WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

use new random number function

This commit is contained in:
Roland Gruber 2013-07-21 11:34:31 +00:00
parent a235a151e7
commit fc385ba466
7 changed files with 26 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
lam/lib/account.inc
View File

@ -148,14 +148,6 @@ function pwd_hash($password, $enabled = true, $hashType = 'SSHA') {
if (! $password || ($password == "")) { if (! $password || ($password == "")) {
return ""; return "";
} }
// calculate new random number
if (isset($_SESSION['ldap'])) {
$rand = $_SESSION['ldap']->new_rand();
}
else {
mt_srand((microtime() * 1000000));
$rand = mt_rand();
}
$hash = ""; $hash = "";
switch ($hashType) { switch ($hashType) {
case 'CRYPT': case 'CRYPT':
@ -212,7 +204,7 @@ function generateSalt($len) {
$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890./'; $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890./';
$salt = ''; $salt = '';
for ($i = 0; $i < $len; $i++) { for ($i = 0; $i < $len; $i++) {
$pos= mt_rand(0, strlen($chars)-1); $pos= getRandomNumber() % strlen($chars);
$salt .= $chars{$pos}; $salt .= $chars{$pos};
} }
return $salt; return $salt;
@ -316,7 +308,7 @@ function generateRandomPassword() {
for ($x = 0; $x < 10000; $x++) { for ($x = 0; $x < 10000; $x++) {
$password = ''; $password = '';
for ($i = 0; $i < $length; $i++) { for ($i = 0; $i < $length; $i++) {
$rand = $_SESSION['ldap']->new_rand() % 65; $rand = getRandomNumber() % 65;
$password .= $list[$rand]; $password .= $list[$rand];
} }
if (checkPasswordStrength($password) === true) { if (checkPasswordStrength($password) === true) {
@ -994,4 +986,13 @@ class moduleCache {
} }
/**
* Returns a random number.
*
* @return int random number
*/
function getRandomNumber() {
return mt_rand();
}
?> ?>

4
lam/lib/config.inc
View File

@ -693,7 +693,7 @@ class LAMConfig {
public function set_Passwd($value) { public function set_Passwd($value) {
if (is_string($value)) { if (is_string($value)) {
mt_srand((microtime() * 1000000)); mt_srand((microtime() * 1000000));
$rand = mt_rand(); $rand = getRandomNumber();
$salt0 = substr(pack("h*", md5($rand)), 0, 8); $salt0 = substr(pack("h*", md5($rand)), 0, 8);
$salt = substr(pack("H*", sha1($salt0 . $value)), 0, 4); $salt = substr(pack("H*", sha1($salt0 . $value)), 0, 4);
$this->Passwd = $this->hashPassword($value, $salt); $this->Passwd = $this->hashPassword($value, $salt);
@ -1482,7 +1482,7 @@ class LAMCfgMain {
*/ */
public function setPassword($password) { public function setPassword($password) {
mt_srand((microtime() * 1000000)); mt_srand((microtime() * 1000000));
$rand = mt_rand(); $rand = getRandomNumber();
$salt0 = substr(pack("h*", md5($rand)), 0, 8); $salt0 = substr(pack("h*", md5($rand)), 0, 8);
$salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4); $salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4);
$this->password = $this->hashPassword($password, $salt); $this->password = $this->hashPassword($password, $salt);

31
lam/lib/ldap.inc
View File

@ -63,9 +63,6 @@ class Ldap{
/** LDAP password used for bind */ /** LDAP password used for bind */
private $password; private $password;
/** Random number (changes on every page request) */
private $rand;
/** /**
* Creates a new LDAP object. * Creates a new LDAP object.
* *
@ -73,10 +70,12 @@ class Ldap{
*/ */
function __construct($config) { function __construct($config) {
setlanguage(); setlanguage();
if (is_object($config)) $this->conf = $config; if (is_object($config)) {
else return false; $this->conf = $config;
mt_srand((double)microtime()*1000000); }
$this->rand = mt_rand(); else {
return false;
}
return true; return true;
} }
@ -148,15 +147,12 @@ class Ldap{
function __sleep() { function __sleep() {
$this->close(); $this->close();
// define which attributes to save // define which attributes to save
return array("conf", "username", "password", "rand"); return array("conf", "username", "password");
} }
/** Reconnects to LDAP server when deserialized */ /** Reconnects to LDAP server when deserialized */
function __wakeup() { function __wakeup() {
$this->is_connected = false; $this->is_connected = false;
// change random number
mt_srand($this->rand + (microtime() * 1000000));
$this->rand = mt_rand();
// delete PDF files and images which are older than 15 min // delete PDF files and images which are older than 15 min
$tmpDir = dirname(__FILE__) . '/../tmp/'; $tmpDir = dirname(__FILE__) . '/../tmp/';
$time = time(); $time = time();
@ -189,19 +185,6 @@ class Ldap{
@closedir($dir); @closedir($dir);
} }
/**
* Calculates a new value for rand
*
* @return int New random value
*/
function new_rand() {
// change random number
mt_srand($this->rand + (microtime() * 1000000));
$r = mt_rand();
$this->rand = $r;
return $r;
}
/** /**
* Encrypts a string * Encrypts a string
* *

