From c1fbe22ee98aca8c9eba6d1a3f3651688a6829ed Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Sat, 21 Feb 2004 13:26:52 +0000 Subject: [PATCH] fixed problem with disabled Unix passwords --- lam-0.4/lib/account.inc | 22 ++++++++-------------- lam/lib/modules/posixAccount.inc | 20 ++++++++++---------- 2 files changed, 18 insertions(+), 24 deletions(-) diff --git a/lam-0.4/lib/account.inc b/lam-0.4/lib/account.inc index 5a0f18c1..ba258bdf 100644 --- a/lam-0.4/lib/account.inc +++ b/lam-0.4/lib/account.inc @@ -1573,21 +1573,15 @@ function modifyuser($values,$values_old,$uselamdaemon=true) { // Will modify the // Check if shadow expire has changed if ($values->unix_pwdexpire != $values_old->unix_pwdexpire) $attr['shadowExpire'] = intval($values->unix_pwdexpire / 86400) ; // Set unix password - if ($values->unix_password=='') { - // $values->unix_password=='' means use old password - if ($values->unix_deactivated != $values_old->unix_deactivated) { - // (de)activate password - // Split old password hash in {CRYPT} and password-hash - $i = 0; - while ($values_old->unix_password{$i} != '}') $i++; - $passwd = substr($values_old->unix_password, $i+1 ); - $crypt = substr($values_old->unix_password, 0, $i+1 ); - // remove trailing ! from password hash - if ($passwd{0} == '!') $passwd = substr($passwd, 1); - // Write new password - if ($values->unix_deactivated) $attr['userPassword'] = $crypt.'!'.$passwd; - else $attr['userPassword'] = $crypt.$passwd; + if ($values->unix_password=='') { // $values->unix_password=='' means use old password + if ($values->unix_deactivated != $values_old->unix_deactivated) { // check if password was enabled/disabled + if ($values->unix_deactivated) { + $attr['userPassword'] = pwd_disable($values_old->unix_password); } + else { + $attr['userPassword'] = pwd_enable($values_old->unix_password); + } + } if ($values->unix_password_no) { // use no password if ($values->unix_deactivated) $attr['userPassword'] = pwd_hash('', false); diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc index 6c036685..2989dfd9 100644 --- a/lam/lib/modules/posixAccount.inc +++ b/lam/lib/modules/posixAccount.inc @@ -133,6 +133,10 @@ class posixAccount { return _('posixAccount'); } + function is_base_module() { + return true; + } + /* This function returns a list with all required modules */ function get_dependencies($scope) { @@ -256,19 +260,15 @@ class posixAccount { else { // No new password but old password // (un)lock password if ($this->userPassword_lock == pwd_is_enabled($this->orig['userPassword'][0])) { - // Split old password hash in {CRYPT} and password-hash - $i = 0; - while ($this->orig['userPassword'][0]{$i} != '}') $i++; - $passwd = substr($this->orig['userPassword'][0], $i+1 ); - $crypt = substr($this->orig['userPassword'][0], 0, $i+1 ); - // remove trailing ! from password hash - if ($passwd{0} == '!') $passwd = substr($passwd, 1); - // Write new password - if ($this->userPassword_lock) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt!$passwd"); - else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt$passwd"); + if ($this->userPassword_lock) { + $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_disable($this->orig['userPassword'][0])); + } + else { + $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_enable($this->orig['userPassword'][0])); } } } + } // Remove primary group from additional groups for ($i=0; $igroups); $i++) {