Commit 99f489ed authored by Imran Hussain's avatar Imran Hussain
Browse files

Merge branch 'sha512-passwords' into 'master'

Sha512 passwords

See merge request !123
parents 9e43fafb dcc4902a
Pipeline #829 passed with stage
in 1 minute and 29 seconds
......@@ -5,6 +5,8 @@ require_once("../lib/validation.php");
require_once("Net/MAC.php");
include_once("../lib/date.php");
// password hash, renewal functions
include_once("../lib/member_functions.php");
// Some Constants
// These could possibly be moved somewhere saner?
......@@ -47,7 +49,7 @@ function changePassword($oldpass, $newpass1, $newpass2)
// if everything looks OK, attempt to make the change
$success = ldap_mod_replace($ldap, "uid=" . $session->username . ",ou=People,dc=sucs,dc=org",
array('userpassword' => "{SHA}" . base64_encode(pack("H*", sha1($newpass1)))));
array('userpassword' => "{CRYPT}" . cryptPassword($newpass1)));
ldap_close($ldap);
return $success;
......@@ -214,7 +216,6 @@ function updateRenew()
return FALSE;
}
include_once("../lib/member_functions.php");
renew_membership($member['username']);
$sucsDB->Execute("update signup set activated=NOW(), username=? where id=?", array($member['username'], $signup['id']));
return TRUE;
......
......@@ -29,6 +29,19 @@ function make_password($length = 8)
return $password;
}
// https://stackoverflow.com/a/44428794
function cryptPassword($password, $salt = "", $rounds = 5000)
{
if ($salt == "") {
// Generate random salt
$salt = substr(bin2hex(openssl_random_pseudo_bytes(16)),0,16);
}
// $6$ specifies SHA512
$hash = crypt($password, sprintf('$6$rounds=%d$%s$', $rounds, $salt));
return $hash;
}
function generateUid()
{
......@@ -63,7 +76,7 @@ function generateLdif($uid, $password, $type, $realname, $username)
// explode the realname
$nameexplode = explode(' ', trim($realname));
// hash the password
$ldappassword = "{SHA}" . base64_encode(pack("H*", sha1($password)));
$ldappassword = "{CRYPT}" . cryptPassword($password);
// compile ldif
$ldif = "dn: uid=" . $username . ",ou=People,dc=sucs,dc=org\n";
$ldif .= "uid: " . $username . "\n";
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment