mirror of
https://github.com/moparisthebest/user_sql
synced 2024-11-21 16:55:02 -05:00
Add support for SSHA256 (thanks to Dominik Grothaus)
This commit is contained in:
parent
e36ee5bfd8
commit
bbbe44665e
@ -44,7 +44,7 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
|
||||
<tr><td><label for="sql_column_password"><?php echo $l -> t('Password Column'); ?></label></td><td><input type="text" id="sql_column_password" name="sql_column_password" value="<?php echo $_['sql_column_password']; ?>" /></td></tr>
|
||||
<tr><td><label for="sql_column_displayname"><?php echo $l -> t('Real Name Column'); ?></label></td><td><input type="text" id="sql_column_displayname" name="sql_column_displayname" value="<?php echo $_['sql_column_displayname']; ?>" /></td></tr>
|
||||
<tr><td><label for="crypt_type"><?php echo $l -> t('Encryption Type'); ?></label></td>
|
||||
<?php $crypt_types = array('md5' => 'MD5', 'md5crypt' => 'MD5 Crypt', 'cleartext' => 'Cleartext', 'mysql_encrypt' => 'mySQL ENCRYPT()', 'system' => 'System (crypt)', 'mysql_password' => 'mySQL PASSWORD()', 'joomla' => 'Joomla MD5 Encryption', 'joomla2' => 'Joomla > 2.5.18 phpass'); ?>
|
||||
<?php $crypt_types = array('md5' => 'MD5', 'md5crypt' => 'MD5 Crypt', 'cleartext' => 'Cleartext', 'mysql_encrypt' => 'mySQL ENCRYPT()', 'system' => 'System (crypt)', 'mysql_password' => 'mySQL PASSWORD()', 'joomla' => 'Joomla MD5 Encryption', 'joomla2' => 'Joomla > 2.5.18 phpass', 'ssha256' => 'Salted SSHA256'); ?>
|
||||
<td><select id="crypt_type" name="crypt_type">
|
||||
<?php
|
||||
foreach ($crypt_types as $driver => $name):
|
||||
|
13
user_sql.php
13
user_sql.php
@ -9,6 +9,7 @@
|
||||
* credits go to Ed W for several SQL injection fixes and caching support
|
||||
* credits go to Frédéric France for providing Joomla support
|
||||
* credits go to Mark Jansenn for providing Joomla 2.5.18+ / 3.2.1+ support
|
||||
* credits go to Dominik Grothaus for providing SSHA256 support and fixing a few bugs
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
||||
@ -538,6 +539,13 @@ class OC_USER_SQL extends OC_User_Backend implements OC_User_Interface
|
||||
}
|
||||
$password = ($salt) ? md5($pw . $salt) : md5($pw);
|
||||
$password .= ':' . $salt;
|
||||
}
|
||||
|
||||
elseif($this-> crypt_type == 'ssha256')
|
||||
{
|
||||
$salted_password = base64_decode(preg_replace('/{SSHA256}/i','',$pw_db));
|
||||
$salt = substr($salted_password,-(strlen($salted_password)-32));
|
||||
$password = $this->ssha256($pw,$salt);
|
||||
} else
|
||||
{
|
||||
OC_Log::write('OC_USER_SQL', "unknown/invalid crypt_type settings: $this->crypt_type", OC_Log::ERROR);
|
||||
@ -631,6 +639,11 @@ class OC_USER_SQL extends OC_User_Backend implements OC_User_Interface
|
||||
return $salt;
|
||||
}
|
||||
|
||||
private function ssha256($pw, $salt)
|
||||
{
|
||||
return '{SSHA256}'.base64_encode(hash('sha256',$pw.$salt,true).$salt);
|
||||
}
|
||||
|
||||
private function pahex2bin($str)
|
||||
{
|
||||
if(function_exists('hex2bin'))
|
||||
|
Loading…
Reference in New Issue
Block a user