WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

moved password hash type setting to modules

This commit is contained in:
Roland Gruber 2004-08-03 18:49:19 +00:00
parent 0a75fe91a0
commit c986660195
10 changed files with 123 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lam/config/lam.conf_sample
View File

@ -71,4 +71,6 @@ modules: posixAccount_minMachine: 50000
modules: posixAccount_maxMachine: 60000 modules: posixAccount_maxMachine: 60000
modules: posixGroup_minGID: 10000 modules: posixGroup_minGID: 10000
modules: posixGroup_maxGID: 20000 modules: posixGroup_maxGID: 20000
modules: posixGroup_pwdHash: SSHA
modules: posixAccount_pwdHash: SSHA

90
lam/lib/account.inc
View File

@ -179,4 +179,94 @@ function ntPassword($password) {
return exec(escapeshellarg($_SESSION['lampath'] . 'lib/createntlm.pl') . " nt " . escapeshellarg($password)); return exec(escapeshellarg($_SESSION['lampath'] . 'lib/createntlm.pl') . " nt " . escapeshellarg($password));
} }
/**
* Returns the hash value of a plain text password
* the hash algorithm depends on the configuration file
*
* @param string $password the password string
* @param boolean $enabled marks the hash as enabled/disabled (e.g. by prefixing "!")
* @param string $hashType password hash type (CRYPT, SHA, SSHA, MD5, SMD5, PLAIN)
* @return string the password hash
*/
function pwd_hash($password, $enabled = true, $hashType = 'SSHA') {
// check for empty password
if (! $password || ($password == "")) {
return "";
}
// calculate new random number
$_SESSION['ldap']->new_rand();
$hash = "";
switch ($hashType) {
case 'CRYPT':
$hash = "{CRYPT}" . crypt($password);
break;
case 'MD5':
$hash = "{MD5}" . base64_encode(hex2bin(md5($password)));
break;
case 'SMD5':
$salt0 = substr(pack("h*", md5($_SESSION['ldap']->rand)), 0, 8);
$salt = substr(pack("H*", md5($salt0 . $password)), 0, 4);
$hash = "{SMD5}" . base64_encode(hex2bin(md5($password . $salt)) . $salt);
break;
case 'SHA':
// PHP 4.3+ can use sha1() function
if (function_exists(sha1)) {
$hash = "{SHA}" . base64_encode(hex2bin(sha1($password)));
}
// otherwise use MHash
elseif (function_exists(mHash)) {
$hash = "{SHA}" . base64_encode(mHash(MHASH_SHA1, $password));
}
// if SHA1 is not possible use crypt()
else {
$hash = "{CRYPT}" . crypt($password);
}
break;
case 'SSHA':
// PHP 4.3+ can use sha1() function
if (function_exists(sha1)) {
$salt0 = substr(pack("h*", md5($_SESSION['ldap']->rand)), 0, 8);
$salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4);
$hash = "{SSHA}" . base64_encode(hex2bin(sha1($password . $salt)) . $salt);
}
// otherwise use MHash
elseif (function_exists(mHash)) {
$salt = mhash_keygen_s2k(MHASH_SHA1, $password, substr(pack("h*", md5($_SESSION['ldap']->rand)), 0, 8), 4);
$hash = base64_encode(mHash(MHASH_SHA1, $password . $salt) . $salt);
$hash = "{SSHA}" . $hash;
}
// if SSHA is not possible use crypt()
else {
$hash = "{CRYPT}" . crypt($password);
}
break;
case 'PLAIN':
$hash = $password;
break;
// use SSHA if the setting is invalid
default:
// PHP 4.3+ can use sha1() function
if (function_exists(sha1)) {
$salt0 = substr(pack("h*", md5($_SESSION['ldap']->rand)), 0, 8);
$salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4);
$hash = "{SSHA}" . base64_encode(hex2bin(sha1($password . $salt)) . $salt);
}
// otherwise use MHash
elseif (function_exists(mHash)) {
$salt = mhash_keygen_s2k(MHASH_SHA1, $password, substr(pack("h*", md5($_SESSION['ldap']->rand)), 0, 8), 4);
$hash = base64_encode(mHash(MHASH_SHA1, $password . $salt) . $salt);
$hash = "{SSHA}" . $hash;
}
// if SSHA is not possible use crypt()
else {
$hash = "{CRYPT}" . crypt($password);
}
break;
}
// enable/disable password
if (! $enabled) return pwd_disable($hash);
else return $hash;
}
?> ?>

