added function to check if Unix password is lockable

This commit is contained in:
Roland Gruber 2013-06-01 12:17:31 +00:00
parent c93300aae5
commit a778162d5b
2 changed files with 15 additions and 1 deletions

View File

@ -268,6 +268,20 @@ function pwd_disable($hash) {
} }
} }
/**
* Checks if a Unix password can be locked.
* This checks if the password is not plain text but e.g. contains {SSHA}.
*
* @param String $password password value
* @return boolean can be locked
*/
function pwd_is_lockable($password) {
if (($password == null) || (strlen($password) < 5)) {
return false;
}
return ((substr($password, 0, 1) == "{") || (substr($password, 1, 1) == "{")) && (strpos($password, "}") > 3);
}
/** /**
* Checks if a password hash is enabled/disabled * Checks if a password hash is enabled/disabled
* *

View File

@ -2723,7 +2723,7 @@ class posixAccount extends baseModule implements passwordService {
* This is the case if a hashed password is set ("{" at the beginning). * This is the case if a hashed password is set ("{" at the beginning).
*/ */
public function isLockable() { public function isLockable() {
if (isset($this->attributes['userPassword'][0]) && ((substr($this->attributes['userPassword'][0], 0, 1) == "{") || (substr($this->attributes['userPassword'][0], 1, 1) == "{"))) { if (isset($this->attributes['userPassword'][0]) && pwd_is_lockable($this->attributes['userPassword'][0])) {
return true; return true;
} }
return false; return false;