptserver); $conf->set_scriptserver($scriptserver);
$conf->set_pwdhash($pwdhash);
@ -258,6 +260,7 @@ unset($_SESSION['conf_lang']);
unset($_SESSION['conf_scriptpath']); unset($_SESSION['conf_scriptpath']);
unset($_SESSION['conf_scriptserver']); unset($_SESSION['conf_scriptserver']);
unset($_SESSION['conf_samba3']); unset($_SESSION['conf_samba3']);
unset($_SESSION['conf_pwdhash']);
unset($_SESSION['conf_filename']); unset($_SESSION['conf_filename']);
?> ?>

View File

@ -53,6 +53,7 @@ $defaultlanguage = $conf->get_defaultlanguage();
$scriptpath = $conf->get_scriptPath(); $scriptpath = $conf->get_scriptPath();
$scriptServer = $conf->get_scriptServer(); $scriptServer = $conf->get_scriptServer();
$samba3 = $conf->get_samba3(); $samba3 = $conf->get_samba3();
$pwdhash = $conf->get_pwdhash();
echo ("done<br>"); echo ("done<br>");
// next we modify them and save lam.conf // next we modify them and save lam.conf
echo ("Changing preferences..."); echo ("Changing preferences...");
@ -78,6 +79,7 @@ $conf->set_defaultlanguage("de_AT:iso639_de:Deutsch (Oesterreich)");
$conf->set_scriptPath("/var/www/lam/lib/script"); $conf->set_scriptPath("/var/www/lam/lib/script");
$conf->set_scriptServer("127.0.0.1"); $conf->set_scriptServer("127.0.0.1");
$conf->set_samba3("yes"); $conf->set_samba3("yes");
$conf->set_pwdhash("SMD5");
$conf->save(); $conf->save();
echo ("done<br>"); echo ("done<br>");
// at last all preferences are read from lam.conf and compared // at last all preferences are read from lam.conf and compared
@ -105,6 +107,7 @@ if ($conf2->get_defaultlanguage() != "de_AT:iso639_de:Deutsch (Oesterreich)") ec
if ($conf2->get_scriptPath() != "/var/www/lam/lib/script") echo ("<br><font color=\"#FF0000\">Saving script path failed!</font><br>"); if ($conf2->get_scriptPath() != "/var/www/lam/lib/script") echo ("<br><font color=\"#FF0000\">Saving script path failed!</font><br>");
if ($conf2->get_scriptServer() != "127.0.0.1") echo ("<br><font color=\"#FF0000\">Saving script server failed!</font><br>"); if ($conf2->get_scriptServer() != "127.0.0.1") echo ("<br><font color=\"#FF0000\">Saving script server failed!</font><br>");
if ($conf2->get_samba3() != "yes") echo ("<br><font color=\"#FF0000\">Saving samba3 failed!</font><br>"); if ($conf2->get_samba3() != "yes") echo ("<br><font color=\"#FF0000\">Saving samba3 failed!</font><br>");
if ($conf2->get_pwdhash() != "SMD5") echo ("<br><font color=\"#FF0000\">Saving pwdhash failed!</font><br>");
echo ("done<br>"); echo ("done<br>");
// restore old values // restore old values
echo ("Restoring old preferences..."); echo ("Restoring old preferences...");
@ -130,6 +133,7 @@ $conf2->set_defaultLanguage($defaultlanguage);
$conf2->set_scriptPath($scriptpath); $conf2->set_scriptPath($scriptpath);
$conf2->set_scriptServer($scriptserver); $conf2->set_scriptServer($scriptserver);
$conf2->set_samba3($samba3); $conf2->set_samba3($samba3);
$conf2->set_pwdhash($pwdhash);
$conf2->save(); $conf2->save();
echo ("done<br>"); echo ("done<br>");
// finished // finished