31
lam/lib/config.inc
View File

@ -154,9 +154,6 @@ class Config {
/** LDAP cache timeout */ /** LDAP cache timeout */
var $cachetimeout; var $cachetimeout;
/** Password hash algorithm */
var $pwdhash;
/** /**
* Account modules * Account modules
* TODO add default modules for LAM <0.5 * TODO add default modules for LAM <0.5
@ -171,7 +168,7 @@ class Config {
/** List of all settings in config file */ /** List of all settings in config file */
var $settings = array("ServerURL", "Passwd", "Admins", "usersuffix", "groupsuffix", "hostsuffix", var $settings = array("ServerURL", "Passwd", "Admins", "usersuffix", "groupsuffix", "hostsuffix",
"domainsuffix", "userlistAttributes", "grouplistAttributes", "hostlistAttributes", "maxlistentries", "domainsuffix", "userlistAttributes", "grouplistAttributes", "hostlistAttributes", "maxlistentries",
"defaultLanguage", "scriptPath", "scriptServer", "cachetimeout", "pwdhash", "defaultLanguage", "scriptPath", "scriptServer", "cachetimeout",
"usermodules", "groupmodules", "hostmodules", "modules"); "usermodules", "groupmodules", "hostmodules", "modules");
@ -293,7 +290,6 @@ class Config {
if (!in_array("scriptPath", $saved)) array_push($file_array, "\n\n# Path to external Script\n" . "scriptPath: " . $this->scriptPath . "\n"); if (!in_array("scriptPath", $saved)) array_push($file_array, "\n\n# Path to external Script\n" . "scriptPath: " . $this->scriptPath . "\n");
if (!in_array("scriptServer", $saved)) array_push($file_array, "\n\n# Server of external Script\n" . "scriptServer: " . $this->scriptServer . "\n"); if (!in_array("scriptServer", $saved)) array_push($file_array, "\n\n# Server of external Script\n" . "scriptServer: " . $this->scriptServer . "\n");
if (!in_array("cachetimeout", $saved)) array_push($file_array, "\n\n# Number of minutes LAM caches LDAP searches.\n" . "cacheTimeout: " . $this->cachetimeout . "\n"); if (!in_array("cachetimeout", $saved)) array_push($file_array, "\n\n# Number of minutes LAM caches LDAP searches.\n" . "cacheTimeout: " . $this->cachetimeout . "\n");
if (!in_array("pwdhash", $saved)) array_push($file_array, "\n\n# Password hash algorithm (CRYPT/MD5/SMD5/SHA/SSHA/PLAIN).\n" . "pwdhash: " . $this->pwdhash . "\n");
if (!in_array("usermodules", $saved)) array_push($file_array, "\n\n# List of used user modules\n" . "usermodules: " . $this->usermodules . "\n"); if (!in_array("usermodules", $saved)) array_push($file_array, "\n\n# List of used user modules\n" . "usermodules: " . $this->usermodules . "\n");
if (!in_array("groupmodules", $saved)) array_push($file_array, "\n\n# List of used group modules\n" . "groupmodules: " . $this->groupmodules . "\n"); if (!in_array("groupmodules", $saved)) array_push($file_array, "\n\n# List of used group modules\n" . "groupmodules: " . $this->groupmodules . "\n");
if (!in_array("hostmodules", $saved)) array_push($file_array, "\n\n# List of used host modules\n" . "hostmodules: " . $this->hostmodules . "\n"); if (!in_array("hostmodules", $saved)) array_push($file_array, "\n\n# List of used host modules\n" . "hostmodules: " . $this->hostmodules . "\n");
@ -320,7 +316,6 @@ class Config {
/** Prints current preferences */ /** Prints current preferences */
function printconf() { function printconf() {
echo "<b>" . _("Server address") . ": </b>" . $this->ServerURL . "<br>\n"; echo "<b>" . _("Server address") . ": </b>" . $this->ServerURL . "<br>\n";
echo "<b>" . _("Password hash type") . ": </b>" . $this->pwdhash . "<br>\n";
echo "<b>" . _("Cache timeout") . ": </b>" . $this->cachetimeout . "<br>\n"; echo "<b>" . _("Cache timeout") . ": </b>" . $this->cachetimeout . "<br>\n";
echo "<b>" . _("UserSuffix") . ": </b>" . $this->usersuffix . "<br>\n"; echo "<b>" . _("UserSuffix") . ": </b>" . $this->usersuffix . "<br>\n";
echo "<b>" . _("GroupSuffix") . ": </b>" . $this->groupsuffix . "<br>\n"; echo "<b>" . _("GroupSuffix") . ": </b>" . $this->groupsuffix . "<br>\n";
@ -714,30 +709,6 @@ class Config {
return true; return true;
} }
/**
* Returns the password hash type
*
* @return password hash
*/
function get_pwdhash() {
if ($this->pwdhash) return strtoupper($this->pwdhash);
else return "SSHA";
}
/**
* Sets the password hash type (CRYPT/SHA/SSHA/MD5/SMD5)
*
* @param $value new password hash algorithm
* @return true if $value has correct format
*/
function set_pwdhash($value) {
if (is_string($value) && eregi("^(crypt|sha|ssha|md5|smd5|plain)$", $value)) {
$this->pwdhash = $value;
}
else return false;
return true;
}
/** /**
* Returns an array of all selected user modules * Returns an array of all selected user modules
* *

90
lam/lib/ldap.inc
View File

@ -43,96 +43,6 @@ function hex2bin($value) {
return pack("H*", $value); return pack("H*", $value);
} }
/**
* Returns the hash value of a plain text password
* the hash algorithm depends on the configuration file
*
* @param string $password the password string
* @param boolean $enabled marks the hash as enabled/disabled (e.g. by prefixing "!")
* @return string the password hash
*/
function pwd_hash($password, $enabled=true) {
// check for empty password
if (! $password || ($password == "")) {
return "";
}
// calculate new random number
$_SESSION['ldap']->new_rand();
// hash password with algorithm from config file
$hash = "";
switch ($_SESSION['config']->get_pwdhash()) {
case 'CRYPT':
$hash = "{CRYPT}" . crypt($password);
break;
case 'MD5':
$hash = "{MD5}" . base64_encode(hex2bin(md5($password)));
break;
case 'SMD5':
$salt0 = substr(pack("h*", md5($_SESSION['ldap']->rand)), 0, 8);
$salt = substr(pack("H*", md5($salt0 . $password)), 0, 4);
$hash = "{SMD5}" . base64_encode(hex2bin(md5($password . $salt)) . $salt);
break;
case 'SHA':
// PHP 4.3+ can use sha1() function
if (function_exists(sha1)) {
$hash = "{SHA}" . base64_encode(hex2bin(sha1($password)));
}
// otherwise use MHash
elseif (function_exists(mHash)) {
$hash = "{SHA}" . base64_encode(mHash(MHASH_SHA1, $password));
}
// if SHA1 is not possible use crypt()
else {
$hash = "{CRYPT}" . crypt($password);
}
break;
case 'SSHA':
// PHP 4.3+ can use sha1() function
if (function_exists(sha1)) {
$salt0 = substr(pack("h*", md5($_SESSION['ldap']->rand)), 0, 8);
$salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4);
$hash = "{SSHA}" . base64_encode(hex2bin(sha1($password . $salt)) . $salt);
}
// otherwise use MHash
elseif (function_exists(mHash)) {
$salt = mhash_keygen_s2k(MHASH_SHA1, $password, substr(pack("h*", md5($_SESSION['ldap']->rand)), 0, 8), 4);
$hash = base64_encode(mHash(MHASH_SHA1, $password . $salt) . $salt);
$hash = "{SSHA}" . $hash;
}
// if SSHA is not possible use crypt()
else {
$hash = "{CRYPT}" . crypt($password);
}
break;
case 'PLAIN':
$hash = $password;
break;
// use SSHA if the setting is invalid
default:
// PHP 4.3+ can use sha1() function
if (function_exists(sha1)) {
$salt0 = substr(pack("h*", md5($_SESSION['ldap']->rand)), 0, 8);
$salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4);
$hash = "{SSHA}" . base64_encode(hex2bin(sha1($password . $salt)) . $salt);
}
// otherwise use MHash
elseif (function_exists(mHash)) {
$salt = mhash_keygen_s2k(MHASH_SHA1, $password, substr(pack("h*", md5($_SESSION['ldap']->rand)), 0, 8), 4);
$hash = base64_encode(mHash(MHASH_SHA1, $password . $salt) . $salt);
$hash = "{SSHA}" . $hash;
}
// if SSHA is not possible use crypt()
else {
$hash = "{CRYPT}" . crypt($password);
}
break;
}
// enable/disable password
if (! $enabled) return pwd_disable($hash);
else return $hash;
}
/** /**
* Marks an password hash as enabled and returns the new hash string * Marks an password hash as enabled and returns the new hash string
* *