6
lam/lib/modules/inetOrgPerson.inc
View File

@ -2094,7 +2094,7 @@ class inetOrgPerson extends baseModule implements passwordService {
$photoFile = '../../graphics/userDefault.png'; $photoFile = '../../graphics/userDefault.png';
$noPhoto = true; $noPhoto = true;
if (isset($this->attributes['jpegPhoto'][0])) { if (isset($this->attributes['jpegPhoto'][0])) {
$jpeg_filename = 'jpg' . $_SESSION['ldap']->new_rand() . '.jpg'; $jpeg_filename = 'jpg' . getRandomNumber() . '.jpg';
$outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb"); $outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb");
fwrite($outjpeg, $this->attributes['jpegPhoto'][0]); fwrite($outjpeg, $this->attributes['jpegPhoto'][0]);
fclose ($outjpeg); fclose ($outjpeg);
@ -2260,7 +2260,7 @@ class inetOrgPerson extends baseModule implements passwordService {
$table = new htmlTable(); $table = new htmlTable();
$table->colspan = 10; $table->colspan = 10;
for ($i = 0; $i < sizeof($this->attributes['userCertificate;binary']); $i++) { for ($i = 0; $i < sizeof($this->attributes['userCertificate;binary']); $i++) {
$filename = 'userCertificate' . $_SESSION['ldap']->new_rand() . '.der'; $filename = 'userCertificate' . getRandomNumber() . '.der';
$out = @fopen(dirname(__FILE__) . '/../../tmp/' . $filename, "wb"); $out = @fopen(dirname(__FILE__) . '/../../tmp/' . $filename, "wb");
fwrite($out, $this->attributes['userCertificate;binary'][$i]); fwrite($out, $this->attributes['userCertificate;binary'][$i]);
fclose ($out); fclose ($out);
@ -3226,7 +3226,7 @@ class inetOrgPerson extends baseModule implements passwordService {
if (sizeof($userCertificates) > 0) { if (sizeof($userCertificates) > 0) {
$certTable = new htmlTable(); $certTable = new htmlTable();
for ($i = 0; $i < sizeof($userCertificates); $i++) { for ($i = 0; $i < sizeof($userCertificates); $i++) {
$filename = 'userCertificate' . mt_rand() . '.der'; $filename = 'userCertificate' . getRandomNumber() . '.der';
$out = @fopen(dirname(__FILE__) . '/../../tmp/' . $filename, "wb"); $out = @fopen(dirname(__FILE__) . '/../../tmp/' . $filename, "wb");
fwrite($out, $userCertificates[$i]); fwrite($out, $userCertificates[$i]);
fclose ($out); fclose ($out);

2
lam/lib/pdf.inc
View File

@ -147,7 +147,7 @@ function createModulePDF($accounts, $pdf_structure="default", $returnAsString =
$pdf->Close(); $pdf->Close();
if (!$returnAsString) { if (!$returnAsString) {
// use timestamp and random number from ldap.inc as filename so it should be unique. // use timestamp and random number from ldap.inc as filename so it should be unique.
$filename = '../../tmp/' . $_SESSION['ldap']->new_rand() . time() .'.pdf'; $filename = '../../tmp/' . getRandomNumber() . time() .'.pdf';
// Save PDF // Save PDF
$pdf->Output($filename); $pdf->Output($filename);
chmod($filename, 0600); chmod($filename, 0600);

2
lam/lib/types/user.inc
View File

@ -605,7 +605,7 @@ class lamUserList extends lamList {
} }
} }
} }
$imgNumber = $_SESSION['ldap']->new_rand(); $imgNumber = getRandomNumber();
$jpeg_filename = 'jpg' . $imgNumber . '.jpg'; $jpeg_filename = 'jpg' . $imgNumber . '.jpg';
$outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb"); $outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb");
fwrite($outjpeg, $entry[$attribute][0]); fwrite($outjpeg, $entry[$attribute][0]);

2
lam/templates/massBuildAccounts.php
View File

@ -230,7 +230,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
if (isset($_POST['createPDF']) && ($_POST['createPDF'] == 'on')) { if (isset($_POST['createPDF']) && ($_POST['createPDF'] == 'on')) {
$_SESSION['mass_pdf']['structure'] = $_POST['pdfStructure']; $_SESSION['mass_pdf']['structure'] = $_POST['pdfStructure'];
$_SESSION['mass_pdf']['counter'] = 0; $_SESSION['mass_pdf']['counter'] = 0;
$_SESSION['mass_pdf']['file'] = '../tmp/lam_pdf' . $_SESSION['ldap']->new_rand() . '.zip'; $_SESSION['mass_pdf']['file'] = '../tmp/lam_pdf' . getRandomNumber() . '.zip';
} }
else { else {
$_SESSION['mass_pdf']['structure'] = null; $_SESSION['mass_pdf']['structure'] = null;