From c977f70e7963dcb15169e47a30a595a655c4b4d5 Mon Sep 17 00:00:00 2001 From: Imran Hussain Date: Thu, 23 Dec 2021 11:46:24 +0000 Subject: [PATCH 1/2] Use node:current image --- .gitlab-ci.yml | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 99e3403..5ecf4aa 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -22,15 +22,8 @@ php-syntax-check: js-syntax-check: stage: test + image: node:current script: - - apt-get clean - - apt-get update -# - apt-get install -y nodejs -# - ln -s /usr/bin/nodejs /usr/bin/node - - apt-get install -y curl gnupg - - curl -sL https://deb.nodesource.com/setup_8.x | bash - - - apt-get install -y nodejs - - apt-get install -y npm - npm install -g jshint - find htdocs/js/ -name *.js ! -name jquery* | xargs -n 1 jshint --verbose @@ -52,4 +45,4 @@ deploy-live: - curl https://sucs.org/pull.php only: - sucs-site - environment: live \ No newline at end of file + environment: live -- GitLab From dcc4902a33c91b247a2b2b5f57b0445e9aafed48 Mon Sep 17 00:00:00 2001 From: Imran Hussain Date: Thu, 23 Dec 2021 11:57:34 +0000 Subject: [PATCH 2/2] Sha512 passwords --- components/options.php | 5 +++-- lib/member_functions.php | 15 ++++++++++++++- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/components/options.php b/components/options.php index 851d431..db0ac5d 100644 --- a/components/options.php +++ b/components/options.php @@ -5,6 +5,8 @@ require_once("../lib/validation.php"); require_once("Net/MAC.php"); include_once("../lib/date.php"); +// password hash, renewal functions +include_once("../lib/member_functions.php"); // Some Constants // These could possibly be moved somewhere saner? @@ -47,7 +49,7 @@ function changePassword($oldpass, $newpass1, $newpass2) // if everything looks OK, attempt to make the change $success = ldap_mod_replace($ldap, "uid=" . $session->username . ",ou=People,dc=sucs,dc=org", - array('userpassword' => "{SHA}" . base64_encode(pack("H*", sha1($newpass1))))); + array('userpassword' => "{CRYPT}" . cryptPassword($newpass1))); ldap_close($ldap); return $success; @@ -214,7 +216,6 @@ function updateRenew() return FALSE; } - include_once("../lib/member_functions.php"); renew_membership($member['username']); $sucsDB->Execute("update signup set activated=NOW(), username=? where id=?", array($member['username'], $signup['id'])); return TRUE; diff --git a/lib/member_functions.php b/lib/member_functions.php index 412f486..75dbd8e 100644 --- a/lib/member_functions.php +++ b/lib/member_functions.php @@ -29,6 +29,19 @@ function make_password($length = 8) return $password; } +// https://stackoverflow.com/a/44428794 +function cryptPassword($password, $salt = "", $rounds = 5000) +{ + if ($salt == "") { + // Generate random salt + $salt = substr(bin2hex(openssl_random_pseudo_bytes(16)),0,16); + } + // $6$ specifies SHA512 + $hash = crypt($password, sprintf('$6$rounds=%d$%s$', $rounds, $salt)); + + return $hash; +} + function generateUid() { @@ -63,7 +76,7 @@ function generateLdif($uid, $password, $type, $realname, $username) // explode the realname $nameexplode = explode(' ', trim($realname)); // hash the password - $ldappassword = "{SHA}" . base64_encode(pack("H*", sha1($password))); + $ldappassword = "{CRYPT}" . cryptPassword($password); // compile ldif $ldif = "dn: uid=" . $username . ",ou=People,dc=sucs,dc=org\n"; $ldif .= "uid: " . $username . "\n"; -- GitLab