19
lam/lib/modules/posixAccount.inc
View File

@ -117,6 +117,16 @@ class posixAccount extends baseModule {
4 => array('kind' => 'input', 'name' => 'posixAccount_maxMachine', 'type' => 'text', 'size' => '10', 'maxlength' => '255'), 4 => array('kind' => 'input', 'name' => 'posixAccount_maxMachine', 'type' => 'text', 'size' => '10', 'maxlength' => '255'),
5 => array('kind' => 'help', 'value' => 'TODO')) 5 => array('kind' => 'help', 'value' => 'TODO'))
); );
$return['config_options']['all'] = array(
array(
0 => array('kind' => 'text', 'text' => '<b>' . _("Password hash type") . ': &nbsp;</b>'),
1 => array('kind' => 'select', 'name' => 'posixAccount_pwdHash', 'size' => '1',
'options' => array("CRYPT", "SHA", "SSHA", "MD5", "SMD5", "PLAIN"), 'options_selected' => array('SSHA')),
2 => array('kind' => 'text', 'value' => '&nbsp;'),
3 => array('kind' => 'text', 'value' => '&nbsp;'),
4 => array('kind' => 'text', 'value' => '&nbsp;'),
5 => array('kind' => 'help', 'value' => 'TODO'))
);
// configuration descriptions // configuration descriptions
$return['config_descriptions'] = array( $return['config_descriptions'] = array(
'legend' => _("UID ranges for Unix accounts"), 'legend' => _("UID ranges for Unix accounts"),
@ -125,6 +135,7 @@ class posixAccount extends baseModule {
'posixAccount_maxUID' => _("Maximum UID number for Unix accounts (users)"), 'posixAccount_maxUID' => _("Maximum UID number for Unix accounts (users)"),
'posixAccount_minMachine' => _("Minimum UID number for Unix accounts (hosts)"), 'posixAccount_minMachine' => _("Minimum UID number for Unix accounts (hosts)"),
'posixAccount_maxMachine' => _("Maximum UID number for Unix accounts (hosts)"), 'posixAccount_maxMachine' => _("Maximum UID number for Unix accounts (hosts)"),
'posixAccount_pwdHash' => _("Password hash type"),
) )
); );
return $return; return $return;
@ -314,15 +325,15 @@ class posixAccount extends baseModule {
if (count($this->orig['userPassword'])==0) { if (count($this->orig['userPassword'])==0) {
// New user or no old password set // New user or no old password set
if ($this->userPassword_no) { if ($this->userPassword_no) {
$return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash('', !$this->userPassword_lock, $this->moduleSettings['posixAccount_pwdHash'][0]);
} }
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash($this->userPassword(), !$this->userPassword_lock, $this->moduleSettings['posixAccount_pwdHash'][0]));
} }
else { else {
if (($this->attributes['userPassword'][0] != $this->orig['userPassword'][0] && $this->userPassword()!='' ) || $this->userPassword_no) { if (($this->attributes['userPassword'][0] != $this->orig['userPassword'][0] && $this->userPassword()!='' ) || $this->userPassword_no) {
// Write new password // Write new password
if ($this->userPassword_no) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); if ($this->userPassword_no) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash('', !$this->userPassword_lock, $this->moduleSettings['posixAccount_pwdHash'][0]);
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash($this->userPassword(), !$this->userPassword_lock, $this->moduleSettings['posixAccount_pwdHash'][0]));
} }
else { // No new password but old password else { // No new password but old password
// (un)lock password // (un)lock password

