SF Feature #3509651 - Add support for SHA512 with OpenLDAP

This commit is contained in:
Jean-Philippe Ghibaudo 2012-09-01 11:31:38 +10:00 committed by Deon George
parent 3690ad16f0
commit 21959715c3

View File

@ -2114,7 +2114,8 @@ function password_types() {
'md5crypt'=>'md5crypt',
'sha'=>'sha',
'smd5'=>'smd5',
'ssha'=>'ssha'
'ssha'=>'ssha',
'sha512'=>'sha512',
);
}
@ -2123,7 +2124,7 @@ function password_types() {
*
* @param string The password to hash in clear text.
* @param string Standard LDAP encryption type which must be one of
* crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, or clear.
* crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear.
* @return string The hashed password.
*/
function password_hash($password_clear,$enc_type) {
@ -2216,6 +2217,16 @@ function password_hash($password_clear,$enc_type) {
break;
case 'sha512':
if (function_exists('openssl_digest') && function_exists('base64_encode')) {
$new_value = sprintf('{SHA512}%s', base64_encode(openssl_digest($password_clear, 'sha512', true)));
} else {
error(_('Your PHP install doest not have the openssl_digest() or base64_encode() function. Cannot do SHA512 hashes. '),'error','index.php');
}
break;
case 'clear':
default:
$new_value = $password_clear;
@ -2379,6 +2390,15 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
break;
# SHA512 crypted passwords
case 'sha512':
if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
return true;
else
return false;
break;
# No crypt is given assume plaintext passwords are used
default:
if ($plainpassword == $cryptedpassword)