19
lam/lib/modules/posixGroup.inc
View File

@ -95,12 +95,23 @@ class posixGroup extends baseModule {
4 => array('kind' => 'input', 'name' => 'posixGroup_maxGID', 'type' => 'text', 'size' => '10', 'maxlength' => '255'), 4 => array('kind' => 'input', 'name' => 'posixGroup_maxGID', 'type' => 'text', 'size' => '10', 'maxlength' => '255'),
5 => array('kind' => 'help', 'value' => 'TODO')) 5 => array('kind' => 'help', 'value' => 'TODO'))
); );
$return['config_options']['all'] = array(
array(
0 => array('kind' => 'text', 'text' => '<b>' . _("Password hash type") . ': &nbsp;</b>'),
1 => array('kind' => 'select', 'name' => 'posixGroup_pwdHash', 'size' => '1',
'options' => array("CRYPT", "SHA", "SSHA", "MD5", "SMD5", "PLAIN"), 'options_selected' => array('SSHA')),
2 => array('kind' => 'text', 'value' => '&nbsp;'),
3 => array('kind' => 'text', 'value' => '&nbsp;'),
4 => array('kind' => 'text', 'value' => '&nbsp;'),
5 => array('kind' => 'help', 'value' => 'TODO'))
);
// configuration descriptions // configuration descriptions
$return['config_descriptions'] = array( $return['config_descriptions'] = array(
'legend' => _("GID ranges for Unix groups"), 'legend' => _("GID ranges for Unix groups"),
'descriptions' => array( 'descriptions' => array(
'posixGroup_minGID' => _("Minimum GID number for Unix groups"), 'posixGroup_minGID' => _("Minimum GID number for Unix groups"),
'posixGroup_maxGID' => _("Maximum GID number for Unix groups"), 'posixGroup_maxGID' => _("Maximum GID number for Unix groups"),
'posixGroup_pwdHash' => _("Password hash type"),
) )
); );
// configuration checks // configuration checks
@ -269,15 +280,15 @@ class posixGroup extends baseModule {
if (count($this->orig['userPassword'])==0) { if (count($this->orig['userPassword'])==0) {
// New user or no old password set // New user or no old password set
if ($this->userPassword_no) { if ($this->userPassword_no) {
$return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash('', !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]);
} }
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash($this->userPassword(), !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]));
} }
else { else {
if (($this->attributes['userPassword'][0] != $this->orig['userPassword'][0] && $this->userPassword()!='' ) || $this->userPassword_no) { if (($this->attributes['userPassword'][0] != $this->orig['userPassword'][0] && $this->userPassword()!='' ) || $this->userPassword_no) {
// Write new password // Write new password
if ($this->userPassword_no) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); if ($this->userPassword_no) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash('', !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]);
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash($this->userPassword(), !$this->userPassword_lock, $this->moduleSettings['posixGroup_pwdHash'][0]));
} }
else { // No new password but old password else { // No new password but old password
// (un)lock password // (un)lock password

1
lam/templates/config/conflogin.php
View File

@ -57,7 +57,6 @@ unset($_SESSION['conf_maxlistentries']);
unset($_SESSION['conf_lang']); unset($_SESSION['conf_lang']);
unset($_SESSION['conf_scriptpath']); unset($_SESSION['conf_scriptpath']);
unset($_SESSION['conf_scriptserver']); unset($_SESSION['conf_scriptserver']);
unset($_SESSION['conf_pwdhash']);
unset($_SESSION['conf_filename']); unset($_SESSION['conf_filename']);
echo $_SESSION['header']; echo $_SESSION['header'];

18
lam/templates/config/confmain.php
View File

@ -62,7 +62,6 @@ if ($_POST['back'] || $_POST['submitconf'] || $_POST['editmodules']){
$_SESSION['conf_hstlstattr'] = $_POST['hstlstattr']; $_SESSION['conf_hstlstattr'] = $_POST['hstlstattr'];
$_SESSION['conf_maxlistentries'] = $_POST['maxlistentries']; $_SESSION['conf_maxlistentries'] = $_POST['maxlistentries'];
$_SESSION['conf_lang'] = $_POST['lang']; $_SESSION['conf_lang'] = $_POST['lang'];
$_SESSION['conf_pwdhash'] = $_POST['pwdhash'];
$_SESSION['conf_scriptpath'] = $_POST['scriptpath']; $_SESSION['conf_scriptpath'] = $_POST['scriptpath'];
$_SESSION['conf_scriptserver'] = $_POST['scriptserver']; $_SESSION['conf_scriptserver'] = $_POST['scriptserver'];
$_SESSION['conf_usermodules'] = explode(",", $_POST['usermodules']); $_SESSION['conf_usermodules'] = explode(",", $_POST['usermodules']);
@ -130,7 +129,6 @@ if ($_GET["modulesback"] == "true") {
$conf->set_defaultLanguage($_SESSION['conf_lang']); $conf->set_defaultLanguage($_SESSION['conf_lang']);
$conf->set_scriptpath($_SESSION['conf_scriptpath']); $conf->set_scriptpath($_SESSION['conf_scriptpath']);
$conf->set_scriptserver($_SESSION['conf_scriptserver']); $conf->set_scriptserver($_SESSION['conf_scriptserver']);
$conf->set_pwdhash($_SESSION['conf_pwdhash']);
// check if modules were edited // check if modules were edited
if ($_GET["moduleschanged"] == "true") { if ($_GET["moduleschanged"] == "true") {
$conf->set_UserModules($_SESSION['conf_usermodules']); $conf->set_UserModules($_SESSION['conf_usermodules']);
@ -187,22 +185,6 @@ echo ("<td><a href=\"../help.php?HelpNumber=202\" target=\"lamhelp\">" . _("Help
// new line // new line
echo ("<tr><td colspan=3>&nbsp</td></tr>"); echo ("<tr><td colspan=3>&nbsp</td></tr>");
// LDAP password hash type
echo ("<tr><td align=\"right\"><b>".
_("Password hash type") . " : </b></td>".
"<td><select name=\"pwdhash\">\n<option selected>" . $conf->get_pwdhash() . "</option>\n");
if ($conf->get_pwdhash() != "CRYPT") echo("<option>CRYPT</option>\n");
if ($conf->get_pwdhash() != "SHA") echo("<option>SHA</option>\n");
if ($conf->get_pwdhash() != "SSHA") echo("<option>SSHA</option>\n");
if ($conf->get_pwdhash() != "MD5") echo("<option>MD5</option>\n");
if ($conf->get_pwdhash() != "SMD5") echo("<option>SMD5</option>\n");
if ($conf->get_pwdhash() != "PLAIN") echo("<option>PLAIN</option>\n");
echo ("</select></td>\n");
echo ("<td><a href=\"../help.php?HelpNumber=215\" target=\"lamhelp\">" . _("Help") . "</a></td></tr>\n");
// new line
echo ("<tr><td colspan=3>&nbsp</td></tr>");
// LDAP cache timeout // LDAP cache timeout
echo ("<tr><td align=\"right\"><b>". echo ("<tr><td align=\"right\"><b>".
_("Cache timeout") . ": </b></td>". _("Cache timeout") . ": </b></td>".

8
lam/templates/config/confsave.php
View File

@ -59,7 +59,6 @@ $maxlistentries = $_SESSION['conf_maxlistentries'];
$lang = $_SESSION['conf_lang']; $lang = $_SESSION['conf_lang'];
$scriptpath = $_SESSION['conf_scriptpath']; $scriptpath = $_SESSION['conf_scriptpath'];
$scriptserver = $_SESSION['conf_scriptserver']; $scriptserver = $_SESSION['conf_scriptserver'];
$pwdhash = $_SESSION['conf_pwdhash'];
$filename = $_SESSION['conf_filename']; $filename = $_SESSION['conf_filename'];
// check if password is correct // check if password is correct
@ -154,12 +153,6 @@ if (!$conf->set_scriptserver($scriptserver)) {
exit; exit;
} }
if (!$conf->set_pwdhash($pwdhash)) {
echo ("<font color=\"red\"><b>" . _("Password hash is invalid!") . "</b></font>");
echo ("\n<br><br><br><a href=\"javascript:history.back()\">" . _("Back to preferences...") . "</a>");
exit;
}
if (! $conf->set_UserModules($_SESSION['conf_usermodules'])) { if (! $conf->set_UserModules($_SESSION['conf_usermodules'])) {
echo ("<font color=\"red\"><b>" . _("Saving user modules failed!") . "</b></font>"); echo ("<font color=\"red\"><b>" . _("Saving user modules failed!") . "</b></font>");
echo ("\n<br><br><br><a href=\"javascript:history.back()\">" . _("Back to preferences...") . "</a>"); echo ("\n<br><br><br><a href=\"javascript:history.back()\">" . _("Back to preferences...") . "</a>");
@ -266,7 +259,6 @@ unset($_SESSION['conf_maxlistentries']);
unset($_SESSION['conf_lang']); unset($_SESSION['conf_lang']);
unset($_SESSION['conf_scriptpath']); unset($_SESSION['conf_scriptpath']);
unset($_SESSION['conf_scriptserver']); unset($_SESSION['conf_scriptserver']);
unset($_SESSION['conf_pwdhash']);
unset($_SESSION['conf_filename']); unset($_SESSION['conf_filename']);
unset($_SESSION['conf_usermodules']); unset($_SESSION['conf_usermodules']);
unset($_SESSION['conf_groupmodules']); unset($_SESSION['conf_groupmodules']);

4
lam/tests/conf-test.php
View File

@ -46,7 +46,6 @@ $maxlistentries = $conf->get_maxlistentries();
$defaultlanguage = $conf->get_defaultlanguage(); $defaultlanguage = $conf->get_defaultlanguage();
$scriptpath = $conf->get_scriptPath(); $scriptpath = $conf->get_scriptPath();
$scriptServer = $conf->get_scriptServer(); $scriptServer = $conf->get_scriptServer();
$pwdhash = $conf->get_pwdhash();
$moduleSettings = $conf->get_moduleSettings(); $moduleSettings = $conf->get_moduleSettings();
echo ("done<br>"); echo ("done<br>");
// next we modify them and save lam.conf // next we modify them and save lam.conf
@ -66,7 +65,6 @@ $conf->set_maxlistentries("54");
$conf->set_defaultlanguage("de_AT:iso639_de:Deutsch (Oesterreich)"); $conf->set_defaultlanguage("de_AT:iso639_de:Deutsch (Oesterreich)");
$conf->set_scriptPath("/var/www/lam/lib/script"); $conf->set_scriptPath("/var/www/lam/lib/script");
$conf->set_scriptServer("127.0.0.1"); $conf->set_scriptServer("127.0.0.1");
$conf->set_pwdhash("SMD5");
$conf->set_moduleSettings(array("test1" => array(11), "test2" => array("abc"), 'test3' => array(3))); $conf->set_moduleSettings(array("test1" => array(11), "test2" => array("abc"), 'test3' => array(3)));
$conf->save(); $conf->save();
echo ("done<br>"); echo ("done<br>");
@ -88,7 +86,6 @@ if ($conf2->get_maxlistentries() != "54") echo ("<br><font color=\"#FF0000\">Sav
if ($conf2->get_defaultlanguage() != "de_AT:iso639_de:Deutsch (Oesterreich)") echo ("<br><font color=\"#FF0000\">Saving default language failed!</font><br>"); if ($conf2->get_defaultlanguage() != "de_AT:iso639_de:Deutsch (Oesterreich)") echo ("<br><font color=\"#FF0000\">Saving default language failed!</font><br>");
if ($conf2->get_scriptPath() != "/var/www/lam/lib/script") echo ("<br><font color=\"#FF0000\">Saving script path failed!</font><br>"); if ($conf2->get_scriptPath() != "/var/www/lam/lib/script") echo ("<br><font color=\"#FF0000\">Saving script path failed!</font><br>");
if ($conf2->get_scriptServer() != "127.0.0.1") echo ("<br><font color=\"#FF0000\">Saving script server failed!</font><br>"); if ($conf2->get_scriptServer() != "127.0.0.1") echo ("<br><font color=\"#FF0000\">Saving script server failed!</font><br>");
if ($conf2->get_pwdhash() != "SMD5") echo ("<br><font color=\"#FF0000\">Saving pwdhash failed!</font><br>");
$msettings = $conf2->get_moduleSettings(); $msettings = $conf2->get_moduleSettings();
if (($msettings['test1'][0] != 11) || ($msettings['test2'][0] != 'abc') || ($msettings['test3'][0] != '3')) echo ("<br><font color=\"#FF0000\">Saving module settings failed!</font><br>"); if (($msettings['test1'][0] != 11) || ($msettings['test2'][0] != 'abc') || ($msettings['test3'][0] != '3')) echo ("<br><font color=\"#FF0000\">Saving module settings failed!</font><br>");
echo ("done<br>"); echo ("done<br>");
@ -109,7 +106,6 @@ $conf2->set_maxlistentries($maxlistentries);
$conf2->set_defaultLanguage($defaultlanguage); $conf2->set_defaultLanguage($defaultlanguage);
$conf2->set_scriptPath($scriptpath); $conf2->set_scriptPath($scriptpath);
$conf2->set_scriptServer($scriptServer); $conf2->set_scriptServer($scriptServer);
$conf2->set_pwdhash($pwdhash);
$conf2->set_moduleSettings($moduleSettings); $conf2->set_moduleSettings($moduleSettings);
$conf2->save(); $conf2->save();
echo ("done<br>"); echo ("done<br>");